Age | Commit message (Collapse) | Author |
|
|
|
* sverker/erts/debug_free_null:
erts: Fix bug in debug_free for NULL pointer
|
|
kernel: Fix spelling error in assert.hrl
|
|
|
|
* john/erts/update-zlib/OTP-15351/ERL-749:
Update zlib to 1.2.11
Allow undefined macros when building zlib
|
|
* maint:
"cork" tcp socket around file:sendfile
Add nopush TCP socket option
|
|
* igor/tcp-nopush-ERL-698/OTP-15357:
"cork" tcp socket around file:sendfile
Add nopush TCP socket option
|
|
|
|
* sverker/erts/18/memory-leak-terminating-port/OTP-14609:
erts: Fix memory leak when sending to terminating port
|
|
john/erts/update-zlib/OTP-15351/ERL-749
* fhunleth/fix-muslc-compiler-error:
Allow undefined macros when building zlib
|
|
|
|
Implement Signature Algorithms (TLS 1.3)
|
|
* maint:
beam_utils: Handle bs_start_match2 in anno_defs
|
|
into maint
* john/compiler/bs_match-anno-liveness-fix/OTP-15353/ERL-753:
beam_utils: Handle bs_start_match2 in anno_defs
|
|
causing ASSERT in sys_memset to fail.
|
|
|
|
The option 'signature_algs_cert' is not set by default.
Change-Id: Ib87cedc5e48b3ac7a36a30bc7caa08d3193f12fa
|
|
Update default hash algorithm (md5 -> sha1) used for generating
the server and CA certificates.
Default support for md5 has been removed for TLS 1.2 and OTP-15248
introduced a check for the whole {hash, signature} algorithm pair
as defined by RFC5246.
Change-Id: I964914914f522c10ef11c8c7c72bb9e4a0c38010
|
|
Change-Id: Ie60b2a2651ea975cebd0ccf0c7e2953f89986463
|
|
Change-Id: Ifb933d1bad647b941b7324c0712a7bc20ae74efa
|
|
Implement handling of the signature algorithms extension described by
RFC 8446. This commit updates the behavior of legacy TLS versions to
align them with RFC 8446 (TLS 1.3) and RFC 5246 (TLS 1.2).
- TLS 1.0/1.1 clients validate the client certificate against the
certificate_type field of the CertificateRequest message.
- TLS 1.2 client verifies the hash/signature algorithm pair of the
client certificate when processing a CertificateRequest. Old
behavior only checked the signature algorithms.
- TLS 1.2 server verifies that the server certificate is signed by
a hash/signature algorithm pair that appears in the
"singature_algorithms" or "signature_algorithms_cert" (RFC 8446)
extensions of the ClientHello.
Change-Id: I3e0a0d7408984f5e5b1233968934fe34d64eb2b7
|
|
Add documentation to the ssl option "signature_algs_cert"
introduced by TLS 1.3. The client/server will send a
"signature_algorithms_cert" extension, if TLS 1.3 or later
is used.
Change-Id: I17d612f311a1deef7e29473c3998e7f99fa56f02
|
|
* maint:
Updated OTP version
Prepare release
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
eldap: Fix race at socket close
Fix bug for sockopt pktoptions on BSD
erts: Fix memory leak on file read errors
|
|
* maint-21:
Updated OTP version
Prepare release
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
eldap: Fix race at socket close
Fix bug for sockopt pktoptions on BSD
erts: Fix memory leak on file read errors
|
|
|
|
|
|
maint-21
* ingela/maint/ssl/packet-options-to-tls-sender/OTP-15348:
ssl: TLS sender process needs to get updates of the socket option packet
|
|
* ingela/maint/ssl/close-alert-ERL-738/OTP-15337:
ssl: ERL-738 - Correct alert handling with new TLS sender process
|
|
maint-21
* hans/eldap/prevent_EXIT_at_close/OTP-15342/ERIERL-242:
eldap: Fix race at socket close
|
|
* john/erts/fix-unc-paths-windows/OTP-15333/ERL-737:
erts: Fix UNC path handling on Windows
erts: Fix a compiler warning
|
|
maint-21
* bjorn/compiler/fix-binary-matching/ERL-689/OTP-15335:
Fix rare bug in binary matching (again)
|
|
* raimo/BSD-sockopt-pktoptions/ERIERL-187/OTP-14297:
Fix bug for sockopt pktoptions on BSD
|
|
* john/erts/fix-prim_file-error-leak/OTP-15318:
erts: Fix memory leak on file read errors
|
|
Conflicts:
erts/preloaded/ebin/prim_inet.beam
|
|
RaimoNiskanen/raimo/getifaddrs-netns/ERIERL-189/OTP-15121
Implement {netns,NS} option for inet:getifaddrs/1 and friends
|
|
* john/kernel/cuddle-seq_trace-test:
seq_trace: Fix label_capability_mismatch test
|
|
This fixes 200ms delay on the last TCP segment when using
file:sendfile/2 on Linux (ERL-698).
|
|
* maint:
Updated OTP version
Prepare release
|
|
* maint-17:
Updated OTP version
Prepare release
|
|
|
|
|
|
maint-17
* sverker/r16/binary_to_atom-utf8-crash/ERL-474/OTP-14590:
erts: Fix crash in binary_to_atom/term for invalid utf8
|
|
* sverker/big-bxor-bug/ERL-450/OTP-14514:
erts: Fix bug in bxor of a big negative number
|
|
* sverker/bin2term-zlib-bug/ERL-340/OTP-14159:
erts: Fix binary_to_term for compressed and zlib >= v1.2.9
|
|
* rickard/thr-prgr-unmanaged-delay-bug/OTP-13869:
Fix erts_thr_progress_unmanaged_delay()
|
|
* rickard/drv-send-term-thr-bug/OTP-13866:
Fix thread calls to erl_drv_send_term()/erl_drv_output_term()
|
|
* rickard/port-sig-dropped-fix/OTP-13424:
Fix implementation of dropped signal to port
|
|
When building Erlang on a system that uses the Musl C library, it's
possible to get the following error:
In file included from zlib/adler32.c:11:0:
zlib/zutil.h:172:39: error: "_LFS64_LARGEFILE" is not defined [-Werror=undef]
(!defined(_LARGEFILE64_SOURCE) || _LFS64_LARGEFILE-0 == 0)
^~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
On the same systems, zlib is built without `-Werror=undef` so do the
same when building it with Erlang.
Signed-off-by: Frank Hunleth <[email protected]>
|
|
* maint:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|
|
* hans/crypto/fix_RSA_opts/OTP-15302:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|