Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
Conflicts:
lib/ssl/src/inet_tls_dist.erl
|
|
As TLS clients will perform a hostname check against certificates
the IP-address does not make much sense.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
If the -epmd_module flag has been specified on the command line, use
that module to register and look up node names instead of the default,
erl_epmd.
Also document this option.
|
|
|
|
Generalise much of inet_tls_dist, so that inet6_tls_dist can reuse it.
|
|
* legoscia/tls_dist_error_reporting:
Report bad options for outgoing TLS distribution
Save error reasons for TLS distribution connections
Report bad options for TLS distribution connections
OTP-13219
|
|
When establishing an outbound connection for TLS distribution, let's
hold on to the failure reasons and use them as exit reasons. These
exit reasons are normally invisible, but they can be seen in the logs
after calling net_kernel:verbose(1).
While there are trace messages in the code already, those require
recompiling the module with a special flag, which is more cumbersome
than changing the net_kernel verbosity level at run time.
|
|
* legoscia/tls-dist-shutdown:
Adjust shutdown strategies for distribution over TLS
OTP-13134
|
|
Change ssl_dist_sup to be considered as a supervisor with infinite
shutdown time.
Change the ssl_connection_dist instance of tls_connection_sup to have
infinite shutdown time.
This avoids spurious error messages when shutting down a node that
uses distribution over TLS.
|
|
|
|
We do not need a traceback on every close in inet_tls_dist and this
breaks using nodetool in control scripts on SSL clustered nodes
|
|
|
|
Fix a bug where the caller would timeout and ssl_tls_dist_proxy would
crash.
Fix a bug where a timeout from the SSL layer would block the
distribution forever (typically when a non-SSL node tries to connect to an
SSL node).
Add this very case as a test (test_server tries to connect to SSL nodes).
Run the proxy exclusively on the loopback interface.
|
|
|
|
|