Age | Commit message (Collapse) | Author |
|
|
|
|
|
* ia/ssl/prepare-for-release:
ssl: Prepare for release
|
|
|
|
* fenollp/otp-edoc-usage-fixes:
Fix edoc usage errors
OTP-11702
|
|
* hb/dialyzer/deprecate_types/OTP-10342:
Deprecate pre-defined built-in types
|
|
* schlagert/fix_basic_appups:
Dynamically configure typer_SUITE according to environment
Disable hipe_SUITE when environment doesn't support it
Make hipe non-upgradable by setting appup file empty
Fix missing module on hipe app file template
Add test suites performing app and appup file checks
Introduce appup test utility
Fix library application appup files
Fix non-library appup files according to issue #240
OTP-11744
|
|
Add the mentioned test suites for *all* library and touched
non-library applications.
|
|
The types array(), dict(), digraph(), gb_set(), gb_tree(), queue(),
set(), and tid() have been deprecated. They will be removed in OTP 18.0.
Instead the types array:array(), dict:dict(), digraph:graph(),
gb_set:set(), gb_tree:tree(), queue:queue(), sets:set(), and ets:tid()
can be used. (Note: it has always been necessary to use ets:tid().)
It is allowed in OTP 17.0 to locally re-define the types array(), dict(),
and so on.
New types array:array/1, dict:dict/2, gb_sets:set/1, gb_trees:tree/2,
queue:queue/1, and sets:set/1 have been added.
|
|
|
|
in pure DER format.
The incorrect code could cause a memory leek when certs where inputed
in DER.
|
|
|
|
|
|
Errors discovered using `erldocs`:
Superfluous @hidden tag would exit edoc application;
'Multiple @spec tag': appended a @clear tag after macro condition;
'@spec arity does not match': added missing argument.
|
|
* ia/public_key/specs:
public_key: Export some dialyzer types
|
|
Move dilayzer types from include file to erl file and use
-export_type
|
|
|
|
|
|
|
|
|
|
public_key:private_key/0 was referenced but undefined, and lib/ssl had a
local definition of private_key/0.
To fix that, make the following changes:
* add public_key:private_key/0 type
* document public_key/0 and private_key/0
* fix incorrect definitions and references
|
|
* ia/ssl/tests:
ssl: Avoid test case timing issues
|
|
* ia/Vagabond/adt-honor-cipher-order/OTP-11621:
Implement 'honor_cipher_order' SSL server-side option
|
|
|
|
The R16B03-1 release
|
|
|
|
Conflicts:
otp_build
|
|
did not support secure renegotiation
|
|
* dgud/test_unicode/OTP-10877:
sasl test: Quote executable paths (can contain spaces)
rt_tools: Handle unicode chars in printouts
kernel: code_SUITE fix unicode option
Fix (unicode) debug info in test cases
stdlib: Fix format if module resides in a unicode directory
Fix testing with unicode paths
test_server: Fix ts write unicode in config files
|
|
HonorCipherOrder as implemented in Apache, nginx, lighttpd, etc. This
instructs the server to prefer its own cipher ordering rather than the
client's and can help protect against things like BEAST while
maintaining compatability with clients which only support older ciphers.
This code is mostly written by Andrew Thompson, only the test case was
added by Andreas Schultz.
|
|
* ia/ssl/openssl-reneogtiation-bug:
ssl: Add versions to check for sane OpenSSL version for renegotiation
|
|
|
|
|
|
|
|
The server code erroneously took the list of curves supported by the
client from it's own hello extension, effectively breaking curve
selection all together.
Also the default fallback secp256k1 curve is not supported by
all clients. secp256r1 is recommended as part of the NIST Suite B
cryptographic suites. The chances are much better that all clients
support it, so use that as fallback.
|
|
|
|
|
|
|
|
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves.
Selectively enable GF2m curves is support for them is available.
|
|
|
|
The R16B03 release
Conflicts:
lib/sasl/vsn.mk
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Make sure that test cases does not fail due to timing circumstances,
use selective receive even if it means we can not use test library functions
in some cases. TCP does not have delivery guarantee to application layer,
so sometimes a error message {error, Msg} or {error, closed} can be acceptable.
|
|
New design : ssl - Main
tls - Reflect tls specific semantics
dtls - Reflect dtls specific semantics
|
|
|