Age | Commit message (Collapse) | Author |
|
|
|
|
|
* upstream/dev:
Both the SSLv3 and TLS 1.0/TLS 1.1 specifications require implementations to ignore data following the ClientHello (i.e., extensions) if they do not understand them.
fix unknown ssl extension parsing by changing length from bits to bytes
Temporary disable tests on MAC due to issus with the MAC ODBC drivers
|
|
implementations to ignore data following the ClientHello (i.e.,
extensions) if they do not understand them.
Data not following the protocol format for extensions will be
ignored by the last dec_hello_extensions-clause.
OTP-8596
|
|
|
|
Conflicts:
erts/aclocal.m4
erts/include/internal/ethread_header_config.h.in
|
|
* ta/docs-fixes:
Fix misspelling of intermediate
Fix typos in erts/preloaded/src
Fix more misspellings of compatibility
Fix misspelling of kept
Fix misspelling of compatibility in ssl_basic_SUITE
Fix misspelling of compatibility
Fix misspelling of accommodate
Fix misspelling of exceed
Fix misspelling of accidentally
Fix misspelling of erroneous in xmerl_xsd
Fix misspelling of erroneous
Fix misspelling of successful
Fix typos in instrument(3)
Fix typos in dbg(3)
dialyzer: fix a small typo in list_to_bitstring test
Fix typos in cover.erl
Fix typos (variable name) in erl_nif(3)
Fix typos in mod_esi(3)
Fix trivial typos in erlang(3)
OTP-9555
|
|
* upstream/dev:
Support explicit use of packet option httph and httph_bin
|
|
|
|
|
|
|
|
* ia/ssl/dist/OTP-7053:
First fully working version
Use ssl instead of being a proxy command
Connect from both sides works now
|
|
|
|
* dev:
Corrected faulty dialyzer spec
|
|
|
|
* upstream/dev:
Corrected spec name errors: ip_adress -> ip_address port_num -> port_number
|
|
|
|
|
|
|
|
* upstream/dev:
Use inet and gen_* dialyzer specs
|
|
* ia/ssl/use-inet-and-gen-specs:
Use inet and gen_* dialyzer specs
|
|
|
|
* dev:
Corrected input argument to error_logger:error_report/1
|
|
|
|
|
|
|
|
|
|
Create directories first, not within implicit rules. If two
'install' instances runs at the same time attempting to create
a directory, one of them may fail with an "File exists" error.
I tried to use order-only prerequisites to create the directories,
but run into two problems: First, order-only prerequisites are
only implemented in Make 3.80 and later. Second, on a computer
running Solaris/Intel 2.8 (with Make 3.80), order-only prerequisites
seemed to work like ordinary prerequisites, causing targets to
be re-built if the timestamp for the directory changed.
Therefore, using a shell command to run mkdir seems to be the
more portable solution.
|
|
* ia/ssl/connect-twice:
Added test case
|
|
* ia/ssl/improved-test-case:
Improved test case so that it will not fail due to last_delay_timer = undefined
|
|
|
|
|
|
We want the certificate table to be handled the same way as the
session table and not have a global name, so that we may easier
create a separate ssl-manager to handle erlang distribution over ssl.
|
|
* ia/ssl/use-erlang-send-after-instead-of-timer-send-after:
Use erlang:send_after instead of timer:send_after
Conflicts:
lib/ssl/test/ssl_session_cache_SUITE.erl
|
|
Also save latest delay cleanup timer ref so that we can
use erlang:read_timer to write a more reliable
test case.
|
|
|
|
* ia/ssl/longer-timeout-in-testcase:
Time out in test case needs to be longer to make sure clean up is properly executed
|
|
|
|
properly executed
|
|
|
|
In ssl-4.1.5 temporary clean-up processes would crash resulting in
that the session table would not be cleaned up (e.i. using more and
more memory) and error reports would be printed, but connections would
not be affected.
|
|
* ia/ssl/ets-table-cleanup:
Corrected last argument to timer:apply_after also corrected a dilyzer spec
|
|
|
|
|
|
* pan/win_static_openssl/OTP-9280:
Mend --with-ssl= in erts/configure
Update OpenSSL license text in crypto
Link OpenSSL libraries static on Windows
|
|
that a session not be resumed. This is a change from TLS 1.0 to
conform with widespread implementation practice. Erlang ssl will now
in TLS 1.0 conform to the widespread implementation practice instead
of the specification to avoid performance issues.
|
|
Filipe David Manana
OTP-9114: [ftp] Added (type) spec for all exported functions.
OTP-9123: mod_esi:deliver/2 made to accept binary data.
Bernard Duggan
OTP-9124: [httpd] Prevent XSS in error pages.
Michael Santos
OTP-9131: [httpd] Wrong security property names used in documentation.
Garrett Smith
OTP-9157: [httpd] Improved error messages.
Ricardo Catalinas Jim�nez
OTP-9158: [httpd] Fix timeout message generated by mod_esi.
Bernard Duggan
OTP-9202: [httpd] Extended support for file descriptors.
Attila Rajmund Nohl
OTP-9230: The default ssl kind has now been changed to essl.
OTP-9246: [httpc] httpc manager crash because of a handler retry
race condition.
Merge branch 'bmk/inets/inet56_integration' into dev
|
|
Invalidation of a session for reusing should first flag that the
session may no longer be reused and then later when all possible
pending reuses have been handled delete the session from the
database. This could otherwise cause the client to terminate due to
{badarg,[{erlang,byte_size,[undefined]}, and the server to terminate due to
{{badmatch,{resumed,undefined}}.
|
|
reason badarg. Neither SSL nor INETS catches this, resulting in crashes
with incomprehensible reasons.
OTP-9289
|
|
reason badarg. Neither SSL nor INETS catches this, resulting in crashes
with incomprehensible reasons.
OTP-9289
|