Age | Commit message (Collapse) | Author |
|
* ia/public_key-subject-alternative-name/OTP-8825:
Improved certificate extension handling
Add handling of SubjectAltName of type otherName
|
|
|
|
|
|
* peppe/common_test/dev/OTP-8805:
Fix problem with {fail,Result} from end_tc not being recognized
Fix problem with prepared_tests tuple not being recognized
Add verification terms to test suite
Fix various test suite, makefile, and doc related problems
Fix error in the repeat_until_* group property handling
|
|
* peppe/common_test/dev/OTP-8804:
Update the configuration data chapter in the user's guide
|
|
* peppe/common_test/dev/OTP-8803:
Add Andrey Pampukha to AUTHORS file
|
|
* peppe/common_test/dev/OTP-8753:
Fix problem with prepared_tests tuple not being recognized
Add verification terms to test suite
Fix various test suite, makefile, and doc related problems
Fix error in the repeat_until_* group property handling
Add test suite for groups with repeat property
Add verification events to sequence group test suite
Fix error in handling of sequence groups
Fix error in test suite
Fix problems with sequences and sub-groups
Add test cases to sequence suite
Fix error with group term in ct:run_test/1
Add test suite to examplify problem with nested groups in a sequence
|
|
|
|
Added the functionality so that the verification fun will be called
when a certificate is considered valid by the path validation to allow
access to eachs certificate in the path to the user application.
Removed clause that only check that a extension is not critical,
it does alter the verification rusult only withholds information from
the application.
Try to verify subject-AltName, if unable to verify it let
application try.
|
|
* kenneth/asn1/docfixes/OTP-8829:
Add warning about since long unsupported [{Cname,Val}] repr. of SEQUENCE/SET
|
|
* kenneth/gs-deprecate-warning/OTP-8824:
Add warning in documentation about that GS will be deprecated and removed from distribution soon
|
|
* kenneth/asn1/nested_extaddgroup/OTP-8797:
Add support for ExtensionAdditionGroup notation in nested types as well
Conflicts:
lib/asn1/test/test_undecoded_rest.erl
|
|
* kenneth/runtime_tools/inviso_autostart/OTP-8783:
patch from user regarding inviso_autostart_server in runtime_tools
|
|
* kenneth/asn1/uper_contrained_number/OTP-8779:
Fix bug in UNALIGNED PER regarding encode/decode of constrained number with valuerange > 1024
|
|
into dev
* kenneth/runtime_tools/inviso-patches-from-E-user/OTP-8755:
Minor corrections and remove of temporary workaround.
|
|
* bjorn/http-packet-error/OTP-8831:
Make gen_tcp:recv/2 consistent with ssl:recv/2
|
|
|
|
Othe minor corrections as well.
|
|
* ia/ssl-http-error-test:
Add test suite for packet http_error.
|
|
* ia/ssl-4.0.1/documentation:
Updated documentation for ssl-4.0.1
|
|
When the HTTP packet mode has been enabled for a socket,
the ssl and gen_tcp modules have different error indications
when there is an error while parsing the HTTP header:
ssl:recv(SSLSocket, 0) -> {ok, {http_error, _Str}}
gen_tcp:recv(Socket, 0) -> {error, {http_error, _Str}}
We have decided to change gen_tcp:recv/2 to behave the same
way as ssl:recv/2. That means that there will be always be
an ok tuple if data could be succefully read from the socket,
and an error tuple if there was a read error at the socket level.
|
|
|
|
* maint-r13:
Add test suite for ic
Add test suite for runtime_tools
Add test suite for debugger
Add test suite for os_mon
|
|
|
|
* dgud/et_fixes/OTP-8830:
Fix wx viewer so it works on windows/mac.
|
|
* cg/docs-fixes:
Linkify applications listed under "See Also"
Fix minor typos in the documentation
|
|
Check operations that can overflow, e.g.,
erl_call -sname $(perl -e 'print "x"x5000')
perl -e 'print "-module(", "x"x10000, ");"' | erl_call -m -r -sname foo
|
|
* ia/ssl-forgot-DH-params-DER:
Add missed DER dh option.
|
|
In the previous version support for ExtensionAdditionGroups (i.e [[...]])
was added but it did not handle the occurence of the notation in nested types.
Now this is handled as well and the support is hopefully complete.
Also cleanup of warnings for obsolete guard functions in test suites.
|
|
from distribution soon
|
|
|
|
|
|
* ph/auto_recognize_ipv6:
Add tests
Let an 8-tuple given as ip_address() for gen_tcp/gen_udp/gen_sctp imply 'inet6'
OTP-8822
|
|
* lars/xmerl/xmerl_scan_hex_entities/OTP-8697:
Fix improperly hex replacement when document is in UTF-8 format.
|
|
* mk/net-dragonfly-bsd-patches:
Remove unused variables
Use proper install method
Add support for DragonFly BSD
Add support for NetBSD
|
|
|
|
* ia/ssl/server-verify-fun/OTP-8770:
Handling of path validation errors by the application
|
|
|
|
Work in progress...
|
|
|
|
|
|
Changed the behavior of the verify_fun option so that
the application can be responsible for handling path validation
errors even on the server side. Also replaced the not yet
documented validate_extensions_fun to be handled by the
verify_fun instead.
If the verify callback fun returns {fail, Reason}, the verification process is
immediately stopped and an alert is sent to the peer and the TLS/SSL
handshake is terminated. If the verify callback fun returns {valid,
UserState}, the verification process is continued. If the verify callback
fun always returns {valid, UserState}, the TLS/SSL handshake will not be
terminated with respect to verification failures and the connection
will be established. The verify callback fun will also be
able to verify application specific extensions.
|
|
|
|
* ta/asn1-test-compile-options:
Fix asn1_SUITE test_compile_options:verbose/1
|
|
* ta/asn1ct-fix-whitespace:
asn1ct: change unusual whitespace char from 0xA0 to 0x20
|
|
* ms/inet-bug-fixes:
inet: support retrieving MAC address on BSD
inet: fix getservbyname buffer overflow
inet: fix ifr_name buffer overflow
inet: null terminate ifr_name buffer
OTP-8816
|
|
|
|
Conflicts:
lib/kernel/test/gen_sctp_SUITE.erl
|
|
Currently an 8-tuple representing an IPv6 address is not accepted by
gen_tcp:listen/2, gen_tcp:connect/3,4, gen_udp:open/2, or
gen_sctp:open/1,2, unless the 'inet6' option is also given. This means
that an application that has obtained the address, e.g. from
configuration that allows for either IPv4 or IPv6, must always check the
type of the address before passing it to these functions. Letting the
functions infer 'inet6' from the 8-tuple, in case other options do not
override this choice, improves usability.
|
|
* ms/ei-overflow-fix:
ei: prevent overflow in ei_connect_init/ei_xconnect
OTP-8814
|