Age | Commit message (Collapse) | Author |
|
|
|
|
|
* ingela/ssl/gen-statem-simplification:
ssl: simplyfy code using gen_statem
|
|
|
|
|
|
OTP-13565
|
|
|
|
|
|
* ingela/ssl/DH/OTP-13636:
ssl: Stronger default DH prime
|
|
* legoscia/ssl/tls-dist-more-opts/PR-956/OTP-13429:
Quote curly brackets in command line options
Avoid disappearing ETS tables in ssl_dist_SUITE
Fix db handle for TLS distribution crl_cache opts
Fix ssl_dist_SUITE logging on Windows
More logging in ssl_dist_SUITE
TLS distribution: crl_check and crl_cache options
Allow passing verify_fun for TLS distribution
More informative malformed_ssl_dist_opt error
|
|
|
|
|
|
* ingela/ssl/cuddle-tests:
ssl: Avoid two renegotiates
ssl: Handle freebsd OpenSSL flavour
|
|
|
|
The selection of CA cert files in ssl_ECC_SUITE and ssl_test_lib
ought to be refactored, it is quite confusing.
But use this workaround until we get time to make a refactor.
|
|
* bjorn/compiler/beam_validator:
Add additional coverage and smoke test of beam_validator
beam_validator: Strengthen validation of match states
beam_validator: Use a record representing the match context
|
|
* joedevivo/ssl/PR-1063/OTP-13635:
ssl:recv timeout() can be 0
|
|
Some shells i.e the bash emulating sh regard curly brackets
as special characters so e.g {a,b,{}} is expanded to a b {} which
is by erlang regarded as 3 arguments instead of a 3-tuple.
Other shells e.g Bourne classic /bin/sh, the ash/dash variants
and public domain Korn shell all avoid this surprise.
|
|
* rickard/rt-dep-erts-kernel-stdlib-sasl:
Bumped runtime dependencies between erts, kernel, stdlib, sasl
|
|
* rickard/ts-platform-id:
Update TS platform_id with off-heap msgq
|
|
* ingela/ssl/test-timeouts:
ssl: Increase timeouts due to slow test machines
|
|
|
|
|
|
|
|
We want to find bugs in the compiler during compilation. Validation of
match contexts was weak, which could allow serious bugs in the
generated code to slip through.
|
|
Using a record will make it much easier to add additional information.
|
|
* bjorn/compiler/misc:
Eliminate unsafe use of Y registers
beam_validator: Add is_bitstring/1 as a safe BIF
beam_validator: Remove uncovered line
Teach beam_utils:is_pure_test/1 to handle is_bitstr and is_function2
beam_utils: Simplify handling of 'return' to eliminate uncovered line
beam_jump: Clean up handling of labels before func_info
beam_expect: Correctly handle blocks with multiple allocs
v3_codegen: Don't confuse beam_validator
v3_codegen: Correct code generation for an error/1 call in a guard
beam_receive: Don't crash when encountering nonsensical code
|
|
|
|
|
|
|
|
|
|
* Rewrite matching statements in ?when_option macro to form that silences
dialyzer's unmatched_return warnings
* Treat compiler warnings as errors when compiling files in main
|
|
|
|
|
|
|
|
|
|
|
|
|
|
and correct the name of another, erroneously spelt, option in the process.
|
|
|
|
gen_tcp:recv allows this, and if you're doing something like
Transport:recv(Socket, 0, 0), TCP will work and SSL will exit with
function_clause
There were other cases of this throughout the module. This PR cleans
them all up.
|
|
* binarin/better-ssl-diagnostics/PR-1060/ERL-774/OTP-13632:
ssl: Remove error logger reports
ssl: Better error handling of keys rejected by crypto
Improve SSL diagnostics
|
|
We do not want error reports that can leek secret information
into the logs.
|
|
|
|
There are a lot of cases where `ssl` application just returns unhelpful
`handshake failure` or `internal error`. This patch tries to provide
better diagnostics so operator can debug his SSL misconfiguration
without doing hardcore erlang debugging.
Here is an example escript that incorrectly uses server certificate as a
client one:
https://gist.github.com/binarin/35c34c2df7556bf04c8a878682ef3d67
With the patch it is properly reported as an error in "extended key
usage".
|
|
* egil/erts/cuddle-tests:
stdlib: Fix small inconsistencies in ets_SUITE
stdlib: Strengthen or relax test cases
kernel: Don't test negative time values in file info
erts: Fix free_mem calculation in bs_construct tests
|
|
* origin/ingela/ssl/dtls-test-cuddle:
ssl: Fix TLS version handling in dtls adepted tests
|
|
* dgud/wx/fix-seqfault-in-cleanup:
wx: Fix occasional seq fault after appliction stops
|
|
|
|
|