Age | Commit message (Collapse) | Author |
|
* hans/ssh/aes_gcm_crypto/OTP-13018:
ssh: fix dialyzer reported error
ssh: renegotiate test group for AES_GCM
ssh: documentation updates
ssh: AEAD_AES_(128|256)_GCM and aes(128|256)[email protected] crypto
ssh: refactor packet reception
|
|
* tuncer/musl:
musl: fix gethostbyname_r/gethostbyaddr_ selection
|
|
* legoscia/tls-dist-shutdown:
Adjust shutdown strategies for distribution over TLS
OTP-13134
|
|
|
|
|
|
|
|
Note that the rfc5647 is ambigous so this implementation of AEAD_AES_(128|256)_GCM
may or may not be compatible with others. They are note enabled by default but may
be enabled by the user. See the Reference Manual, Application SSH for details of
how we interpret the rfc.
To be safe, use [email protected] or [email protected] instead.
|
|
There was an assymetric relationship between receiving a ssh-packet (decrypting-mac-decompress) and sending one. When sending, most of the work was defined in the ssh_transport module, while at reception the ssh_connection_handler was the one knowing what to do.
This commit moves the reception down to the ssh_transport module where it belongs.
|
|
* bjorn/compiler/fix-missing-filename/OTP-13113:
Fix missing filename and line number in warning
|
|
When the 'bin_opt_info' is given, warnings without filenames
and line numbers could sometimes be produced:
no_file: Warning: INFO: matching non-variables after
a previous clause matching a variable will prevent delayed
sub binary optimization
The reason for the missing information is that #c_alias{} records lack
location information. There are several ways to fix the problem. The
easiest seems to be to get the location information from the
code).
Noticed-by: José Valim
|
|
* ia/ssl/tls-client-hello-version/OTP-13114:
ssl: Client should send the hello message in the lowest version it is willing to support
|
|
* weisslj/fix-inets-crash-on-invalid-chunk-size:
inets: Terminate really gracefully on bad chunk
OTP-13117
|
|
* weisslj/allow-whitespace-after-chunk-size:
inets: Allow whitespace after HTTP chunk again
OTP-13116
|
|
* riverrun/maint:
Recommend against using crypto:rand_bytes
|
|
willing to support
Refactor highest_protocol_version so that code is symmetrical with lowest_protocol_version. For clarity and possible future use cases of highest_protocol_version/2
|
|
Fix mistakes found by 'xmllint'.
|
|
Fix mistakes found by 'xmllint'.
|
|
Fix mistakes found by 'xmllint'.
|
|
Fix mistakes found by 'xmllint'.
|
|
Fix mistakes found by 'xmllint'.
|
|
* hans/ssh/doc_updates/OTP-12003:
ssh: alternative look
ssh: list supported rfcs
ssh: moved "supported" section from ssh module man page to SSH_app man page
ssh: links to crypto and public_key in the ssh app ref
ssh: updated ssh_app.xml with ecdsa info
ssh: removed pre-historic ssh specs from the doc-dir
ssh: document function dependencies in ssh_connection.erl
|
|
* hans/ssh/cuddle_tests:
ssh: Add env var info printout to ssh_algorithms_SUTE:init_per_suite
ssh: more public keys added to test suite
|
|
* hans/ssh/sshdir_search_order/OTP-13109:
ssh: ssh_file:default_user_dir/0 - try HOME env var first
|
|
* deadok22/jinterface-input-stream-read-any-etf-113:
OtpInputStream: external fun terms in read_any()
OTP-13106
|
|
* legoscia/erl-make-exit-code:
Make erl -make return non-zero exit code on failure
OTP-13107
|
|
* kanatohodets/ssh-subsystem-typo:
Fix spelling of ssh 'subsystem'
OTP-13108
|
|
Without this fix, httpc:request/1 crashes the httpc_handler when an
invalid chunked length header is encountered (since 77acb47):
=ERROR REPORT==== 14-Nov-2015::17:19:30 ===
** Generic server <0.651.0> terminating
** Last message in was {tcp,#Port<0.5714>,
<<"HTTP/1.1 200 ok\r\nTransfer-Encoding:chunked\r\n\r\nåäö\r\n">>}
** When Server state == {state,
[...]
** Reason for termination ==
** {bad_return_value,{error,{chunk_size,"åäö"}}}
|
|
Before 77acb47 http:request/1 could parse server responses with
whitespace after the HTTP chunk size (some embedded legacy devices still
do this).
This patch restores this functionality.
|
|
To fix conditional selection of the actually available gethostbyname_r
and gethostbyaddr_r, we replace __GLIBC__ with __linux__. @zenhack
tested this to work with gcc and clang targeting glibc, uclibc, musl,
and bionic.
The proper way to check this is through configure.in.
|
|
|
|
|
|
|
|
|
|
* zandra/snmp-appup:
add a soft upgrade instruction to the snmp appup
|
|
* zhird/johnheizenberg/snmp_config_check_imask_bugfix:
fix snmp_conf check imask bug
OTP-13101
|
|
|
|
|
|
|
|
* hans/ssh/knownhost_loss/OTP-12699:
ssh: add better error handling in ssh_file
|
|
|
|
|
|
* scrapinghub/not_streamed_once:
inets: fix {self, once} for not streamed request
inets: send correct nonstreamed response with streaming
OTP-13093
|
|
ssl:start/[1,2] is a shell convenience function and should not be called
by other applications.
inet_db:start is an internal function that we should not have to call.
This was done for legacy reasons and is no longer needed.
|
|
Remove point less instructions looking for return values, that
in most cases no long exist, of which the result would anyhow be ignored
|
|
Was already possible for HTTPS. Also remove use of legacy option
inet6fb4. IPv6 standard moved away from beeing able to fallback to IPv4
so this option makes little sense, will use inet (Ipv4) as default instead of
inet6fb4.
|
|
|
|
The chunked length header should be checked as well as
headers present in the chunk trailer part, ignored extensions are counted
as header bytes. Also the decode trailer function will stop as soon
as the header size is exceed, when that happens.
|
|
|
|
Also use integer_to_list/2 and list_to_integer/2 instead of reimplementing it.
|
|
|