Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-02-08 | ssl: Avoid SSL/TLS hello format confusion | Ingela Anderton Andin | |
Valid SSL 3.0 or TLS hellos might accidentally match SSL 2.0 format (and sometimes the other way around before inspecting data) so we need to match SSL 3.0 and TLS first and only match SSL 2.0 hellos when flag to support it is set. | |||
2017-02-02 | Merge branch 'ingela/inets/maint/httpd-gracefull-shutdown/OTP-14174' into maint | Ingela Anderton Andin | |
* ingela/inets/maint/httpd-gracefull-shutdown/OTP-14174: inets: httpd - shutdown gracefully on connection or TLS handshake errors | |||
2017-02-02 | Merge branch 'ingela/ssl/config-propagation' into maint | Ingela Anderton Andin | |
* ingela/ssl/config-propagation: ssl: Simplify configuration code ssl: Make sure PEM cache works as intended | |||
2017-02-01 | ssl: Simplify configuration code | Ingela Anderton Andin | |
Use map instead of large tuple, which was not an option when the code was written originally. More simplifications along these lines may be done later to the state record. | |||
2017-02-01 | ssl: Make sure PEM cache works as intended | Ingela Anderton Andin | |
Move of PEM cache to own process was flawed and not all PEM files where cached properly. We must properly handle both the ditributed and the normal mode of the ssl application. | |||
2017-02-01 | Merge branch 'maint-19' into maint | Dan Gudmundsson | |
* maint-19: Updated OTP version Prepare release Fixed crash when a table was deleted during checkpoint traversal | |||
2017-01-31 | Merge branch 'hans/ssh/speed_dh_keygen/OTP-14169' into maint | Hans Nilsson | |
2017-01-31 | Prepare release | Erlang/OTP | |
2017-01-31 | Merge branch 'hans/ssh/increase_benchmark_timetrap' into maint | Hans Nilsson | |
2017-01-30 | Fixed crash when a table was deleted during checkpoint traversal | Dan Gudmundsson | |
Set fixtable false will fail on deleted tables, catch that and also report checkpoint deactivate error, so user can see why checkpoint was deactivated and backup fails. | |||
2017-01-30 | inets: httpd - shutdown gracefully on connection or TLS handshake errors | Ingela Anderton Andin | |
2017-01-30 | ssh: increase timetrap for ssh_benchmark_SUITE | Hans Nilsson | |
2017-01-30 | ssh: optimize kex dh_gex using new crypto functionality | Hans Nilsson | |
2017-01-27 | crypto: Added optional length to paramlist in generate_key | Hans Nilsson | |
2017-01-27 | Merge branch 'ingela/ssl/key-ext-validate/ERL-338/OTP-14141' into maint | Ingela Anderton Andin | |
* ingela/ssl/key-ext-validate/ERL-338/OTP-14141: ssl: The certificate path may be used as a source to find intermediate CAs for the CRL ssl: Handle more than one DistributionPoint ssl: Correct ssl_certificate:validate/3 | |||
2017-01-26 | ssl: The certificate path may be used as a source to find intermediate CAs ↵ | Ingela Anderton Andin | |
for the CRL | |||
2017-01-26 | Merge branch 'hans/public_key/verify_hostname/OTP-13009' into maint | Hans Nilsson | |
2017-01-26 | Merge branch 'hans/ssh/bad_hostkey_sign_kex_dh_gex/OTP-14166' into maint | Hans Nilsson | |
2017-01-26 | Fix observer application crash (#1296) | visciang | |
Fix observer application crash When clicking an HTML-link to a port before the port tab has been opened for the first time, observer would crash since port info is not initiated. This is now corrected. Also, when clicking on an HTML link to a port, and the port does not exist, then pop up an info dialog saying "No such port". OTP-14151 | |||
2017-01-25 | public_key: pkix_verify_hostname (RFC 6125) | Hans Nilsson | |
2017-01-25 | ssh: correct host key signature calculation | Hans Nilsson | |
2017-01-25 | Merge branch 'ingela/ssl/crl-validity' into maint | Ingela Anderton Andin | |
* ingela/ssl/crl-validity: ssl: Make crls valid for a week instead of 24 hours | |||
2017-01-25 | Merge branch 'ingela/ssl/pem-chache-own-process/OTP-13874' into maint | Ingela Anderton Andin | |
* ingela/ssl/pem-chache-own-process/OTP-13874: ssl: Move PEM cache to a dedicated process | |||
2017-01-24 | ssl: Handle more than one DistributionPoint | Ingela Anderton Andin | |
2017-01-24 | ssl: Correct ssl_certificate:validate/3 | Ingela Anderton Andin | |
Changes made to ssl_certificate:validate appear to be preventing CRL validation from happening when an id-ce-extKeyUsage extension is present in the cert before the DistributionPoint extension. https://github.com/erlang/otp/blob/448e8aca77dd29ed5b37d56f0700d24ac26a7243/lib/ssl/src/ssl_certificate.erl#L131 See also ERL-338 and PR-1302 | |||
2017-01-24 | Merge branch 'schimulkar/os_mon/linux-on-ibm-z/PR-1309/OTP-14161' into maint | Björn-Egil Dahlberg | |
* schimulkar/os_mon/linux-on-ibm-z/PR-1309/OTP-14161: Adding s390x support | |||
2017-01-23 | ssh: ssh_dbg now reports HELLO msgs and timestamps | Hans Nilsson | |
2017-01-20 | Merge branch 'hans/ssh/cuddle_tests' into maint | Hans Nilsson | |
2017-01-20 | Merge branch 'egil/cuddle-more-tests' into maint | Björn-Egil Dahlberg | |
* egil/cuddle-more-tests: runtime_tools: Fix utf-8 encoding in LTTng.xml Handle unicode in path in test | |||
2017-01-19 | ssh: fix mpint-bug in property tests | Hans Nilsson | |
2017-01-19 | Merge branch 'hans/ssh/reduce_decrypt_error_info_leakage/OTP-14109' into maint | Hans Nilsson | |
2017-01-19 | ssl: Move PEM cache to a dedicated process | Ingela Anderton Andin | |
The PEM cache handling has proven to be too disruptive of the manager process. | |||
2017-01-18 | ssh: Reduce info leakage on decrypt errors | Hans Nilsson | |
Use same message when there are packet errors like too long length, MAC, decrypt or decode errors. This is regarded as good practise to prevent some attacks | |||
2017-01-18 | Merge branch 'raimo/snmp/compile-enum-refinement/ERL-325/OTP-14145' into maint | Raimo Niskanen | |
* raimo/snmp/compile-enum-refinement/ERL-325/OTP-14145: Bump version Do without compilation time in SNMP versions[12]() Test enum refinement MIB Fix enum refinement in usertype in SYNTAX | |||
2017-01-18 | Merge pull request #1311 from leoliu/fix-ERL-336 | Hans Nilsson | |
Add a missing aes_gcm -spec clause to crypto:block_encrypt/4 | |||
2017-01-17 | Merge branch 'egil/cuddle-tests' into maint | Björn-Egil Dahlberg | |
* egil/cuddle-tests: stdlib: Increase timetrap for rand_SUITE common_test: Increase timetrap for cth_hooks_SUITE compiler: Increase timetrap timeouts for lc_SUITE | |||
2017-01-17 | runtime_tools: Fix utf-8 encoding in LTTng.xml | Björn-Egil Dahlberg | |
2017-01-17 | Bump version | Raimo Niskanen | |
2017-01-17 | Do without compilation time in SNMP versions[12]() | Raimo Niskanen | |
2017-01-17 | Merge pull request #1308 from philipcristiano/file_api | Hans Nilsson | |
ssh: Correct ssh_sftpd_file_api dialzyer spec | |||
2017-01-17 | Merge branch 'ingela/ssl/hs-stream/OTP-14138' into maint | Ingela Anderton Andin | |
* ingela/ssl/hs-stream/OTP-14138: ssl: Handle really big handshake packages | |||
2017-01-17 | ssl: Handle really big handshake packages | Ingela Anderton Andin | |
If a handshake message is really big it could happen that the ssl process would hang due to failing of requesting more data from the socket. This has been fixed. Also added option to limit max handshake size. It has a default value that should be big enough to handle normal usage and small enough to mitigate DoS attacks. | |||
2017-01-17 | Add a missing aes_gcm -spec clause to crypto:block_encrypt/4 | Leo Liu | |
Fix https://bugs.erlang.org/browse/ERL-336. | |||
2017-01-16 | Adding s390x support | Satyen Chimulkar | |
2017-01-13 | Test enum refinement MIB | Raimo Niskanen | |
2017-01-13 | Fix enum refinement in usertype in SYNTAX | Raimo Niskanen | |
2017-01-13 | Merge pull request #1261 from smangelsdorf/default_attrs_bug | Lars Thorsén | |
Include explicit attrs when default_attrs=true | |||
2017-01-12 | ssh: Correct ssh_sftpd_file_api dialzyer spec | Philip Cristiano | |
The `State` seems to have been included twice in 91acfc. | |||
2017-01-12 | Merge branch 'hasse/stdlib/fix_anno_types/OTP-14131' into maint | Hans Bolinder | |
* hasse/stdlib/fix_anno_types/OTP-14131: stdlib: Correct signatures of functions in erl_parse | |||
2017-01-12 | ssl: Make crls valid for a week instead of 24 hours | Ingela Anderton Andin | |
With the 24 option we might be unlucky and get failing tests just because cert expired before the test is run. |