| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
into maint-20
* hans/public_key/verify_hostname_ip_address_maint20/OTP-14653:
public_key: verify ip (both v4 and v6)
public_key: Added IP4 address checks to hostname_verification tests
|
|
'ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766' into maint-20
* ingela/maint-20/ssl/extend-hostname-check/OTP-14632/OTP-14655/OTP-14766:
ssl: Fix test cases to work on all test platforms
public_key: Fix dialyzer spec
ssl: Sessions must be registered with SNI if exists
ssl: Extend hostname check to fallback to checking IP-address
public_key, ssl: Handles keys so that APIs are preserved correctly
ssl: Use ?FUNCTION_NAME
|
|
* ingela/maint-20/ssl/Bleichenbacher/OTP-14748:
ssl: Prepare for release
ssl: Countermeasurements for Bleichenbacher attack
|
|
|
|
|
|
|
|
* hans/ssh/SYN_RST/OTP-14778:
ssh: dialyzer fixes
ssh: Fix broken error handling during session setup
|
|
|
|
|
|
|
|
|
|
Use hradcoded rsa keys as this will work on all legacy platforms.
In test case dns_name_reuse only do the relevant client check in the
final test.
|
|
|
|
|
|
If no SNI is available and the hostname is an IP-address also check
for IP-address match. This check is not as good as a DNS hostname check
and certificates using IP-address are not recommended.
|
|
|
|
Use ?FUNCTION_NAME macro to enhance code as we will not back-port this
version of the ssl application to versions pre OTP 19.
|
|
|
|
|
|
|
|
* ingela/inets/fix-location/OTP-14761:
inets: Prepare for release
inets: Add missing guard
|
|
* john/erts/fix-gunzip-eos/OTP-14730/ERL-507:
Only apply EOS behaviors if there's pending data
|
|
|
|
Add test in the correct place which was the reason the guard became missing
without being noticed.
|
|
The docs for zlib:deflateInit/6 explicitly mention that 8 is broken
and should not be used unless we know for certain that our zlib
version supports it.
|
|
1.2.11 started bailing when avail_out==0 regardless of whether
there's anything to flush or not, and there's no point in adapting
the old method since it was vulnerable to bugs in other zlib
versions which updated the deflate parameters even on failure.
The api_deflateParams test has been expanded accordingly, and two
white-box cases in zip_usage has been updated to make fewer
assumptions about the output; the validity of the compressed data
is what matters, not whether it's exactly the same as the test
vector.
|
|
|
|
|
|
|
|
New chunk mechanism of body data in POST requests added in
5d01c70ca399edf28e99dc760506329689fab6ba
broke handling of POST body data not using the new mechanism.
Added better regression test
|
|
|
|
If a status code is provide by the ESI script that status code should have
precedence over internal defaults.
Also remove RFC 2616 requirement that URI must be absolute, that requirement
is relaxed by RFC 7231.
|
|
|
|
* anders/diameter/decode/OTP-14684:
vsn -> 2.1.2
Update appup for ERIERL-14684
|
|
* anders/diameter/decode/ERIERL-85:
Fix error handling when decoding an AVP with an alternate dictionary
Remove unused function arguments
Fix faulty recursion
|
|
* raimo/snmp/option-recbuf-broken-for-snmpm/OTP-13372:
Update version
Fix speling error 'sndbuf' -> 'recbuf'
|
|
|
|
The options map wasn't updated after the AVP was identified, with
the resulting consequences for M-bit interpretation.
|
|
Which may have been used in the past, but aren't now.
|
|
The wrong variable was passed into the decode recursion, causing the
options map to be contaminated by strict_mbit and failed_avp
modifications that should only apply to component AVPs in the Grouped
case. Decode errors and M-bits could be ignored as a result.
|
|
|
|
|
|
|
|
|
|
|
|
* anders/diameter/reg_monitor/OTP-14668:
vsn -> 2.1.1
Update appup and code_change for ERIERL-83
|
|
* anders/diameter/reg_monitor/ERIERL-83:
Fix missing monitor in diameter_reg
|
|
|
