Age | Commit message (Collapse) | Author |
|
A wrong decryption key would cause a badmatch in
generic_block_cipher_from_bin/2. The try in block_decipher/5 was
probably intendend to deal with that, but was misplace for this.
Additionaly, generating a failure alert erly, without computing the
record MAC, creates vector for a timing attack on CBC padding (for
details check TLS 1.2 RFC 5246, Sect. 6.2.3.2.). This attach vector
and the counter meassure applies to all SSL/TLS versions.
As a counter messure, compute the MAC even when decryption or padding
checks fail. A invalid padding will force a MAC failure by intentionaly
invalidating the content.
|
|
* rc/epp-include-path-fix:
Make epp search directory of current file first when including another file
OTP-9645
|
|
* hl/fix-ms_transform-scope-warn:
ms_transform: Fix incorrect `variable shadowed' warnings
OTP-9646
|
|
* cf/simple_one_for_one_shutdown:
Explain how dynamic child processes are stopped
Stack errors when dynamic children are stopped
Explicitly kill dynamic children in supervisors
Conflicts:
lib/stdlib/doc/src/supervisor.xml
OTP-9647
|
|
* cf/supervisor_shutdown_infinity:
Add a warning to docs about workers' shutdown strategy
Allow an infinite timeout to shutdown worker processes
OTP-9648
|
|
* bjorn/unicode-noncharacters/OTP-9624:
Allow noncharacter code points in unicode encoding and decoding
|
|
* bjorn/parallel-make/OTP-9451:
corba applications: Fix broken 'make clean'
ic documentation: Support parallel make
Revert "ic documentation: Support parallel make"
|
|
* maint-r14:
Fix match bug
|
|
* sverker/random-improved-algo:
Improve algorithm in module random.
Fix a bug in the implementation of the pseudo-random number generator
OTP-8713
|
|
* pg/des-cfb-functions:
[crypto] Remove swedish characters from test code
[crypto] Add DES and Triple DES cipher feedback (CFB) mode functions
OTP-9640
|
|
|
|
|
|
The expected behaviour of a C-style preprocessor (such as Erlang's epp) is
to allow a header file to include another header file in the same directory
even though that directory is not explicitly in the include path, and even
if the actual include path might reference another directory containing a
file with the same name. For example, if src/foo.erl explicitly includes
"../include/foo.hrl", then foo.hrl should be able to include "bar.hrl" in
that same directory even though "../include" might not be in the search
path, and even if another file named bar.hrl could be found using the search
path it should not override the one in the same directory as foo.hrl.
In Erlang, the most common situation is that a user of an installed
application includes a main public header file using include_lib
("appname/include/foo.hrl") and that file includes a secondary header file
"bar.hrl". However, if it does this using include_lib, it causes a
bootstrapping problem - in the build environment for the application itself,
the application is not necessarily found by name. On the other hand, if
foo.hrl uses a plain include, then bar.hrl might be found when the
application is built (if explicit paths are set in the makefils) but not
later on when a user includes the main header file of the installed
application via include_lib.
By making -include always look in the directory of the current file before
it uses the search path, this problem is remedied, and include directives
behave in a more intuitive way.
This completes a partial fix in R11 that only worked for include_lib().
|
|
* anders/diameter/testsuites/OTP-9620:
Add failover suite
Use util to simplify connection establishment in suites
Move certificate generation into own testcase
Add beam target to makefile
Add util functions for managing connections
Use tcp/sctp port resolution from testsuites
|
|
* anders/diameter/port_resolution/OTP-9623:
Register tcp listener before transport start return
Add port resolution interface to transport modules
|
|
A Dets table with sufficiently large buckets could not always be repaired.
(Reported by Gordon Guthrie.)
The format of Dets files has been modified. When downgrading tables
created with the new system will be repaired. Otherwise the
modification should not be noticeable.
|
|
* hb/doc_fixes/OTP-9616:
Correct the docs
|
|
|
|
The indentation of the <d> tag has been corrected, as has the
corresponding tag used for Erlang specs.
The contents of the <v> was not properly processed.
|
|
The two noncharacter code points 16#FFFE and 16#FFFF were not
allowed to be encoded or decoded using the unicode module or
bit syntax. That causes an inconsistency, since the noncharacters
16#FDD0 to 16#FDEF could be encoded/decoded.
There is two ways to fix that inconsistency.
We have chosen to allow 16#FFFE and 16#FFFF to be encoded and
decoded, because the noncharacters could be useful internally
within an application and it will make encoding and decoding
slightly faster.
Reported-by: Alisdair Sullivan
|
|
|
|
* hb/stdlib/dets_repair/OTP-9622:
Fix a minor bug in Dets
|
|
* ia/ssl-peername-one-should-not-be-removed:
Put back ssl:peercert/1
|
|
Incorrect use of ets:match changed to ets:match_object.
|
|
The IDL-GENERATED files must be removed too; otherwise the target
files will not be made the next time 'make' is invoked.
|
|
I accidentally removed a little too much, only peercert/2 was deprecated.
|
|
|
|
Now, in child specification, the shutdown value can also be set to infinity
for worker children. This restriction was removed because this is not always
possible to predict the shutdown time for a worker. This is highly
application-dependent.
|
|
* hb/kernel/fix_disk_log/OTP-9508:
Fix two minor disk_log bugs
|
|
If a Dets table had been properly closed but the space management data
could not been read, it was not possible to repair the file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* anders/diameter/tls_over_tcp/OTP-9605:
Move init/end_per_suite into testcases
Skip tls testsuite if there's no openssl
Clarify that ssl must be started for TLS support
Add tls support at connection establishment
Add tls testsuite
Documentation updates
Close transport if tls is requested over sctp
Handle tls notification for tcp
Lift recursion in tcp message reception up the call chain
Add tls support to capabilities exchange
|
|
* anders/diameter/testsuite_robustness/OTP-9619:
Make testsuites more robust in case of init failure
|
|
* anders/diameter/eprotonosupport/OTP-9615:
gen_sctp:open/0-2 might return {error, eprotonosupport}
|
|
* anders/diameter/doc_dependencies/OTP-9612:
Simplify depend.sed for better compatibility
|
|
See ac2810603b7aaad24129fadf887d9e8deff31d2f.
|
|
Previously error:badarg was raise if there was no underlying support
for SCTP. Handle both new and old failure until OTP-9239 is merged.
|
|
In particular, move code out of init_per_suite since failure
causes end_per_suite to be skipped. Cleanup is simpler if both
init and cleanup happen as testcases.
|
|
|
|
|
|
comments
|
|
Replace the behaviour_info(callbacks) export in stdlib's behaviours with
-callback' attributes for all the callbacks.
|
|
'behaviour_info(callbacks)' is a special function that is defined in a module
which describes a behaviour and returns a list of its callbacks.
This function is now automatically generated using the '-callback' specs. An
error is returned by lint if user defines both '-callback' attributes and the
behaviour_info/1 function. If no type info is needed for a callback use a
generic spec for it.
|