Age | Commit message (Collapse) | Author |
|
The EVP_CIPHER_CTX interface aims at enabling using the same code for many
ciphers. Since we are going to add aes_ccm which is similar to aes_gcm,
this commit is a preparation.
It creates the aead_(de|en)crypt nifs and removes the old ones.
|
|
* hasse/syntax_tools/fix_revert/OTP-15294:
erts: Add comment about [] and nil() to The Abstract Format
syntax_tools: Correct erl_syntax:revert/1
|
|
|
|
* hans/crypto/doc/OTP-15134:
ssh: Use exported crypto types
public_key: Generate refman from types and specs
public_key: Rework -type and -spec Check existing specs with code and documentation and adjust. Prepare for doc generation
public_key: Setup for doc generation
public_key: Remove special type signature for one test
crypto: Add missing documentation for enable_fips_mode/1
crypto: Generate refman from types and specs and fix links in engine chapter for generated crypto module refman
crypto: Rework -type and -spec Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
crypto: Setup for doc generation
crypto: A user's guide chapter on algorithm details Such as keylengths, blocksizes and IV lengths are hard to find otherwise
|
|
|
|
|
|
Check existing specs with code and documentation and adjust. Prepare for doc generation
|
|
|
|
|
|
|
|
and fix links in engine chapter for generated crypto module refman
|
|
Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
|
|
|
|
Such as keylengths, blocksizes and IV lengths are hard to find otherwise
Conflicts:
lib/crypto/doc/src/crypto.xml
|
|
* maint-21:
Updated OTP version
Update release notes
Update version numbers
erts: Fix "Prevent inconsistent node lists" fix
Fix include-path regression caused by dd0a39c
Restore default SIGTERM behaviour for port programs
|
|
|
|
maint
* hasse/syntax_tools/fix_stacktrace_var/OTP-15291/ERL-719:
syntax_tools: Correct unfolding of the stacktrace variable
|
|
revert/1 did not handle the types tuple() and map() correctly.
|
|
'ingela/ssl/unorded-or-incomplete-cert-chain/OTP-12983/OTP-15060' into maint
* ingela/ssl/unorded-or-incomplete-cert-chain/OTP-12983/OTP-15060:
ssl: Handle incomplete and unorded chains
|
|
If the peer sends an incomplete chain that we can reconstruct with
our known CA-certs it will be accepted.
We will assume that the peer honors the protocol and sends an orded
chain, however if validation fails we will try to order the chain in
case it was unorded. Will also handle that extraneous cert where present.
See Note form RFC 8446
Note: Prior to TLS 1.3, "certificate_list" ordering required each
certificate to certify the one immediately preceding it; however,
some implementations allowed some flexibility. Servers sometimes
send both a current and deprecated intermediate for transitional
purposes, and others are simply configured incorrectly, but these
cases can nonetheless be validated properly. For maximum
compatibility, all implementations SHOULD be prepared to handle
potentially extraneous certificates and arbitrary orderings from any
TLS version, with the exception of the end-entity certificate which
MUST be first.
|
|
|
|
* anders/diameter/21.1/OTP-15202:
vsn -> 2.1.6
Update appup for 21.1
|
|
* anders/diameter/dpr/OTP-15198:
Fix function_clause when sending a request after an outgoing DPA
|
|
|
|
|
|
* hans/crypto/x25519_x448/OTP-15240:
crypto: Remove 'experimental' comments for ecdh
|
|
Before only some PSK suites would be correctly negotiated and most PSK
ciphers suites would fail the connection.
PSK cipher suites are anonymous in the sense that they do not use
certificates except for rsa_psk.
|
|
erlang-mode: fix void variable align-rules-list error
|
|
Include paths don't actually affect code generation in any way, but
it's reasonable for a build tool like rebar3 to recompile when the
include paths change. This commit restores the old behavior without
the +deterministic flag.
|
|
|
|
The bug was introduced in 9ab233.
See also https://bugs.erlang.org/browse/ERL-719.
|
|
* raimo/improve-doc-indexing/ERL-666:
Correct doc markers
Improve indexing of cref docs
|
|
|
|
OTP-15198 Fix function_clause when sending a request after outgoing DPA
|
|
* siri/supervisor/warn-shutdown-race/ERL-724:
[supervisor] Add warning about race condition
|
|
* siri/cuddle:
[sasl] Flush logger handlers to file before terminating node
|
|
|
|
* hans/public_key/DSAPrivateKey_in_verify/OTP-15284:
public_key: Remove strange and unused(?) DSAPrivateKey from verify/5
|
|
|
|
|
|
|
|
ERL-724: "During a 'gentle' shutdown, supervisors unlink from their
children before sending shutdown signals to them. This can lead to a
race condition in supervision trees, when the timeout for gentle
shutdown of a parent supervisor expires and it kills a child
supervisor that has just unlinked from a child of its own, leaving the
child supervisor's own child still running after its supervisor is
killed."
This commit adds a warning about this in the documentation.
|
|
* rickard/pcre-8.42/OTP-15217:
Update PCRE from version 8.41 to version 8.42
|
|
* maint-21:
Updated OTP version
Update release notes
Update version numbers
kernel: Fix missing abort_connection in net_kernel
Prevent inconsistent node lists
Fix an endless rescheduling loop when a process is executing process_info(self(), ...)
|
|
Correct dialyzer spec for key option
OTP-15281
|
|
|
|
|
|
|
|
* sverker/erts/ets-memstat-false-leak/ERL-720/OTP-15278:
erts: Refactor ets FixedDeletion allocations
erts: Fix ets memstat false leak of FixedDeletion
|
|
Erl compare ext lists bug (ERL-705)
|