aboutsummaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Collapse)Author
2011-10-06Add tls support at connection establishmentAnders Svensson
This is the method added in draft-ietf-dime-rfc3588bis, whereby a TLS handshake immediately follows connection establishment and CER/CEA is sent over the secured connection.
2011-10-06Add tls testsuiteAnders Svensson
2011-10-06Documentation updatesAnders Svensson
2011-10-06Close transport if tls is requested over sctpAnders Svensson
RFC 3588 requires that a Diameter server support TLS but in practise this seems to mean TLS over SCTP since there are limitations with running over SCTP: see RFC 6083 (DTLS over SCTP), which is a response to RFC 3436 (TLS over SCTP). The current RFC 3588 draft acknowledges this by equating the Inband-Security-Id value TLS with TLS/TCP and DTLS/SCTP but underlying support for DTLS is still thin on the ground.
2011-10-06Handle tls notification for tcpAnders Svensson
If TLS has been configured on Inband-Security-Id then the transport process receives a message from the peer_fsm process indicating whether or not to upgrade to TLS. The current draft of RFC 3588 deprecates (but retains for backwards compatibility) the use of Inband-Security-Id for negotiating TLS, adding the possibility of TLS having be negotiated before capabilities exchange. This commit handles the deprecated case.
2011-10-06Lift recursion in tcp message reception up the call chainAnders Svensson
When an initial message is received and TLS is a possibility, must wait for a message from the peer process before either commencing a handshake or receiving more messages.
2011-10-06Add tls support to capabilities exchangeAnders Svensson
To upgrade a connection to TLS or not, that is the question. It is possible for us to send a CER offering both NO_INBAND_SECURITY and TLS and for the peer to answer likewise: RFC 3588 doesn't make clear that a CEA should be unambiguous about the choice of security. Thus, if TLS is offered then assume the server is prepared to for a handshake. Similarly, when receiving a CER, choose TLS if it's offered and be unambiguous about our choice in CEA. There is no ssl:maybe_accept that would let us receive a handshake if it comes or another message if it doesn't. The choice of TLS should probably be made into a callback so that an application can decide based on the peer's Origin-Realm for example. Such a callback could also be used to reject a CER/CEA. Handle Inband-Security-Id values other than NO_INBAND_SECURITY and TLS by assuming that they require no intervention by the transport module, treating them like NO_INBAND_SECURITY. Whether or not this is reasonable (or useful) is unclear. There may be a need for more sychronization than we have on offer. (Having to do something before taking the connection up for example.) Note that diameter_peer_fsm must be upgraded before diameter_capx because of the new return value from diameter_capx:recv_CEA/2.
2011-10-04Merge branch 'dev' into majorBjörn-Egil Dahlberg
2011-10-04Prepare releaseOTP_R14B04Erlang/OTP
2011-10-04Merge branch 'dev' into majorLukas Larsson
* dev: (38 commits) Update documentation Rid ct_telnet of doc build warnings Create temporary fix for problem with parallel test cases Update primary bootstrap Correct "Missing Suites" link Add documentation on timetraps and start flags Add missing tests for timetrap handling and fix remaining errors Solve problem with ct_init/end_per_group being counted as test cases Fix errors in test suites Fix invalid call to undefined function Fix problem with test_server_ctrl creating invalid conf test Improve info in CT framework log Update vsn.mk for common_test and test_server Enhance logging performance Change order of include files Add link to last executed test suite on index page Fix problem with location value when init config func calls help func Fix crash when CTHook init fails Correct error in test suite Fix error with incorrect notification after end_per_testcase craches ... Conflicts: bootstrap/bin/start.boot bootstrap/bin/start_clean.boot bootstrap/lib/compiler/ebin/beam_asm.beam bootstrap/lib/compiler/ebin/beam_disasm.beam bootstrap/lib/compiler/ebin/compile.beam bootstrap/lib/compiler/ebin/sys_pre_expand.beam bootstrap/lib/kernel/ebin/code.beam bootstrap/lib/kernel/ebin/code_server.beam bootstrap/lib/kernel/ebin/hipe_unified_loader.beam bootstrap/lib/kernel/ebin/inet.beam bootstrap/lib/kernel/ebin/inet_config.beam bootstrap/lib/kernel/ebin/inet_dns.beam bootstrap/lib/stdlib/ebin/beam_lib.beam bootstrap/lib/stdlib/ebin/dets.beam bootstrap/lib/stdlib/ebin/erl_compile.beam bootstrap/lib/stdlib/ebin/erl_internal.beam bootstrap/lib/stdlib/ebin/erl_scan.beam bootstrap/lib/stdlib/ebin/erl_tar.beam bootstrap/lib/stdlib/ebin/io_lib_fread.beam bootstrap/lib/stdlib/ebin/otp_internal.beam bootstrap/lib/stdlib/ebin/sofs.beam bootstrap/lib/stdlib/ebin/supervisor.beam bootstrap/lib/stdlib/ebin/zip.beam lib/common_test/src/ct.erl lib/common_test/src/ct_run.erl lib/common_test/test/ct_error_SUITE.erl lib/common_test/test/ct_repeat_1_SUITE.erl lib/common_test/test/ct_skip_SUITE.erl lib/test_server/src/test_server.erl
2011-09-30Update documentationPeter Andersson
OTP-9396 OTP-9372 OTP-9155
2011-09-30Rid ct_telnet of doc build warningsPeter Andersson
OTP-9572
2011-09-30Merge remote branch 'origin/peppe/common_test/r14b04_tickets.fix' into devPeter Andersson
* origin/peppe/common_test/r14b04_tickets.fix: (35 commits) Create temporary fix for problem with parallel test cases Correct "Missing Suites" link Add documentation on timetraps and start flags Add missing tests for timetrap handling and fix remaining errors Solve problem with ct_init/end_per_group being counted as test cases Fix errors in test suites Fix invalid call to undefined function Fix problem with test_server_ctrl creating invalid conf test Improve info in CT framework log Update vsn.mk for common_test and test_server Enhance logging performance Change order of include files Add link to last executed test suite on index page Fix problem with location value when init config func calls help func Fix crash when CTHook init fails Correct error in test suite Fix error with incorrect notification after end_per_testcase craches Fix problem with error message not being printed correctly Add cases to check test case status versus end_per_testcase failure Fix incorrect call to end_tc when tc_status=ok and end_per_testcase times out ... OTP-9600 OTP-9593 OTP-9592 OTP-9585 OTP-9584 OTP-9575 OTP-9520 OTP-9518 OTP-9501 OTP-9429 OTP-9398 OTP-9397 OTP-9396 OTP-9379 OTP-9372 OTP-9371 OTP-9370 OTP-9369 OTP-9311 OTP-9237 OTP-9155 OTP-8933
2011-09-30Create temporary fix for problem with parallel test casesPeter Andersson
OTP-9600
2011-09-29Merge branch 'dev' into majorBjörn-Egil Dahlberg
* dev: Update copyright years
2011-09-29Update copyright yearsBjörn-Egil Dahlberg
2011-09-29Merge branch 'dev' into majorLukas Larsson
* dev: Skip create_big_boot on platforms without crypto Remove test_server path instead of cwd for clash test Skip getaddr_v6 test if on the ipv4_only host Use static port for old solaris versions Extend time to wait for zone files to be loaded Allow out of memory exception for max_port checks Extend slave start timeout for windows tests Double timeout to make sure debug builds pass Use now instead of os:timestamp Increase timeout in scheduler_suspend for slow platforms Skip update_cpu_info if 'taskset' cannot be found
2011-09-29Merge branch 'lukas/fix_erts_testcases/OTP-9596' into devLukas Larsson
* lukas/fix_erts_testcases/OTP-9596: Skip create_big_boot on platforms without crypto Remove test_server path instead of cwd for clash test Skip getaddr_v6 test if on the ipv4_only host Use static port for old solaris versions Extend time to wait for zone files to be loaded Allow out of memory exception for max_port checks Extend slave start timeout for windows tests Double timeout to make sure debug builds pass Use now instead of os:timestamp Increase timeout in scheduler_suspend for slow platforms Skip update_cpu_info if 'taskset' cannot be found
2011-09-29Merge branch 'dev' into majorHenrik Nord
2011-09-29Merge branch 'sa/dialyzer-bug-fixes' into devHenrik Nord
* sa/dialyzer-bug-fixes: Fix typer's crash for nonexisting files Remove unused macro Decrease tuple arity limit Fix bug in dataflow OTP-9597
2011-09-29Skip create_big_boot on platforms without cryptoLukas Larsson
This has to be done as many other applications depend on that crypto is present.
2011-09-29Remove test_server path instead of cwd for clash testLukas Larsson
With the introduction of common_test as test framework the working directory of the tests changed to be the emulator_test directory. So we now have to remove the ../test_server directory instead. This change only affect tests run with a emulator which has not been installed.
2011-09-29Skip getaddr_v6 test if on the ipv4_only hostLukas Larsson
2011-09-29Use static port for old solaris versionsLukas Larsson
Solaris version before 10 have some problem with releasing addresses after doing a gen_udp:open, which causes inet_res to get a econnrefused. With this fix we hope that the static port will not collide with anything.
2011-09-29Extend time to wait for zone files to be loadedLukas Larsson
This change was made in order to make slow solaris machines work.
2011-09-29Extend slave start timeout for windows testsLukas Larsson
2011-09-29Merge branch 'dev' into majorAnders Svensson
2011-09-29Merge branch 'anders/diameter/testsuites/OTP-9553' into devAnders Svensson
* anders/diameter/testsuites/OTP-9553: Remove forgotten dbg
2011-09-29Remove forgotten dbgAnders Svensson
2011-09-29Correct "Missing Suites" linkPeter Andersson
OTP-9592
2011-09-29Add documentation on timetraps and start flagsPeter Andersson
2011-09-28Add missing tests for timetrap handling and fix remaining errorsPeter Andersson
OTP-9593
2011-09-28Merge branch 'dev' into majorAnders Svensson
2011-09-28Merge branch 'anders/diameter/testsuites/OTP-9553' into devAnders Svensson
* anders/diameter/testsuites/OTP-9553: Don't install Emakefile at release_tests
2011-09-28Don't install Emakefile at release_testsAnders Svensson
Emakefile contained compile flags that caused compilation of suites to fail in some cases. common_test will generate an Emakefile and diameter has no need for one of its own.
2011-09-28Merge branch 'dev' into majorHenrik Nord
2011-09-28Merge branch 'rc/eunit-2.2.1' into devHenrik Nord
* rc/eunit-2.2.1: removed some never-matching clauses reported by dialyzer updated author e-mails and homepages removed cvs keywords from files removed files that should not be checked in OTP-9591
2011-09-28Merge branch 'rc/edoc-0.7.9' into devHenrik Nord
* rc/edoc-0.7.9: bumped revision removed some never-matching clauses reported by dialyzer Fix macro expansion in comments following Erlang types URI-escape bytes as two hex digits always (reported by Alfonso De Gregorio) updated author e-mail recognize some more URI schemas in wiki text, in particular https OTP-9590
2011-09-28Merge branch 'dev' into majorRaimo Niskanen
2011-09-28Merge branch 'raimo/sctp-getsetopts-dev/OTP-9544' into devRaimo Niskanen
* raimo/sctp-getsetopts-dev/OTP-9544: erts,kernel: Bugfix - read SCTP socket options from right protocol layer erts: Fix bug SCTP send can only be called from controlling process
2011-09-28Merge remote-tracking branch 'upstream/dev' into majorDan Gudmundsson
2011-09-28Merge branch 'dgud/mnesia/prepare-release' into devDan Gudmundsson
* dgud/mnesia/prepare-release: [mnesia] Prepare release
2011-09-28Merge branch 'dev' into majorSverker Eriksson
2011-09-28Merge branch 'sverker/revert-md2-With-RSA-Encryption' into devSverker Eriksson
* sverker/revert-md2-With-RSA-Encryption: Revert "Prepare for release" Revert "Support md2WithRSAEncryption certificates in public_key" Revert "Support 'md2' hash in crypto:rsa_sign/3 and crypto:rsa_verify/4"
2011-09-28Merge branch 'bjorn/line-numbers/OTP-9468' into majorBjörn Gustavsson
* bjorn/line-numbers/OTP-9468: beam_lib_SUITE: Don't assume that "Abst" is the last chunk test_server: Show line number for caller of test_server:fail()
2011-09-28Merge branch 'bjorn/parallel-make/OTP-9451' into majorBjörn Gustavsson
* bjorn/parallel-make/OTP-9451: ic documentation: Support parallel make system documentation: Support parallel make Support parallel make when running erl_interface tests odbc/c_src/Makefile.in: Support parallel make tools/c_src/Makefile.in: Support parallel make gs: Correct support for parallel make
2011-09-28Merge branch 'dev' into majorBjörn Gustavsson
* dev: distribution_SUITE:bulk_send_bigbig/1: Fail with more information distribution_SUITE: Use unique slave node names beam_lib: Handle rare race in the crypto key server functionality busy_port_SUITE: Avoid crash in register/2 [wx] Re-generate code [wx] Remove optional shadowing clauses [wx] Remove warning [wx] Fix trailing whitespace [wx] Test colors in textctrl [wx] Fix cleanup memory references
2011-09-28Merge branch 'bjorn/stdlib/fix-beam_lib-race/OTP-9586' into devBjörn Gustavsson
* bjorn/stdlib/fix-beam_lib-race/OTP-9586: beam_lib: Handle rare race in the crypto key server functionality
2011-09-28[mnesia] Prepare releaseDan Gudmundsson
2011-09-28Merge branch 'dgud/wx/wx-bugs' into devDan Gudmundsson
* dgud/wx/wx-bugs: [wx] Re-generate code [wx] Remove optional shadowing clauses [wx] Remove warning [wx] Fix trailing whitespace [wx] Test colors in textctrl [wx] Fix cleanup memory references