aboutsummaryrefslogtreecommitdiffstats
path: root/lib
AgeCommit message (Collapse)Author
2018-05-21public_key: PKCS8 (Private-Key Information Syntax Standard) encoded private ↵Maxim Fedorov
key support This patch adds support for RSA, DSA and EC private keys encoded using PKCS8 format. Test *.pem files are made with converting existing *.pem files using openssl: openssl pkcs8 -in ... -out ... -topk8 -nocrypt
2018-05-21Merge branch 'lukas/ssl/fix_erl_epmd_usage/OTP-15086'Lukas Larsson
* lukas/ssl/fix_erl_epmd_usage/OTP-15086: ssl: Fix usage of erl_epmd in tls dist
2018-05-21ssl: Fix usage of erl_epmd in tls distLukas Larsson
Fixes: 662f3c7ba50ff8ec13d8
2018-05-21Merge branch 'lukas/erts/cpu_time_thread/OTP-15090'Lukas Larsson
* lukas/erts/cpu_time_thread/OTP-15090: erts: Make cpu_timestamp use per thread on Linux
2018-05-21Merge remote-tracking branch 'peppe/peppe/kernel/logger_handler_fixes'Siri Hansen
* peppe/peppe/kernel/logger_handler_fixes: Various logger handler improvements and updated test cases Make it possible to disable sync and drop mode Conflicts: lib/kernel/test/logger_disk_log_h_SUITE.erl lib/kernel/test/logger_std_h_SUITE.erl
2018-05-21bs_match_SUITE: Add test of multiple matchesBjörn Gustavsson
2018-05-21Merge branch 'hasse/dialyzer/funs_in_dead_code/OTP-15079/ERL-593'Hans Bolinder
* hasse/dialyzer/funs_in_dead_code/OTP-15079/ERL-593: dialyzer: Do not emit warnings for unreachable funs
2018-05-21Merge remote-tracking branch 'origin/ingela/ssl/deprecate-ssl-accept/OTP-15056'Ingela Anderton Andin
* origin/ingela/ssl/deprecate-ssl-accept/OTP-15056: ssl: Deprecate ssl:ssl_accept/[1,2,3]
2018-05-18ssl: Deprecate ssl:ssl_accept/[1,2,3]Ingela Anderton Andin
2018-05-18Merge branch 'sverker/ets-delete_all_objects-trap/OTP-15078'Sverker Eriksson
* sverker/ets-delete_all_objects-trap/OTP-15078: erts: Rename untrapping db_free_*empty*_table erts: Make ets:delete_all_objects yield on fixed table erts: Optimize ets delete all in fixed table erts: Refactor ets select iteration code erts: Cleanup ets code erts: Optimize ets hash object deallocactions erts: Refactor pseudo deleted ets objects erts: Make atomic ets:delete_all_objects yield erts: Fix reduction bump for ets:delete/1
2018-05-18Merge branch 'sverker/crypto-upgrade-bug/OTP-15088'Sverker Eriksson
* sverker/crypto-upgrade-bug/OTP-15088: crypto: Robustify the do-once-initialization crypto: Fix upgrade bug when engine support is missing
2018-05-17crypto: Robustify the do-once-initializationSverker Eriksson
Introduce boolean 'library_initialized' that is set once and never cleared as that is how initialization must be done. Kept 'library_refc' as it may be interesting for debugging. Moved the three init_*_types() functions last as those must only be called once and there were error cases bailing out after them.
2018-05-17crypto: Fix upgrade bug when engine support is missingSverker Eriksson
library_refc was not checked causing crash when init_digest_types() was called a second time.
2018-05-17Merge branch 'hans/ssh/channel_cb_reason/OTP-15084'Hans Nilsson
* hans/ssh/channel_cb_reason/OTP-15084: ssh: Terminate reason was always the name of the called callback module
2018-05-17Merge branch 'hans/ssh/monitor/OTP-15082'Hans Nilsson
* hans/ssh/monitor/OTP-15082: ssh: Replace link by monitor for exit supervision
2018-05-17Merge pull request #1810 from tomas-abrahamsson/bjorn/preprocessor-extensionsBjörn Gustavsson
Add ?OTP_RELEASE, -if and -elif to the preprocessor OTP-15087
2018-05-17Merge pull request #1817 from dgud/dgud/stdlib/string-opt-caseDan Gudmundsson
OTP-14988
2018-05-17Merge pull request #1820 from IngelaAndin/ingela/ssl/cipher-suite-select-fixIngela Andin
ssl: Correct key_usage check
2018-05-17tverlaan/add_dns_alternative_to_tcp_dist/PR-1694/OTP-15086Lukas Larsson
epmd: allow alternative to dns resolving for nodename
2018-05-16Merge branch 'siri/kernel/dont-store-incl-apps-in-env/OTP-15071'Siri Hansen
* siri/kernel/dont-store-incl-apps-in-env/OTP-15071: Don't save included_applications as application environment variable
2018-05-16epmd: allow alternative to dns resolving for nodenameTimmo Verlaan
This makes it possible to create a custom integration with a key-value store for example. The key would then point to the actual address. You would have to write your own epmd module to make use of that feature.
2018-05-16ssh: Terminate reason was always the name of the called callback moduleHans Nilsson
2018-05-16ssh: Replace link by monitor for exit supervisionHans Nilsson
2018-05-16Merge branch 'richcarl/eliminate_lib_module/PR-1786/OTP-15072'Hans Bolinder
* richcarl/eliminate_lib_module/PR-1786/OTP-15072: Fix minor issues Eliminate call to ct:get_progname() in ts_erl_config Use \n escape instead of integer 10 Move error formatting to erl_error.erl and delete lib.erl Move extended parse functions in lib.erl to erl_eval.erl Move lib:eval_str/1 into mod_esi.erl Remove lib:progname/0 Eliminate call to lib:progname/1 in slave.erl Add ct:get_progname/0 Remove lib:error_message/2 Remove lib:flush_receive/0 Remove lib:send/2 and lib:sendw/2 Move lib:nonl/1 into yecc.erl
2018-05-15ssl: Correct key_usage checkIngela Anderton Andin
The Key Usage extension is described in section 4.2.1.3 of X.509, with the following possible flags: KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), -- recent editions of X.509 have -- renamed this bit to contentCommitment keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) } In SSL/TLS, when the server certificate contains a RSA key, then: either a DHE or ECDHE cipher suite is used, in which case the RSA key is used for a signature (see section 7.4.3 of RFC 5246: the "Server Key Exchange" message); this exercises the digitalSignature key usage; or "plain RSA" is used, with a random value (the 48-byte pre-master secret) being encrypted by the client with the server's public key (see section 7.4.7.1 of RFC 5246); this is right in the definition of the keyEncipherment key usage flag. dataEncipherment does not apply, because what is encrypted is not directly meaningful data, but a value which is mostly generated randomly and used to derive symmetric keys. keyAgreement does not apply either, because that one is for key agreement algorithms which are not a case of asymmetric encryption (e.g. Diffie-Hellman). The keyAgreement usage flag would appear in a certificate which contains a DH key, not a RSA key. nonRepudiation is not used, because whatever is signed as part of a SSL/TLS key exchange cannot be used as proof for a third party (there is nothing in a SSL/TLS tunnel that the client could record and then use to convince a judge when tring to sue the server itself; the data which is exchanged within the tunnel is not signed by the server). When a ECDSA key is used then "keyAgreement" flag is needed for beeing ECDH "capable" (as opposed to ephemeral ECDHE)
2018-05-15erts: Make cpu_timestamp use per thread on LinuxLukas Larsson
If we don't use per thread the value becomes completely nonsensical on systems with more than one scheduler. We keep the old solaris behaviour in order to support the option, but it only really works when using a single scheduler.
2018-05-15Merge branch 'lukas/erts/otp-21-misc'Lukas Larsson
* lukas/erts/otp-21-misc: erts: Fix unused variable warning in unix prim file erts: Fix erts_os_times warning kernel: Fix comment in kernel_config kernel: Refactor erl_signal_handler startup kernel: Remove doc for unused browser_cmd variable
2018-05-15kernel: Fix comment in kernel_configLukas Larsson
The error_logger is no longer added here.
2018-05-15kernel: Refactor erl_signal_handler startupLukas Larsson
2018-05-14Optimize string lowercase, uppercase and casefold for ASCII charactersDan Gudmundsson
2018-05-14ssh: Test cases fixesHans Nilsson
2018-05-14ssh: Use generic_timer for option idle_timeHans Nilsson
2018-05-14ssh: Refactor connection_msg handlingHans Nilsson
2018-05-14ssh: Unfold function in the single used placeHans Nilsson
2018-05-14ssh: idle_timer sends special msg instead of EXITHans Nilsson
2018-05-14Merge branch 'hasse/tools/xref_fix'Hans Bolinder
* hasse/tools/xref_fix: tools: Handle fast restarts of Xref server
2018-05-14Merge branch 'hans/ssh/rekey_limit/OTP-15069'Hans Nilsson
* hans/ssh/rekey_limit/OTP-15069: ssh: Test the infinity rekey_limit option ssh: Add infinity as values to rekey_limit
2018-05-13dialyzer: Do not emit warnings for unreachable funsHans Bolinder
Warnings are not generated for funs residing in dead code. In particular, warnings like "The created fun has no local return" are no longer generated for funs declared in clauses or functions that cannot be run.
2018-05-09ssh: Test the infinity rekey_limit optionHans Nilsson
2018-05-09ssh: Add infinity as values to rekey_limitHans Nilsson
Zero is removed from the Minutes in the new tuple value to remove a loop possibility. The zero is kept for bytes since that is not dangerous and a removal would be an unnecssary incompatibility.
2018-05-09kernel: Remove doc for unused browser_cmd variableLukas Larsson
2018-05-09Merge branch 'siri/logger-fix'Siri Hansen
* siri/logger-fix: Update reference manuals for logger Update some specs in logger
2018-05-09Fix minor issuesRichard Carlsson
2018-05-09Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 ssh: Fix server crashes for exit-normal signals
2018-05-09Merge branch 'maint-19' into maintHans Nilsson
* maint-19: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 ssh: Fix server crashes for exit-normal signals Conflicts: OTP_VERSION lib/ssh/doc/src/notes.xml lib/ssh/src/ssh_connection_handler.erl lib/ssh/src/ssh_transport.erl lib/ssh/vsn.mk otp_versions.table
2018-05-09Eliminate call to ct:get_progname() in ts_erl_configRichard Carlsson
During cross compilation, the ct module is not available.
2018-05-09Update reference manuals for loggerSiri Hansen
2018-05-09syntax_tools: Add support for -if and -elifBjörn Gustavsson
2018-05-09epp: Implement the -if and -elif preprocessor directivesBjörn Gustavsson
Libraries or applications that support more than one major release of OTP may need to use conditional compilation of Erlang source code. Here are few examples where it would be necessary or desirable: * To support a new data type or language feature only available in the latest major release (real-world examples: maps and the stacktrace syntax). * To avoid warnings for deprecated functions. * To avoid dialyzer warnings. Previously, to do conditional compilation, one would have to use a parse transform or some external tool such as 'autoconf'. To simplify conditional compilation, introduce the -if and -elif preprocessor directives, to allow code like this to be written: -if(?OTP_RELEASE =:= 21). %% Code that will only work in OTP 21. -else. %% Fallback code. -endif. What kind of expressions should be allowed after an -if? We certainly don't want to allow anything with a side effect, such as a '!' or a 'receive'. We also don't want it to be possible to call erlang:system_info/1, as that could make the code depedent on features of the run-time system that could change very easily (such as the number of schedulers). Requiring the expression to be a guard expression makes most sense. It is to explain in the documentation and easy for users to understand. For simplicity of implementation, only a single guard expression will be supported; that is, the ',' and ';' syntax for guards is not supported. To allow some useful conditions to be written, there is a special built-in function: defined(Symbol) tests whether the preprocessor symbol is defined, just like -ifdef. The reason for having this defined/1 is that the defined test can be combined with other tests, for example: 'defined(SOME_NAME) andalso ?OTP_RELEASE > 21'.
2018-05-08erts: Make atomic ets:delete_all_objects yieldSverker Eriksson
by using a cooperative strategy that will make any process accessing the table execute delelete_all_objects_continue until the table is empty. This is not an optimal solution as concurrent threads will still block on the table lock, but at least thread progress is made.