| Age | Commit message (Collapse) | Author |
|---|
|
* peterdmv/ssl/version_downgrade_protection/OTP-15189:
ssl: Implement downgrade protection mechanism (TLS 1.3)
Change-Id: I29a281c1278509608fdea9b0346ad91c62f886a8
|
|
* maint:
Fix typo in xmerl_scan:string/1
Updated OTP version
Prepare release
ssl: Engine key trumps certfile option
inets: Prepare for release
inets: Improve error handling
|
|
* maint-20:
Updated OTP version
Prepare release
ssl: Engine key trumps certfile option
inets: Prepare for release
inets: Improve error handling
|
|
Fix typo in xmerl_scan:string/1
|
|
|
|
* peterdmv/ssl/version_extension_updates/OTP-15059:
ssl: Fix handling of TLS record versions
ssl: Update hello state (TLS 1.3)
ssl: Implement 'supported_versions' extension
ssl: Sort supported versions in handle_options
ssl: Add experimental version 'tlsv1.3'
Change-Id: I071d24242103cc066c5ee8154effc5ee01b04703
|
|
|
|
fix type spec of mnesia:change_config
|
|
maps:new/0 is no longer a BIF
|
|
|
|
'ingela/inets/error-handling-eisdir-mod-get/ERIERL-207/OTP-15192' into maint-20
* ingela/inets/error-handling-eisdir-mod-get/ERIERL-207/OTP-15192:
inets: Prepare for release
inets: Improve error handling
|
|
* sverker/ic/encode-long-buffer-overflow/OTP-15179:
ic: Tweak tests to provoke more outbuf reallocations
ic: Fix memory leak in oe_ei_decode_wstring
ic: Fix correct external format sizes
|
|
* ingela/ssl/engine-vs-certfile/ERLERL-211/OTP-15193:
ssl: Engine key trumps certfile option
|
|
* ingela/maint-20/chipher-suite-handling/OTP-15178:
ssl: Prepare for release
ssl: Fix test case to only check relevant info for the test
ssl: Correct connection_information on ECC-curves
ssl: No cipher suite sign restriction in TLS-1.2
ssl: Add psk as anonymous key exchange in ssl_handshake:select_hashsign/5
ssl: anon test should use dh or ecdh anon keyexchange
ssl: Correct key_usage check
ssl: Fix ECDSA key decode clause
ssl: Avoid hardcoding of cipher suites and fix ECDH suite handling
ssl: Run all test case combinations
ssl: Correct ECC suite and DTLS ECC handling
|
|
If negotiating TLS 1.2, TLS 1.3 servers MUST set the last eight bytes
of their Random value to the bytes:
44 4F 57 4E 47 52 44 01
If negotiating TLS 1.1 or below, TLS 1.3 servers MUST and TLS 1.2
servers SHOULD set the last eight bytes of their Random value to the
bytes:
44 4F 57 4E 47 52 44 00
Change-Id: If35112f63f42a9af351f4ca9b1846fd3f5b08167
|
|
- Introduce new macro ALL_TLS_RECORD_VERSIONS to decouple
ALL_AVAILABLE_VERSIONS from the list of valid TLS record
versions. It consists of versions allowed in
TLSCiphertext.version (TLS 1.2 and prior) and
TLSCiphertext.legacy_record_version (TLS 1.3).
- TLS 1.3 sets TLSCiphertext.legacy_record_version to 0x0303
for all records generated other than an initial ClientHello,
where it MAY also be 0x0301.
- TLSPlaintext.legacy_record_version is ignored.
Change-Id: Iabb1a954ab21f8be012e6460ae99ab533e31e123
|
|
Update hello state to handle the "supported_versions" extension
defined by TLS 1.3:
- If "supported_versions" is present in ServerHello, the client
will aboirt the handshake with an "illegal_parameter" alert.
- If "supported_versions" is present in ClientHello, the server
will select a version from "supported_versions" and ignore
ClientHello.legacy_version. If it only supports versions
greater than "supported_versions", the server aborts the
handshake with a "protocol_version" alert.
- If "supported_versions" is absent in ClientHello, the server
negotiates the minimum of ClientHello.legacy_version and
TLS 1.2. If it only supports version greater than
ClientHello.legacy_version, the server aborts the handshake
with a "protocol_version" alert.
Change-Id: I16eef15d77bf21209c6cc103546ddddca518483b
|
|
Change-Id: I8bb015e97ab4c317ef380123cf94350ed509c36f
|
|
Sort supported versions (highest first) in handle options to
reflect the order expected by TLS 1.3.
Change-Id: I06bb43ac81eeaca681c122d815a024c8444e3726
|
|
|
|
- Add 'tlsv1.3' to the available versions. It can be used to
trigger experimental behavior while implementing TLS 1.3.
- Add dummy clauses for handling version {3,4} of TLS.
- Update ssl_logger to handle unknown versions of TLS.
Change-Id: I564ffa47dca18b59f0dc16c9809dfd7adaf2d333
|
|
|
|
|
|
|
|
|
|
* sverker/erl_interface/valgrind/OTP-15171:
erl_interface: Fix bug in ei_*receive_msg* functions
erl_interface: Seal test case memory leaks
erl_interface: Initialize erl_errno to zero
erts: Remove use of VALGRIND_PRINTF_XML
erl_interface: Add valgrind ability for test port programs
erts: Fix benign bug in cerl for valgrind
erts: Fix buggy calls to erts_sys_explicit_8bit_getenv
|
|
|
|
to appease valgrind.
|
|
Makes valgrind happy.
|
|
* maint:
Abort size calculation when a matched-out variable is used
|
|
jhogberg/john/compiler/fix-varsize-binary-comprehension/OTP-15186/ERL-665
Fix a crash when compiling variable-sized binary comprehensions
|
|
Optimise creation of anonymous functions
|
|
Implementing it in Erlang allows taking advantage of the literal pool
optimisation, this means the function implemented in Erlang does no
allocations, while the BIF had to allocate new map each time it was
called. Benchmarks show the function is also slightly faster now.
|
|
|
|
This introduces a similar optimisation for normal funs
to what was introduced for external funs in #1725.
It is possible to allocate the fun as a literal, if it does not capture
the environment (i.e. it does not close over any variables).
Unfortunately it's not possible to do this in the compiler due to
problems with representation of such functions in the `.beam` files.
Fortunately, we can do this in the loader.
Simple evaluation shows that functions that don't capture the
enviornment consistute over 60% of all funs in the source code of
Erlang/OTP itself.
The only downside is that we lose a meningful value in the `pid` field
of the fun. The goal of this field, beyond debugging, was to be
able to identify the original node of a function. To be able to still do
this, the functions that are created in the loader are assigned the init
pid as the creator.
To solve issues with staryp, initially set the `erts_init_process_id`
to `ERTS_INVALID_PID` and skip the described optimisation if the value
is still uninitialised.
|
|
|
|
|
|
|
|
Fix typo in logger docs
|
|
|
|
into maint
|
|
Run under valgrind if environment variable VALGRIND_LOG_DIR is set.
|
|
|
|
* lukas/clean_doc_xmldir/OTP-15190:
docs: make clean all XMLDIR
|
|
Referencing a matched-out variable in a size expression makes it
impossible to calculate the size of the result based on the size of
the matched binary. The compiler would still generate code to do
this however, which would crash since the variable isn't defined
at the size calculation.
|
|
|
|
|
|
* maint:
Updated OTP version
Update release notes
Update version numbers
Fix trace_info/2
Provide build support for standalone corba repo
Fix release notes for OTP-21.0.2
Move to a dirty scheduler even when we have pending system tasks
|
|
* maint-21:
Updated OTP version
Update release notes
Update version numbers
Fix trace_info/2
Provide build support for standalone corba repo
Fix release notes for OTP-21.0.2
Move to a dirty scheduler even when we have pending system tasks
|
|
|
