Erlang/OTP 20.3 has been released

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Erlang/OTP 20.3 has been released

Henrik Nord X
Erlang/OTP 20.3 is the third service release for the 20 major release.
The service release contains mostly bug fixes and characteristics
improvements but also some new features.

Some highlights for 20.3


Application(s): ssl

               Added new API functions to facilitate cipher suite
               handling

Application(s): erts, observer

               More crash dump info such as: process binary virtual
               heap stats, full info for process causing out-of-mem
               during GC, more port related info, and dirty scheduler
               info.

Application(s): inets

               Add support for unix domain sockets in the http client.

You can find the README and the full listing of changes for this
service release at

http://www.erlang.org/download/otp_src_20.3.readme

The source distribution and binary distributions for Windows can be
downloaded from

http://www.erlang.org/download/otp_src_20.3.tar.gz
http://www.erlang.org/download/otp_win32_20.3.exe
http://www.erlang.org/download/otp_win64_20.3.exe

Note: To unpack the TAR archive you need a GNU TAR compatible program.

For installation instructions please consult the README file that is
part
of the distribution.

The Erlang/OTP source can also be found at GitHub on the official
Erlang
repository, https://github.com/erlang/otp with tag OTP-20.3

The on-line documentation can be found at: http://www.erlang.org/doc/
You can also download the complete HTML documentation or the Unix
manual files

http://www.erlang.org/download/otp_doc_html_20.3.tar.gz
http://www.erlang.org/download/otp_doc_man_20.3.tar.gz

Please report any new issues via Erlang/OTPs public issue tracker

https://bugs.erlang.org

We want to thank all of those who sent us patches, suggestions and bug
reports!

Thank you!

The Erlang/OTP Team at Ericsson
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Erlang/OTP 20.3 has been released

Wes James
With this version I am now getting ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY when going to my https cowboy app in chrome Version 65.0.3325.162 and a similar error in firefox.  My app uses a self-signed certificate.  It works fine with otp 20.2.4. Is there a way to fix this for self-signed certs?  I tried a few things suggested on some web searches, but I still get the same error.  For one, I tried adding the cert to the system keychain on my mac and selected always trust.  If this is a bug, let me know and I'll report it in the tracker.

Thanks,

-wes

On Wed, Mar 14, 2018 at 3:46 AM, Henrik Nord X <[hidden email]> wrote:
Erlang/OTP 20.3 is the third service release for the 20 major release.
The service release contains mostly bug fixes and characteristics
improvements but also some new features.

Some highlights for 20.3


Application(s): ssl

               Added new API functions to facilitate cipher suite
               handling

Application(s): erts, observer

               More crash dump info such as: process binary virtual
               heap stats, full info for process causing out-of-mem
               during GC, more port related info, and dirty scheduler
               info.


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Erlang/OTP 20.3 has been released

Ingela Andin
Hi!

If this is a bug is hard to tell form the information you provided. Do you have any Erlang log printouts? Can you give me a way to reproduce it? If you have more information that you do not want to share publicly you can send
me a private mail.

Regards Ingela Erlang/OTP team - Ericsson AB

2018-03-14 17:02 GMT+01:00 Wes James <[hidden email]>:
With this version I am now getting ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY when going to my https cowboy app in chrome Version 65.0.3325.162 and a similar error in firefox.  My app uses a self-signed certificate.  It works fine with otp 20.2.4. Is there a way to fix this for self-signed certs?  I tried a few things suggested on some web searches, but I still get the same error.  For one, I tried adding the cert to the system keychain on my mac and selected always trust.  If this is a bug, let me know and I'll report it in the tracker.

Thanks,

-wes

On Wed, Mar 14, 2018 at 3:46 AM, Henrik Nord X <[hidden email]> wrote:
Erlang/OTP 20.3 is the third service release for the 20 major release.
The service release contains mostly bug fixes and characteristics
improvements but also some new features.

Some highlights for 20.3


Application(s): ssl

               Added new API functions to facilitate cipher suite
               handling

Application(s): erts, observer

               More crash dump info such as: process binary virtual
               heap stats, full info for process causing out-of-mem
               during GC, more port related info, and dirty scheduler
               info.


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions



_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Erlang/OTP 20.3 has been released

Ingela Andin
Hi!

This might be an interop problem due to AEAD cipher suites wrongly being filtered out.
Could you please try the following patch?

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 62a172c..59cf05f 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -2175,6 +2175,8 @@ is_acceptable_cipher(Cipher, Algos) ->
 
 is_acceptable_hash(null, _Algos) ->
     true;
+is_acceptable_hash(aead, _Algos) ->
+    true;
 is_acceptable_hash(Hash, Algos) ->
     proplists:get_bool(Hash, Algos).



Regards Ingela Erlang/OTP team - Ericsson AB



2018-03-15 10:02 GMT+01:00 Ingela Andin <[hidden email]>:
Hi!

If this is a bug is hard to tell form the information you provided. Do you have any Erlang log printouts? Can you give me a way to reproduce it? If you have more information that you do not want to share publicly you can send
me a private mail.

Regards Ingela Erlang/OTP team - Ericsson AB

2018-03-14 17:02 GMT+01:00 Wes James <[hidden email]>:
With this version I am now getting ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY when going to my https cowboy app in chrome Version 65.0.3325.162 and a similar error in firefox.  My app uses a self-signed certificate.  It works fine with otp 20.2.4. Is there a way to fix this for self-signed certs?  I tried a few things suggested on some web searches, but I still get the same error.  For one, I tried adding the cert to the system keychain on my mac and selected always trust.  If this is a bug, let me know and I'll report it in the tracker.

Thanks,

-wes

On Wed, Mar 14, 2018 at 3:46 AM, Henrik Nord X <[hidden email]> wrote:
Erlang/OTP 20.3 is the third service release for the 20 major release.
The service release contains mostly bug fixes and characteristics
improvements but also some new features.

Some highlights for 20.3


Application(s): ssl

               Added new API functions to facilitate cipher suite
               handling

Application(s): erts, observer

               More crash dump info such as: process binary virtual
               heap stats, full info for process causing out-of-mem
               during GC, more port related info, and dirty scheduler
               info.


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions




_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: Erlang/OTP 20.3 has been released

Wes James
That fixed it for me.  Thanks!

-wes

On Thu, Mar 15, 2018 at 3:45 AM, Ingela Andin <[hidden email]> wrote:
Hi!

This might be an interop problem due to AEAD cipher suites wrongly being filtered out.
Could you please try the following patch?

diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl
index 62a172c..59cf05f 100644
--- a/lib/ssl/src/ssl_cipher.erl
+++ b/lib/ssl/src/ssl_cipher.erl
@@ -2175,6 +2175,8 @@ is_acceptable_cipher(Cipher, Algos) ->
 
 is_acceptable_hash(null, _Algos) ->
     true;
+is_acceptable_hash(aead, _Algos) ->
+    true;
 is_acceptable_hash(Hash, Algos) ->
     proplists:get_bool(Hash, Algos).



Regards Ingela Erlang/OTP team - Ericsson AB



2018-03-15 10:02 GMT+01:00 Ingela Andin <[hidden email]>:
Hi!

If this is a bug is hard to tell form the information you provided. Do you have any Erlang log printouts? Can you give me a way to reproduce it? If you have more information that you do not want to share publicly you can send
me a private mail.

Regards Ingela Erlang/OTP team - Ericsson AB

2018-03-14 17:02 GMT+01:00 Wes James <[hidden email]>:
With this version I am now getting ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY when going to my https cowboy app in chrome Version 65.0.3325.162 and a similar error in firefox.  My app uses a self-signed certificate.  It works fine with otp 20.2.4. Is there a way to fix this for self-signed certs?  I tried a few things suggested on some web searches, but I still get the same error.  For one, I tried adding the cert to the system keychain on my mac and selected always trust.  If this is a bug, let me know and I'll report it in the tracker.

Thanks,

-wes

On Wed, Mar 14, 2018 at 3:46 AM, Henrik Nord X <[hidden email]> wrote:
Erlang/OTP 20.3 is the third service release for the 20 major release.
The service release contains mostly bug fixes and characteristics
improvements but also some new features.

Some highlights for 20.3


Application(s): ssl

               Added new API functions to facilitate cipher suite
               handling

Application(s): erts, observer

               More crash dump info such as: process binary virtual
               heap stats, full info for process causing out-of-mem
               during GC, more port related info, and dirty scheduler
               info.


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions





_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions