From ab8fa9c0da53e321da7706c9aba2f549f95df349 Mon Sep 17 00:00:00 2001
From: Marcin Sikora
Date: Sun, 3 May 2020 19:05:40 +0200
Subject: Use user returned path validation error for selfsigned cert; It
allows user to trigger different TLS alerts than Bad Certificate for path
validation erros
---
lib/public_key/src/public_key.erl | 4 ++--
lib/public_key/test/public_key_SUITE.erl | 13 +++++++++++++
2 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/lib/public_key/src/public_key.erl b/lib/public_key/src/public_key.erl
index 996cf9db2c..a47b7148e7 100644
--- a/lib/public_key/src/public_key.erl
+++ b/lib/public_key/src/public_key.erl
@@ -928,8 +928,8 @@ pkix_path_validation(PathErr, [Cert | Chain], Options0) when is_atom(PathErr)->
Options = proplists:delete(verify_fun, Options0),
pkix_path_validation(Otpcert, Chain, [{verify_fun,
{VerifyFun, Userstate}}| Options]);
- {fail, _} ->
- {error, Reason}
+ {fail, UserReason} ->
+ {error, UserReason}
catch
_:_ ->
{error, Reason}
diff --git a/lib/public_key/test/public_key_SUITE.erl b/lib/public_key/test/public_key_SUITE.erl
index 97a1f14de9..1fd1d2fa76 100644
--- a/lib/public_key/test/public_key_SUITE.erl
+++ b/lib/public_key/test/public_key_SUITE.erl
@@ -586,6 +586,19 @@ pkix_path_validation(Config) when is_list(Config) ->
{ok, _} =
public_key:pkix_path_validation(unknown_ca, [Cert1], [{verify_fun,
VerifyFunAndState1}]),
+
+ VerifyFunAndState2 =
+ {fun(_, {bad_cert, selfsigned_peer}, _UserState) ->
+ {fail, custom_reason};
+ (_,{extension, _}, UserState) ->
+ {unknown, UserState};
+ (_, valid, UserState) ->
+ {valid, UserState}
+ end, []},
+
+ {error, custom_reason} =
+ public_key:pkix_path_validation(selfsigned_peer, [Trusted], [{verify_fun,
+ VerifyFunAndState2}]),
ok.
%%--------------------------------------------------------------------
--
cgit v1.2.1
From 76b4fd803461ab53223fac46f021d32f6392c07c Mon Sep 17 00:00:00 2001
From: Sverker Eriksson
Date: Tue, 12 May 2020 18:42:13 +0200
Subject: ets_SUITE: Shorten some test cases
as they tend to time out on slow/single-core machines.
---
lib/stdlib/test/ets_SUITE.erl | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/stdlib/test/ets_SUITE.erl b/lib/stdlib/test/ets_SUITE.erl
index 3b2dde6b9b..76e78725f3 100644
--- a/lib/stdlib/test/ets_SUITE.erl
+++ b/lib/stdlib/test/ets_SUITE.erl
@@ -1278,9 +1278,9 @@ ets_insert_new_with_check(Table, ToInsert) ->
t_insert_list_parallel_do(Opts) ->
[(fun(I) ->
- t_insert_list_parallel_do(Opts, I, 2, 100, 5000),
- t_insert_list_parallel_do(Opts, I, 10, 100, 500),
- t_insert_list_parallel_do(Opts, I, 1000, 100, 50),
+ t_insert_list_parallel_do(Opts, I, 2, 100, 500),
+ t_insert_list_parallel_do(Opts, I, 10, 100, 100),
+ t_insert_list_parallel_do(Opts, I, 1000, 100, 10),
t_insert_list_parallel_do(Opts, I, 50000, 3, 1)
end)(InsertFun) || InsertFun <- [fun ets_insert_with_check/2,
fun ets_insert_new_with_check/2]].
@@ -5118,7 +5118,7 @@ test_delete_table_while_size_snapshot_helper(TableType) ->
Problem -> TopParent ! Problem
end || _ <- Pids]
end,
- 15000),
+ 100*erlang:system_info(schedulers_online)),
receive
Problem -> throw(Problem)
after 0 -> ok
--
cgit v1.2.1
From ba2c374d3d6fcba479bb542eb6ecd5d8216ce84b Mon Sep 17 00:00:00 2001
From: Sverker Eriksson
Date: Wed, 13 May 2020 17:38:58 +0200
Subject: ets_SUITE: Improve etsmem to get consistent memory snapshot
by repeating and comparing last two reads.
---
lib/stdlib/test/ets_SUITE.erl | 108 +++++++++++++++++++++---------------------
1 file changed, 55 insertions(+), 53 deletions(-)
diff --git a/lib/stdlib/test/ets_SUITE.erl b/lib/stdlib/test/ets_SUITE.erl
index 76e78725f3..9e5410c10f 100644
--- a/lib/stdlib/test/ets_SUITE.erl
+++ b/lib/stdlib/test/ets_SUITE.erl
@@ -6853,7 +6853,7 @@ verify_table_load(T) ->
false;
true ->
- io:format("Stats = ~p\n",[Stats]),
+ io:format("Stats = ~p\n~p\n",[Stats, ets:info(T)]),
ok
end
end.
@@ -8134,58 +8134,60 @@ wait_for_memory_deallocations() ->
end.
etsmem() ->
- % The following is done twice to avoid an inconsistent memory
- % "snapshot" (see verify_etsmem/2).
- lists:foldl(
- fun(AttemptNr, PrevEtsMem) ->
- AllTabsExceptions = [logger, code],
- %% The logger table is excluded from the AllTabs list
- %% below because it uses decentralized counters to keep
- %% track of the size and the memory counters. This cause
- %% ets:info(T,size) and ets:info(T,memory) to trigger
- %% allocations and frees that may change the amount of
- %% memory that is allocated for ETS.
- %%
- %% The code table is excluded from the list below
- %% because the amount of memory allocated for it may
- %% change if the tested code loads a new module.
- AllTabs =
- lists:sort(
- [begin
- try ets:info(T, decentralized_counters) of
- true ->
- ct:fail("Background ETS table (~p) that "
- "uses decentralized counters (Add exception?)",
- [ets:info(T,name)]);
- _ -> ok
- catch _:_ ->
- ok
- end,
- {T,
- ets:info(T,name),
- ets:info(T,size),
- ets:info(T,memory),
- ets:info(T,type)}
- end
- || T <- ets:all(),
- not lists:member(ets:info(T, name), AllTabsExceptions)]),
- wait_for_memory_deallocations(),
- EtsAllocSize = erts_debug:alloc_blocks_size(ets_alloc),
- ErlangMemoryEts = try erlang:memory(ets) catch error:notsup -> notsup end,
- FlxCtrMemUsage = try erts_debug:get_internal_state(flxctr_memory_usage) catch error:badarg -> notsup end,
- Mem = {ErlangMemoryEts, EtsAllocSize, FlxCtrMemUsage},
- EtsMem = {Mem, AllTabs},
- case PrevEtsMem of
- first -> ok;
- _ when PrevEtsMem =:= EtsMem -> ok;
- _ ->
- io:format("etsmem(): Change in attempt ~p~n~nbefore:~n~p~n~nafter:~n~p~n~n",
- [AttemptNr, PrevEtsMem, EtsMem])
- end,
- EtsMem
- end,
- first,
- lists:seq(1,2)).
+ etsmem(get_etsmem(), 1).
+
+etsmem(PrevEtsMem, Try) when Try < 10 ->
+ case get_etsmem() of
+ PrevEtsMem ->
+ PrevEtsMem;
+ EtsMem ->
+ io:format("etsmem(): Change in attempt ~p~n~nbefore:~n~p~n~nafter:~n~p~n~n",
+ [Try, PrevEtsMem, EtsMem]),
+ etsmem(EtsMem, Try+1)
+ end;
+etsmem(_, _) ->
+ ct:fail("Failed to get a stable/consistent memory snapshot").
+
+get_etsmem() ->
+ AllTabsExceptions = [logger, code],
+ %% The logger table is excluded from the AllTabs list
+ %% below because it uses decentralized counters to keep
+ %% track of the size and the memory counters. This cause
+ %% ets:info(T,size) and ets:info(T,memory) to trigger
+ %% allocations and frees that may change the amount of
+ %% memory that is allocated for ETS.
+ %%
+ %% The code table is excluded from the list below
+ %% because the amount of memory allocated for it may
+ %% change if the tested code loads a new module.
+ AllTabs =
+ lists:sort(
+ [begin
+ try ets:info(T, decentralized_counters) of
+ true ->
+ ct:fail("Background ETS table (~p) that "
+ "uses decentralized counters (Add exception?)",
+ [ets:info(T,name)]);
+ _ -> ok
+ catch _:_ ->
+ ok
+ end,
+ {T,
+ ets:info(T,name),
+ ets:info(T,size),
+ ets:info(T,memory),
+ ets:info(T,type)}
+ end
+ || T <- ets:all(),
+ not lists:member(ets:info(T, name), AllTabsExceptions)]),
+ wait_for_memory_deallocations(),
+ EtsAllocSize = erts_debug:alloc_blocks_size(ets_alloc),
+ ErlangMemoryEts = try erlang:memory(ets)
+ catch error:notsup -> notsup end,
+ FlxCtrMemUsage = try erts_debug:get_internal_state(flxctr_memory_usage)
+ catch error:badarg -> notsup end,
+ Mem = {ErlangMemoryEts, EtsAllocSize, FlxCtrMemUsage},
+ {Mem, AllTabs}.
verify_etsmem(MI) ->
wait_for_test_procs(),
--
cgit v1.2.1
From 4791320f00f4727e101e5e2623bd8c106997f194 Mon Sep 17 00:00:00 2001
From: Marcin Sikora
Date: Sun, 17 May 2020 20:20:22 +0200
Subject: Add documentation describing changed behavior.
---
lib/public_key/doc/src/public_key.xml | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 0633eeae8f..dc81e6764c 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -448,6 +448,10 @@ fun(OtpCert :: #'OTPCertificate'{},
verifying application-specific extensions. If called with an
extension unknown to the user application, the return value
{unknown, UserState} is to be used.
+
+ Note that user defined custom verify_fun may alter original
+ path validation error (e.g selfsigned_peer). Use with caution.
+
{max_path_length, integer()}
--
cgit v1.2.1
--
cgit v1.2.1
From b756880e6bb3c56c20e7c9ad8325ef2c75628552 Mon Sep 17 00:00:00 2001
From: Marcin Sikora
Date: Tue, 19 May 2020 20:37:02 +0200
Subject: Use warning instead of note.
---
lib/public_key/doc/src/public_key.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index dc81e6764c..9c5aaa9812 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -448,10 +448,10 @@ fun(OtpCert :: #'OTPCertificate'{},
verifying application-specific extensions. If called with an
extension unknown to the user application, the return value
{unknown, UserState} is to be used.
-
- Note that user defined custom verify_fun may alter original
+
+ Note that user defined custom verify_fun may alter original
path validation error (e.g selfsigned_peer). Use with caution.
-
+
{max_path_length, integer()}
--
cgit v1.2.1