Patch Package: OTP 22.3 Git Tag: OTP-22.3 Date: 2020-03-16 Trouble Report Id: OTP-15856, OTP-16039, OTP-16059, OTP-16153, OTP-16158, OTP-16212, OTP-16253, OTP-16258, OTP-16306, OTP-16309, OTP-16321, OTP-16322, OTP-16340, OTP-16348, OTP-16350, OTP-16351, OTP-16352, OTP-16353, OTP-16356, OTP-16364, OTP-16377, OTP-16380, OTP-16381, OTP-16384, OTP-16387, OTP-16399, OTP-16404, OTP-16412, OTP-16414, OTP-16417, OTP-16418, OTP-16420, OTP-16425, OTP-16427, OTP-16428, OTP-16435, OTP-16437, OTP-16438, OTP-16439, OTP-16440, OTP-16447, OTP-16449, OTP-16450, OTP-16458, OTP-16468, OTP-16472, OTP-16475, OTP-16476, OTP-16477, OTP-16479, OTP-16481, OTP-16485, OTP-16491, OTP-16493, OTP-16498, OTP-16514, OTP-16515, OTP-16528, OTP-16542, OTP-16548 Seq num: ERIERL-439, ERIERL-452, ERIERL-455, ERIERL-459, ERL-1070, ERL-1099, ERL-1110, ERL-1127, ERL-1135, ERL-1140, ERL-1147, ERL-1151, ERL-1175, ERL-1182, ERL-1191, ERL-795, ERL-814, ERL-991 System: OTP Release: 22 Application: asn1-5.0.10, common_test-1.18.2, compiler-7.5.3, crypto-4.6.5, diameter-2.2.3, erl_interface-3.13.2, erts-10.7, eunit-2.4.1, hipe-3.19.3, kernel-6.5.2, megaco-3.18.8, mnesia-4.16.3, public_key-1.7.2, sasl-3.4.2, snmp-5.5, ssh-4.9, ssl-9.6, stdlib-3.12, tools-3.3.1 Predecessor: OTP 22.2.8 Check out the git tag OTP-22.3, and build a full OTP system including documentation. Apply one or more applications from this build as patches to your installation using the 'otp_patch_apply' tool. For information on install requirements, see descriptions for each application version below. --------------------------------------------------------------------- --- HIGHLIGHTS ------------------------------------------------------ --------------------------------------------------------------------- OTP-15856 Application(s): ssl Implementation of the key and initialization vector update feature, and general hardening of TLS 1.3. There are cryptographic limits on the amount of plaintext which can be safely encrypted under a given set of keys. This change enforces those limits by triggering automatic key updates on TLS 1.3 connections. OTP-16253 Application(s): ssl Add support for TLS 1.3 Session Tickets (stateful and stateless). This allows session resumption using keying material from a previous successful handshake. OTP-16309 Application(s): erts, sasl A socket "registry" has been added making it possible to list current open sockets. OTP-16485 Application(s): ssh The new functions ssh:set_sock_opts/2 and ssh:get_sock_opts/2 sets and reads option values for the underlying TCP stream. --------------------------------------------------------------------- --- asn1-5.0.10 ----------------------------------------------------- --------------------------------------------------------------------- The asn1-5.0.10 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16542 Application(s): asn1 Related Id(s): PR-2159 Fix 'DEFAULT' with 'OCTET STRING' and 'SEQUENCE OF CHOICE' with extensions. Full runtime dependencies of asn1-5.0.10: erts-7.0, kernel-3.0, stdlib-2.0 --------------------------------------------------------------------- --- common_test-1.18.2 ---------------------------------------------- --------------------------------------------------------------------- The common_test-1.18.2 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16039 Application(s): common_test Related Id(s): ERL-795 Document incl_apps cover option OTP-16340 Application(s): common_test The ct_property_test has now a report function for results of stateful testing. OTP-16364 Application(s): common_test Related Id(s): PR-2480 Don't hide error reasons from user Full runtime dependencies of common_test-1.18.2: compiler-6.0, crypto-3.6, debugger-4.1, erts-7.0, ftp-1.0.0, inets-6.0, kernel-4.0, observer-2.1, runtime_tools-1.8.16, sasl-2.4.2, snmp-5.1.2, ssh-4.0, stdlib-3.5, syntax_tools-1.7, tools-2.8, xmerl-1.3.8 --------------------------------------------------------------------- --- compiler-7.5.3 -------------------------------------------------- --------------------------------------------------------------------- The compiler-7.5.3 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16350 Application(s): compiler A 'receive' with an 'after 0' clause would prevent the optimization that can avoid scanning the entire receive queue when matching on a newly created reference. OTP-16418 Application(s): compiler, hipe HiPE can again handle modules with catch and try constructs. OTP-16515 Application(s): compiler Fixed a bug in bit-syntax optimization that could crash the compiler. Full runtime dependencies of compiler-7.5.3: crypto-3.6, erts-9.0, hipe-3.12, kernel-4.0, stdlib-2.5 --------------------------------------------------------------------- --- crypto-4.6.5 ---------------------------------------------------- --------------------------------------------------------------------- The crypto-4.6.5 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16428 Application(s): crypto Related Id(s): PR-2511 Fixed potential memory leaks involving calls to the crypto ng_api. Full runtime dependencies of crypto-4.6.5: erts-9.0, kernel-5.3, stdlib-3.4 --------------------------------------------------------------------- --- diameter-2.2.3 -------------------------------------------------- --------------------------------------------------------------------- The diameter-2.2.3 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16548 Application(s): diameter Related Id(s): ERL-1191 Add the 'first' tuple to type diameter:peer_filter/0. The filter was added in OTP-17.5.6.8 and OTP-18.3, but neither release updated the type specification. Full runtime dependencies of diameter-2.2.3: erts-10.0, kernel-3.2, ssl-9.0, stdlib-2.4 --------------------------------------------------------------------- --- erl_interface-3.13.2 -------------------------------------------- --------------------------------------------------------------------- The erl_interface-3.13.2 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16412 Application(s): erl_interface Related Id(s): PR-2503 Fix link error "multiple definition of `ei_default_socket_callbacks'" for gcc version 10 or when built with gcc option -fno-common. Error exists since OTP-21.3. --------------------------------------------------------------------- --- erts-10.7 ------------------------------------------------------- --------------------------------------------------------------------- Note! The erts-10.7 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- kernel-6.5.1 (first satisfied in OTP 22.2) --- Fixed Bugs and Malfunctions --- OTP-16059 Application(s): erts gen_udp:recv(S, N, 0) corrupted the internal state for the socket so after receive with {active, once} it always returned {error, timeout}, and wasted the received UDP packets. This bug has now been fixed. Reported and pinpointed by Alexander Petrovsky. OTP-16381 Application(s): erts The atom esock_atom_user and esock_atom_kernel was never actually created. This has now been corrected. OTP-16384 Application(s): erts Fixed bug in socket module that could potentially lead to scheduler deadlocks. OTP-16399 Application(s): erts Fix bug causing VM crash if down or stop callback of a NIF resource is called after the NIF module has been purged. The fix will postpone unloading until all such resource objects have been garbage collected. OTP-16404 Application(s): erts Related Id(s): ERL-1127 Fixed bug in ets:update_counter/4, when called with an invalid UpdateOp and a Key that does not exist, causing ets:info(T,size) to return incorrect values. Bug exists since OTP-19.0.2. OTP-16417 Application(s): erts Fix potential heap corrupting bugs when a process calls a BIF that blocks other normal schedulers and then writes to its own heap without the main process lock. A NIF running on a dirty scheduler trying to interact with such a process could corrupt its heap. The fixed BIFs were related to code loading and tracing. OTP-16438 Application(s): erts Fixed bug in erlang:list_to_ref/1 when called with a reference created by a remote note. Function list_to_ref/1 is intended for debugging and not to be used in application programs. Bug exist since OTP 20.0. OTP-16440 Application(s): erts, kernel The prim_net nif (net/kernel) made use of an undefined atom, notsup. This has now been corrected. OTP-16481 Application(s): erts Corrected the valid range of the erl command line argument +SDio from 0..1024 to 1..1024. +SDio 0 was erroneously allowed which just caused the VM to crash on the first dirty I/O job scheduled. OTP-16491 Application(s): erts, kernel Fix a crash when attempting to log faults when loading files during early boot. --- Improvements and New Features --- OTP-16153 Application(s): erts For socket, not all send and receive flags are supported on all platforms. In order to (at least) simplify testing, the socket:supports/0,1,2,3 functions has been extended with send_flags and recv_flags items, which indicates what the current platform can manage. OTP-16212 Application(s): erts Related Id(s): ERL-1070 Add a "full featured" version of getifaddrs in the net module. OTP-16306 Application(s): erts Related Id(s): ERIERL-439 The options busy_limits_port and busy_limits_msgq have been added to the BIF erlang:open_port/2. The busy_limits_port option can be used for controlling the busy state of a port executing the spawn_driver or the fd_driver. The busy_limits_msgq option can be used for controlling the busy state of the port message queue. OTP-16309 Application(s): erts, sasl *** HIGHLIGHT *** A socket "registry" has been added making it possible to list current open sockets. OTP-16387 Application(s): erts The counters managed by the socket nif has been extended. Their "size" has been increased from 32 bit to 64. Two max package size (for read and write) has been added. And four accept counters has been added. OTP-16420 Application(s): erts Related Id(s): PR-2513 Add gcc option -fno-common to detect accidental name clashes of global variables. OTP-16427 Application(s): erts New dynamic lock checker that verifies locking orders and detects potential deadlock bugs in drivers and NIFs. Enabled together with the old static lock checker (for ERTS internal locks) in emulator started with -emu_type debug or built with configuration option --enable-lock-checking. Full runtime dependencies of erts-10.7: kernel-6.5.1, sasl-3.3, stdlib-3.5 --------------------------------------------------------------------- --- eunit-2.4.1 ----------------------------------------------------- --------------------------------------------------------------------- The eunit-2.4.1 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16380 Application(s): eunit Related Id(s): ERL-991, PR-2316, PR-2487 Backport of PR-2316: Strip control codes from eunit_surefire output to avoid generation of invalid xml Full runtime dependencies of eunit-2.4.1: erts-9.0, kernel-5.3, stdlib-3.4 --------------------------------------------------------------------- --- hipe-3.19.3 ----------------------------------------------------- --------------------------------------------------------------------- The hipe-3.19.3 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16418 Application(s): compiler, hipe HiPE can again handle modules with catch and try constructs. OTP-16475 Application(s): hipe Related Id(s): ERL-1175 When the return value for try/catch was ignored, the native code compiler could crash. Full runtime dependencies of hipe-3.19.3: compiler-5.0, erts-9.3, kernel-5.3, stdlib-3.4, syntax_tools-1.6.14 --------------------------------------------------------------------- --- kernel-6.5.2 ---------------------------------------------------- --------------------------------------------------------------------- Note! The kernel-6.5.2 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- erts-10.6 (first satisfied in OTP 22.2) --- Fixed Bugs and Malfunctions --- OTP-16414 Application(s): kernel Related Id(s): ERIERL-452 The DNS resolver `inet_res` has been fixed to return the last intermediate error when subsequent requests times out. OTP-16440 Application(s): erts, kernel The prim_net nif (net/kernel) made use of an undefined atom, notsup. This has now been corrected. OTP-16491 Application(s): erts, kernel Fix a crash when attempting to log faults when loading files during early boot. OTP-16493 Application(s): kernel Related Id(s): ERIERL-459 Fix crash in logger when logging to a remote node during boot. --- Improvements and New Features --- OTP-16458 Application(s): kernel Related Id(s): PR-2525 Improved net_kernel debug functionality. Full runtime dependencies of kernel-6.5.2: erts-10.6, sasl-3.0, stdlib-3.5 --------------------------------------------------------------------- --- megaco-3.18.8 --------------------------------------------------- --------------------------------------------------------------------- The megaco-3.18.8 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16449 Application(s): megaco The documented function megaco:get_sdp_record_from_PropertGroup/2 was a wrapper for megaco_sdp:get_sdp_record_from_PropertGroup/2 but did not actually exist. This has now been fixed. --- Improvements and New Features --- OTP-16158 Application(s): megaco Test suite completely reworked. Add (timestamp) utility functions for debugging and testing. Full runtime dependencies of megaco-3.18.8: asn1-3.0, debugger-4.0, erts-7.0, et-1.5, kernel-3.0, runtime_tools-1.8.14, stdlib-2.5 --------------------------------------------------------------------- --- mnesia-4.16.3 --------------------------------------------------- --------------------------------------------------------------------- The mnesia-4.16.3 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16468 Application(s): mnesia Related Id(s): ERL-1151 Fixed a timing issue in uninstall fallback functionality. Full runtime dependencies of mnesia-4.16.3: erts-9.0, kernel-5.3, stdlib-3.4 --------------------------------------------------------------------- --- public_key-1.7.2 ------------------------------------------------ --------------------------------------------------------------------- The public_key-1.7.2 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16528 Application(s): public_key, ssl Add support for key exchange with Edward curves and PSS-RSA padding in signature verification. Full runtime dependencies of public_key-1.7.2: asn1-3.0, crypto-3.8, erts-6.0, kernel-3.0, stdlib-3.5 --------------------------------------------------------------------- --- sasl-3.4.2 ------------------------------------------------------ --------------------------------------------------------------------- The sasl-3.4.2 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16309 Application(s): erts, sasl *** HIGHLIGHT *** A socket "registry" has been added making it possible to list current open sockets. Full runtime dependencies of sasl-3.4.2: erts-10.2, kernel-5.3, stdlib-3.4, tools-2.6.14 --------------------------------------------------------------------- --- snmp-5.5 -------------------------------------------------------- --------------------------------------------------------------------- The snmp-5.5 application can be applied independently of other applications on a full OTP 22 installation. --- Improvements and New Features --- OTP-16447 Application(s): snmp Related Id(s): ERIERL-455, OTP-16382 A simple supervision of the snmp manager net-if process has been added. Also, a way to forcibly restart the net-if process has been added. This could be useful if the net-if process hangs for some reason. OTP-16450 Application(s): snmp Misc documentation corrections Full runtime dependencies of snmp-5.5: crypto-3.3, erts-6.0, kernel-3.0, mnesia-4.12, runtime_tools-1.8.14, stdlib-2.5 --------------------------------------------------------------------- --- ssh-4.9 --------------------------------------------------------- --------------------------------------------------------------------- Note! The ssh-4.9 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- crypto-4.6.4 (first satisfied in OTP 22.2.2) --- Fixed Bugs and Malfunctions --- OTP-16377 Application(s): ssh Unicode problems for ssh_sftp:write fixed. --- Improvements and New Features --- OTP-16353 Application(s): ssh Changes to the internal api of the experimental ssh_dbg tool. OTP-16485 Application(s): ssh *** HIGHLIGHT *** The new functions ssh:set_sock_opts/2 and ssh:get_sock_opts/2 sets and reads option values for the underlying TCP stream. Full runtime dependencies of ssh-4.9: crypto-4.6.4, erts-9.0, kernel-5.3, public_key-1.6.1, stdlib-3.4.1 --------------------------------------------------------------------- --- ssl-9.6 --------------------------------------------------------- --------------------------------------------------------------------- Note! The ssl-9.6 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- public_key-1.7.2 (first satisfied in OTP 22.3) --- Fixed Bugs and Malfunctions --- OTP-16258 Application(s): ssl Correct handling of TLS record limit in TLS-1.3. The max value differs from previous versions. Also the payload data max record check was broken, that is record overflow problems could occur if user sent large amounts of data. OTP-16348 Application(s): ssl Related Id(s): ERL-1110 Correct close handling for DTLS OTP-16352 Application(s): ssl Related Id(s): ERL-1099 Fix ssl:getstat/1-2 to also work for DTLS sockets OTP-16425 Application(s): ssl Correct internal handling och socket active mode to avoid reviving TCP data aimed for a downgraded TLS socket. OTP-16437 Application(s): ssl Related Id(s): ERL-1135 When using the host name as fallback for SNI (server name indication) strip a possible trailing dot that is allowed in a host name but not in the SNI. Also if the server receives a SNI with a trailing dot send an UNRECOGNIZED_NAME alert. OTP-16479 Application(s): ssl Immediately remove session entries if handshake is abruptly closed at transport level. --- Improvements and New Features --- OTP-15856 Application(s): ssl *** HIGHLIGHT *** Implementation of the key and initialization vector update feature, and general hardening of TLS 1.3. There are cryptographic limits on the amount of plaintext which can be safely encrypted under a given set of keys. This change enforces those limits by triggering automatic key updates on TLS 1.3 connections. OTP-16253 Application(s): ssl *** HIGHLIGHT *** Add support for TLS 1.3 Session Tickets (stateful and stateless). This allows session resumption using keying material from a previous successful handshake. OTP-16528 Application(s): public_key, ssl Add support for key exchange with Edward curves and PSS-RSA padding in signature verification. Full runtime dependencies of ssl-9.6: crypto-4.2, erts-10.0, inets-5.10.7, kernel-6.0, public_key-1.7.2, stdlib-3.5 --------------------------------------------------------------------- --- stdlib-3.12 ----------------------------------------------------- --------------------------------------------------------------------- Note! The stdlib-3.12 application *cannot* be applied independently of other applications on an arbitrary OTP 22 installation. On a full OTP 22 installation, also the following runtime dependency has to be satisfied: -- erts-10.6.2 (first satisfied in OTP 22.2.2) --- Fixed Bugs and Malfunctions --- OTP-16322 Application(s): stdlib Fix type specification for uri_string:normalize/2 that may also return error(). OTP-16351 Application(s): stdlib Improve error handling in uri_string:normalize/2. This change fixes a crash when the input URI has faulty percent-encoding. OTP-16435 Application(s): stdlib Fix minor bugs in the Erlang pretty printer (erl_pp). OTP-16439 Application(s): stdlib Fix the Erlang parser regarding consecutive unary operators. OTP-16514 Application(s): stdlib Related Id(s): ERL-1182 Let calendar:rfc3339_to_system_time() crash when the time offset is missing. --- Improvements and New Features --- OTP-16321 Application(s): stdlib Implement uri_string:resolve/{2,3} that can be used to resolve a URI reference against a base URI. OTP-16477 Application(s): stdlib Related Id(s): PR-2531 In gen_statem it is now possible to change the callback module for a running server. See gen_statem's documentation for change_callback_module, push_callback_module, and pop_callback_module. Full runtime dependencies of stdlib-3.12: compiler-5.0, crypto-3.3, erts-10.6.2, kernel-6.0, sasl-3.0 --------------------------------------------------------------------- --- tools-3.3.1 ----------------------------------------------------- --------------------------------------------------------------------- The tools-3.3.1 application can be applied independently of other applications on a full OTP 22 installation. --- Fixed Bugs and Malfunctions --- OTP-16356 Application(s): tools An Emacs warning due to lacking type in defcustom declaration has been fixed. OTP-16472 Application(s): tools Related Id(s): ERL-1140 Improve emacs indentation. OTP-16476 Application(s): tools Related Id(s): ERL-1147 The cover tool could generate instrumented code for a module that would cause warnings to be issued. OTP-16498 Application(s): tools Related Id(s): ERL-814 Fixed generated fprof analysis format to also handle data in maps. Full runtime dependencies of tools-3.3.1: compiler-5.0, erts-9.1, kernel-5.4, runtime_tools-1.8.14, stdlib-3.4 --------------------------------------------------------------------- --------------------------------------------------------------------- ---------------------------------------------------------------------