[erlang-bugs] possible bug in ssl and/or public_key module (R13 and R14)

Ingela Anderton Andin ingela@REDACTED
Mon Sep 20 15:47:28 CEST 2010


Hi!
[...]
>
>
>           {proc_lib,init_p_do_apply,3}]
>
>         Is this a bug? The ssl man page mentions the file is in the
>         PEM format.
>         The file contents can be looked at:
>          http://friendpaste.com/4lQn7yihrUa4fE2Vs4u7JS
>
>     I have not verified this yet, but I think this looks like a bug in
>     public_key that I have been working on solving that has to do with
>     that
>     certs may inherit  DSS-Params from their issuer.
>
>
>
> The weird thing is that I can use this certificates file with the old 
> ssl implementation (default on R13 and R12 releases) on R13B03 and 
> R13B04 at least.
> So I definitely consider this a regression :(

Well the thing is that the old ssl-implementation only is an erlang-glue 
that leaves the most things up to the underlaying openssl 
implementation, but the new ssl
only uses openssl crypto library and takes care the ssl protocol 
fsm-machinery and  certificate  handling on its own. This makes many 
things much easier to implement
and removes the bottleneck enforced by the glue, and also lessens the 
required resource allocation. Of course this may cause new bugs 
occasionally and we fix them
as fast as we can. 

If you want to try out the latest changes to fix the DSS-Params bug you 
can get the branch ia/ssl-asn1-spec-dss-params at my github account 
git@REDACTED:IngelaAndin/otp.git

Regards Ingela Erlang/OTP team - Ericsson AB




More information about the erlang-bugs mailing list