[erlang-bugs] crash in ssl_session:valid_session/2

Ingela Anderton Andin <>
Tue Feb 28 09:12:24 CET 2012


Hi!

This is a known bug that was fixed in ssl-5.0  (R15B)


      1.1  SSL 5.0


        Fixed Bugs and Malfunctions

Invalidation handling of sessions could cause the time_stamp field in 
the session record to be set to undefined crashing the session clean up 
process. This did not affect the connections but would result in that 
the session table would grow.

[...]

Regards Ingela Erlang/OTP team - Ericsson AB

Stefan Grundmann wrote:
> environment: R14B04
>
> description:
>
> the ssl session cache validation process (spawned every minute by the
> ssl_manager process) will crash and log:
>
> Error in process <0.1107.0> on node '' with exit value:
> {badarith,[{ssl_session,valid_session,2},{ssl_manager,validate_session,3},{ssl_manager,session_validation,2},{lists,foldl,3},{ets,do_foldl,4},{ets,foldl,3}]}
>
> if #session.time_stamp is 'undefined' for an entry in the
> ssl_otp_session_cache table.
>
> such entries will exist (shortly) in the ssl_opt_session_cache table if
> a handshake failed with 
>
>  SSL: certify: ./ssl_connection.erl:1646:Fatal error: bad certificate
> or
>  SSL: certify: ./ssl_connection.erl:1646:Fatal error: unknown ca
> and possibly others.
>
>
>
> best regards
>
> Stefan Grundmann 
>
>
>
>
>
>  
>
>  
>
>
> _______________________________________________
> erlang-bugs mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-bugs
>
>   



More information about the erlang-bugs mailing list