[erlang-bugs] ssl
Ingela Anderton Andin
Ingela.Anderton.Andin@REDACTED
Tue Apr 15 14:29:07 CEST 2014
Hi!
On 04/14/2014 10:05 PM, Samir Sow wrote:
> Hi,
>
> I’m using ssl-5.3.4
>
> I’ve executed the step presented in the «upgrade example» of the document :
> http://www.erlang.org/doc/apps/ssl/using_ssl.html
>
> except that i used openssl s_client to perform the client connect operation
Well that explains it, as the s_client is not performing an upgrade of
the connection it is connecting with ssl from the start, and when the
client start to send its handshake the server must be ready to receive
it. You can still make your example work by setting {active, false}
already on the listen socket so that the data will be left on the socket
until the server process is is ready to receive it. (Accept socket
inherits listen options and default is among others {active, true} and
{mode, list}. In the upgrade scenario the server would do
inet:setopts(Socket, [{active, false}]) before signaling to the client
that it can now start the ssl handshake and then call ssl:ssl_accept.
The ssl server process will emulate some inet options and internally set
its own values, example socket mode will be set to binary.
Regards Ingela Erlang/OTP Team - Ericsson AB
> Thank you.
>
> Samir
>
> On 14 avr. 2014, at 09:53, Ingela Anderton Andin <Ingela.Anderton.Andin@REDACTED> wrote:
>
>> Hi!
>>
>> Which version of the ssl application are you using? Can you make a more complete example that fails so that I can run it too? We use openssl s_client in our test cases so it seems there is some special circumstances that makes this happen. The problem seems to be that
>> the data from the peer is on list format instead of binary format.
>> The packet option on the socket shall be emulated by ssl so the socket
>> should always be in binary mode, but it seems it is not.
>>
>> Regards Ingela Erlang/OTP team - Ericssson AB
>>
>> On 04/12/2014 09:37 AM, Samir Sow wrote:
>>> Hi,
>>>
>>> Still struggling with ssl.
>>> I decided to check what’s going on at the ssl module level. Did a step by step ssl connection using the erlang ssl doc.
>>> Found an error erlang:size badarg, but could not understand if it’s a problem with the key/cert files or with the data sent by the client.
>>>
>>> The client was openssl s_client.
>>>
>>> Any help welcomed. Thx
>>>
>>> Samir
>>>
>>> {ok, SSLSocket} = ssl:ssl_accept(Socket, [{cacertfile, "priv/cert/cacert.crt"}, {certfile, "priv/cert/server.crt"}, {keyfile, "priv/cert/server.key"}]).
>>> ** exception exit: {{badarg,
>>> [{erlang,size,
>>> [[22,3,1,0,176,1,0,0,172,3,3,83,72,89,48,183,175,
>>> 58,145,197,219|...]],
>>> []},
>>> {tls_record,get_tls_records_aux,2,
>>> [{file,"tls_record.erl"},{line,122}]},
>>> {tls_connection,next_tls_record,2,
>>> [{file,"tls_connection.erl"},{line,484}]},
>>> {tls_connection,handle_info,3,
>>> [{file,"tls_connection.erl"},{line,307}]},
>>> {gen_fsm,handle_msg,7,
>>> [{file,"gen_fsm.erl"},{line,503}]},
>>> {proc_lib,init_p_do_apply,3,
>>> [{file,"proc_lib.erl"},{line,239}]}]},
>>> {gen_fsm,sync_send_all_state_event,
>>> [<0.105.0>,{start,infinity},infinity]}}
>>> in function gen_fsm:sync_send_all_state_event/3 (gen_fsm.erl, line 242)
>>> in call from ssl_connection:sync_send_all_state_event/2 (ssl_connection.erl, line 1649)
>>> in call from ssl_connection:handshake/2 (ssl_connection.erl, line 97)
>>> in call from tls_connection:start_fsm/8 (tls_connection.erl, line 81)
>>> in call from ssl_connection:ssl_accept/7 (ssl_connection.erl, line 84)
>>> _______________________________________________
>>> erlang-bugs mailing list
>>> erlang-bugs@REDACTED
>>> http://erlang.org/mailman/listinfo/erlang-bugs
>>>
>>
>> _______________________________________________
>> erlang-bugs mailing list
>> erlang-bugs@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-bugs
>
More information about the erlang-bugs
mailing list