[erlang-bugs] SSL sslv3 not working as expected?

Ingela Anderton Andin <>
Thu Feb 13 12:40:12 CET 2014


It is because it is suppose to be a check that the input is correct. We 
want to here return the value that the user inputed, if no value is 
inputed the empty list should be returned. The call produces the list of 
the highest supported TLS versions ciphers so it can make a newer 
chipher suite be picked later although it should not be supported in the 
negotiated version.

Regards Ingela

On 02/13/2014 12:32 PM, Anthony Ramine wrote:
> Hello Ingela,
> Out of curiosity, given that this clause is called from
> 629: 		    ciphers    = handle_option(ciphers, Opts, []),
> where the default list of ciphers is empty, and given this clause
> 939: cipher_suites(Version, []) ->
> 940:     ssl_cipher:suites(Version);
> which calls ssl_cipher:suites/1
> suites({3, 0}) ->
>      ssl_v3:suites();
> why would the ciphers list not be the empty list as in this patch? Or does your patch mean that ssl_v3 is actually really called, but that its return value should be ignored and the empty list be used instead?
> Given that ssl:cipher_suites/2 is only called from there, why does it even return something if the return value isn’t used?

More information about the erlang-bugs mailing list