[erlang-bugs] SSL sslv3 not working as expected?

Anthony Ramine <>
Thu Feb 13 12:41:49 CET 2014


Shouldn’t the function be rewritten to be more explicit about the fact that it is just a check? That code is quite hard to follow.

-- 
Anthony Ramine

Le 13 févr. 2014 à 12:40, Ingela Anderton Andin <> a écrit :

> Hi!
> 
> It is because it is suppose to be a check that the input is correct. We want to here return the value that the user inputed, if no value is inputed the empty list should be returned. The call produces the list of the highest supported TLS versions ciphers so it can make a newer chipher suite be picked later although it should not be supported in the negotiated version.
> 
> Regards Ingela
> 
> 
> On 02/13/2014 12:32 PM, Anthony Ramine wrote:
>> Hello Ingela,
>> 
>> Out of curiosity, given that this clause is called from
>> 
>> 629: 		    ciphers    = handle_option(ciphers, Opts, []),
>> 
>> where the default list of ciphers is empty, and given this clause
>> 
>> 939: cipher_suites(Version, []) ->
>> 940:     ssl_cipher:suites(Version);
>> 
>> which calls ssl_cipher:suites/1
>> 
>> suites({3, 0}) ->
>>     ssl_v3:suites();
>> 
>> why would the ciphers list not be the empty list as in this patch? Or does your patch mean that ssl_v3 is actually really called, but that its return value should be ignored and the empty list be used instead?
>> 
>> Given that ssl:cipher_suites/2 is only called from there, why does it even return something if the return value isn’t used?
>> 
> 



More information about the erlang-bugs mailing list