[erlang-bugs] R16B03-1: ssl application crashes when a server emits an unrecognized_name(112) alert

Masatake Daimon daimon@REDACTED
Mon Mar 17 04:08:53 CET 2014 

Hello,

I found the ssl application in R16B03-1 crashes when a server emits an
unrecognized_name(112) alert. If the alert is fatal,
ssl_alert:description_txt/1 crashes. And if it's a warning,
tls_connection:handle_alert/3 crashes:

> % erl
> Erlang R16B03-1 (erts-5.10.4) [source] [64-bit] [smp:2:2] [async-threads:10] [hipe] [kernel-poll:false]
>
> Eshell V5.10.4  (abort with ^G)
> 1> inets:start(). ssl:start(). inets:start(httpc, [{profile, test}]).
> ok
> 2> ssl:start(). inets:start(httpc, [{profile, test}]).
> ok
> 3> inets:start(httpc, [{profile, test}]).
> {ok,<0.61.0>}
> 4> httpc:request("https://localhost/", test).
>
> =ERROR REPORT==== 14-Mar-2014::18:23:56 ===
> ** State machine <0.67.0> terminating
> ** Last message in was {tcp,#Port<0.2726>,
>                             <<21,3,3,0,2,1,112,22,3,3,0,53,2,0,0,49,3,3,83,34,
> ...
> ** Reason for termination =
> ** {function_clause,
>        [{tls_connection,handle_alert,
>             [{alert,1,112,{"tls_connection.erl",375}},
>              hello,
>              {state,client,
>                  {#Ref<0.0.0.69>,<0.63.0>},
>                  gen_tcp,tls_connection,tcp,tcp_closed,tcp_error,"localhost",
>                  443,#Port<0.2726>,
>                  {ssl_options,undefined,
> ...

The alert in question is unrecognized_name(112) at warning(1)
level. RFC 6066 [*1] is indeed saying that a server is NOT RECOMMENDED
to send a warning-level unrecognized_name(112) alert, because the
client's behavior in response to warning-level alerts is
unpredictable. But tls_connection:handle_alert/3 should not crash
nonetheless.

Should SNI be enabled by default? Maybe. Then what should happen if a
server emits unrecognized_name? I think the following scheme is the
most appropriate:

   1. If the alert is fatal, the connection must be immediately closed
      according to RFC 5246 [*2]. And this is the current behavior of
      tls_connection:handle_alert/3 (while ssl_alert:description_txt/1
      crashes with function_clause due to an unmatched pattern).

   2. If it is a warning, we should only log it
      (tls_connection:log_alert/3) and proceed the handshake. In this
      case the requested host name and the server certification will be
      likely to disagree so the connection will be aborted if {verify,
      verify_peer} is given.


*1: http://tools.ietf.org/html/rfc6066#section-3
*2: http://tools.ietf.org/html/rfc5246#section-7.2.2


Thanks,
-- 
大門 正岳 <daimon@REDACTED>

More information about the erlang-bugs mailing list