Fix verification of ssl client when fail_if_no_peer_cert

Rory Byrne rory@REDACTED
Mon Apr 5 19:18:50 CEST 2010


Hello,

This bug only comes to light after a previous bug involving the
'fail_if_no_peer_cert' ssl option is fixed. I've included this patch
in the same branch as the other fix:

   git fetch git://github.com/jinsky/otp.git ssl_opts_fix

The commit message is:

    Fix verification of ssl client when fail_if_no_peer_cert
    
    The SSL handshake fails when an ssl server is configured with the
    'fail_if_no_peer_cert' option and a valid client sends its certificate
    as instructed. On the server-side ssl:ssl_accept/2 will return
    {error,esslerrssl}, and it will send an "Unexpected Message" SSL Alert
    (type 10) to the client.

Thanks,

Rory



More information about the erlang-patches mailing list