[erlang-patches] SSL Next Protocol Negotiation Patch

Ben Murphy <>
Sun Dec 11 19:29:51 CET 2011


I have a branch that implements Next Protocol Negotiation for SSL
(http://technotes.googlecode.com/git/nextprotoneg.html). The protocol
is requirement for SPDY which is an alternative to HTTP that google is
pushing.

git fetch git://github.com/benmmurphy/otp.git ssl_npn
https://github.com/benmmurphy/otp/compare/ssl_npn
https://github.com/benmmurphy/otp/compare/ssl_npn.patch

I ran the SSL tests against 'OpenSSL 0.9.8r 8 Feb 2011' and they all
passed but my npn tests were skipped because that version does not
support npn. When i ran my tests against 'OpenSSL SNAP-20111130' my
npn tests ran fine but another test failed
(erlang_server_openssl_client_no_wrap_sequence_number). If i run
master against that version of OpenSSL that test fails as well. It
appears that OpenSSL client for that version will send the current
session id as the suggested session id and this results in the session
id not changing during renegotiation. Also, some of the openssl NPN
tests will fail if they are run with a version of openssl that
supports NPN and has a broken NPN renegotiation implementation. I
think the 1.0.x series is like this. (change set where it was fixed in
openssl: http://cvs.openssl.org/chngview?cn=21760)


More information about the erlang-patches mailing list