[erlang-questions] ssl failed during the time shaking hands

Jeremy Chow erlanging@REDACTED
Thu Jul 5 05:57:50 CEST 2007


hi list,
  I've tried to do some tests for understanding the communications of
two nodes through the ssl protocol in erlang. I've created a boot
script for this case and two certificates following the otp
reference,one was ssl_server.pem, the other was ssl_client.pem. Then I
used command-line to create two nodes -- x@REDACTED and
y@REDACTED -- as follows:

# erl -boot start_ssl -proto_dist inet_ssl -name x@REDACTED
-ssl_dist_opt client_certfile "ssl_client"   -ssl_dist_opt
server_certfile "ssl_server.pem" -setcookie 123456

# erl -boot start_ssl -proto_dist inet_ssl -name y@REDACTED
-ssl_dist_opt client_certfile "ssl_client.pem"   -ssl_dist_opt
server_certfile "ssl_server.pem" -setcookie 123456

Everything is okay at that time, I 've seen the erlang prompts as
well. But when I tried to ping one node from the other one, it failed
with a message pang.

(y@REDACTED)1> net_adm:ping('x@REDACTED').
pang

By analysing it with shell commands netstat and strace, It appears
that the ssl ping failed during the time shaking hands.  The file
descriptor which was used  to receives data from the other node hasnot
been added
into  the pollfds.

this a fragment  of the strace result:

accept(5, {sa_family=AF_INET, sin_port=htons(13198),
sin_addr=inet_addr("192.168.0.97")}, [16]) = 7
fcntl64(7, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(7, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
write(2, "fuck\n", 5)                   = 5
write(1, "\0\0\0\t", 4)                 = 4
write(1, "\f\0\0\0\5\0\0\0\7", 9)       = 9
poll([{fd=4, events=POLLIN|POLLRDNORM}, {fd=0,
events=POLLIN|POLLRDNORM, revents=POLLIN|POLLRDNORM}], 2, 2000) = 1
time(NULL)                              = 1183526380
read(0, "\0\0\0\6", 4)                  = 4
read(0, "\n\0\0\0\5\0", 6)              = 6
poll([{fd=4, events=POLLIN|POLLRDNORM}, {fd=0,
events=POLLIN|POLLRDNORM}, {fd=5, events=POLLIN|POLLRDNORM}], 3, 2000)
= 0
time(NULL)                              = 1183526382

and below is the result of netstat:

# netstat --tcp -n
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address               Foreign Address
     State
...(omit)
tcp        0      0 192.168.0.98:31719          221.174.21.84:8080
     ESTABLISHED
tcp        0      0 192.168.0.98:31728          221.174.21.84:8080
     ESTABLISHED
tcp      142      0 192.168.0.98:25233          192.168.0.97:13198
     ESTABLISHED
tcp        0      0 ::ffff:192.168.0.98:40272
::ffff:192.168.0.100:3306   ESTABLISHED
tcp        0      0 ::ffff:127.0.0.1:8052       ::ffff:127.0.0.1:59274
     ESTABLISHED
tcp        0    264 ::ffff:192.168.0.98:22
::ffff:192.168.0.217:3103   ESTABLISHED

Apparently,  there are still 142 bytes data stayed at the receive
queue. The receiver terminal program hasnot take any data from that
queue beacuse the right file descriptor has not been added yet.

Who can explain that phenomenon and give me a solution?

Thx,
Jeremy



More information about the erlang-questions mailing list