[erlang-questions] Errors in SSL handshake (weird client)

Ingela Andin ingela.andin@REDACTED
Tue Apr 15 14:52:51 CEST 2014


Hello again!


> sometimes badarg in erlang:size([22,3,1,0,158,1,0,0,154,3,1,83,74|...])
> at tls_record.erl:122.
>

Same symptom was recently reported on erlang-bugs and it turned out to be
due to upgrading a gen_tcp socket in active mode. When upgrading a gen_tcp
socket to an ssl socket it must be put in passive mode ({active, false})
before the client
is allowed to start the handshake.  Normaly if the upgrade is negotiated
this is not a problem for the server to set the option
before signaling to the client to go ahead with  the handshake. If the
upgrade is only performed on the server side instead of calling the ssl API
( some people may do that due to the previously lack of possibility to
specify ssl options when calling ssl:ssl_accept with an "sslsocket", this
is no longer the case in 17.0) the listen socket needs to be put in passive
mode (listen options are inherited by the acceptsocket) to make sure that
the it will work, otherwhise it will work sometimes and sometime result in
the error above.

Regards Ingela Erlang/OTP team - Ericsson AB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140415/0d8f2d98/attachment.htm>


More information about the erlang-questions mailing list