[erlang-questions] ssl client issue

Garrett Smith <>
Thu Nov 27 13:54:27 CET 2014


I've seen this as well and I believe I got things working by
installing wget. Maybe this is wrong though.

On Thu, Nov 27, 2014 at 2:49 PM, Loïc Hoguin <> wrote:
> If you are using 17.3 you need to update to 17.3.2 or above. 17.3 shipped
> with a broken SSL client and the OTP team didn't deem worthwhile to issue an
> official patch.
>
> On 11/27/2014 02:38 PM, Bogdan Andu wrote:
>>
>> Hi,
>>
>> I am trying to connet to a site using https protocol and I get error:
>> $ erl -noshell -s inets -s ssl   -eval 'ok= httpc:request(get,
>> {"https://github.com/rebar/rebar/wiki/rebar", []}, [], [{stream,
>> "./rebar"}])'   -s init stop
>>
>>
>> {"init terminating in
>> do_boot",{{badmatch,{error,{failed_connect,[{to_address,{"github.com
>> <http://github.com>",443}},{inet,[inet],{eoptions,{{{badmatch,<<0
>>
>> bytes>>},[{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1737}]},{ssl_handshake,decode_handshake,3,[{file,"ssl_handshake.erl"},{line,926}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handshake.erl"},{line,155}]},{tls_connection,next_state,4,[{file,"tls_connection.erl"},{line,433}]},{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,503}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]},{gen_fsm,sync_send_all_state_event,[<0.54.0>,{start,infinity},infinity]}}}}]}}},[{erl_eval,expr,3,[]}]}}
>>
>> I fed the ssl versions options to ssl option in httpc:
>>
>> $ erl -noshell -s inets -s ssl -ssl protocol_versions '[tlsv1]'   -eval
>> 'ok= httpc:request(get, {"https://github.com/rebar/rebar/wiki/rebar",
>> []}, [{ssl, [ {versions, [tlsv1]} ]}], [{stream, "./rebar"}])'   -s init
>> stop
>>
>> and  I get the same error.
>>
>> githum.com <http://githum.com> does not serves sslv3 connections
>> anymore, but google.com <http://google.com> does and I get the same
>>
>> error (more detailed) :
>>
>> =ERROR REPORT==== 27-Nov-2014::14:36:42 ===
>> ** State machine <0.54.0> terminating
>> ** Last message in was {tcp,#Port<0.1310>,
>>
>> <<22,3,1,0,93,2,0,0,89,3,1,84,119,26,218,49,140,
>>
>> 143,214,55,227,58,228,149,69,14,208,108,222,237,
>>
>> 222,62,130,116,69,128,135,31,62,197,66,236,180,
>>
>> 32,177,252,205,17,16,73,136,136,192,180,178,231,
>>
>> 184,31,16,165,117,167,10,94,112,148,137,123,19,
>>
>> 218,177,209,242,30,105,160,192,7,0,0,17,0,0,0,0,
>>
>> 255,1,0,1,0,0,11,0,4,3,0,1,2,22,3,1,14,78,11,0,
>>
>> 14,74,0,14,71,0,6,201,48,130,6,197,48,130,5,173,
>>
>> 160,3,2,1,2,2,8,37,174,101,117,232,1,104,64,48,
>>
>> 13,6,9,42,134,72,134,247,13,1,1,5,5,0,48,73,49,
>>
>> 11,48,9,6,3,85,4,6,19,2,85,83,49,19,48,17,6,3,
>>
>> 85,4,10,19,10,71,111,111,103,108,101,32,73,110,
>>
>> 99,49,37,48,35,6,3,85,4,3,19,28,71,111,111,103,
>>
>> 108,101,32,73,110,116,101,114,110,101,116,32,65,
>>
>> 117,116,104,111,114,105,116,121,32,71,50,48,30,
>>
>> 23,13,49,52,49,49,50,48,48,57,50,57,49,52,90,23,
>>
>> 13,49,53,48,50,49,56,48,48,48,48,48,48,90,48,
>>
>> 102,49,11,48,9,6,3,85,4,6,19,2,85,83,49,19,48,
>>
>> 17,6,3,85,4,8,12,10,67,97,108,105,102,111,114,
>>
>> 110,105,97,49,22,48,20,6,3,85,4,7,12,13,77,111,
>>
>> 117,110,116,97,105,110,32,86,105,101,119,49,19,
>>
>> 48,17,6,3,85,4,10,12,10,71,111,111,103,108,101,
>>
>> 32,73,110,99,49,21,48,19,6,3,85,4,3,12,12,42,46,
>>
>> 103,111,111,103,108,101,46,99,111,109,48,89,48,
>>
>> 19,6,7,42,134,72,206,61,2,1,6,8,42,134,72,206,
>>
>> 61,3,1,7,3,66,0,4,239,17,2,30,58,209,122,37,213,
>>
>> 224,230,99,232,174,177,189,137,205,210,61,217,
>>
>> 56,170,25,54,178,25,237,226,204,35,216,210,186,
>>
>> 50,69,44,117,245,182,108,110,144,22,136,1,44,
>>
>> 223,216,101,244,211,3,91,5,143,64,182,1,108,149,
>>
>> 202,14,212,163,130,4,93,48,130,4,89,48,29,6,3,
>>
>> 85,29,37,4,22,48,20,6,8,43,6,1,5,5,7,3,1,6,8,43,
>>
>> 6,1,5,5,7,3,2,48,130,3,38,6,3,85,29,17,4,130,3,
>>
>> 29,48,130,3,25,130,12,42,46,103,111,111,103,108,
>>
>> 101,46,99,111,109,130,13,42,46,97,110,100,114,
>>
>> 111,105,100,46,99,111,109,130,22,42,46,97,112,
>>
>> 112,101,110,103,105,110,101,46,103,111,111,103,
>>
>> 108,101,46,99,111,109,130,18,42,46,99,108,111,
>>
>> 117,100,46,103,111,111,103,108,101,46,99,111,
>>
>> 109,130,22,42,46,103,111,111,103,108,101,45,97,
>>
>> 110,97,108,121,116,105,99,115,46,99,111,109,130,
>>
>> 11,42,46,103,111,111,103,108,101,46,99,97,130,
>>
>> 11,42,46,103,111,111,103,108,101,46,99,108,130,
>>
>> 14,42,46,103,111,111,103,108,101,46,99,111,46,
>>
>> 105,110,130,14,42,46,103,111,111,103,108,101,46,
>>
>> 99,111,46,106,112,130,14,42,46,103,111,111,103,
>>
>> 108,101,46,99,111,46,117,107,130,15,42,46,103,
>>
>> 111,111,103,108,101,46,99,111,109,46,97,114,130,
>>
>> 15,42,46,103,111,111,103,108,101,46,99,111,109,
>>
>> 46,97,117,130,15,42,46,103,111,111,103,108,101,
>>
>> 46,99,111,109,46,98,114,130,15,42,46,103,111,
>>
>> 111,103,108,101,46,99,111,109,46,99,111,130,15,
>>
>> 42,46,103,111,111,103,108,101,46,99,111,109,46,
>>
>> 109,120,130,15,42,46,103,111,111,103,108,101,46,
>>
>> 99,111,109,46,116,114,130,15,42,46,103,111,111,
>>
>> 103,108,101,46,99,111,109,46,118,110,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,100,101,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,101,115,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,102,114,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,104,117,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,105,116,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,110,108,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,112,108,130,11,42,
>>
>> 46,103,111,111,103,108,101,46,112,116,130,18,42,
>>
>> 46,103,111,111,103,108,101,97,100,97,112,105,
>>
>> 115,46,99,111,109,130,15,42,46,103,111,111,103,
>>
>> 108,101,97,112,105,115,46,99,110,130,20,42,46,
>>
>> 103,111,111,103,108,101,99,111,109,109,101,114,
>>
>> 99,101,46,99,111,109,130,17,42,46,103,111,111,
>>
>> 103,108,101,118,105,100,101,111,46,99,111,109,
>>
>> 130,12,42,46,103,115,116,97,116,105,99,46,99,
>>
>> 110,130,13,42,46,103,115,116,97,116,105,99,46,
>>
>> 99,111,109,130,10,42,46,103,118,116,49,46,99,
>>
>> 111,109,130,10,42,46,103,118,116,50,46,99,111,
>>
>> 109,130,20,42,46,109,101,116,114,105,99,46,103,
>>
>> 115,116,97,116,105,99,46,99,111,109,130,12,42,
>>
>> 46,117,114,99,104,105,110,46,99,111,109,130,16,
>>
>> 42,46,117,114,108,46,103,111,111,103,108,101,46,
>>
>> 99,111,109,130,22,42,46,121,111,117,116,117,98,
>>
>> 101,45,110,111,99,111,111,107,105,101,46,99,111,
>>
>> 109,130,13,42,46,121,111,117,116,117,98,101,46,
>>
>> 99,111,109,130,22,42,46,121,111,117,116,117,98,
>>
>> 101,101,100,117,99,97,116,105,111,110,46,99,111,
>>
>> 109,130,11,42,46,121,116,105,109,103,46,99,111,
>>
>> 109,130,11,97,110,100,114,111,105,100,46,99,111,
>>
>> 109,130,4,103,46,99,111,130,6,103,111,111,46,
>>
>> 103,108,130,20,103,111,111,103,108,101,45,97,
>>
>> 110,97,108,121,116,105,99,115,46,99,111,109,130,
>>
>> 10,103,111,111,103,108,101,46,99,111,109,130,18,
>>
>> 103,111,111,103,108,101,99,111,109,109,101,114,
>>
>> 99,101,46,99,111,109,130,10,117,114,99,104,105,
>>
>> 110,46,99,111,109,130,8,121,111,117,116,117,46,
>>
>> 98,101,130,11,121,111,117,116,117,98,101,46,99,
>>
>> 111,109,130,20,121,111,117,116,117,98,101,101,
>>
>> 100,117,99,97,116,105,111,110,46,99,111,109,48,
>>
>> 11,6,3,85,29,15,4,4,3,2,7,128,48,104,6,8,43,6,1,
>>
>> 5,5,7,1,1,4,92,48,90,48,43,6,8,43,6,1,5,5,7,48,
>>
>> 2,134,31,104,116,116,112,58,47,47,112,107,105,
>>
>> 46,103,111,111,103,108,101,46,99,111,109,47,71,
>>
>> 73,65,71,50,46,99,114,116,48,43,6,8,43,6,1,5,5,
>>
>> 7,48,1,134,31,104,116,116,112,58,47,47,99,108,
>>
>> 105,101,110,116,115,49,46,103,111,111,103,108,
>>
>> 101,46,99,111,109,47,111,99,115,112,48,29,6,3,
>>
>> 85,29,14,4,22,4,20,94,50,174,238,148,244,84,157,
>>
>> 175,208,233,225,119,147,54,144,110,147,101,106,
>>                                48,12,6,3,85,29,19,1>>}
>> ** When State == hello
>> **      Data  == [{data,
>>                        [{"StateData",
>>                          {state,client,
>>                              {#Ref<0.0.0.55>,<0.50.0>},
>>
>> gen_tcp,tls_connection,tcp,tcp_closed,tcp_error,
>>                              "google.com
>> <http://google.com>",443,#Port<0.1310>,
>>
>>                              {ssl_options,tls,
>>                                  [{3,1}],
>>                                  verify_none,
>>                                  {#Fun<ssl.7.50551058>,[]},
>>
>> #Fun<ssl.8.50551058>,false,false,undefined,1,
>>
>> <<>>,"***",<<>>,"***","***","***",<<>>,"***",
>>                                  undefined,undefined,"***","***",
>>                                  [<<"�\n">>,
>>                                   <<192,20>>,
>>                                   <<0,57>>,
>>                                   <<0,56>>,
>>                                   <<192,5>>,
>>                                   <<192,15>>,
>>                                   <<0,53>>,
>>                                   <<"�\b">>,
>>                                   <<192,18>>,
>>                                   <<0,22>>,
>>                                   <<0,19>>,
>>                                   <<192,3>>,
>>                                   <<"�\r">>,
>>                                   <<0,10>>,
>>                                   <<"�\t">>,
>>                                   <<192,19>>,
>>                                   <<0,51>>,
>>                                   <<0,50>>,
>>                                   <<192,4>>,
>>                                   <<192,14>>,
>>                                   <<0,47>>,
>>                                   <<192,7>>,
>>                                   <<192,17>>,
>>                                   <<0,5>>,
>>                                   <<0,4>>,
>>                                   <<0,21>>,
>>                                   <<192,2>>,
>>                                   <<"�\f">>,
>>                                   <<0,9>>],
>>
>> #Fun<ssl.1.50551058>,true,268435456,false,
>>                                  undefined,false,undefined,undefined,true,
>>                                  undefined,false},
>>                              {socket_options,binary,0,0,0,false},
>>                              "***","***","***",12306,"***",24597,
>>                              ssl_session_cache,
>>                              {3,1},
>>                              false,undefined,
>>                              {undefined,undefined},
>>
>> undefined,undefined,"***","***","***",undefined,
>>
>> "***","***","***",16403,#Ref<0.0.0.57>,undefined,
>>                              "***",
>>                              {false,first},
>>                              {<0.50.0>,#Ref<0.0.0.54>},
>>                              undefined,
>>                              {[],[]},
>>                              false,true,false,false,undefined,undefined,
>>                              undefined}}]}]
>> ** Reason for termination =
>> ** {{badmatch,<<>>},
>>      [{ssl_handshake,dec_hello_extensions,2,
>>                      [{file,"ssl_handshake.erl"},{line,1737}]},
>>       {ssl_handshake,decode_handshake,3,
>>                      [{file,"ssl_handshake.erl"},{line,926}]},
>>       {tls_handshake,get_tls_handshake_aux,3,
>>                      [{file,"tls_handshake.erl"},{line,155}]},
>>
>> {tls_connection,next_state,4,[{file,"tls_connection.erl"},{line,433}]},
>>       {gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,503}]},
>>       {proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}
>>
>>
>> why I cannot connect to a https site?
>>
>> Bogdan
>>
>>
>>
>> _______________________________________________
>> erlang-questions mailing list
>> 
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>
> --
> Loïc Hoguin
> http://ninenines.eu
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions


More information about the erlang-questions mailing list