[erlang-questions] Patch package OTP 18.3.2 released
Fred Hebert
mononcqc@REDACTED
Wed Apr 27 16:43:57 CEST 2016
On 04/27, Henrik Nord X wrote:
> --- Fixed Bugs and Malfunctions ---
>
> OTP-13511 Application(s): ssl
>
> Corrections to cipher suite handling using the 3 and 4
> tuple format in addition to commit
> 89d7e21cf4ae988c57c8ef047bfe85127875c70c
Well that is tricky now since it appears there is no longer any fix that
allows to support all versions at once with a single configuration.
I could get a config going in pre 18.3 by submitting 3-tuples. I could
get 18.3 to work by using all tuples, looking for what was supported,
and submitting the 3-tuple version no matter what.
In 18.3.2, I *must* submit the 4-tuple version in this case, which can
work, but I still get some odd failures, specifically around
{rsa,aes_256_gcm,null,sha384} which still does not work with the new
format:
37> lists:member({rsa,aes_256_gcm,null,sha384},ssl:cipher_suites()).
true
38> ssl_cipher:suite({rsa,aes_256_gcm,null,sha384}).
** exception error: no function clause matching
ssl_cipher:suite({rsa,aes_256_gcm,null,sha384}) (ssl_cipher.erl, line
754)
39> ssl_cipher:suite({rsa,aes_256_gcm,null}).
<<0,157>>
So this suite is supported, but cannot be checked there in a specific
manner and requires a special case because it still only works with the
3-tuple as input -- and there may be more of these.
It seems like the patch is not properly covering all cases?
More information about the erlang-questions
mailing list