[erlang-questions] SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Dmitry Melnikov dmitryme@REDACTED
Wed Feb 8 18:57:11 CET 2017


Hello,
this patch for ssl-6.0/src/ssl_cipher.erl should help
Another solution is to switch to modern Erlang 18.0, 19.0, ...

--- ssl_cipher.erl	2017-01-28 17:47:08.728720668 +0300
+++ ssl_cipher.erl.new	2017-01-28 17:46:40.860480295 +0300
@@ -1209,7 +1209,9 @@
 hash_algorithm(?SHA224) -> sha224;
 hash_algorithm(?SHA256) -> sha256;
 hash_algorithm(?SHA384) -> sha384;
-hash_algorithm(?SHA512) -> sha512.
+hash_algorithm(?SHA512) -> sha512;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 7)
and (Other =< 223)) -> unassigned;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 224)
and (Other =< 255)) -> Other.

 sign_algorithm(anon)  -> ?ANON;
 sign_algorithm(rsa)   -> ?RSA;
@@ -1218,7 +1220,9 @@
 sign_algorithm(?ANON) -> anon;
 sign_algorithm(?RSA) -> rsa;
 sign_algorithm(?DSA) -> dsa;
-sign_algorithm(?ECDSA) -> ecdsa.
+sign_algorithm(?ECDSA) -> ecdsa;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 4)
and (Other =< 223)) -> unassigned;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224)
and (Other =< 255)) -> Other.

 hash_size(null) ->
     0;
----------------


On Wed, Feb 8, 2017 at 8:47 PM, Frank Muller <frank.muller.erl@REDACTED>
wrote:

> Hi guys,
>
> I'm seeing these SSL errors in the app's logs:
>
> 2017-02-08 12:38:55.227 [error] <0.577.0> Ranch listener https terminated
> with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{
> file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_
> hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"}
> ,{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^
> 0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},
> {ssl_handshake,dec_hello_extensions,2,[{file,"ssl_
> handshake.erl"},{line,1706}]},{tls_handshake,decode_
> handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{
> tls_handshake,get_tls_handshake_aux,3,[{file,"tls_
> handsha..."},...]},...]},...}
> 2017-02-08 12:38:55.228 [error] <0.576.0> Ranch listener https terminated
> with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{
> file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_
> hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"}
> ,{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^
> 0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},
> {ssl_handshake,dec_hello_extensions,2,[{file,"ssl_
> handshake.erl"},{line,1706}]},{tls_handshake,decode_
> handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{
> tls_handshake,get_tls_handshake_aux,3,[{file,"tls_
> handsha..."},...]},...]},...}
> 2017-02-08 12:38:55.235 [error] <0.578.0> gen_fsm <0.578.0> in state hello
> terminated with reason: no function clause matching
> ssl_cipher:hash_algorithm(8) line 1199
> 2017-02-08 12:38:55.235 [error] <0.578.0> CRASH REPORT Process <0.578.0>
> with 0 neighbours exited with reason: no function clause matching
> ssl_cipher:hash_algorithm(8) line 1199 in gen_fsm:terminate/7 line 611
>
> I'm using Erlang 17.5 under Linux.
> Can anyone help on this please?
>
> Thanks in advance.
> /Frank
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20170208/6a3beed4/attachment.htm>


More information about the erlang-questions mailing list