<div dir="ltr"><br><div class="gmail_extra">Hi!<br><br></div><div class="gmail_extra">This is what happens when I do what you say you do. <br></div><div class="gmail_extra"><br>Erlang/OTP 17 [erts-6.0] [source-fa45816] [64-bit] [smp:8:8] [async-threads:10] [hipe] [kernel-poll:false]<br>
<br>Eshell V6.0 (abort with ^G)<br>1> inets:start().<br>ok<br>2> ssl:start().<br>ok<br>3> httpc:request("<a href="https://somewhere.com">https://somewhere.com</a>").<br>{ok,{{"HTTP/1.1",200,"OK"},<br>
[{"cache-control","max-age=0, private, must-revalidate"},<br> {"connection","keep-alive"},<br> {"date","Fri, 11 Apr 2014 15:03:08 GMT"},<br> {"etag","\"abf551bf9c340cc2649822f9e27e82ff\""},<br>
{"vary","Accept-Encoding"},<br> {"content-length","41024"},<br> {"content-type","text/html; charset=utf-8"},<br> {"last-modified","Thu, 30 Jan 2014 17:12:43 GMT"},<br>
{"access-control-allow-methods","POST, GET, OPTIONS"},<br> {"access-control-allow-origin","*"},<br> {"access-control-max-age","1728000"},<br> {"set-cookie",<br>
"_session_id=613ae6fdb421a8eb1cbc1d43509c4d53; path=/; expires=Fri, 18-Apr-2014 15:03:08 GMT; HttpOnly"},<br> {"status","200 OK"},<br> {"x-rack-cache","miss"},<br>
{"x-request-id","9b2a35c1-f4c8-47fa-bcdc-e7f80090fe72"},<br> {"x-runtime","1.182360"},<br> {"x-ua-compatible","IE=Edge,chrome=1"}],<br> [60,33,68,79,67,84,89,80,69,32,104,116,109,108,62,60,104,<br>
116,109,108,62,60,104,101|...]}}<br><br></div><div class="gmail_extra">Regards Ingela Erlang/OTP team - Ericsson AB<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">2014-04-11 16:53 GMT+02:00 atul atri <span dir="ltr"><<a href="mailto:atulatri2004@gmail.com" target="_blank">atulatri2004@gmail.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><div><div><div>Hi Ingela,<br><br></div>I just tested this issue with erlang 17. This issue is not fixed.<br>
<br>=============<br>[root@atul-test otp_src_17.0]# erl<br>Erlang/OTP 17 [erts-6.0] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false]<br>
<br>Eshell V6.0 (abort with ^G)<br>1> inets:start().<br>ok<br>2> ssl:start().<br>ok<br>3> httpc:request("<a href="https://somewhere.com" target="_blank">https://somewhere.com</a>").<div class=""><br>{error,{failed_connect,[{to_address,{"<a href="http://somewhere.com" target="_blank">somewhere.com</a>",<br>
443}},<br> {inet,[inet],<br> {eoptions,{{function_clause,[{tls_connection,handle_alert,<br> [{alert,1,112,{"tls_connection.erl",375}},<br>
hello,<br> {state,client,<br></div> {#Ref<0.0.0.63>,<0.57.0>},<br>
gen_tcp,tls_connection,tcp,tcp_closed,tcp_error,...}],<br> [{file,"tls_connection.erl"},{line,836}]},<br>
{tls_connection,handle_alerts,2,<br> [{file,"tls_connection.erl"},{line,834}]},<br>
{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,503}]},<div class=""><br> {proc_lib,init_p_do_apply,3,<br>
[{file,"proc_lib.erl"},{line,239}]}]},<br> {gen_fsm,sync_send_all_state_event,<br></div> [<0.61.0>,{start,infinity},infinity]}}}}]}}<br>
=================<br><br></div>Server sends alert warning 112 (unrecognized_name), but tls_connection.erl has no function to handle this alert. ssl_alert.hrl do mention this alert.<br><br></div>I also found <a href="http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0" target="_blank">http://stackoverflow.com/questions/7615645/ssl-handshake-alert-unrecognized-name-error-since-upgrade-to-java-1-7-0</a>. Java 1.7 is also behaving kind of same. I have not tested myself though. As first answer mentions, that most choose to ignore server alert warning 112 (unrecognized_name). Erlang/Otp should also consider to ignore it. This thread mentions that we can disable SNI in java 1.7. Do we have similar option in Erlang/Otp? Is disabling SNI right choice?<br>
<br></div>Adding following function in tls_connection.erl solves the problem:<br>=========<br>handle_alert(#alert{level = ?WARNING, description = ?UNRECOGNISED_NAME} = Alert, StateName,<br>#state{ssl_options = SslOpts} = State0) -><br>
log_alert(SslOpts#ssl_options.log_alert, StateName, Alert),<br> {Record, State} = next_record(State0),<br> next_state(StateName, StateName, Record, State).<br>===========<br><div><br></div><div>This issue supposed to be fixed in <a href="https://github.com/erlang/otp/commit/d18e7b25a17a0c62c0beddc81f23b1dea18b7ef4" target="_blank">https://github.com/erlang/otp/commit/d18e7b25a17a0c62c0beddc81f23b1dea18b7ef4</a>. But It seems like you forgot to commit changes in file tls_connection.erl.<br>
<br></div><div>Waiting for your kind reply to sort out this issue asap.<br></div><div class=""><div><br></div><div>Thanks & Regards,<br>Atul Atri.<br></div><div><br><br><div><div><div><br></div></div></div></div></div>
</div><div class=""><div class="h5"><div class="gmail_extra">
<br><br><div class="gmail_quote">On Fri, Apr 4, 2014 at 7:10 PM, Ingela Andin <span dir="ltr"><<a href="mailto:ingela.andin@gmail.com" target="_blank">ingela.andin@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr"><div><div>Hi!<br><br></div>This is fixed in the latest version 17.0 (comming soon) or check master branch at github.<br><br></div>Regards Ingela Erlang/OTP team - Ericsson AB<br><div><div><div><div><div class="gmail_extra">
<br><br><div class="gmail_quote">2014-04-04 10:33 GMT+02:00 atul atri <span dir="ltr"><<a href="mailto:atulatri2004@gmail.com" target="_blank">atulatri2004@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div><div>
<div dir="ltr"><div><div><div><div>Hi,<br><br></div>I am using httpc to connect to a website that is using invalid certificate. But it is crashing while ssl handshake.<br><br>======<br>7> httpc:request(post, {"<a href="https://somewhere.com" target="_blank">https://somewhere.com</a>", [], "application/x-www-form-urlencoded", ""}, [{ssl, [{verify, verify_none}]}], []). {error,{failed_connect,[{to_address,{"<a href="http://somewhere.com" target="_blank">somewhere.com</a>",<br>
443}},<br> {inet,[inet],<br> {eoptions,{{function_clause,[{tls_connection,handle_alert,<br> [{alert,1,112,{"tls_connection.erl",375}},<br>
hello,<br> {state,client,<br> {#Ref<0.0.0.137>,<0.74.0>},<br>
gen_tcp,tls_connection,tcp,tcp_closed,tcp_error,...}],<br> [{file,"tls_connection.erl"},{line,834}]},<br>
{tls_connection,handle_alerts,2,<br> [{file,"tls_connection.erl"},{line,832}]},<br>
{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,505}]},<br> {proc_lib,init_p_do_apply,3,<br>
[{file,"proc_lib.erl"},{line,239}]}]},<br> {gen_fsm,sync_send_all_state_event,<br> [<0.75.0>,{start,infinity},infinity]}}}}]}}<br>
=======<br><br></div>I am able to browse website in Firefox.<br><br></div><div>My elang version is <br>====<br>[root@chatgateway1 ~]# erl<br>Erlang R16B03-1 (erts-5.10.4) [source] [64-bit] [smp:2:2] [async-threads:10] [hipe] [kernel-poll:false]<br>
<br>Eshell V5.10.4 (abort with ^G)<br>====<br></div><br>I googled it and it looks some thing related to <a href="http://permalink.gmane.org/gmane.comp.lang.erlang.bugs/4302" target="_blank">http://permalink.gmane.org/gmane.comp.lang.erlang.bugs/4302</a>.<br>
<br></div>Any help to fix or work around this is much appreciated.<br><br>Thanks & Regards,<br>Atul Atri.<br><br></div>
<br></div></div>_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
<br></blockquote></div><br></div></div></div></div></div></div>
</blockquote></div><br></div>
</div></div></blockquote></div><br></div></div>