<div dir="ltr"><div class="gmail_quote"><div dir="ltr"><div>Hi!</div><div><br></div>Let me put it this way. If someone makes a PR for implementing the <span style="color:rgb(0,0,0);font-size:13.3333330154419px">Maximum Fragment Length extension from RFC 6066 we will accept the PR.</span><div><font color="#000000"><span style="font-size:13.3333330154419px">The implementation should be fairly straight forward. I could easily do it myself, but when and if this will be prioritised by Ericsson so that I have the time to do it, is an entirely different question.</span></font></div><div><div><span style="color:rgb(0,0,0);font-size:13.3333330154419px"><br></span></div></div><div><span style="color:rgb(0,0,0);font-size:13.3333330154419px">Regards Ingela Erlang/OTP team - Ericsson AB</span></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2015-05-06 14:42 GMT+02:00 John Foldager <span dir="ltr"><<a href="mailto:john.foldager@gmail.com" target="_blank">john.foldager@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Roger, I just found out that I was replying only to you and not the<br>
mailing list, so I will reply with our conversations below:<br>
<br>
ME:<br>
This is EXACTLY what is needed. I used the<br>
SSL_CTRL_SET_MAX_SEND_FRAGMENT to search and found you comment about<br>
the patch on StackOverflow:<br>
<a href="http://stackoverflow.com/questions/19276598/erlang-ssl-set-max-send-fragment-size" target="_blank">http://stackoverflow.com/questions/19276598/erlang-ssl-set-max-send-fragment-size</a><br>
<br>
Any idea who could possible approve this patch for Erlang?<br>
<br>
ROGER:<br>
Not really, no. If you're interested in picking it up, I can forward<br>
you Ingela's review comments on my original patch. <deleted-rest-of-message><br>
<br>
ME:<br>
Thanks. I would like to see Ingela's review comments if possible.<br>
<deleted-rest-of-message><br>
<br>
ROGER:<br>
Ingela wrote:<br>
<br>
> RFC 6066 obsoletes the RFC 4366 that according to my understanding specifies<br>
> the extension for TLS 1.1 and TLS 1.0 also. I think that that the best<br>
> approach would be to implement handling of the max_fragment_length<br>
> extension, that defaults to the current max if no extension is sent. And<br>
> also have an application environment variable as a way to change the default.<br>
> (You can look at the session_lifetime application environment variable as an<br>
> example.) The reason I would like to have it as an application environment<br>
> variable is that I do not want to encourage the us of it, if you do not know<br>
> exactly what you are doing, if it is a listen option it is so easily<br>
> accessible!<br>
<br>
> When it comes to header files I think that max_plain_text_length numbers<br>
> belongs in ssl_record.hrl. I could not see that this should be a problem,<br>
> note that tls_record.hrl (includes ssl_record.hrl)<br>
<br>
<br>
ME (now):<br>
So, Ingela (or anyone else), could we have this TLS record size configurable?<br>
<div><div><br>
On Tue, Apr 21, 2015 at 4:33 PM, Roger Lipscombe <<a href="mailto:roger@differentpla.net" target="_blank">roger@differentpla.net</a>> wrote:<br>
> On 21 April 2015 at 14:03, John Foldager <<a href="mailto:john.foldager@gmail.com" target="_blank">john.foldager@gmail.com</a>> wrote:<br>
>> Using RabbitMQ I would like to know if it is possible somehow to<br>
>> configure/set the running Erlang process to change the size of the TLS<br>
>> records?<br>
><br>
> Do you mean an equivalent to OpenSSL's SSL_CTRL_SET_MAX_SEND_FRAGMENT option?<br>
><br>
> As far as I know, it's not possible to set it in Erlang. Way back in<br>
> Jan 2014, I had a patch (see<br>
> <a href="https://github.com/rlipscombe/otp/commit/71c53d20191d3ddf43fc0aa87fabf5ac84ef70f3" target="_blank">https://github.com/rlipscombe/otp/commit/71c53d20191d3ddf43fc0aa87fabf5ac84ef70f3</a>),<br>
> but it didn't make it into OTP -- I had some feedback from Ingela on<br>
> the OTP team, but didn't get around to dealing with it -- and I've not<br>
> updated it since.<br>
_______________________________________________<br>
erlang-questions mailing list<br>
<a href="mailto:erlang-questions@erlang.org" target="_blank">erlang-questions@erlang.org</a><br>
<a href="http://erlang.org/mailman/listinfo/erlang-questions" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
</div></div></blockquote></div><br></div>
</div></div></div><br></div>