<div dir="ltr">Hi all,<div><br></div><div>I'm trying to setup an escript that can leverage TLS distribution.</div><div><br></div><div>Is such a thing even possible?</div><div><br></div><div>I've tried this line in the file header (line breaks for readability):</div><div><br></div><div><div>%%! +P 256000 -env  ERL_MAX_ETS_TABLES 256000 </div><div>-env ERL_CRASH_DUMP /dev/null </div><div>-env ERL_FULLSWEEP_AFTER 0 </div><div>-env ERL_MAX_PORTS 65536 +A 64 +K true +W w </div><div>-smp auto -boot /tmp/start_clean </div><div>-proto_dist inet_tls </div><div>-ssl_dist_opt client_cacertfile var/lib/cinched/cacert.pem </div><div>client_keyfile /var/lib/cinched/key.pem </div><div>client_certfile /var/lib/cinched/client.pem </div><div>server_cacertfile /etc/cinched/cacert.pem </div><div>server_keyfile /var/lib/cinched/key.pem</div><div>server_certfile /var/lib/cinched/cert.pem </div><div>-name cinched -setcookie foobar -config /etc/cinched/sys.config</div></div><div>-s public_key -s asn1 -s ssl -s crypto</div><div><br></div><div>Unfortunately, it doesn't look like it applies the boot settings<br></div><div><br></div><div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},"Protocol: ~tp: not supported~n",["inet_tls"]}</font></div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},crash_report,[[{initial_call,{net_kernel,init,['Argument__1']}},{pid,<0.21.0>},{registered_name,[]},{error_info,{exit,{error,badarg},[{gen_server,init_it,6,[{file,"gen_server.erl"},{line,322}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}},{ancestors,[net_sup,kernel_sup,<0.10.0>]},{messages,[]},{links,[<0.18.0>]},{dictionary,[{longnames,true}]},{trap_exit,true},{status,running},{heap_size,987},{stack_size,27},{reductions,223}],[]]}</font></div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},supervisor_report,[{supervisor,{local,net_sup}},{errorContext,start_error},{reason,{'EXIT',nodistribution}},{offender,[{pid,undefined},{name,net_kernel},{mfargs,{net_kernel,start_link,[[cinched,longnames]]}},{restart_type,permanent},{shutdown,2000},{child_type,worker}]}]}</font></div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},supervisor_report,[{supervisor,{local,kernel_sup}},{errorContext,start_error},{reason,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}},{offender,[{pid,undefined},{name,net_sup},{mfargs,{erl_distribution,start_link,[]}},{restart_type,permanent},{shutdown,infinity},{child_type,supervisor}]}]}</font></div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},crash_report,[[{initial_call,{application_master,init,['Argument__1','Argument__2','Argument__3','Argument__4']}},{pid,<0.9.0>},{registered_name,[]},{error_info,{exit,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}},[{application_master,init,4,[{file,"application_master.erl"},{line,133}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]}},{ancestors,[<0.8.0>]},{messages,[{'EXIT',<0.10.0>,normal}]},{links,[<0.8.0>,<0.7.0>]},{dictionary,[]},{trap_exit,true},{status,running},{heap_size,376},{stack_size,27},{reductions,164}],[]]}</font></div><div><font face="monospace, monospace" size="1">{error_logger,{{2016,1,15},{16,38,26}},std_info,[{application,kernel},{exited,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}}},{type,permanent}]}</font></div><div><font face="monospace, monospace" size="1">{"Kernel pid terminated",application_controller,"{application_start_failure,kernel,{{shutdown,{failed_to_start_child,net_sup,{shutdown,{failed_to_start_child,net_kernel,{'EXIT',nodistribution}}}}},{kernel,start,[normal,[]]}}}"}</font></div></div><div><br></div><div><br></div><div>The /tmp/start_clean.rel file:</div><div><br></div><div><div>{release,{"start_clean",[]},</div><div>         {erts,"6.4"},</div><div>         [{kernel,"3.2"},</div><div>          {stdlib,"2.4"},</div><div>          {sasl,"2.4.1"},</div><div>          {crypto,"3.5"},</div><div>          {asn1,"3.0.4"},</div><div>          {public_key,"0.23"},</div><div>          {ssl,"6.0"}</div><div>          ]}.</div></div><div><br></div><div>Anyone have a clue-stick or working example of an escript that can talk TLS?</div><div><br></div><div>I've also tried specifying TLS options as part of the ERL_FLAGsin the environment prior to kicking off the escript  (and removing TLS options from the script header), with the same results.</div><div><br></div><div><br></div><div><div><div class="gmail_signature"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="font-size:small">Mark Steele</div><div style="font-size:small">CISSP, GPEN, GCIA, CSM</div><div style="font-size:small"><a href="mailto:mark@control-alt-del.org" target="_blank">mark@control-alt-del.org</a><br></div><div style="font-size:small"><br></div><div><font size="2">LinkedIn: <a href="https://ca.linkedin.com/in/markrsteele" target="_blank">https://ca.linkedin.com/in/markrsteele</a></font><br></div><div style="font-size:small">Github: <a href="https://github.com/marksteele" target="_blank">https://github.com/marksteele</a></div><div><font size="2">Personal: <a href="http://www.control-alt-del.org" target="_blank">http://www.control-alt-del.org</a></font></div><div style="font-size:small"></div></div></div></div></div></div>
</div></div>