<html>

  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <p>This works with 20.2.2 but since 20.3(21.x) it doesn't!</p>

    <p>Error in process <0.79.0> with exit value:<br>

      {{badmatch,{error,{tls_alert,"handshake failure"}}},<br>

 [{client_server,init_connect,1,[{file,"client_server.erl"},{line,37}]}]}<br>

    </p>

    <p>Any hints?</p>

<pre style="background-color:#ffffff;color:#000000;font-family:'Menlo';font-size:18.0pt;">-module(client_server)<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

<span style="color:#808080;font-style:italic;">%%% Purpose: Example of SSL client and server using psk.

</span><span style="color:#808080;font-style:italic;">

-export([start/<span style="color:#0000ff;">0, init_connect/<span style="color:#0000ff;">1])<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

</span>start() ->

  <span style="color:#808080;font-style:italic;">%% Start ssl application

</span><span style="color:#808080;font-style:italic;">  </span>{ok, <span style="color:#660e7a;">StartedApps</span>} = application:ensure_all_started(ssl),

  <span style="color:#808080;font-style:italic;">%% Let the current process be the server that listens and accepts

</span><span style="color:#808080;font-style:italic;">  %% Listen

</span><span style="color:#808080;font-style:italic;">  </span>{ok, <span style="color:#660e7a;">LSock</span>} = ssl:listen(<span style="color:#0000ff;">0</span>, mk_opts(listen)),

  {ok, {<span style="color:#660e7a;">_</span>, <span style="color:#660e7a;">LPort</span>}} = ssl:sockname(<span style="color:#660e7a;">LSock</span>),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Listen: port = ~w.~n"</span>, [<span style="color:#660e7a;">LPort</span>]),

  <span style="color:#808080;font-style:italic;">%% Spawn the client process that connects to the server

</span><span style="color:#808080;font-style:italic;">  </span>spawn(?<span style="color:#660e7a;">MODULE</span>, init_connect, [<span style="color:#660e7a;">LPort</span>]),

  <span style="color:#808080;font-style:italic;">%% Accept

</span><span style="color:#808080;font-style:italic;">  </span>{ok, <span style="color:#660e7a;">ASock</span>} = ssl:transport_accept(<span style="color:#660e7a;">LSock</span>),

  ok = ssl:ssl_accept(<span style="color:#660e7a;">ASock</span>),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Accept: accepted.~n"</span>),

  ssl:send(<span style="color:#660e7a;">ASock</span>, <span style="color:#008000;font-weight:bold;">"hello"</span>),

  {error, closed} = ssl:recv(<span style="color:#660e7a;">ASock</span>, <span style="color:#0000ff;">0</span>),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Accept: detected closed.~n"</span>),

  ssl:close(<span style="color:#660e7a;">ASock</span>),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Listen: closing and terminating.~n"</span>),

  ssl:close(<span style="color:#660e7a;">LSock</span>),

lists:foreach(<span style="color:#000080;font-weight:bold;">fun application:stop/<span style="color:#0000ff;">1, lists:reverse(<span style="color:#660e7a;">StartedApps))<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

</span><span style="color:#000080;font-weight:bold;">

</span><span style="color:#808080;font-style:italic;">%% Client connect

</span>init_connect(<span style="color:#660e7a;">LPort</span>) ->

  {ok, <span style="color:#660e7a;">Host</span>} = inet:gethostname(),

  {ok, <span style="color:#660e7a;">CSock</span>} = ssl:connect(<span style="color:#660e7a;">Host</span>, <span style="color:#660e7a;">LPort</span>, mk_opts(connect)),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Connect: connected.~n"</span>),

  {ok, <span style="color:#660e7a;">Data</span>} = ssl:recv(<span style="color:#660e7a;">CSock</span>, <span style="color:#0000ff;">0</span>),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Connect: got data: ~p~n"</span>, [<span style="color:#660e7a;">Data</span>]),

  io:fwrite(<span style="color:#008000;font-weight:bold;">"Connect: closing and terminating.~n"</span>),

ssl:close(<span style="color:#660e7a;">CSock)<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

</span>mk_opts(listen) ->

  mk_opts(<span style="color:#008000;font-weight:bold;">"server"</span>);

mk_opts(connect) ->

  mk_opts(<span style="color:#008000;font-weight:bold;">"client"</span>);

mk_opts(<span style="color:#660e7a;">Role</span>) ->

  [{active, false},

    {psk_identity,<span style="color:#660e7a;">Role</span>},

    {user_lookup_fun,{<span style="color:#000080;font-weight:bold;">fun </span>lookup/<span style="color:#0000ff;">3</span>,list_to_binary(<span style="color:#660e7a;">Role</span>)}},

    {versions,['tlsv1.2']},

    {ciphers, [{dhe_psk,aes_256_gcm,null,sha384}

    ]}

]<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

lookup(psk,<span style="color:#660e7a;">_,<span style="color:#660e7a;">_) -> {ok,<<<span style="color:#008000;font-weight:bold;">"psk">>}<span style="color:#000080;font-weight:bold;">.

</span><span style="color:#000080;font-weight:bold;">

</span></pre>

    <pre class="moz-signature" cols="72">-- 

Grüße

Oliver Bollmann</pre>

  </body>

</html>