[erlang-questions] Fwd: Possibly to change TLS record size?
Thu May 7 16:24:33 CEST 2015
Let me put it this way. If someone makes a PR for implementing the Maximum
Fragment Length extension from RFC 6066 we will accept the PR.
The implementation should be fairly straight forward. I could easily do it
myself, but when and if this will be prioritised by Ericsson so that I have
the time to do it, is an entirely different question.
Regards Ingela Erlang/OTP team - Ericsson AB
2015-05-06 14:42 GMT+02:00 John Foldager <john.foldager@REDACTED>:
> Hi Roger, I just found out that I was replying only to you and not the
> mailing list, so I will reply with our conversations below:
> This is EXACTLY what is needed. I used the
> SSL_CTRL_SET_MAX_SEND_FRAGMENT to search and found you comment about
> the patch on StackOverflow:
> Any idea who could possible approve this patch for Erlang?
> Not really, no. If you're interested in picking it up, I can forward
> you Ingela's review comments on my original patch.
> Thanks. I would like to see Ingela's review comments if possible.
> Ingela wrote:
> > RFC 6066 obsoletes the RFC 4366 that according to my understanding
> > the extension for TLS 1.1 and TLS 1.0 also. I think that that the best
> > approach would be to implement handling of the max_fragment_length
> > extension, that defaults to the current max if no extension is sent. And
> > also have an application environment variable as a way to change the
> > (You can look at the session_lifetime application environment variable
> as an
> > example.) The reason I would like to have it as an application
> > variable is that I do not want to encourage the us of it, if you do not
> > exactly what you are doing, if it is a listen option it is so easily
> > accessible!
> > When it comes to header files I think that max_plain_text_length numbers
> > belongs in ssl_record.hrl. I could not see that this should be a
> > note that tls_record.hrl (includes ssl_record.hrl)
> ME (now):
> So, Ingela (or anyone else), could we have this TLS record size
> On Tue, Apr 21, 2015 at 4:33 PM, Roger Lipscombe <roger@REDACTED>
> > On 21 April 2015 at 14:03, John Foldager <john.foldager@REDACTED>
> >> Using RabbitMQ I would like to know if it is possible somehow to
> >> configure/set the running Erlang process to change the size of the TLS
> >> records?
> > Do you mean an equivalent to OpenSSL's SSL_CTRL_SET_MAX_SEND_FRAGMENT
> > As far as I know, it's not possible to set it in Erlang. Way back in
> > Jan 2014, I had a patch (see
> > but it didn't make it into OTP -- I had some feedback from Ingela on
> > the OTP team, but didn't get around to dealing with it -- and I've not
> > updated it since.
> erlang-questions mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions