[erlang-questions] TLS handshake records don't handle fragments?

Ingela Andin ingela.andin@REDACTED
Wed May 2 12:32:28 CEST 2018


2018-05-01 19:23 GMT+02:00 Ryan Stewart <zzantozz@REDACTED>:

> I've been getting handshake_failure alerts when trying to connect to a
> particular server, and I think I've traced it to the fact that the TLS
> records aren't being handled correctly with respect to fragments. In
> particular, this server is sending a rather large "certificate request" to
> allow for client cert auth, and the list is too long to fit in one TLS
> record. That's breaking the TLS handshake in at least Erlang 18 and 19, I
> believe. It's basically a mirror image of the problem described in
> https://bugs.erlang.org/browse/ERL-83. That issue is with Erlang as the
> TLS server. I'm seeing the same thing with it being the client. Is this
> addressed somewhere?
Can you give me a possibility to recreate the issue?  That issue you
described was fixed in 18 and both the client and the server uses the same
code to encode handshakes. The issue was in the encoding and not in the
decoding. Can you tell us more details of how you reached your conclusion?

Regards Ingela Erlang/OTP Team - Ericsson AB

> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180502/4f1dc7c9/attachment.htm>

More information about the erlang-questions mailing list