Handshake -> psk_key_exchange_modes

Oliver Bollmann oliver.bollmann@REDACTED
Wed Nov 6 10:58:22 CET 2019


Hi,

0) Erlang/OTP 22 [erts-10.5.3] [source] [64-bit] [smp:16:16] 
[ds:16:16:10] [async-threads:1] [hipe]

1) client_server:start(). -> Port

2) Open browser: https://localhost:Port using Safari,Chrome

3) exception error: no function clause matching 
ssl_handshake:extension_value({psk_key_exchange_modes,[psk_dhe_ke]}) 
(ssl_handshake.erl, line 1492)
      in function  maps:map_1/2 (maps.erl, line 252)
      in call from maps:map_1/2 (maps.erl, line 252)
      in call from maps:map/2 (maps.erl, line 243)
      in call from ssl_connection:handshake/2 (ssl_connection.erl, line 127)
      in call from client_server:start/0 (client_server.erl, line 42)

Any Hints?

-- 
Grüße
Oliver Bollmann

-------------- next part --------------
%%
%% %CopyrightBegin%
%%
%% Copyright Ericsson AB 2003-2018. All Rights Reserved.
%%
%% Licensed under the Apache License, Version 2.0 (the "License");
%% you may not use this file except in compliance with the License.
%% You may obtain a copy of the License at
%%
%%     http://www.apache.org/licenses/LICENSE-2.0
%%
%% Unless required by applicable law or agreed to in writing, software
%% distributed under the License is distributed on an "AS IS" BASIS,
%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
%% See the License for the specific language governing permissions and
%% limitations under the License.
%%
%% %CopyrightEnd%
%%

%%% Purpose: Example of SSL client and server using example certificates.

-module(client_server).

-export([start/0, init_connect/1]).

start() ->
  %% Start ssl application
  {ok, StartedApps} = application:ensure_all_started(ssl),

  %% Let the current process be the server that listens and accepts
  %% Listen
  {ok, LSock} = ssl:listen(0, mk_opts(listen)),
  {ok, {_, LPort}} = ssl:sockname(LSock),
  io:fwrite("Listen: port = ~w.~n", [LPort]),

  %% Spawn the client process that connects to the server
  %spawn(?MODULE, init_connect, [LPort]),

  %% Accept
  {ok, ASock} = ssl:transport_accept(LSock),
  {ok, HsSocket, _Ex} = ssl:handshake(ASock),
  {ok, SslSocket} = ssl:handshake_continue(HsSocket, mk_opts(listen)),
  io:fwrite("Accept: accepted.~n"),
  {ok, Cert} = ssl:peercert(SslSocket),
  io:fwrite("Accept: peer cert:~n~p~n", [public_key:pkix_decode_cert(Cert, otp)]),
  io:fwrite("Accept: sending \"hello\".~n"),
  ssl:send(SslSocket, "hello"),
  {error, closed} = ssl:recv(SslSocket, 0),
  io:fwrite("Accept: detected closed.~n"),
  ssl:close(SslSocket),
  io:fwrite("Listen: closing and terminating.~n"),
  ssl:close(LSock),

  lists:foreach(fun application:stop/1, lists:reverse(StartedApps)).


%% Client connect
init_connect(LPort) ->
  {ok, Host} = inet:gethostname(),
  {ok, CSock} = ssl:connect(Host, LPort, mk_opts(connect)),
  io:fwrite("Connect: connected.~n"),
  {ok, Cert} = ssl:peercert(CSock),
  io:fwrite("Connect: peer cert:~n~p~n", [public_key:pkix_decode_cert(Cert, otp)]),
  {ok, Data} = ssl:recv(CSock, 0),
  io:fwrite("Connect: got data: ~p~n", [Data]),
  io:fwrite("Connect: closing and terminating.~n"),
  ssl:close(CSock).

mk_opts(listen) ->
  mk_opts("server");
mk_opts(connect) ->
  mk_opts("client");
mk_opts(Role) ->
  Dir = filename:join([code:lib_dir(ssl), "examples", "certs", "etc"]),
  [{active, false},
    {verify, 2},
    {depth, 2},
    {handshake, hello},
    {server_name_indication, disable},
    {cacertfile, filename:join([Dir, Role, "cacerts.pem"])},
    {certfile, filename:join([Dir, Role, "cert.pem"])},
    {keyfile, filename:join([Dir, Role, "key.pem"])}].


More information about the erlang-questions mailing list