SSL crash when pointed at a non SSL echo server

Ed W lists@REDACTED
Wed Nov 17 00:45:15 CET 2021


Hi, hmm, how curious!

I'm away on business and under some time pressures, so I can't retest this quickly here.

However, I think one of the key things with my repro is that all you need is an echo server. Just
get the SSL application to talk to the echo server to trigger this crash.

With that in mind, I wonder if this could be turned into a more general test case? Perhaps also add
a fuzzer to the reflector? Might turn up other curiousities that we should knock in the head? People
get nervous when SSL stuff crashes...

Thanks for the reply

Ed W


On 10/11/2021 20:56, csrl@REDACTED wrote:
> We have an issue report open that shows a crash on the same line in the code, but by different means to hit it.
>
> tls_handshake_1_3.erl:652: :tls_handshake_1_3.do_start/2
>
> https://github.com/erlang/otp/issues/5341
>
> I assume if you were to test under OTP 22, you would not see this crash.
>
>
>> Sent: Monday, November 08, 2021 at 12:18 PM
>> From: "Ed W" <lists@REDACTED>
>> To: erlang-questions@REDACTED
>> Subject: SSL crash when pointed at a non SSL echo server
>>
>> Hi, in order to develop some simple apps I created a simple echo server that runs on two ports, one
>> for SSL and another plain TCP. By accident I pointed the SSL application at the plain TCP port and
>> found the following crash (please forgive the elixir syntax)
>>
>> Obviously one shouldn't do this... However, perhaps someone would like to see if we can't catch it
>> and return a nicer error?
>>
>> (tested: Erlang 24.1.3)
>>
>> Thanks
>>
>> Ed W
>>
> <snip>
>>             (ssl 10.5.2) tls_handshake_1_3.erl:652: :tls_handshake_1_3.do_start/2
>>             (ssl 10.5.2) tls_connection_1_3.erl:270: :tls_connection_1_3.start/3
>>             (stdlib 3.16.1) gen_statem.erl:1194: :gen_statem.loop_state_callback/11
>>             (ssl 10.5.2) tls_connection.erl:154: :tls_connection.init/1
>>             (stdlib 3.16.1) proc_lib.erl:226: :proc_lib.init_p_do_apply/3
>>     (stdlib 3.16.1) gen.erl:220: :gen.do_call/4
>>     (stdlib 3.16.1) gen_statem.erl:684: :gen_statem.call_dirty/4
>>     (ssl 10.5.2) ssl_gen_statem.erl:1185: :ssl_gen_statem.call/2
>>     (ssl 10.5.2) ssl_gen_statem.erl:224: :ssl_gen_statem.handshake/2
>>     (ssl 10.5.2) tls_gen_connection.erl:89: :tls_gen_connection.start_fsm/8
>>     (ssl 10.5.2) ssl_gen_statem.erl:193: :ssl_gen_statem.connect/8
>>     (ssl 10.5.2) ssl.erl:608: :ssl.connect/4
>>
>>
>>



More information about the erlang-questions mailing list