You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Original reporter: sg2342
Affected version: OTP-22.0.3
Fixed in version: OTP-22.0.4
Component: ssl
Migrated from: https://bugs.erlang.org/browse/ERL-975
the fix for ERL-887 (PR-2269) uses ssl_handshake:extension_value/1 to convert the internal
representation of the handshake state to a protocol_extensions() map.
If handshake_completion() is hello, ssl:handshake will crash whenever a client hello has extensions not covered by a ssl_handshake:extension_value/1 clause (for example client_hello_versions, key_share_client_hello, signature_algorithms).
The text was updated successfully, but these errors were encountered:
Oh, that was bad. We are planning to remove the internal records as they are not needed when we have the map but, but for now we did not want to leak internal data structures, alas TLS-1.3
support is so new that it is not yet enabled in all test. We will fix.
I reopen this issue because a *psk_key_exchange_modes* extension that might be included in (tls 1.2 and tls 1.3) client hello messages is not handled in ssl_handshake:extension_value/1.
In 22.1.7 a ssl server with handshake_completion set to hello will crash upon reception of a tls 1.2 client hello sent by firefox 60 or chrome 70.
The new issue is already reported in ERL-1095 and we will handle it in the new Jira case. As we would like to keep the original Jira case intact due to traceability, I'm closing this issue unchanged.
Original reporter:
sg2342
Affected version:
OTP-22.0.3
Fixed in version:
OTP-22.0.4
Component:
ssl
Migrated from: https://bugs.erlang.org/browse/ERL-975
The text was updated successfully, but these errors were encountered: