RE: Handshake -> psk_key_exchange_modes

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

RE: Handshake -> psk_key_exchange_modes

Peter Dimitrov

Hi,


This is a bug in the current implementation when configuring a TLS server to support TLS 1.2 or lower and using option {handshake, hello} to pause the handshake. (The {handshake, hello} option is not yet implemented for TLS 1.3.)

What happens here is that the client apparently sends a psk_key_exchange_modes extension and possibly even a pre_shared_key extension in its ClientHello. These extensions are used in TLS 1.3 when trying to resume a session with a ticket received in a previous session.

Please report this issue on https://bugs.erlang.org/!


BR/Peter


-----Original Message-----
From: erlang-questions <
[hidden email]> On Behalf Of Oliver Bollmann
Sent: den 6 november 2019 10:58
To: erlang-questions <[hidden email]>
Subject: Handshake -> psk_key_exchange_modes

 

Hi,

 

0) Erlang/OTP 22 [erts-10.5.3] [source] [64-bit] [smp:16:16] [ds:16:16:10] [async-threads:1] [hipe]

 

1) client_server:start(). -> Port

 

2) Open browser: <a href="https://localhost:Port">https://localhost:Port using Safari,Chrome

 

3) exception error: no function clause matching

ssl_handshake:extension_value({psk_key_exchange_modes,[psk_dhe_ke]})

(ssl_handshake.erl, line 1492)

      in function  maps:map_1/2 (maps.erl, line 252)

      in call from maps:map_1/2 (maps.erl, line 252)

      in call from maps:map/2 (maps.erl, line 243)

      in call from ssl_connection:handshake/2 (ssl_connection.erl, line 127)

      in call from client_server:start/0 (client_server.erl, line 42)

 

Any Hints?

 

--

Grüße

Oliver Bollmann