SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Frank Muller
Hi guys,

I'm seeing these SSL errors in the app's logs:

2017-02-08 12:38:55.227 [error] <0.577.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.228 [error] <0.576.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.235 [error] <0.578.0> gen_fsm <0.578.0> in state hello terminated with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199
2017-02-08 12:38:55.235 [error] <0.578.0> CRASH REPORT Process <0.578.0> with 0 neighbours exited with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199 in gen_fsm:terminate/7 line 611

I'm using Erlang 17.5 under Linux.
Can anyone help on this please?

Thanks in advance. 
/Frank

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Dmitry Melnikov-2
Hello,
this patch for ssl-6.0/src/ssl_cipher.erl should help
Another solution is to switch to modern Erlang 18.0, 19.0, ...

--- ssl_cipher.erl	2017-01-28 17:47:08.728720668 +0300
+++ ssl_cipher.erl.new	2017-01-28 17:46:40.860480295 +0300
@@ -1209,7 +1209,9 @@
 hash_algorithm(?SHA224) -> sha224;
 hash_algorithm(?SHA256) -> sha256;
 hash_algorithm(?SHA384) -> sha384;
-hash_algorithm(?SHA512) -> sha512.
+hash_algorithm(?SHA512) -> sha512;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 7) and (Other =< 223)) -> unassigned;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 sign_algorithm(anon)  -> ?ANON;
 sign_algorithm(rsa)   -> ?RSA;
@@ -1218,7 +1220,9 @@
 sign_algorithm(?ANON) -> anon;
 sign_algorithm(?RSA) -> rsa;
 sign_algorithm(?DSA) -> dsa;
-sign_algorithm(?ECDSA) -> ecdsa.
+sign_algorithm(?ECDSA) -> ecdsa;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 4) and (Other =< 223)) -> unassigned;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 hash_size(null) ->
     0;
----------------

On Wed, Feb 8, 2017 at 8:47 PM, Frank Muller <[hidden email]> wrote:
Hi guys,

I'm seeing these SSL errors in the app's logs:

2017-02-08 12:38:55.227 [error] <0.577.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.228 [error] <0.576.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.235 [error] <0.578.0> gen_fsm <0.578.0> in state hello terminated with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199
2017-02-08 12:38:55.235 [error] <0.578.0> CRASH REPORT Process <0.578.0> with 0 neighbours exited with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199 in gen_fsm:terminate/7 line 611

I'm using Erlang 17.5 under Linux.
Can anyone help on this please?

Thanks in advance. 
/Frank

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions



_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Frank Muller
Thank you guys for your prompt response.
I'll update my Elang version then. 

/Frank

<[hidden email]> a écrit :
Hello,
this patch for ssl-6.0/src/ssl_cipher.erl should help
Another solution is to switch to modern Erlang 18.0, 19.0, ...

--- ssl_cipher.erl	2017-01-28 17:47:08.728720668 +0300
+++ ssl_cipher.erl.new	2017-01-28 17:46:40.860480295 +0300
@@ -1209,7 +1209,9 @@
 hash_algorithm(?SHA224) -> sha224;
 hash_algorithm(?SHA256) -> sha256;
 hash_algorithm(?SHA384) -> sha384;
-hash_algorithm(?SHA512) -> sha512.
+hash_algorithm(?SHA512) -> sha512;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 7) and (Other =< 223)) -> unassigned;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 sign_algorithm(anon)  -> ?ANON;
 sign_algorithm(rsa)   -> ?RSA;
@@ -1218,7 +1220,9 @@
 sign_algorithm(?ANON) -> anon;
 sign_algorithm(?RSA) -> rsa;
 sign_algorithm(?DSA) -> dsa;
-sign_algorithm(?ECDSA) -> ecdsa.
+sign_algorithm(?ECDSA) -> ecdsa;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 4) and (Other =< 223)) -> unassigned;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 hash_size(null) ->
     0;
----------------

On Wed, Feb 8, 2017 at 8:47 PM, Frank Muller <[hidden email]> wrote:
Hi guys,

I'm seeing these SSL errors in the app's logs:

2017-02-08 12:38:55.227 [error] <0.577.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.228 [error] <0.576.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.235 [error] <0.578.0> gen_fsm <0.578.0> in state hello terminated with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199
2017-02-08 12:38:55.235 [error] <0.578.0> CRASH REPORT Process <0.578.0> with 0 neighbours exited with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199 in gen_fsm:terminate/7 line 611

I'm using Erlang 17.5 under Linux.
Can anyone help on this please?

Thanks in advance. 
/Frank

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions
Reply | Threaded
Open this post in threaded view
|

Re: SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Frank Muller
The patch fixed the issue. Thanks again. 

/Frank

Thank you guys for your prompt response.
I'll update my Elang version then. 

/Frank

<[hidden email]> a écrit :
Hello,
this patch for ssl-6.0/src/ssl_cipher.erl should help
Another solution is to switch to modern Erlang 18.0, 19.0, ...

--- ssl_cipher.erl	2017-01-28 17:47:08.728720668 +0300
+++ ssl_cipher.erl.new	2017-01-28 17:46:40.860480295 +0300
@@ -1209,7 +1209,9 @@
 hash_algorithm(?SHA224) -> sha224;
 hash_algorithm(?SHA256) -> sha256;
 hash_algorithm(?SHA384) -> sha384;
-hash_algorithm(?SHA512) -> sha512.
+hash_algorithm(?SHA512) -> sha512;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 7) and (Other =< 223)) -> unassigned;
+hash_algorithm(Other)  when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 sign_algorithm(anon)  -> ?ANON;
 sign_algorithm(rsa)   -> ?RSA;
@@ -1218,7 +1220,9 @@
 sign_algorithm(?ANON) -> anon;
 sign_algorithm(?RSA) -> rsa;
 sign_algorithm(?DSA) -> dsa;
-sign_algorithm(?ECDSA) -> ecdsa.
+sign_algorithm(?ECDSA) -> ecdsa;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 4) and (Other =< 223)) -> unassigned;
+sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other.
 
 hash_size(null) ->
     0;
----------------

On Wed, Feb 8, 2017 at 8:47 PM, Frank Muller <[hidden email]> wrote:
Hi guys,

I'm seeing these SSL errors in the app's logs:

2017-02-08 12:38:55.227 [error] <0.577.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.228 [error] <0.576.0> Ranch listener https terminated with reason: {{function_clause,[{ssl_cipher,hash_algorithm,"\b",[{file,"ssl_cipher.erl"},{line,1199}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1706}]},{ssl_handshake,'-dec_hello_extensions/2-lc$^0/1-1-',1,[{file,"ssl_handshake.erl"},{line,1707}]},{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1706}]},{tls_handshake,decode_handshake,3,[{file,"tls_handshake.erl"},{line,206}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handsha..."},...]},...]},...}
2017-02-08 12:38:55.235 [error] <0.578.0> gen_fsm <0.578.0> in state hello terminated with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199
2017-02-08 12:38:55.235 [error] <0.578.0> CRASH REPORT Process <0.578.0> with 0 neighbours exited with reason: no function clause matching ssl_cipher:hash_algorithm(8) line 1199 in gen_fsm:terminate/7 line 611

I'm using Erlang 17.5 under Linux.
Can anyone help on this please?

Thanks in advance. 
/Frank

_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions


_______________________________________________
erlang-questions mailing list
[hidden email]
http://erlang.org/mailman/listinfo/erlang-questions