diff options
| author | Magnus Henoch <[email protected]> | 2015-10-28 18:42:59 +0000 |
|---|---|---|
| committer | Magnus Henoch <[email protected]> | 2015-10-28 18:46:03 +0000 |
| commit | 3dc5591d92876070e004242ff875b3f04ff92c34 (patch) | |
| tree | 1db8f595415804ab3f8a5b67a79de23fc6e7d9fb /lib/ssl/priv | |
| parent | 7dc9eefa341fbfae0ebc55a88b96a375c611e3a4 (diff) | |
| download | otp-3dc5591d92876070e004242ff875b3f04ff92c34.tar.gz otp-3dc5591d92876070e004242ff875b3f04ff92c34.tar.bz2 otp-3dc5591d92876070e004242ff875b3f04ff92c34.zip | |
Avoid crash for SSL connections with nonexistent keyfile
Starting an SSL connection with a nonexistent keyfile will obviously
return an error:
> ssl:connect("www.google.com", 443, [{keyfile, "nonexistent"}]).
{error,{options,{keyfile,"nonexistent",{error,enoent}}}}
But it also generates an error report with the following backtrace:
** Reason for termination =
** {badarg,[{ets,select_delete,
[undefined,[{{{undefined,'_','_'},'_'},[],[true]}]],
[]},
{ets,match_delete,2,[{file,"ets.erl"},{line,700}]},
{ssl_pkix_db,remove_certs,2,[{file,"ssl_pkix_db.erl"},{line,243}]},
{ssl_connection,terminate,3,
[{file,"ssl_connection.erl"},{line,941}]},
{tls_connection,terminate,3,
[{file,"tls_connection.erl"},{line,335}]},
{gen_fsm,terminate,7,[{file,"gen_fsm.erl"},{line,610}]},
{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,532}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,240}]}]}
This happens because the ssl_connection process receives its cert_db
while handling the {start, Timeout} message, but if the handshake
fails, the cert_db will never be inserted into the state data, and the
terminate function will use 'undefined' as an ETS table name.
Avoid this by checking for 'undefined' in the handle_trusted_certs_db
function.
Diffstat (limited to 'lib/ssl/priv')
0 files changed, 0 insertions, 0 deletions