Closed baryluk closed 2 years ago
Yaws unconditionally sets two SSL config options in its ssl
record whether or not they're set in yaws.conf
:
Unfortunately these settings are not valid for TLSv1.3, and the crash occurs when Yaws passes them to ssl:listen
along with tlsv1.3
. Including tlsv1.2
is enough to make them valid, which is why it works when you specify both. Also unfortunately, short of editing yaws.hrl
and rebuilding there's currently no way to set them to undefined
, which makes ssl:listen
happy.
Thanks for reporting this. I'll work on a fix.
I have a fix but am still working on regression tests. I can post a branch without the tests if you want to try it @baryluk , just let me know.
I can test it locally. But otherwise no hurry about it.
OK, thanks, I'll finish the tests and push a branch. I'm curious if my changes will also fix the other related issue you raised.
@baryluk if and when you get a chance, if you could test your setup with the fix-440
branch, that would be great.
I've gone ahead and merged this. If there are problems with it that I'm not currently detecting, we can fix them later.
When having just
tlsv1.3
, yaws fails to start:And crash:
Setting
secure_renegotiation
totrue
orfalse
does not help.yaws 2.1.0, Erlang 23.2.6, Debian Linux stable, amd64
BTW:
works.