You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wi...@apache.org on 2020/01/13 19:42:05 UTC

[couchdb-mochiweb] 06/37: Add a runtime SSL compatibility check for OTP 21 releases

This is an automated email from the ASF dual-hosted git repository.

willholley pushed a commit to branch upstream
in repository https://gitbox.apache.org/repos/asf/couchdb-mochiweb.git

commit ea863d77c0e24c0f2d555fb23fd9a9077f91387f
Author: Bob Ippolito <bo...@redivi.com>
AuthorDate: Tue Jan 15 15:08:21 2019 -0800

    Add a runtime SSL compatibility check for OTP 21 releases
---
 rebar.config                   |  3 ++-
 src/mochiweb_socket_server.erl | 17 ++++++++++++++++-
 2 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/rebar.config b/rebar.config
index 0c6180d..2fc417e 100644
--- a/rebar.config
+++ b/rebar.config
@@ -5,7 +5,8 @@
             {platform_define, "^(R14|R15|R16B|17)", 'rand_mod_unavailable'},
             {platform_define, "^(R14|R15|R16B|17)", 'sni_unavailable'},
             {platform_define, "^(R14|R15|R16)", 'map_unavailable'},
-            {platform_define, "^(R14|R15|R16|17|18|19|20)", 'ssl_handshake_unavailable'}]}.
+            {platform_define, "^(R14|R15|R16|17|18|19|20)", 'ssl_handshake_unavailable'},
+            {platform_define, "^21-", 'otp_21'}]}.
 {cover_enabled, true}.
 {eunit_opts, [verbose, {report,{eunit_surefire,[{dir,"."}]}}]}.
 {dialyzer_opts, [{warnings, [no_return,
diff --git a/src/mochiweb_socket_server.erl b/src/mochiweb_socket_server.erl
index 56c1243..f830483 100644
--- a/src/mochiweb_socket_server.erl
+++ b/src/mochiweb_socket_server.erl
@@ -167,11 +167,26 @@ start_server(F, State=#mochiweb_socket_server{ssl=Ssl, name=Name}) ->
             gen_server:F(Name, ?MODULE, State, [])
     end.
 
+-ifdef(otp_21).
+check_ssl_compatibility() ->
+    case lists:keyfind(ssl, 1, application:loaded_applications()) of
+        {_, _, V} when V =:= "9.1" orelse V =:= "9.1.1" ->
+            {error, "ssl-" ++ V ++ " (OTP 21.2 to 21.2.2) has a regression and is not safe to use with mochiweb. See https://bugs.erlang.org/browse/ERL-830"};
+        _ ->
+            ok
+    end.
+-else.
+check_ssl_compatibility() ->
+    ok.
+-endif.
+
 prep_ssl(true) ->
     ok = mochiweb:ensure_started(crypto),
     ok = mochiweb:ensure_started(asn1),
     ok = mochiweb:ensure_started(public_key),
-    ok = mochiweb:ensure_started(ssl);
+    ok = mochiweb:ensure_started(ssl),
+    ok = check_ssl_compatibility(),
+    ok;
 prep_ssl(false) ->
     ok.