How can I get TLS working with Erlang 21? - ssl
I have the following problem:
Elixir
[centos#ip-172-172-3-49 helix]$ env MIX_ENV=prod mix release
Could not find Hex, which is needed to build dependency :plug_cowboy
Shall I install Hex? (if running non-interactively, use "mix local.hex --force") [Yn] Y
18:12:32.462 [info] ['TLS', 32, 'client', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'hello', 32, 'received SERVER ALERT: Fatal - Handshake Failure', 10]
** (Mix) httpc request failed with: {:failed_connect, [{:to_address, {'repo.hex.pm', 443}}, {:inet6, [:inet6], :enetunreach}, {:inet, [:inet], {:tls_alert, 'handshake failure'}}]}
Could not install Hex because Mix could not download metadata at https://repo.hex.pm/installs/hex-1.x.csv.
I guess the root cause is this with Erlang
Erlang/OTP 21 [erts-10.2.1] [source] [64-bit] [smp:36:36] [ds:36:36:10] [async-threads:1] [hipe]
1> ssl:start().
ok
2> Sock = fun() -> {ok, S} = gen_tcp:connect("google.com", 443, []), S end.
#Fun<erl_eval.20.128620087>
3> ssl:connect(Sock(), []).
=INFO REPORT==== 28-Dec-2018::18:10:30.019612 ===
TLS client: In state hello received SERVER ALERT: Fatal - Handshake Failure
{error,{tls_alert,"handshake failure"}}
Is there a workaround for this yet? Os is Centos 7.
Update1
On MacOS it works:
Erlang/OTP 21 [erts-10.2] [source] [64-bit] [smp:6:6] [ds:6:6:10] [async-threads:1] [hipe] [dtrace]
Eshell V10.2 (abort with ^G)
1> ssl:start().
ok
2> Sock = fun() -> {ok, S} = gen_tcp:connect("google.com", 443, []), S end.
#Fun<erl_eval.20.128620087>
3> ssl:connect(Sock(), []).
{ok,{sslsocket,{gen_tcp,#Port<0.6>,tls_connection,undefined},
[<0.100.0>,<0.99.0>]}}
4>
It turns out that the Erlang RPM I was using does not support the new SSL in Erlang properly.
https://github.com/rabbitmq/erlang-rpm/releases/download/v21.2.1/erlang-21.2.1-1.el7.centos.x86_64.rpm
Using a different version from Erlang Solutions works fine:
https://packages.erlang-solutions.com/erlang/esl-erlang/FLAVOUR_1_general/esl-erlang_21.2-1~centos~7_amd64.rpm
ssl:connect/2 is described here: http://erlang.org/doc/man/ssl.html#connect-2.
Connecting is as easy as:
ssl:start().
ssl:connect("www.google.com", 443, []).
Related
Failed to use vscode remote ssh, but use ssh directly can work
Problem
I re-installed my server system.Before then, I can use remote-ssh normally.However, I can't use remote-ssh to connect to my server anymore.But I can still use ssh directly to connect to the server.
I suppose it managed to get into the system but somehow it broke down.
The error log is below:
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-77-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Tue 14 Sep 2021 09:56:58 PM CST
System load: 0.07 Processes: 117
Usage of /: 6.5% of 59.00GB Users logged in: 1
Memory usage: 10% IPv4 address for eth0: 10.0.12.2
Swap usage: 0%
* Super-optimized for small spaces - read how we shrank the memory
footprint of MicroK8s to make it the smallest full K8s around.
https://ubuntu.com/blog/microk8s-memory-optimisation
ready: 6425958cce28
Linux 5.4.0-77-generic #86-Ubuntu SMP Thu Jun 17 02:35:03 UTC 2021
6425958cce28: running
bash: line 1: _exitcode: command not found
bash: line 2: syntax error near unexpected token `elif'
bash: line 2: ` elif [[ $ALLOW_CLIENT_DOWNLOAD == "1" ]]; then'
-sh: 4: function: not found
-sh: 69: [[: not found
-sh: 90: [[: not found
-sh: 155: Syntax error: "(" unexpected (expecting "then")
Transferred: sent 17180, received 4016 bytes, in 0.5 seconds
Bytes per second: sent 35433.6, received 8283.0
local-server-1> ssh child died, shutting down
[21:56:58.587] Failed to parse remote port from server output
[21:56:58.588] Resolver error: Error:
at Function.Create (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:64659)
at Object.t.handleInstallOutput (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:63302)
at Object.e [as tryInstallWithLocalServer] (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:387573)
at processTicksAndRejections (internal/process/task_queues.js:93:5)
at async /Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:294473
at async Object.t.withShowDetailsEvent (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:406463)
at async /Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:386112
at async E (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:382710)
at async Object.t.resolveWithLocalServer (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:385728)
at async Object.t.resolve (/Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:1:295870)
at async /Users/luther/.vscode/extensions/ms-vscode-remote.remote-ssh-0.65.7/out/extension.js:127:110656
[21:56:58.592] ------
Tried
I tried delete the know_hosts file from host, re-install the remote-ssh plugin, but can't work
I am pretty new to remote-ssh, hope can give me more detailed solution.
Thanks :)
I downgraded remote-ssh.Then I changed my default shell into zsh and upgrade remote-ssh.It began to install '.vscode-server' file again and magically it worked.
Unable to provision rabbitmq using chef and testkitchen
I am trying to install an old version of RabbitMQ using Chef (cookbook 'rabbitmq', '~> 5.8.5') and Kitchen, below my configuration: Attributes #Erlang default['erlang']['install_method'] = 'source' default['erlang']['source']['version']='R13B03' default['erlang']['source']['checksum']='e7c46c8b2778f22064a3b369c1a1b572a1cc0e8a2198166858d4b9a1b488d662' #RabbitMQ default['rabbitmq']['erlang']['enabled'] = true default['rabbitmq']['version'] = "3.4.4" default['rabbitmq']['rpm_package'] ='rabbitmq-server-3.4.4-1.noarch.rpm' Recipe: include_recipe 'rabbitmq::default' When I run kitchen converge, I am getting the following exception: Running handlers: [2020-08-22T22:20:07+00:00] ERROR: Running exception handlers Running handlers complete [2020-08-22T22:20:07+00:00] ERROR: Exception handlers complete Chef Infra Client failed. 9 resources updated in 06 minutes 26 seconds [2020-08-22T22:20:07+00:00] FATAL: Stacktrace dumped to /tmp/kitchen/cache/chef-stacktrace.out [2020-08-22T22:20:07+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report [2020-08-22T22:20:07+00:00] FATAL: Mixlib::ShellOut::ShellCommandFailed: rpm_package[/tmp/kitchen/cache/rabbitmq-server-3.4.4-1.noarch.rpm] (rabbitmq::default line 224) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1' ---- Begin output of ["rpm", "-i", "/tmp/kitchen/cache/rabbitmq-server-3.4.4-1.noarch.rpm"] ---- STDOUT: STDERR: warning: /tmp/kitchen/cache/rabbitmq-server-3.4.4-1.noarch.rpm: Header V4 DSA/SHA1 Signature, key ID 056e8e56: NOKEY error: Failed dependencies: erlang >= R13B-03 is needed by rabbitmq-server-3.4.4-1.noarch ---- End output of ["rpm", "-i", "/tmp/kitchen/cache/rabbitmq-server-3.4.4-1.noarch.rpm"] ---- Ran ["rpm", "-i", "/tmp/kitchen/cache/rabbitmq-server-3.4.4-1.noarch.rpm"] returned 1 But when I logged in to the VM, I can see erlang is installed: [vagrant#kitchen-rmq-server-centos-7 ~]$ erl Erlang R13B03 (erts-5.7.4) [source] [64-bit] [rq:1] [async-threads:0] [hipe] [kernel-poll:false] Eshell V5.7.4 (abort with ^G) 1> And it is the same version required by RMQ (R13B03) Any idea how to solve this issue? Edit: to replicate the issue https://github.com/Proximator/chef-rmq
Firstly, we have to make sure erlang is installed by the rabbitmq cookbook, and not by any other means. This is the note found on Chef supermarket for rabbitmq cookbook: The packages are cannot be installed alongside with other Erlang packages, for example, those from standard Debian repositories or Erlang Solutions. To make sure that the Erlang cookbook is not used by rabbitmq::default Also, there is a compatibility matrix of RabbitMQ and Erlang versions. RabbitMQ 3.7.0 being the lowest supported version, for which the lowest compatible Erlang version is 19.3. There are zero dependency Erlang RPMs "just enough to run RabbitMQ" as documented here: https://github.com/rabbitmq/erlang-rpm For example - to install RabbitMQ 3.7.x with the compatible Erlang 19.3.x: You should have these attributes: default['rabbitmq']['erlang']['enabled'] = true default['rabbitmq']['version'] = '3.7.6' default['rabbitmq']['erlang']['yum']['baseurl'] = 'https://dl.bintray.com/rabbitmq-erlang/rpm/erlang/19/el/7' default['rabbitmq']['erlang']['version'] = '19.3.6.13' Then include below recipes: include_recipe 'rabbitmq::erlang_package' include_recipe 'rabbitmq::default'
yaws built with crypto fails to start
I need to use hashed passwords for authentication in Yaws.
I've rebuilt it from source (https://github.com/klacke/yaws), with this sequence of commands:
./configure --enable-crypto --prefix=/some/local/path
make install
When I run yaws (/some/local/path/bin/yaws -i -erlarg "-boot start_sasl"), I get this error:
{"init terminating in do_boot",{{badmatch,{'EXIT',{badarg,[{erlang,list_to_existing_atom,["crypto"],[]},{yaws,'-start_app_deps/0-fun-0-',2,[{file,"yaws.erl"},{line,264}]},{lists,foldl,3,[{file,"lists.erl"},{line,1263}]},{yaws,start_app_deps,0,[{file,"yaws.erl"},{line,263}]},{yaws,start,0,[{file,"yaws.erl"},{line,209}]},{init,start_em,1,[]},{init,do_boot,3,[]}]}}},[{yaws,start,0,[{file,"yaws.erl"},{line,209}]},{init,start_em,1,[]},{init,do_boot,3,[]}]}}
The crypto library is present:
checking for Erlang/OTP 'crypto' library subdirectory... /usr/local/Cellar/erlang/19.2/lib/erlang/lib/crypto-3.7.2
checking for Erlang/OTP 'crypto' library version... 3.7.2
What is this problem caused by? Do I need to pass some specific options to run the newly built Yaws server?
When I run make test, all tests pass.
EDIT
Starting yaws with bin/yaws -i -erlarg "-init_debug" yields this output:
{progress,preloaded}
{progress,kernel_load_completed}
{progress,modules_loaded}
{start,heart}
{start,error_logger}
{start,application_controller}
{progress,init_kernel_started}
{apply,{application,load,[{application,stdlib,[{description,"ERTS CXC 138 10"},{vsn,"3.2"},{id,[]},{modules,[array,base64,beam_lib,binary,c,calendar,dets,dets_server,dets_sup,dets_utils,dets_v8,dets_v9,dict,digraph,digraph_utils,edlin,edlin_expand,epp,eval_bits,erl_anno,erl_bits,erl_compile,erl_eval,erl_expand_records,erl_internal,erl_lint,erl_parse,erl_posix_msg,erl_pp,erl_scan,erl_tar,error_logger_file_h,error_logger_tty_h,escript,ets,file_sorter,filelib,filename,gb_trees,gb_sets,gen,gen_event,gen_fsm,gen_server,gen_statem,io,io_lib,io_lib_format,io_lib_fread,io_lib_pretty,lib,lists,log_mf_h,maps,math,ms_transform,orddict,ordsets,otp_internal,pool,proc_lib,proplists,qlc,qlc_pt,queue,rand,random,re,sets,shell,shell_default,slave,sofs,string,supervisor,supervisor_bridge,sys,timer,unicode,win32reg,zip]},{registered,[timer_server,rsh_starter,take_over_monitor,pool_master,dets]},{applications,[kernel]},{included_applications,[]},{env,[]},{maxT,infinity},{maxP,infinity}]}]}}
{progress,applications_loaded}
{apply,{application,start_boot,[kernel,permanent]}}
Erlang/OTP 19 [erts-8.2] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:true] [dtrace]
{apply,{application,start_boot,[stdlib,permanent]}}
{apply,{application,start_boot,[sasl,permanent]}}
=PROGRESS REPORT==== 20-Nov-2018::14:09:57 ===
supervisor: {local,sasl_safe_sup}
started: [{pid,<0.60.0>},
{id,alarm_handler},
{mfargs,{alarm_handler,start_link,[]}},
{restart_type,permanent},
{shutdown,2000},
{child_type,worker}]
=PROGRESS REPORT==== 20-Nov-2018::14:09:57 ===
supervisor: {local,sasl_sup}
started: [{pid,<0.59.0>},
{id,sasl_safe_sup},
{mfargs,
{supervisor,start_link,
[{local,sasl_safe_sup},sasl,safe]}},
{restart_type,permanent},
{shutdown,infinity},
{child_type,supervisor}]
=PROGRESS REPORT==== 20-Nov-2018::14:09:57 ===
supervisor: {local,sasl_sup}
started: [{pid,<0.61.0>},
{id,release_handler},
{mfargs,{release_handler,start_link,[]}},
{restart_type,permanent},
{shutdown,2000},
{child_type,worker}]
{apply,{c,erlangrc,[]}}
=PROGRESS REPORT==== 20-Nov-2018::14:09:57 ===
application: sasl
started_at: nonode#nohost
{progress,started}
{"init terminating in do_boot",{{badmatch,{'EXIT',{badarg,[{erlang,list_to_existing_atom,["crypto"],[]},{yaws,'-start_app_deps/0-fun-0-',2,[{file,"yaws.erl"},{line,264}]},{lists,foldl,3,[{file,"lists.erl"},{line,1263}]},{yaws,start_app_deps,0,[{file,"yaws.erl"},{line,263}]},{yaws,start,0,[{file,"yaws.erl"},{line,209}]},{init,start_em,1,[]},{init,do_boot,3,[]}]}}},[{yaws,start,0,[{file,"yaws.erl"},{line,209}]},{init,start_em,1,[]},{init,do_boot,3,[]}]}}
init terminating in do_boot ()
It appears that the crypto service is not started.
Erlang "host key verification" error
I'm new in tsung and erlang and I want to distribution on tsung.
When I use this command:
ardic#base-64-arcsp:~/tsungtest$ erl -rsh ssh -name ardic#tsung -setcookie tsung"
Erlang R13B03 (erts-5.7.4) [source] [64-bit] [rq:1] [async-threads:0] [hipe] [kernel-poll:false]
Eshell V5.7.4 (abort with ^G)
(ardic#tsung)1> slave:start(tsungnode2,ardic,"-setcookie tsung").
"{error,timeout}
I took this error.
And I did everything in tsung FAQ about error, timeout.
Do you have any idea?
I met the same error on my virtual ubuntu, and at last I found: virtual ubuntu can be master but not be slave (another centos can be slave or master ). I do not know why . I'll join the mail list to ask for more help.
=INFO REPORT==== 28-Mar-2012::01:00:09 ===
ts_os_mon_erlang:(3:<0.2713.0>) Fail to start beam on host "centos-181" ({error,
timeout})
=ERROR REPORT==== 28-Mar-2012::01:00:09 ===
** Generic server <0.2713.0> terminating
** Last message in was {timeout,#Ref<0.0.0.26000>,start_beam}
** When Server state == {state,{global,ts_mon},
10000,undefined,"centos-181",undefined}
** Reason for termination ==
** {error,timeout}
Configuring Erlang to work with SSL
Erlang version: R13B01
Currently I'm struggling trying to make Erlang work with SSL. The programming part was easy, but now starting the system SSL-enabled is not.
Following the Erlang SSL documentation:
1 - Made the start_ssl.rel file
{release, {"OTP APN 181 01","R13B01"}, {erts, "5.7.2"},
[{kernel,"2.13.2"},
{stdlib,"1.16.2"},
{sasl,"2.1.6"},
{os_mon,"2.2.2"},
{ssl,"3.10.3"}]}.
2 - Executed the following command
1> systools:make_script("start_ssl",[]).
According to the documentation, running the shell would output this (this output is from docs, not mine):
$ erl -boot /home/me/ssl/start_ssl
Erlang (BEAM) emulator version 5.0
Eshell V5.0 (abort with ^G)
1> whereis(ssl_server).
<0.32.0>
But, I'm receiving this instead:
erl -boot start_ssl
Erlang R13B01 (erts-5.7.2) [source] [smp:2:2] [rq:2] [async-threads:0] [kernel-poll:false]
1> whereis(ssl_server).
undefined
2>
So, for now, the remaining steps are failing too. Sadly, there is no documentation nor forum threads around the web with the same issue.
Any tips?
Well, after some try and error, I've managed to start the system:
application:start(ssl)
and passing all certificates when creating the listening socket
ssl:listen(Port, ?TCP_OPTIONS ++ [{ip, Host},{verify, 0},
{depth, 0},
{cacertfile, Cacertfile},
{certfile, Certfile},
{keyfile, Keyfile}])
It worked :)