8000 ssl: Allow empty psk identity by ausimian · Pull Request #9843 · erlang/otp · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
< 8000 div id="repository-container-header" class="pt-3 hide-full-screen" style="background-color: var(--page-header-bgColor, var(--color-page-header-bg));" data-turbo-replace>
/ otp Public

ssl: Allow empty psk identity #9843

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: maint
Choose a base branch
from
Open

ssl: Allow empty psk identity #9843

wants to merge 1 commit into from

Conversation

ausimian
Copy link
Contributor

Relax the psk_identity validation to allow the client to provide an empty string.

@ausimian
ssl: Allow empty psk identity
7036490 
Relax the psk_identity validation to allow the client to provide an
empty string.
@github-actions GitHub Actions
Copy link
Contributor
github-actions bot commented May 18, 2025
edited
Loading

CT Test Results

    2 files     66 suites   48m 53s ⏱️
  814 tests   770 ✅  44 💤 0 ❌
3 910 runs  3 134 ✅ 776 💤 0 ❌

Results for commit 7036490.

♻️ This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

@ausimian
Copy link
Contributor Author
ausimian commented May 18, 2025
edited
Loading

For background, I'm attempting to connect to 'developer services' on iPhones running 17.0 <= iOS < 17.4. An SRP handshake establishes a session key which acts as the PSK for a TLSv1.2 service running on such devices. However the service expects that an empty PSK identity is passed, and rejects the connection otherwise.

To confirm, this still requires the client to explicitly provide the option:

{psk_identity, ""}

The default remains undefined if no such option is provided

@IngelaAndin IngelaAndin added the team:PS Assigned to OTP team PS label May 19, 2025
@IngelaAndin IngelaAndin self-assigned this May 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@IngelaAndin IngelaAndin

Labels
team:PS Assigned to OTP team PS
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ausimian @IngelaAndin
0