Details
-
Bug
-
Resolution: Fixed
-
Critical
-
7.1.4
-
Triaged
-
0
-
No
Description
See debug.log in linked CBSE. It lasts just 1.5 hours and it is completely filled with reports as following:
[error_logger:info,2023-08-10T05:32:25.558-04:00,ns_1@gaalpltapp007db.linux.us.ams1907.com:<0.3678.678>:ale_error_logger_handler:do_log:101]
|
=========================PROGRESS REPORT=========================
|
supervisor: {<0.3678.678>,tls_dyn_connection_sup}
|
started: [{pid,<0.3616.678>},
|
{id,sender},
|
{mfargs,{tls_sender,start_link,[]}},
|
{restart_type,temporary},
|
{significant,false},
|
{shutdown,5000},
|
{child_type,worker}]
|
|
|
[error_logger:info,2023-08-10T05:32:25.558-04:00,ns_1@gaalpltapp007db.linux.us.ams1907.com:<0.3678.678>:ale_error_logger_handler:do_log:101]
|
=========================PROGRESS REPORT=========================
|
supervisor: {<0.3678.678>,tls_dyn_connection_sup}
|
started: [{pid,<0.6933.675>},
|
{id,receiver},
|
{mfargs,
|
{ssl_gen_statem,start_link,
|
[server,<0.3616.678>,"localhost",18091,#Port<0.2278793>,
|
{#{max_handshake_size => 262144,handshake => full,
|
dh =>
|
<<48,130,1,8,2,130,1,1,0,152,202,99,248,92,201,
|
35,238,246,5,77,93,120,10,118,129,36,52,111,
|
193,167,220,49,229,...>>,
|
middlebox_comp_mode => true,
|
client_renegotiation => false,
|
honor_cipher_order => true,password => undefined,
|
eccs =>
|
{elliptic_curves,
|
[{1,3,132,0,39},
|
{1,3,132,0,38},
|
{1,3,132,0,35},
|
{1,3,36,3,3,2,8,1,1,13},
|
{1,3,132,0,36},
|
{1,3,132,0,37},
|
{1,3,36,3,3,2,8,1,1,11},
|
{1,3,132,0,34},
|
{1,3,132,0,16},
|
{1,3,132,0,17},
|
{1,3,36,3,3,2,8,1,1,7},
|
{1,3,132,0,10},
|
{1,2,840,10045,3,1,7},
|
{1,3,132,0,3},
|
{1,3,132,0,26},
|
{1,3,132,0,27},
|
{1,3,132,0,32},
|
{1,3,132,0,33},
|
{1,3,132,0,24},
|
{1,3,132,0,25},
|
{1,3,132,0,31},
|
{1,2,840,10045,3,1,1},
|
{1,3,132,0,1},
|
{1,3,132,0,2},
|
{1,3,132,0,15},
|
{1,3,132,0,9},
|
{1,3,132,0,...},
|
{1,3,132,...}]},
|
next_protocol_selector => undefined,
|
crl_check => false,sni_fun => undefined,
|
ciphers =>
|
[<<19,1>>,
|
<<19,2>>,
|
<<19,3>>,
|
<<0,162>>,
|
<<0,163>>,
|
<<0,170>>,
|
<<0,171>>,
|
<<"À+">>,<<"À,">>,
|
<<204,169>>,
|
<<208,1>>],
|
certificate_authorities => undefined,
|
hibernate_after => infinity,reuse_sessions => true,
|
beast_mitigation => one_n_minus_one,
|
cert => undefined,ocsp_responder_certs => [],
|
reuse_session => #Fun<ssl.13.54588823>,
|
secure_renegotiate => true,ocsp_nonce => true,
|
log_level => notice,
|
signature_algs =>
|
[ecdsa_secp521r1_sha512,ecdsa_secp384r1_sha384,
|
ecdsa_secp256r1_sha256,rsa_pss_pss_sha512,
|
rsa_pss_pss_sha384,rsa_pss_pss_sha256,
|
rsa_pss_rsae_sha512,rsa_pss_rsae_sha384,
|
rsa_pss_rsae_sha256,eddsa_ed25519,eddsa_ed448,
|
{sha512,ecdsa},
|
{sha512,rsa},
|
{sha384,ecdsa},
|
{sha384,rsa},
|
{sha256,ecdsa},
|
{sha256,rsa},
|
{sha224,ecdsa},
|
{sha224,rsa},
|
{sha,ecdsa},
|
{sha,rsa},
|
{sha,dsa}],
|
verify_fun => {#Fun<ssl.12.54588823>,[]},
|
signature_algs_cert => undefined,
|
supported_groups =>
|
{supported_groups,
|
[x25519,x448,secp256r1,secp384r1]},
|
partial_chain => #Fun<ssl.11.54588823>,
|
padding_check => true,dhfile => undefined,
|
user_lookup_fun => undefined,
|
max_fragment_length => undefined,
|
anti_replay => undefined,ocsp_stapling => false,
|
sni_hosts => [],...},
|
{socket_options,binary,0,0,0,false},
|
[{option_tracker,<0.334.0>},
|
{session_tickets_tracker,disabled},
|
{session_id_tracker,<0.335.0>}]},
|
<0.11007.675>,
|
{gen_tcp,tcp,tcp_closed,tcp_error,tcp_passive}]}},
|
{restart_type,temporary},
|
{significant,true},
|
{shutdown,5000},
|
{child_type,worker}]
|
My understanding is that the erlang we currently use creates these reports once on each tls connection.
We need to find a way ether to suppress these or (according to Timofey they can be useful sometimes), reroute them into just one more log file.
Otherwise working on CBSE's on tls enabled environment would be quite hard.
Attachments
Issue Links
- is a backport of
-
-
- Closed
-