I have a Phoenix project which doesn’t accept TLS connections when compiled & run with Elixir 1.12 & Erlang OTP-24. Everything’s fine with Elixir 1.12.0-rc.1 & OTP-23. I switch between versions using asdf (and delete _build and refresh the deps when switching).
If I create a new Phoenix project using 1.12/OTP-24, that works, so this is something project-specific.
The failure is https only (http connections to the same running process are fine). I’m using a self-signed cert generated with mix phx.gen.cert. It looks like it’s happening very early in the process as client connection attempts aren’t met at all:
curl -v https://localhost:4001
* Trying 127.0.0.1:4001...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 4001 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* Operation timed out after 300599 milliseconds with 0 out of 0 bytes received
* Closing connection 0
curl: (28) Operation timed out after 300599 milliseconds with 0 out of 0 bytes received
In the console I get this when the failure happens, which my Elixir/Erlang/BEAM knowledge isn’t up to interpreting:
[error] Ranch listener XXXWeb.Endpoint.HTTPS had connection process started with
:cowboy_tls:start_link/4 at #PID<0.677.0> exit with reason: {:undef, [{:ssl, :ssl_accept,
[{:sslsocket, {:gen_tcp, #Port<0.40>, :tls_connection, [option_tracker: #PID<0.524.0>,
session_tickets_tracker: :disabled, session_id_tracker: #PID<0.525.0>]}, [#PID<0.676.0>,
#PID<0.675.0>]}, [], 5000], []}, {:ranch_ssl, :handshake, 3, [file:
'/home/crispinb/src/XXX/deps/ranch/src/ranch_ssl.erl', line: 142]}, {:ranch, :handshake, 2, [file:
'/home/crispinb/src/XXX/deps/ranch/src/ranch.erl', line: 243]}, {:cowboy_tls, :connection_process,
4, [file: '/home/crispinb/src/XXX/deps/cowboy/src/cowboy_tls.erl', line: 43]}, {:proc_lib,
:init_p_do_apply, 3, [file: 'proc_lib.erl', line: 226]}]}
The project itself is very simple (as it must be - I’m just learning Phoenix) with only these deps:
{:bcrypt_elixir, "~> 2.0"},
{:phoenix, "~> 1.5.8"},
{:phoenix_ecto, "~> 4.1"},
{:ecto_sql, "~> 3.4"},
{:postgrex, ">= 0.0.0"},
{:phoenix_html, "~> 2.11"},
{:phoenix_live_reload, "~> 1.3", only: :dev},
{:phoenix_live_dashboard, "~> 0.4"},
{:telemetry_metrics, "~> 0.4"},
{:telemetry_poller, "~> 0.4"},
{:gettext, "~> 0.11"},
{:jason, "~> 1.0"},
{:plug_cowboy, "~> 2.0"},
{:credo, "~> 1.5", only: [:dev, :test], runtime: false},
{:tz, "~> 0.16.0"},
{:phx_gen_auth, "~> 0.7.0"},
{:earmark, "~> 1.4"},
{:phoenix_html_sanitizer, "~> 1.0.0"}
Any hints much appreciated!
Are there tools to more easily examine the dependency tree? And what’s the community norm around here - raise an issue on github or assume a major package like Phoenix will gain the appropriately updated deps in good time?
