While testing RabbitMQ with Erlang/OTP 22 built from the Git master branch, an SSL client (OpenSSL's s_client) is rejected by the Erlang SSL server. The error returned by ssl:handshake/1 is:
The same scenario with Erlang/OTP 21 works just fine.
The difference is that the TLS 1.3 code path is taken because the client advertises TLS 1.3 as the highest/first version it supports, and only Erlang/OTP 22 supports this new version.
With Erlang/OTP 22, the code crashes here:
If I understand correctly, unassigned is the fallback value when a signature scheme is unsupported in ssl_cipher:signature_scheme/1. However, ssl_cipher:scheme_to_components/1 doesn't expect to receive that atom.
The same crash doesn't happen in the TLS 1.2 code path because the unassigned values are filtered before ssl_cipher:scheme_to_components/1 is called, by ssl_handshake:available_signature_algs/4 function.
I attached the patch I used locally to fix the problem, but I don't know if this is the best approach.
I also attached the escript and the self-signed certificates I used to start a dummy SSL server. The s_client command line used is available in a comment at the top of the escript.