diff options
| author | Ingela Anderton Andin <[email protected]> | 2015-06-08 12:15:23 +0200 |
|---|---|---|
| committer | Aleksandr Druzhilov <[email protected]> | 2015-07-30 16:32:45 +0300 |
| commit | d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18 (patch) | |
| tree | 835c9c5c825b733de79f52d4519cf009465a5ef0 | |
| parent | 12002949e5435d19c750fe2cd8e897b4059f875a (diff) | |
| download | otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.tar.gz otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.tar.bz2 otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.zip | |
ssl: Do not crash on proprietary hash_sign algorithms
TLS hash_sign algorithms may have proprietary values see
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
We should add callbacks to let applications handle them.
But for now we do not want to crash if they are present and
let other algorithms be negotiated.
| -rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index bec0055353..c2af0f946a 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1209,7 +1209,8 @@ hash_algorithm(?SHA) -> sha; hash_algorithm(?SHA224) -> sha224; hash_algorithm(?SHA256) -> sha256; hash_algorithm(?SHA384) -> sha384; -hash_algorithm(?SHA512) -> sha512. +hash_algorithm(?SHA512) -> sha512; +hash_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. sign_algorithm(anon) -> ?ANON; sign_algorithm(rsa) -> ?RSA; @@ -1218,7 +1219,8 @@ sign_algorithm(ecdsa) -> ?ECDSA; sign_algorithm(?ANON) -> anon; sign_algorithm(?RSA) -> rsa; sign_algorithm(?DSA) -> dsa; -sign_algorithm(?ECDSA) -> ecdsa. +sign_algorithm(?ECDSA) -> ecdsa; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. hash_size(null) -> 0; |