diff options
| author | Erlang/OTP <[email protected]> | 2016-08-08 16:36:18 +0200 |
|---|---|---|
| committer | Erlang/OTP <[email protected]> | 2016-08-08 16:36:18 +0200 |
| commit | a6f41035fa99cda656943395e35c3b63c8efc9a1 (patch) | |
| tree | 0500719c176e324baea0e76a42d7bbb27e72027e | |
| parent | 40a492c5daeb0af0e22ac7de71f895232e0f8ca9 (diff) | |
| parent | ebb1f362db55f2ec26a3ed509267e25303feddf4 (diff) | |
| download | otp-a6f41035fa99cda656943395e35c3b63c8efc9a1.tar.gz otp-a6f41035fa99cda656943395e35c3b63c8efc9a1.tar.bz2 otp-a6f41035fa99cda656943395e35c3b63c8efc9a1.zip | |
Merge branch 'raimo/ssl/version-selection/maint-19/OTP-13753' into maint-19
* raimo/ssl/version-selection/maint-19/OTP-13753:
Improve version selection
| -rw-r--r-- | lib/ssl/src/ssl.appup.src | 10 | ||||
| -rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 36 | ||||
| -rw-r--r-- | lib/ssl/vsn.mk | 2 |
3 files changed, 43 insertions, 5 deletions
diff --git a/lib/ssl/src/ssl.appup.src b/lib/ssl/src/ssl.appup.src index 11728128c4..fadc67ef80 100644 --- a/lib/ssl/src/ssl.appup.src +++ b/lib/ssl/src/ssl.appup.src @@ -1,14 +1,20 @@ %% -*- erlang -*- {"%VSN%", [ - {<<"7\\..*">>, [{restart_application, ssl}]}, + {<<"^8[.]0$">>, + [{load_module, ssl_handshake, soft_purge, soft_purge, []} + ]}, + {<<"^7[.][^.].*">>, [{restart_application, ssl}]}, {<<"6\\..*">>, [{restart_application, ssl}]}, {<<"5\\..*">>, [{restart_application, ssl}]}, {<<"4\\..*">>, [{restart_application, ssl}]}, {<<"3\\..*">>, [{restart_application, ssl}]} ], [ - {<<"7\\..*">>, [{restart_application, ssl}]}, + {<<"^8[.]0$">>, + [{load_module, ssl_handshake, soft_purge, soft_purge, []} + ]}, + {<<"^7[.][^.].*">>, [{restart_application, ssl}]}, {<<"6\\..*">>, [{restart_application, ssl}]}, {<<"5\\..*">>, [{restart_application, ssl}]}, {<<"4\\..*">>, [{restart_application, ssl}]}, diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 9c3fe9d73b..06226d5155 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -1256,8 +1256,40 @@ handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression, end. select_version(RecordCB, ClientVersion, Versions) -> - ServerVersion = RecordCB:highest_protocol_version(Versions), - RecordCB:lowest_protocol_version(ClientVersion, ServerVersion). + do_select_version(RecordCB, ClientVersion, Versions). + +do_select_version(_, ClientVersion, []) -> + ClientVersion; +do_select_version(RecordCB, ClientVersion, [Version | Versions]) -> + case RecordCB:is_higher(Version, ClientVersion) of + true -> + %% Version too high for client - keep looking + do_select_version(RecordCB, ClientVersion, Versions); + false -> + %% Version ok for client - look for a higher + do_select_version(RecordCB, ClientVersion, Versions, Version) + end. +%% +do_select_version(_, _, [], GoodVersion) -> + GoodVersion; +do_select_version( + RecordCB, ClientVersion, [Version | Versions], GoodVersion) -> + BetterVersion = + case RecordCB:is_higher(Version, ClientVersion) of + true -> + %% Version too high for client + GoodVersion; + false -> + %% Version ok for client + case RecordCB:is_higher(Version, GoodVersion) of + true -> + %% Use higher version + Version; + false -> + GoodVersion + end + end, + do_select_version(RecordCB, ClientVersion, Versions, BetterVersion). renegotiation_info(_, client, _, false) -> #renegotiation_info{renegotiated_connection = undefined}; diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk index 3b51fa8c6b..6afac59109 100644 --- a/lib/ssl/vsn.mk +++ b/lib/ssl/vsn.mk @@ -1 +1 @@ -SSL_VSN = 8.0 +SSL_VSN = 8.0.1 |