diff options
| author | Péter Dimitrov <[email protected]> | 2019-06-19 10:11:20 +0200 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2019-06-19 10:11:20 +0200 |
| commit | 1df633b6c91de483425b059daadf84984b2f49c2 (patch) | |
| tree | 479d1a9d6c15c0d50170f876aa1c31d4bc1680ae | |
| parent | 4319a7f8bc93388ec540e954eb9bb73ea1eec4ef (diff) | |
| download | otp-1df633b6c91de483425b059daadf84984b2f49c2.tar.gz otp-1df633b6c91de483425b059daadf84984b2f49c2.tar.bz2 otp-1df633b6c91de483425b059daadf84984b2f49c2.zip | |
ssl: Backport fix for signature_algorithms_cert
This commit fixes interoperability problems with openssl when
the TLS 1.3 server is using the option signature_algs_cert.
In such cases the signature_algorithms_cert extension was encoded
as a signature_algorithms extension and openssl s_client returned
an Illegal Parameter Alert due to its filtering of extension
duplicates.
| -rw-r--r-- | lib/ssl/src/tls_handshake_1_3.erl | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/ssl/src/tls_handshake_1_3.erl b/lib/ssl/src/tls_handshake_1_3.erl index 8a4ad922e1..e83b3f63bb 100644 --- a/lib/ssl/src/tls_handshake_1_3.erl +++ b/lib/ssl/src/tls_handshake_1_3.erl @@ -111,7 +111,7 @@ add_signature_algorithms_cert(Extensions, undefined) -> Extensions; add_signature_algorithms_cert(Extensions, SignAlgsCert) -> Extensions#{signature_algorithms_cert => - #signature_algorithms{signature_scheme_list = SignAlgsCert}}. + #signature_algorithms_cert{signature_scheme_list = SignAlgsCert}}. filter_tls13_algs(undefined) -> undefined; |