aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_connection.erl
diff options
context:
space:
mode:
authorAndreas Schultz <[email protected]>2012-06-15 17:52:30 +0200
committerIngela Anderton Andin <[email protected]>2012-08-22 14:00:44 +0200
commitfc4c828438e99afe47f7531101a1561decc3cf37 (patch)
tree4ccfe12e216687d3e4e8677130a293c94064aba9 /lib/ssl/src/ssl_connection.erl
parent7dcf8182fb71d594d639c26aeedadef253be1733 (diff)
downloadotp-fc4c828438e99afe47f7531101a1561decc3cf37.tar.gz
otp-fc4c828438e99afe47f7531101a1561decc3cf37.tar.bz2
otp-fc4c828438e99afe47f7531101a1561decc3cf37.zip
ssl: Add TLS version to ssl_handshake:key_exchange/3
TLS 1.2 changed the way digital signatures are done. key_exchange/3 needs to pass the version to it.
Diffstat (limited to 'lib/ssl/src/ssl_connection.erl')
-rw-r--r--lib/ssl/src/ssl_connection.erl12
1 files changed, 6 insertions, 6 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 965b396353..94d129de6f 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1446,7 +1446,7 @@ key_exchange(#state{role = server, key_algorithm = Algo,
SecParams = ConnectionState#connection_state.security_parameters,
#security_parameters{client_random = ClientRandom,
server_random = ServerRandom} = SecParams,
- Msg = ssl_handshake:key_exchange(server, {dh, Keys, Params,
+ Msg = ssl_handshake:key_exchange(server, Version, {dh, Keys, Params,
Algo, ClientRandom,
ServerRandom,
PrivateKey}),
@@ -1465,7 +1465,7 @@ key_exchange(#state{role = client,
premaster_secret = PremasterSecret,
socket = Socket, transport_cb = Transport,
tls_handshake_history = Handshake0} = State) ->
- Msg = rsa_key_exchange(PremasterSecret, PublicKeyInfo),
+ Msg = rsa_key_exchange(Version, PremasterSecret, PublicKeyInfo),
{BinMsg, ConnectionStates, Handshake} =
encode_handshake(Msg, Version, ConnectionStates0, Handshake0),
Transport:send(Socket, BinMsg),
@@ -1481,22 +1481,22 @@ key_exchange(#state{role = client,
when Algorithm == dhe_dss;
Algorithm == dhe_rsa;
Algorithm == dh_anon ->
- Msg = ssl_handshake:key_exchange(client, {dh, DhPubKey}),
+ Msg = ssl_handshake:key_exchange(client, Version, {dh, DhPubKey}),
{BinMsg, ConnectionStates, Handshake} =
encode_handshake(Msg, Version, ConnectionStates0, Handshake0),
Transport:send(Socket, BinMsg),
State#state{connection_states = ConnectionStates,
tls_handshake_history = Handshake}.
-rsa_key_exchange(PremasterSecret, PublicKeyInfo = {Algorithm, _, _})
+rsa_key_exchange(Version, PremasterSecret, PublicKeyInfo = {Algorithm, _, _})
when Algorithm == ?rsaEncryption;
Algorithm == ?md2WithRSAEncryption;
Algorithm == ?md5WithRSAEncryption;
Algorithm == ?sha1WithRSAEncryption ->
- ssl_handshake:key_exchange(client,
+ ssl_handshake:key_exchange(client, Version,
{premaster_secret, PremasterSecret,
PublicKeyInfo});
-rsa_key_exchange(_, _) ->
+rsa_key_exchange(_, _, _) ->
throw (?ALERT_REC(?FATAL,?HANDSHAKE_FAILURE)).
request_client_cert(#state{ssl_options = #ssl_options{verify = verify_peer},