Merge branch 'pg/fix-ssl-handshake-client-certificate' into dev

* pg/fix-ssl-handshake-client-certificate: Fix bug in ssl handshake protocol related to the choice of cipher suites OTP-8772
author: Ingela Anderton Andin <[email protected]> 2010-08-20 14:21:55 +0200
committer: Ingela Anderton Andin <[email protected]> 2010-08-20 14:22:44 +0200
commit: 2d8c9cdba0109971fe8ae7341385beecda8de7b0 (patch)
tree: 55b7e5a6c7539c8de42d610d43bc929f4ab9a394 /lib/ssl/src/ssl_handshake.erl
parent: b709d5626e6b7f3df869ecf7aefa5158cbbac70c (diff)
parent: 60b61d948a472fc7c519bba25aefc409b28d08e8 (diff)
download: otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.gz
otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.bz2
otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.zip
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index fcc30f6137..44e20fed30 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -64,7 +64,7 @@ client_hello(Host, Port, ConnectionStates, #ssl_options{versions = Versions,
     Version = ssl_record:highest_protocol_version(lists:map(Fun, Versions)),
     Pending = ssl_record:pending_connection_state(ConnectionStates, read),
     SecParams = Pending#connection_state.security_parameters,
-    Ciphers = available_suites(Cert, UserSuites, Version),
+    Ciphers = available_suites(UserSuites, Version),
 
     Id = ssl_manager:client_session_id(Host, Port, SslOpts),
 
@@ -524,13 +524,16 @@ select_session(Hello, Port, Session, Version,
 	    {resumed, CacheCb:lookup(Cache, {Port, SessionId})}
     end.
 
-available_suites(Cert, UserSuites, Version) ->
+available_suites(UserSuites, Version) ->
     case UserSuites of
 	[] ->
-	    ssl_cipher:filter(Cert, ssl_cipher:suites(Version));
+	    ssl_cipher:suites(Version);
 	_ ->
-	    ssl_cipher:filter(Cert, UserSuites)
+	    UserSuites
     end.
+
+available_suites(ServerCert, UserSuites, Version) ->
+    ssl_cipher:filter(ServerCert, available_suites(UserSuites, Version)).
  
 cipher_suites(Suites, false) ->
     [?TLS_EMPTY_RENEGOTIATION_INFO_SCSV | Suites];
author	Ingela Anderton Andin <[email protected]>	2010-08-20 14:21:55 +0200
committer	Ingela Anderton Andin <[email protected]>	2010-08-20 14:22:44 +0200
commit	2d8c9cdba0109971fe8ae7341385beecda8de7b0 (patch)
tree	55b7e5a6c7539c8de42d610d43bc929f4ab9a394 /lib/ssl/src/ssl_handshake.erl
parent	b709d5626e6b7f3df869ecf7aefa5158cbbac70c (diff)
parent	60b61d948a472fc7c519bba25aefc409b28d08e8 (diff)
download	otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.gz otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.tar.bz2 otp-2d8c9cdba0109971fe8ae7341385beecda8de7b0.zip