aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_handshake.erl
diff options
context:
space:
mode:
authorErlang/OTP <[email protected]>2016-08-08 16:36:18 +0200
committerErlang/OTP <[email protected]>2016-08-08 16:36:18 +0200
commita6f41035fa99cda656943395e35c3b63c8efc9a1 (patch)
tree0500719c176e324baea0e76a42d7bbb27e72027e /lib/ssl/src/ssl_handshake.erl
parent40a492c5daeb0af0e22ac7de71f895232e0f8ca9 (diff)
parentebb1f362db55f2ec26a3ed509267e25303feddf4 (diff)
downloadotp-a6f41035fa99cda656943395e35c3b63c8efc9a1.tar.gz
otp-a6f41035fa99cda656943395e35c3b63c8efc9a1.tar.bz2
otp-a6f41035fa99cda656943395e35c3b63c8efc9a1.zip
Merge branch 'raimo/ssl/version-selection/maint-19/OTP-13753' into maint-19
* raimo/ssl/version-selection/maint-19/OTP-13753: Improve version selection
Diffstat (limited to 'lib/ssl/src/ssl_handshake.erl')
-rw-r--r--lib/ssl/src/ssl_handshake.erl36
1 files changed, 34 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 9c3fe9d73b..06226d5155 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -1256,8 +1256,40 @@ handle_server_hello_extensions(RecordCB, Random, CipherSuite, Compression,
end.
select_version(RecordCB, ClientVersion, Versions) ->
- ServerVersion = RecordCB:highest_protocol_version(Versions),
- RecordCB:lowest_protocol_version(ClientVersion, ServerVersion).
+ do_select_version(RecordCB, ClientVersion, Versions).
+
+do_select_version(_, ClientVersion, []) ->
+ ClientVersion;
+do_select_version(RecordCB, ClientVersion, [Version | Versions]) ->
+ case RecordCB:is_higher(Version, ClientVersion) of
+ true ->
+ %% Version too high for client - keep looking
+ do_select_version(RecordCB, ClientVersion, Versions);
+ false ->
+ %% Version ok for client - look for a higher
+ do_select_version(RecordCB, ClientVersion, Versions, Version)
+ end.
+%%
+do_select_version(_, _, [], GoodVersion) ->
+ GoodVersion;
+do_select_version(
+ RecordCB, ClientVersion, [Version | Versions], GoodVersion) ->
+ BetterVersion =
+ case RecordCB:is_higher(Version, ClientVersion) of
+ true ->
+ %% Version too high for client
+ GoodVersion;
+ false ->
+ %% Version ok for client
+ case RecordCB:is_higher(Version, GoodVersion) of
+ true ->
+ %% Use higher version
+ Version;
+ false ->
+ GoodVersion
+ end
+ end,
+ do_select_version(RecordCB, ClientVersion, Versions, BetterVersion).
renegotiation_info(_, client, _, false) ->
#renegotiation_info{renegotiated_connection = undefined};