diff options
| author | Ingela Anderton Andin <[email protected]> | 2017-12-14 11:20:20 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2017-12-14 11:20:20 +0100 |
| commit | ca00af6271665772c97bb2e146b0f5cbb760a97c (patch) | |
| tree | 20d4a53d61056e46416a99bd9675b771d102567a /lib/ssl/src/ssl_handshake.erl | |
| parent | 4c7d0f1c937ec37fbdac47de4f71f92feb0128c7 (diff) | |
| parent | b4451cf451fb8d025158809084503e2ae13b7f7f (diff) | |
| download | otp-ca00af6271665772c97bb2e146b0f5cbb760a97c.tar.gz otp-ca00af6271665772c97bb2e146b0f5cbb760a97c.tar.bz2 otp-ca00af6271665772c97bb2e146b0f5cbb760a97c.zip | |
Merge branch 'ingela/dtls/fallback-SCSV/OTP-14828' into maint
* ingela/dtls/fallback-SCSV/OTP-14828:
ssl: Align (with DTLS) and correct TLS_FALLBACK_SCSV handling
Diffstat (limited to 'lib/ssl/src/ssl_handshake.erl')
| -rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 0974448276..fd437f62d2 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -67,7 +67,7 @@ %% Cipher suites handling -export([available_suites/2, available_signature_algs/2, available_signature_algs/4, - cipher_suites/2, prf/6, select_session/11, supported_ecc/1, + cipher_suites/3, prf/6, select_session/11, supported_ecc/1, premaster_secret/2, premaster_secret/3, premaster_secret/4]). %% Extensions handling @@ -782,6 +782,11 @@ available_signature_algs(#hash_sign_algos{hash_sign_algos = ClientHashSigns}, Su available_signature_algs(_, _, _, _) -> undefined. +cipher_suites(Suites, Renegotiation, true) -> + %% TLS_FALLBACK_SCSV should be placed last -RFC7507 + cipher_suites(Suites, Renegotiation) ++ [?TLS_FALLBACK_SCSV]; +cipher_suites(Suites, Renegotiation, false) -> + cipher_suites(Suites, Renegotiation). cipher_suites(Suites, false) -> [?TLS_EMPTY_RENEGOTIATION_INFO_SCSV | Suites]; cipher_suites(Suites, true) -> |