diff options
| author | Péter Dimitrov <[email protected]> | 2018-11-27 16:44:11 +0100 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2019-01-11 09:59:12 +0100 |
| commit | 1ed5fdcb034b4930f1a7243313d40f80fd281287 (patch) | |
| tree | 4d813884460a23d698f995867184f2cc6eb3be44 /lib/ssl/src/tls_handshake_1_3.erl | |
| parent | 64332e9bc1f05a23c442e14e920082f8b444ef80 (diff) | |
| download | otp-1ed5fdcb034b4930f1a7243313d40f80fd281287.tar.gz otp-1ed5fdcb034b4930f1a7243313d40f80fd281287.tar.bz2 otp-1ed5fdcb034b4930f1a7243313d40f80fd281287.zip | |
ssl: Fix cipher suite selection
Accept only TLS 1.3 ciphers when TLS 1.3 is selected.
Change-Id: I4e934d344f52208263ffdeb31c357dd5727472b9
Diffstat (limited to 'lib/ssl/src/tls_handshake_1_3.erl')
| -rw-r--r-- | lib/ssl/src/tls_handshake_1_3.erl | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/ssl/src/tls_handshake_1_3.erl b/lib/ssl/src/tls_handshake_1_3.erl index f381e038cf..4c18e76ad9 100644 --- a/lib/ssl/src/tls_handshake_1_3.erl +++ b/lib/ssl/src/tls_handshake_1_3.erl @@ -331,7 +331,8 @@ get_client_public_key(Group, ClientShares) -> select_cipher_suite([], _) -> {error, no_suitable_cipher}; select_cipher_suite([Cipher|ClientCiphers], ServerCiphers) -> - case lists:member(Cipher, ServerCiphers) of + case lists:member(Cipher, tls_v1:suites('TLS_v1.3')) andalso + lists:member(Cipher, ServerCiphers) of true -> {ok, Cipher}; false -> |