ssl: Remove sslv3 from the default supported protocol versions

author: Ingela Anderton Andin <[email protected]> 2015-01-12 12:15:22 +0100
committer: Ingela Anderton Andin <[email protected]> 2015-01-23 11:34:18 +0100
commit: 69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9 (patch)
tree: 98c2c42689c4d5226b99b04cf7abca5ea75b5a65 /lib/ssl/src/tls_record.erl
parent: 1d0efcad490cb87c292c0505edbadb452b39b1a2 (diff)
download: otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.tar.gz
otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.tar.bz2
otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.zip
1 files changed, 11 insertions, 2 deletions
diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 544d200f70..37929c928d 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -311,8 +311,17 @@ supported_protocol_versions([]) ->
     Vsns;
 
 supported_protocol_versions([_|_] = Vsns) ->
-    Vsns.
-
+    case sufficient_tlsv1_2_crypto_support() of
+	true -> 
+	    Vsns;
+	false ->
+	    case Vsns -- ['tlsv1.2'] of
+		[] ->
+		    ?MIN_SUPPORTED_VERSIONS;
+		NewVsns ->
+		    NewVsns
+	    end
+    end.
 %%--------------------------------------------------------------------
 %%     
 %% Description: ssl version 2 is not acceptable security risks are too big.
author	Ingela Anderton Andin <[email protected]>	2015-01-12 12:15:22 +0100
committer	Ingela Anderton Andin <[email protected]>	2015-01-23 11:34:18 +0100
commit	69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9 (patch)
tree	98c2c42689c4d5226b99b04cf7abca5ea75b5a65 /lib/ssl/src/tls_record.erl
parent	1d0efcad490cb87c292c0505edbadb452b39b1a2 (diff)
download	otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.tar.gz otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.tar.bz2 otp-69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9.zip