diff options
| author | Péter Dimitrov <[email protected]> | 2018-11-16 09:36:08 +0100 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2018-11-20 09:55:54 +0100 |
| commit | 5667810578357122b3a49949c3e7826f652833c2 (patch) | |
| tree | bfbbe58c5af5f3b5ac089637b48ca353c6a0cd38 /lib/ssl/src/tls_v1.erl | |
| parent | bafd4606dfd6dbc880758f6dc7694b50238bea8c (diff) | |
| download | otp-5667810578357122b3a49949c3e7826f652833c2.tar.gz otp-5667810578357122b3a49949c3e7826f652833c2.tar.bz2 otp-5667810578357122b3a49949c3e7826f652833c2.zip | |
ssl: Fix default values of "signature_algs"
- Add function for special handling of default values of
"signature_algs" in TLS 1.3.
This change adds default values for "signature_algs" even for
TLS 1.3 clients as they must send the "signature_algs" extension
when a server authenticates itself via a certificate.
- Use "signature schemes" as default instead of the old
hash-signature algorithms tuple when using TLS 1.3.
Change-Id: I296593b16610fd7a18a4ae3f3bac63c2fad06fbd
Diffstat (limited to 'lib/ssl/src/tls_v1.erl')
| -rw-r--r-- | lib/ssl/src/tls_v1.erl | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/ssl/src/tls_v1.erl b/lib/ssl/src/tls_v1.erl index 8618355089..83dd7585dd 100644 --- a/lib/ssl/src/tls_v1.erl +++ b/lib/ssl/src/tls_v1.erl @@ -346,8 +346,8 @@ signature_algs({3, 3}, HashSigns) -> end, [], HashSigns), lists:reverse(Supported). -default_signature_algs({3, 4}) -> - default_signature_algs({3, 3}); +default_signature_algs({3, 4} = Version) -> + default_signature_schemes(Version); default_signature_algs({3, 3} = Version) -> Default = [%% SHA2 {sha512, ecdsa}, |