Merge tag 'OTP-17.5.6' into maint

=== OTP-17.5.6 === Changed Applications: - inets-5.10.9 - ssh-3.2.4 - ssl-6.0.1 Unchanged Applications: - asn1-3.0.4 - common_test-1.10.1 - compiler-5.0.4 - cosEvent-2.1.15 - cosEventDomain-1.1.14 - cosFileTransfer-1.1.16 - cosNotification-1.1.21 - cosProperty-1.1.17 - cosTime-1.1.14 - cosTransactions-1.2.14 - crypto-3.5 - debugger-4.0.3 - dialyzer-2.7.4 - diameter-1.9.2 - edoc-0.7.16 - eldap-1.1.1 - erl_docgen-0.3.7 - erl_interface-3.7.20 - erts-6.4.1 - et-1.5 - eunit-2.2.9 - gs-1.5.16 - hipe-3.11.3 - ic-4.3.6 - jinterface-1.5.12 - kernel-3.2 - megaco-3.17.3 - mnesia-4.12.5 - observer-2.0.4 - odbc-2.10.22 - orber-3.7.1 - os_mon-2.3.1 - ose-1.0.2 - otp_mibs-1.0.10 - parsetools-2.0.12 - percept-0.8.10 - public_key-0.23 - reltool-0.6.6 - runtime_tools-1.8.16 - sasl-2.4.1 - snmp-5.1.2 - stdlib-2.4 - syntax_tools-1.6.18 - test_server-3.8.1 - tools-2.7.2 - typer-0.9.8 - webtool-0.8.10 - wx-1.3.3 - xmerl-1.3.7
author: Henrik Nord <[email protected]> 2015-06-02 09:00:04 +0200
committer: Henrik Nord <[email protected]> 2015-06-02 09:00:04 +0200
commit: 21b8941d83516e381000387c47758bc7f040ae8b (patch)
tree: 2499b8b04c15a5ba2777a54921af7e4f9916676d /lib/ssl/src
parent: f3fefbae24a2569a13b538d80d0e99129963ebef (diff)
parent: c1df511623b9a2a98d4d3862ae612c1ca9837da7 (diff)
download: otp-21b8941d83516e381000387c47758bc7f040ae8b.tar.gz
otp-21b8941d83516e381000387c47758bc7f040ae8b.tar.bz2
otp-21b8941d83516e381000387c47758bc7f040ae8b.zip
2 files changed, 20 insertions, 16 deletions
diff --git a/lib/ssl/src/ssl.appup.src b/lib/ssl/src/ssl.appup.src
index 7986722094..d100e41930 100644
--- a/lib/ssl/src/ssl.appup.src
+++ b/lib/ssl/src/ssl.appup.src
@@ -1,12 +1,14 @@
 %% -*- erlang -*-
 {"%VSN%",
  [
+  {<<"6.0">>, [{load_module, ssl_handshake, soft_purge, soft_purge, []}]},
   {<<"5\\.3\\.[1-7]($|\\..*)">>, [{restart_application, ssl}]},
   {<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]},
   {<<"4\\..*">>, [{restart_application, ssl}]},
   {<<"3\\..*">>, [{restart_application, ssl}]}
  ], 
  [
+  {<<"6.0">>, [{load_module, ssl_handshake, soft_purge, soft_purge, []}]},
   {<<"5\\.3\\.[1-7]($|\\..*)">>, [{restart_application, ssl}]},
   {<<"5\\.[0-2]($|\\..*)">>, [{restart_application, ssl}]},
   {<<"4\\..*">>, [{restart_application, ssl}]},
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl
index 88ccb94e0b..29b64f7a81 100644
--- a/lib/ssl/src/ssl_handshake.erl
+++ b/lib/ssl/src/ssl_handshake.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2013-2014. All Rights Reserved.
+%% Copyright Ericsson AB 2013-2015. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -500,19 +500,27 @@ update_handshake_history({Handshake0, _Prev}, Data) ->
 %%     end.
 
 premaster_secret(OtherPublicDhKey, MyPrivateKey, #'DHParameter'{} = Params) ->
-    public_key:compute_key(OtherPublicDhKey, MyPrivateKey, Params);
-
+    try 
+	public_key:compute_key(OtherPublicDhKey, MyPrivateKey, Params)  
+    catch 
+	error:computation_failed -> 
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER))
+    end;	   
 premaster_secret(PublicDhKey, PrivateDhKey, #server_dh_params{dh_p = Prime, dh_g = Base}) ->
-    crypto:compute_key(dh, PublicDhKey, PrivateDhKey, [Prime, Base]);
+    try 
+	crypto:compute_key(dh, PublicDhKey, PrivateDhKey, [Prime, Base])
+    catch 
+	error:computation_failed -> 
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER))
+    end;
 premaster_secret(#client_srp_public{srp_a = ClientPublicKey}, ServerKey, #srp_user{prime = Prime,
 										   verifier = Verifier}) ->
     case crypto:compute_key(srp, ClientPublicKey, ServerKey, {host, [Verifier, Prime, '6a']}) of
 	error ->
-	    ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER);
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER));
 	PremasterSecret ->
 	    PremasterSecret
     end;
-
 premaster_secret(#server_srp_params{srp_n = Prime, srp_g = Generator, srp_s = Salt, srp_b = Public},
 		 ClientKeys, {Username, Password}) ->
     case ssl_srp_primes:check_srp_params(Generator, Prime) of
@@ -520,21 +528,19 @@ premaster_secret(#server_srp_params{srp_n = Prime, srp_g = Generator, srp_s = Sa
 	    DerivedKey = crypto:hash(sha, [Salt, crypto:hash(sha, [Username, <<$:>>, Password])]),
 	    case crypto:compute_key(srp, Public, ClientKeys, {user, [DerivedKey, Prime, Generator, '6a']}) of
 		error ->
-		    ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER);
+		    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER));
 		PremasterSecret ->
 		    PremasterSecret
 	    end;
 	_ ->
-	    ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER)
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER))
     end;
-
 premaster_secret(#client_rsa_psk_identity{
 		    identity = PSKIdentity,
 		    exchange_keys = #encrypted_premaster_secret{premaster_secret = EncPMS}
 		   }, #'RSAPrivateKey'{} = Key, PSKLookup) ->
     PremasterSecret = premaster_secret(EncPMS, Key),
     psk_secret(PSKIdentity, PSKLookup, PremasterSecret);
-
 premaster_secret(#server_dhe_psk_params{
 		    hint = IdentityHint,
 		    dh_params =  #server_dh_params{dh_y = PublicDhKey} = Params},
@@ -542,7 +548,6 @@ premaster_secret(#server_dhe_psk_params{
 		    LookupFun) ->
     PremasterSecret = premaster_secret(PublicDhKey, PrivateDhKey, Params),
     psk_secret(IdentityHint, LookupFun, PremasterSecret);
-
 premaster_secret({rsa_psk, PSKIdentity}, PSKLookup, RSAPremasterSecret) ->
     psk_secret(PSKIdentity, PSKLookup, RSAPremasterSecret).
 
@@ -551,13 +556,10 @@ premaster_secret(#client_dhe_psk_identity{
 		    dh_public = PublicDhKey}, PrivateKey, #'DHParameter'{} = Params, PSKLookup) ->
     PremasterSecret = premaster_secret(PublicDhKey, PrivateKey, Params),
     psk_secret(PSKIdentity, PSKLookup, PremasterSecret).
-
 premaster_secret(#client_psk_identity{identity = PSKIdentity}, PSKLookup) ->
     psk_secret(PSKIdentity, PSKLookup);
-
 premaster_secret({psk, PSKIdentity}, PSKLookup) ->
     psk_secret(PSKIdentity, PSKLookup);
-
 premaster_secret(#'ECPoint'{} = ECPoint, #'ECPrivateKey'{} = ECDHKeys) ->
     public_key:compute_key(ECPoint, ECDHKeys);
 premaster_secret(EncSecret, #'RSAPrivateKey'{} = RSAPrivateKey) ->
@@ -1933,7 +1935,7 @@ psk_secret(PSKIdentity, PSKLookup) ->
 	#alert{} = Alert ->
 	    Alert;
 	_ ->
-	    ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER)
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER))
     end.
 
 psk_secret(PSKIdentity, PSKLookup, PremasterSecret) ->
@@ -1945,7 +1947,7 @@ psk_secret(PSKIdentity, PSKLookup, PremasterSecret) ->
 	#alert{} = Alert ->
 	    Alert;
 	_ ->
-	    ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER)
+	    throw(?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER))
     end.
 
 handle_psk_identity(_PSKIdentity, LookupFun)
author	Henrik Nord <[email protected]>	2015-06-02 09:00:04 +0200
committer	Henrik Nord <[email protected]>	2015-06-02 09:00:04 +0200
commit	21b8941d83516e381000387c47758bc7f040ae8b (patch)
tree	2499b8b04c15a5ba2777a54921af7e4f9916676d /lib/ssl/src
parent	f3fefbae24a2569a13b538d80d0e99129963ebef (diff)
parent	c1df511623b9a2a98d4d3862ae612c1ca9837da7 (diff)
download	otp-21b8941d83516e381000387c47758bc7f040ae8b.tar.gz otp-21b8941d83516e381000387c47758bc7f040ae8b.tar.bz2 otp-21b8941d83516e381000387c47758bc7f040ae8b.zip