diff options
author | Erlang/OTP <[email protected]> | 2010-04-07 06:59:25 +0000 |
---|---|---|
committer | Erlang/OTP <[email protected]> | 2010-04-07 06:59:25 +0000 |
commit | 10ef6faeed5f2c4050df2eecc3cfbe93e9e9bae9 (patch) | |
tree | cdaaaa86cff2e2702ee92b8add99ab0f9ec45687 /lib/ssl/src | |
parent | 1b6a7c949bcf51e2d537de5cb89cbb6231abbf49 (diff) | |
parent | 16dafd19b34d1b458cf68857f65c7d3c77d6f291 (diff) | |
download | otp-10ef6faeed5f2c4050df2eecc3cfbe93e9e9bae9.tar.gz otp-10ef6faeed5f2c4050df2eecc3cfbe93e9e9bae9.tar.bz2 otp-10ef6faeed5f2c4050df2eecc3cfbe93e9e9bae9.zip |
Merge branch 'rb/ssl-opts-fix' into dev
* rb/ssl-opts-fix:
Fix verification of ssl client when fail_if_no_peer_cert
Fix mishandling of valid ssl options
OTP-8557 rb/ssl-opts-fix
Diffstat (limited to 'lib/ssl/src')
-rw-r--r-- | lib/ssl/src/ssl.erl | 3 | ||||
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 87a0939897..965e40a109 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -560,10 +560,11 @@ handle_options(Opts0, Role) -> CbInfo = proplists:get_value(cb_info, Opts, {gen_tcp, tcp, tcp_closed}), SslOptions = [versions, verify, verify_fun, + fail_if_no_peer_cert, verify_client_once, depth, certfile, keyfile, key, password, cacertfile, dhfile, ciphers, debug, reuse_session, reuse_sessions, ssl_imp, - cd_info, renegotiate_at], + cb_info, renegotiate_at], SockOpts = lists:foldl(fun(Key, PropList) -> proplists:delete(Key, PropList) diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 4ec90600e9..defcfa31bd 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -441,7 +441,8 @@ certify(#certificate{} = Cert, Opts#ssl_options.verify, Opts#ssl_options.verify_fun) of {PeerCert, PublicKeyInfo} -> - handle_peer_cert(PeerCert, PublicKeyInfo, State); + State1 = State#state{client_certificate_requested = false}, + handle_peer_cert(PeerCert, PublicKeyInfo, State1); #alert{} = Alert -> handle_own_alert(Alert, Version, certify_certificate, State), {stop, normal, State} |