aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2014-03-24 18:58:30 +0100
committerIngela Anderton Andin <[email protected]>2014-03-25 09:36:57 +0100
commitd18e7b25a17a0c62c0beddc81f23b1dea18b7ef4 (patch)
tree2ebd9e7b6f5824677df555ab755e848a0ff831ee /lib/ssl/src
parent8ffbf0feccb375afc10ce676070b6b778e9bf260 (diff)
downloadotp-d18e7b25a17a0c62c0beddc81f23b1dea18b7ef4.tar.gz
otp-d18e7b25a17a0c62c0beddc81f23b1dea18b7ef4.tar.bz2
otp-d18e7b25a17a0c62c0beddc81f23b1dea18b7ef4.zip
ssl: Handle SNI alert unrecognized_name and gracefully deal with
unexpected alerts. Add recognitions of RFC 4366 alerts and handle possible unimplementd alerts in a gracefully way.
Diffstat (limited to 'lib/ssl/src')
-rw-r--r--lib/ssl/src/ssl_alert.erl16
-rw-r--r--lib/ssl/src/ssl_alert.hrl16
2 files changed, 28 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_alert.erl b/lib/ssl/src/ssl_alert.erl
index 5c842b4d19..8b393468ea 100644
--- a/lib/ssl/src/ssl_alert.erl
+++ b/lib/ssl/src/ssl_alert.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2007-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -124,5 +124,17 @@ description_txt(?USER_CANCELED) ->
"user canceled";
description_txt(?NO_RENEGOTIATION) ->
"no renegotiation";
+description_txt(?UNSUPPORTED_EXTENSION) ->
+ "unsupported extension";
+description_txt(?CERTIFICATE_UNOBTAINABLE) ->
+ "certificate unobtainable";
+description_txt(?UNRECOGNISED_NAME) ->
+ "unrecognised name";
+description_txt(?BAD_CERTIFICATE_STATUS_RESPONSE) ->
+ "bad certificate status response";
+description_txt(?BAD_CERTIFICATE_HASH_VALUE) ->
+ "bad certificate hash value";
description_txt(?UNKNOWN_PSK_IDENTITY) ->
- "unknown psk identity".
+ "unknown psk identity";
+description_txt(Enum) ->
+ lists:flatten(io_lib:format("unsupported/unknown alert: ~p", [Enum])).
diff --git a/lib/ssl/src/ssl_alert.hrl b/lib/ssl/src/ssl_alert.hrl
index 2a8a91aefa..2d1f323085 100644
--- a/lib/ssl/src/ssl_alert.hrl
+++ b/lib/ssl/src/ssl_alert.hrl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2007-2012. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -48,7 +48,7 @@
%% unsupported_certificate(43),
%% certificate_revoked(44),
%% certificate_expired(45),
- %% certificate_unknown(46),
+%% certificate_unknown(46),
%% illegal_parameter(47),
%% unknown_ca(48),
%% access_denied(49),
@@ -60,6 +60,13 @@
%% internal_error(80),
%% user_canceled(90),
%% no_renegotiation(100),
+%% RFC 4366
+%% unsupported_extension(110),
+%% certificate_unobtainable(111),
+%% unrecognized_name(112),
+%% bad_certificate_status_response(113),
+%% bad_certificate_hash_value(114),
+%% RFC 4366
%% unknown_psk_identity(115),
%% (255)
%% } AlertDescription;
@@ -88,6 +95,11 @@
-define(INTERNAL_ERROR, 80).
-define(USER_CANCELED, 90).
-define(NO_RENEGOTIATION, 100).
+-define(UNSUPPORTED_EXTENSION, 110).
+-define(CERTIFICATE_UNOBTAINABLE, 111).
+-define(UNRECOGNISED_NAME, 112).
+-define(BAD_CERTIFICATE_STATUS_RESPONSE, 113).
+-define(BAD_CERTIFICATE_HASH_VALUE, 114).
-define(UNKNOWN_PSK_IDENTITY, 115).
-define(ALERT_REC(Level,Desc), #alert{level=Level,description=Desc,where={?FILE, ?LINE}}).