diff options
author | Ingela Anderton Andin <[email protected]> | 2014-09-23 14:31:52 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2014-09-24 14:38:59 +0200 |
commit | b196730a325cfe74312c3a5f4b1273ba7c705ed6 (patch) | |
tree | c815faa7b4de1f0a1015cfa40207824076b1af57 /lib/ssl | |
parent | c02166a6fccac8b6108a99a6bd95ffad6ac6f709 (diff) | |
download | otp-b196730a325cfe74312c3a5f4b1273ba7c705ed6.tar.gz otp-b196730a325cfe74312c3a5f4b1273ba7c705ed6.tar.bz2 otp-b196730a325cfe74312c3a5f4b1273ba7c705ed6.zip |
ssl: Servers may include an empty SNI-extension
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 3 | ||||
-rw-r--r-- | lib/ssl/test/ssl_handshake_SUITE.erl | 8 |
2 files changed, 11 insertions, 0 deletions
diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 22673e46e2..88ccb94e0b 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -1732,6 +1732,9 @@ dec_hello_extensions(<<?UINT16(?EC_POINT_FORMATS_EXT), ?UINT16(Len), #ec_point_formats{ec_point_format_list = ECPointFormats}}); +dec_hello_extensions(<<?UINT16(?SNI_EXT), ?UINT16(Len), Rest/binary>>, Acc) when Len == 0 -> + dec_hello_extensions(Rest, Acc#hello_extensions{sni = ""}); %% Server may send an empy SNI + dec_hello_extensions(<<?UINT16(?SNI_EXT), ?UINT16(Len), ExtData:Len/binary, Rest/binary>>, Acc) -> <<?UINT16(_), NameList/binary>> = ExtData, diff --git a/lib/ssl/test/ssl_handshake_SUITE.erl b/lib/ssl/test/ssl_handshake_SUITE.erl index e5e942ce1b..8dca733526 100644 --- a/lib/ssl/test/ssl_handshake_SUITE.erl +++ b/lib/ssl/test/ssl_handshake_SUITE.erl @@ -39,6 +39,7 @@ all() -> [decode_hello_handshake, decode_unknown_hello_extension_correctly, encode_single_hello_sni_extension_correctly, decode_single_hello_sni_extension_correctly, + decode_empty_server_sni_correctly, select_proper_tls_1_2_rsa_default_hashsign]. %%-------------------------------------------------------------------- @@ -106,6 +107,13 @@ decode_single_hello_sni_extension_correctly(_Config) -> Decoded = ssl_handshake:decode_hello_extensions(SNI), Exts = Decoded. +decode_empty_server_sni_correctly(_Config) -> + Exts = #hello_extensions{sni = ""}, + SNI = <<?UINT16(?SNI_EXT),?UINT16(0)>>, + Decoded = ssl_handshake:decode_hello_extensions(SNI), + Exts = Decoded. + + select_proper_tls_1_2_rsa_default_hashsign(_Config) -> % RFC 5246 section 7.4.1.4.1 tells to use {sha1,rsa} as default signature_algorithm for RSA key exchanges {sha, rsa} = ssl_handshake:select_hashsign_algs(undefined, ?rsaEncryption, {3,3}), |