diff options
| author | Ingela Anderton Andin <[email protected]> | 2015-06-08 12:15:23 +0200 |
|---|---|---|
| committer | Aleksandr Druzhilov <[email protected]> | 2015-07-30 16:32:45 +0300 |
| commit | d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18 (patch) | |
| tree | 835c9c5c825b733de79f52d4519cf009465a5ef0 /lib/ssl | |
| parent | 12002949e5435d19c750fe2cd8e897b4059f875a (diff) | |
| download | otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.tar.gz otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.tar.bz2 otp-d9fd104e64eccbdca2a9d7d3efb801c8d85ecb18.zip | |
ssl: Do not crash on proprietary hash_sign algorithms
TLS hash_sign algorithms may have proprietary values see
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
We should add callbacks to let applications handle them.
But for now we do not want to crash if they are present and
let other algorithms be negotiated.
Diffstat (limited to 'lib/ssl')
| -rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index bec0055353..c2af0f946a 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1209,7 +1209,8 @@ hash_algorithm(?SHA) -> sha; hash_algorithm(?SHA224) -> sha224; hash_algorithm(?SHA256) -> sha256; hash_algorithm(?SHA384) -> sha384; -hash_algorithm(?SHA512) -> sha512. +hash_algorithm(?SHA512) -> sha512; +hash_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. sign_algorithm(anon) -> ?ANON; sign_algorithm(rsa) -> ?RSA; @@ -1218,7 +1219,8 @@ sign_algorithm(ecdsa) -> ?ECDSA; sign_algorithm(?ANON) -> anon; sign_algorithm(?RSA) -> rsa; sign_algorithm(?DSA) -> dsa; -sign_algorithm(?ECDSA) -> ecdsa. +sign_algorithm(?ECDSA) -> ecdsa; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. hash_size(null) -> 0; |