aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
diff options
context:
space:
mode:
authorPéter Dimitrov <[email protected]>2018-07-11 11:30:40 +0200
committerPéter Dimitrov <[email protected]>2018-07-19 14:30:00 +0200
commit028941b5b54adeaf947ba60cd44de8ef1886e0eb (patch)
treef573ec66c46166dd1f311dc08766f6ce8c8af878 /lib/ssl
parentde8efcb60451d65404bd3b70d464da43af239be5 (diff)
downloadotp-028941b5b54adeaf947ba60cd44de8ef1886e0eb.tar.gz
otp-028941b5b54adeaf947ba60cd44de8ef1886e0eb.tar.bz2
otp-028941b5b54adeaf947ba60cd44de8ef1886e0eb.zip
ssl: Sort supported versions in handle_options
Sort supported versions (highest first) in handle options to reflect the order expected by TLS 1.3. Change-Id: I06bb43ac81eeaca681c122d815a024c8444e3726
Diffstat (limited to 'lib/ssl')
-rw-r--r--lib/ssl/src/ssl.erl8
1 files changed, 5 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index e5a6f6bb47..09953908ce 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -887,9 +887,10 @@ handle_options(Opts0, #ssl_options{protocol = Protocol, cacerts = CaCerts0,
[] ->
new_ssl_options(SslOpts1, NewVerifyOpts, RecordCB);
Value ->
- Versions = [RecordCB:protocol_version(Vsn) || Vsn <- Value],
+ Versions0 = [RecordCB:protocol_version(Vsn) || Vsn <- Value],
+ Versions1 = lists:sort(fun RecordCB:is_higher/2, Versions0),
new_ssl_options(proplists:delete(versions, SslOpts1),
- NewVerifyOpts#ssl_options{versions = Versions}, record_cb(Protocol))
+ NewVerifyOpts#ssl_options{versions = Versions1}, record_cb(Protocol))
end;
%% Handle all options in listen and connect
@@ -912,7 +913,8 @@ handle_options(Opts0, Role, Host) ->
[] ->
RecordCb:supported_protocol_versions();
Vsns ->
- [RecordCb:protocol_version(Vsn) || Vsn <- Vsns]
+ Versions0 = [RecordCb:protocol_version(Vsn) || Vsn <- Vsns],
+ lists:sort(fun RecordCb:is_higher/2, Versions0)
end,
Protocol = handle_option(protocol, Opts, tls),