diff options
author | Ingela Anderton Andin <[email protected]> | 2015-06-08 12:15:23 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-06-08 15:22:14 +0200 |
commit | ae7347bfdcab2486bb55dfe54918a0c994d8b7c7 (patch) | |
tree | f0bad2d62437dfdfa2433ede94d9bf5db816ad62 /lib | |
parent | e6e7ae017ef83ace6e5d303a3860245d623d173a (diff) | |
download | otp-ae7347bfdcab2486bb55dfe54918a0c994d8b7c7.tar.gz otp-ae7347bfdcab2486bb55dfe54918a0c994d8b7c7.tar.bz2 otp-ae7347bfdcab2486bb55dfe54918a0c994d8b7c7.zip |
ssl: Do not crash on proprietary hash_sign algorithms
TLS hash_sign algorithms may have proprietary values see
http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml
We should add callbacks to let applications handle them.
But for now we do not want to crash if they are present and
let other algorithms be negotiated.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 8584e56d6c..0039f24adf 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1573,7 +1573,8 @@ hash_algorithm(?SHA) -> sha; hash_algorithm(?SHA224) -> sha224; hash_algorithm(?SHA256) -> sha256; hash_algorithm(?SHA384) -> sha384; -hash_algorithm(?SHA512) -> sha512. +hash_algorithm(?SHA512) -> sha512; +hash_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. sign_algorithm(anon) -> ?ANON; sign_algorithm(rsa) -> ?RSA; @@ -1582,7 +1583,8 @@ sign_algorithm(ecdsa) -> ?ECDSA; sign_algorithm(?ANON) -> anon; sign_algorithm(?RSA) -> rsa; sign_algorithm(?DSA) -> dsa; -sign_algorithm(?ECDSA) -> ecdsa. +sign_algorithm(?ECDSA) -> ecdsa; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. hash_size(null) -> 0; |