diff options
author | Péter Dimitrov <[email protected]> | 2018-10-03 16:33:31 +0200 |
---|---|---|
committer | Péter Dimitrov <[email protected]> | 2018-10-15 10:21:23 +0200 |
commit | 5b472d1984e99227f7f72fda25ee98e1f9e19d02 (patch) | |
tree | 0494d4fb530b13059d08e1fa0b91026c310f3458 /lib | |
parent | d5ffd9ddd6edd21e190bb61547c835892e917a6c (diff) | |
download | otp-5b472d1984e99227f7f72fda25ee98e1f9e19d02.tar.gz otp-5b472d1984e99227f7f72fda25ee98e1f9e19d02.tar.bz2 otp-5b472d1984e99227f7f72fda25ee98e1f9e19d02.zip |
ssl: Update default for option signature_algs_cert
The option 'signature_algs_cert' is not set by default.
Change-Id: Ib87cedc5e48b3ac7a36a30bc7caa08d3193f12fa
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ssl/src/ssl.erl | 7 | ||||
-rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 9 |
2 files changed, 8 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 7e1c3fc462..ebc55e541a 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -975,10 +975,7 @@ handle_options(Opts0, Role, Host) -> proplists:get_value( signature_algs_cert, Opts, - default_option_role(server, - tls_v1:default_signature_schemes(HighestVersion), - Role - )), + undefined), %% Do not send by default tls_version(HighestVersion)), %% Server side option reuse_session = handle_option(reuse_session, Opts, ReuseSessionFun), @@ -1326,8 +1323,6 @@ handle_signature_algorithms_option(Value, Version) when is_list(Value) _ -> Value end; -handle_signature_algorithms_option(_, Version) when Version >= {3, 4} -> - handle_signature_algorithms_option(tls_v1:default_signature_schemes(Version), Version); handle_signature_algorithms_option(_, _Version) -> undefined. diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index a42df453e0..1e57dfd710 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -1015,12 +1015,17 @@ client_hello_extensions(Version, CipherSuites, {3,4} -> HelloExtensions#{client_hello_versions => #client_hello_versions{versions = Versions}, - signature_algs_cert => - #signature_scheme_list{signature_scheme_list = SignatureSchemes}}; + signature_algs_cert => + signature_scheme_list(SignatureSchemes)}; _Else -> HelloExtensions end. +signature_scheme_list(undefined) -> + undefined; +signature_scheme_list(SignatureSchemes) -> + #signature_scheme_list{signature_scheme_list = SignatureSchemes}. + handle_client_hello_extensions(RecordCB, Random, ClientCipherSuites, Exts, Version, #ssl_options{secure_renegotiate = SecureRenegotation, |