From 07953e9d711962b0cb083098d51697d27b5cb292 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 10 May 2016 12:00:15 +0200
Subject: ssl: ordsets:intersection/2 did not give the expected result

Turns out we can not count on the "hashsigns" sent by the client and
the supported "hashigns" sets to have required properties of ordsets.
---
 lib/ssl/src/tls_handshake.erl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/ssl/src/tls_handshake.erl b/lib/ssl/src/tls_handshake.erl
index 102dbba198..f34eebb0e4 100644
--- a/lib/ssl/src/tls_handshake.erl
+++ b/lib/ssl/src/tls_handshake.erl
@@ -283,7 +283,8 @@ available_signature_algs(undefined, SupportedHashSigns, _, {Major, Minor}) when
     SupportedHashSigns;
 available_signature_algs(#hash_sign_algos{hash_sign_algos = ClientHashSigns}, SupportedHashSigns, 
 		     _, {Major, Minor}) when (Major >= 3) andalso (Minor >= 3) ->
-    ordsets:intersection(ClientHashSigns, SupportedHashSigns);
+    sets:to_list(sets:intersection(sets:from_list(ClientHashSigns), 
+				   sets:from_list(SupportedHashSigns)));
 available_signature_algs(_, _, _, _) -> 
     undefined.
 
-- 
cgit v1.2.3