From ae7347bfdcab2486bb55dfe54918a0c994d8b7c7 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 8 Jun 2015 12:15:23 +0200 Subject: ssl: Do not crash on proprietary hash_sign algorithms TLS hash_sign algorithms may have proprietary values see http://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml We should add callbacks to let applications handle them. But for now we do not want to crash if they are present and let other algorithms be negotiated. --- lib/ssl/src/ssl_cipher.erl | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 8584e56d6c..0039f24adf 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1573,7 +1573,8 @@ hash_algorithm(?SHA) -> sha; hash_algorithm(?SHA224) -> sha224; hash_algorithm(?SHA256) -> sha256; hash_algorithm(?SHA384) -> sha384; -hash_algorithm(?SHA512) -> sha512. +hash_algorithm(?SHA512) -> sha512; +hash_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. sign_algorithm(anon) -> ?ANON; sign_algorithm(rsa) -> ?RSA; @@ -1582,7 +1583,8 @@ sign_algorithm(ecdsa) -> ?ECDSA; sign_algorithm(?ANON) -> anon; sign_algorithm(?RSA) -> rsa; sign_algorithm(?DSA) -> dsa; -sign_algorithm(?ECDSA) -> ecdsa. +sign_algorithm(?ECDSA) -> ecdsa; +sign_algorithm(Other) when is_integer(Other) andalso ((Other >= 224) and (Other =< 255)) -> Other. hash_size(null) -> 0; -- cgit v1.2.3