From 69de799fdce1c4cc5a582df6f2a86ccd3e62c3a9 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Mon, 12 Jan 2015 12:15:22 +0100
Subject: ssl: Remove sslv3 from the default supported protocol versions

---
 lib/ssl/src/tls_record.erl | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

(limited to 'lib/ssl/src/tls_record.erl')

diff --git a/lib/ssl/src/tls_record.erl b/lib/ssl/src/tls_record.erl
index 544d200f70..37929c928d 100644
--- a/lib/ssl/src/tls_record.erl
+++ b/lib/ssl/src/tls_record.erl
@@ -311,8 +311,17 @@ supported_protocol_versions([]) ->
     Vsns;
 
 supported_protocol_versions([_|_] = Vsns) ->
-    Vsns.
-
+    case sufficient_tlsv1_2_crypto_support() of
+	true -> 
+	    Vsns;
+	false ->
+	    case Vsns -- ['tlsv1.2'] of
+		[] ->
+		    ?MIN_SUPPORTED_VERSIONS;
+		NewVsns ->
+		    NewVsns
+	    end
+    end.
 %%--------------------------------------------------------------------
 %%     
 %% Description: ssl version 2 is not acceptable security risks are too big.
-- 
cgit v1.2.3