From b4fc84117b6bd1105ca8ccb91f699564ac400dff Mon Sep 17 00:00:00 2001
From: Danil Zagoskin <z@gosk.in>
Date: Mon, 21 Apr 2014 22:00:09 +0400
Subject: ssl: always pass negotiated version when selecting hashsign

Negotiated version is now always passed to ssl_handshake:select_hashsign
because ssl_handshake:select_cert_hashsign has different rsa defaults on
tlsv1.2 and older versions.
---
 lib/ssl/test/ssl_handshake_SUITE.erl | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'lib/ssl/test/ssl_handshake_SUITE.erl')

diff --git a/lib/ssl/test/ssl_handshake_SUITE.erl b/lib/ssl/test/ssl_handshake_SUITE.erl
index 4c4b8e5137..b4be768b58 100644
--- a/lib/ssl/test/ssl_handshake_SUITE.erl
+++ b/lib/ssl/test/ssl_handshake_SUITE.erl
@@ -101,5 +101,7 @@ encode_single_hello_sni_extension_correctly(_Config) ->
 select_proper_tls_1_2_rsa_default_hashsign(_Config) ->
     % RFC 5246 section 7.4.1.4.1 tells to use {sha1,rsa} as default signature_algorithm for RSA key exchanges
     {sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {3,3}),
-    {md5sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {undefined,undefined}).
+    % Older versions use MD5/SHA1 combination
+    {md5sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {3,2}),
+    {md5sha, rsa} = ssl_handshake:select_cert_hashsign(undefined, ?rsaEncryption, {3,0}).
 
-- 
cgit v1.2.3