diff options
| author | Ingela Anderton Andin <[email protected]> | 2016-05-04 20:11:06 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2016-05-05 08:31:21 +0200 |
| commit | 470976e07820f0c8cd99b3437d1b7fbebd76004c (patch) | |
| tree | d78b0ecd66336e1098cfa40691dff28c4d1465f7 | |
| parent | fbc2d05c2659debff1c78d989b6921a3fff6037b (diff) | |
| download | otp-470976e07820f0c8cd99b3437d1b7fbebd76004c.tar.gz otp-470976e07820f0c8cd99b3437d1b7fbebd76004c.tar.bz2 otp-470976e07820f0c8cd99b3437d1b7fbebd76004c.zip | |
ssl: Add reinitialization of handshake data lost in gen_statem refactorization
| -rw-r--r-- | lib/ssl/src/ssl_connection.erl | 6 | ||||
| -rw-r--r-- | lib/ssl/src/tls_connection.erl | 13 |
2 files changed, 16 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 57fa1b904e..a7657c829a 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1920,9 +1920,11 @@ prepare_connection(#state{renegotiation = Renegotiate, start_or_recv_from = RecvFrom} = State0, Connection) when Renegotiate =/= {false, first}, RecvFrom =/= undefined -> - {Record, State} = Connection:next_record(State0), + State1 = Connection:reinit_handshake_data(State0), + {Record, State} = Connection:next_record(State1), {Record, ack_connection(State)}; -prepare_connection(State, _) -> +prepare_connection(State0, Connection) -> + State = Connection:reinit_handshake_data(State0), {no_record, ack_connection(State)}. ack_connection(#state{renegotiation = {true, Initiater}} = State) diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index 2193fc18c2..208edc644a 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -49,7 +49,8 @@ -export([next_record/1, next_event/3]). %% Handshake handling --export([renegotiate/2, send_handshake/2, send_change_cipher/2]). +-export([renegotiate/2, send_handshake/2, send_change_cipher/2, + reinit_handshake_data/1]). %% Alert and close handling -export([send_alert/2, handle_own_alert/4, handle_close_alert/3, @@ -131,6 +132,16 @@ send_change_cipher(Msg, #state{connection_states = ConnectionStates0, Transport:send(Socket, BinChangeCipher), State0#state{connection_states = ConnectionStates}. +reinit_handshake_data(State) -> + %% premaster_secret, public_key_info and tls_handshake_info + %% are only needed during the handshake phase. + %% To reduce memory foot print of a connection reinitialize them. + State#state{ + premaster_secret = undefined, + public_key_info = undefined, + tls_handshake_history = ssl_handshake:init_handshake_history() + }. + %%==================================================================== %% tls_connection_sup API %%==================================================================== |