diff options
author | Ingela Anderton Andin <[email protected]> | 2019-01-15 15:36:53 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2019-01-15 15:36:53 +0100 |
commit | a9b0c987fc6fc6ba11a3db523e4b8afb79c1b69f (patch) | |
tree | 865c153a245a706c2c8a77d64262a4a63fc3f1fa /lib/ssl/src/ssl_connection.erl | |
parent | 39b4b728d5950a9c4db5bb2551919af1d8811a21 (diff) | |
parent | acc4f00fe4b3c66738aaf3f58951dbf0a96b174c (diff) | |
download | otp-a9b0c987fc6fc6ba11a3db523e4b8afb79c1b69f.tar.gz otp-a9b0c987fc6fc6ba11a3db523e4b8afb79c1b69f.tar.bz2 otp-a9b0c987fc6fc6ba11a3db523e4b8afb79c1b69f.zip |
Merge branch 'maint'
Conflicts:
lib/ssl/src/ssl.erl
Diffstat (limited to 'lib/ssl/src/ssl_connection.erl')
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 30 |
1 files changed, 25 insertions, 5 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index d534df7ee0..a95a96f644 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1050,7 +1050,7 @@ cipher(internal, #finished{verify_data = Data} = Finished, get_current_prf(ConnectionStates0, read), MasterSecret, Handshake0) of verified -> - Session = register_session(Role, host_id(Role, Host, SslOpts), Port, Session0), + Session = handle_session(Role, SslOpts, Host, Port, Session0), cipher_role(Role, Data, Session, State#state{expecting_finished = false}, Connection); #alert{} = Alert -> @@ -2455,15 +2455,35 @@ session_handle_params(#server_ecdh_params{curve = ECCurve}, Session) -> session_handle_params(_, Session) -> Session. -register_session(client, Host, Port, #session{is_resumable = new} = Session0) -> +handle_session(Role = server, #ssl_options{reuse_sessions = true} = SslOpts, + Host, Port, Session0) -> + register_session(Role, host_id(Role, Host, SslOpts), Port, Session0, true); +handle_session(Role = client, #ssl_options{verify = verify_peer, + reuse_sessions = Reuse} = SslOpts, + Host, Port, Session0) when Reuse =/= false -> + register_session(Role, host_id(Role, Host, SslOpts), Port, Session0, reg_type(Reuse)); +handle_session(server, _, Host, Port, Session) -> + %% Remove "session of type new" entry from session DB + ssl_manager:invalidate_session(Host, Port, Session), + Session; +handle_session(client, _,_,_, Session) -> + %% In client case there is no entry yet, so nothing to remove + Session. + +reg_type(save) -> + true; +reg_type(true) -> + unique. + +register_session(client, Host, Port, #session{is_resumable = new} = Session0, Save) -> Session = Session0#session{is_resumable = true}, - ssl_manager:register_session(Host, Port, Session), + ssl_manager:register_session(Host, Port, Session, Save), Session; -register_session(server, _, Port, #session{is_resumable = new} = Session0) -> +register_session(server, _, Port, #session{is_resumable = new} = Session0, _) -> Session = Session0#session{is_resumable = true}, ssl_manager:register_session(Port, Session), Session; -register_session(_, _, _, Session) -> +register_session(_, _, _, Session, _) -> Session. %% Already registered host_id(client, _Host, #ssl_options{server_name_indication = Hostname}) when is_list(Hostname) -> |