ssl: Implement DTLS state machine

Beta DTLS, not production ready. Only very basically tested, and
not everything in the SPEC is implemented and some things
are hard coded that should not be, so this implementation can not be consider
secure.

Refactor "TLS connection state" and socket handling, to facilitate
DTLS implementation.

Create dtls "listner" (multiplexor) process that spawns
DTLS connection process handlers.

Handle DTLS fragmentation.

Framework for handling retransmissions.

Replay Detection is not implemented yet.

Alerts currently always handled as in TLS.

1 files changed, 9 insertions, 8 deletions

diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl
index fca3e11894..2027652a7f 100644
--- a/lib/ssl/src/ssl_connection.hrl
+++ b/lib/ssl/src/ssl_connection.hrl
@@ -43,7 +43,7 @@
 	  error_tag             :: atom(),   % ex tcp_error
           host                  :: string() | inet:ip_address(),
           port                  :: integer(),
-          socket                :: port(),
+          socket                :: port() | tuple(), %% TODO: dtls socket
           ssl_options           :: #ssl_options{},
           socket_options        :: #socket_options{},
           connection_states     :: ssl_record:connection_states() | secret_printout(),
@@ -81,17 +81,18 @@
 	  allow_renegotiate = true                    ::boolean(),
           expecting_next_protocol_negotiation = false ::boolean(),
 	  expecting_finished =                  false ::boolean(),
-          negotiated_protocol = undefined             :: undefined | binary(),
+          next_protocol = undefined                   :: undefined | binary(),
+	  negotiated_protocol,
 	  tracker              :: pid() | 'undefined', %% Tracker process for listen socket
 	  sni_hostname = undefined,
 	  downgrade,
-	  flight_buffer = []   :: list()  %% Buffer of TLS/DTLS records, used during the TLS handshake
-				          %% to when possible pack more than on TLS record into the 
-                                          %% underlaying packet format. Introduced by DTLS - RFC 4347.
-				          %% The mecahnism is also usefull in TLS although we do not
-				          %% need to worry about packet loss in TLS.
+	  flight_buffer = []   :: list() | map(),  %% Buffer of TLS/DTLS records, used during the TLS handshake
+				   %% to when possible pack more than on TLS record into the 
+				   %% underlaying packet format. Introduced by DTLS - RFC 4347.
+				   %% The mecahnism is also usefull in TLS although we do not
+				   %% need to worry about packet loss in TLS. In DTLS we need to track DTLS handshake seqnr
+	 flight_state = reliable  %% reliable | {retransmit, integer()}| {waiting, ref(), integer()} - last two is used in DTLS over udp.   
 	 }).
-
 -define(DEFAULT_DIFFIE_HELLMAN_PARAMS,
 	#'DHParameter'{prime = ?DEFAULT_DIFFIE_HELLMAN_PRIME,
 		       base = ?DEFAULT_DIFFIE_HELLMAN_GENERATOR}).