diff options
author | Ingela Anderton Andin <[email protected]> | 2016-06-15 09:09:32 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2016-06-15 09:09:32 +0200 |
commit | 9a9c5d9ba7ebcbf254c848c006f4681828ea1dce (patch) | |
tree | fcd790942c32a23fca53ccc0ab4b7163bb0d3712 /lib/ssl/src/ssl_record.erl | |
parent | eb83cd576340259c1ed1b4a7b02caa7195d2d6d0 (diff) | |
parent | 49b815f872d7e7ea38260ee5bd8bf470fa42c03a (diff) | |
download | otp-9a9c5d9ba7ebcbf254c848c006f4681828ea1dce.tar.gz otp-9a9c5d9ba7ebcbf254c848c006f4681828ea1dce.tar.bz2 otp-9a9c5d9ba7ebcbf254c848c006f4681828ea1dce.zip |
Merge branch 'ingela/ssl/dtls-next-step-flights/OTP-13678'
* ingela/ssl/dtls-next-step-flights/OTP-13678:
dtls: Avoid dialyzer errors
dtls: add implementation for msg sequence
dtls: Remove TODO
dtls: sync dtls_record DTLS version and crypto handling with TLS
dtls: handle Hello and HelloVerify's in dtls_handshake
dtls: rework/simplify DTLS fragment decoder
dtls: add support first packet and HelloVerifyRequest
dtls: sync handle_info for connection close with TLS
dtls: sync handling of ClientHello with TLS
dtls: rework handshake flight encodeing
dtls: implement next_tls_record
dtls: sync init and initial_state with tls_connection
dtls: update start_fsm for new ssl_connection API
ssl: introduce the notion of flights for dtls and tls
ssl: move available_signature_algs to ssl_handshake
Diffstat (limited to 'lib/ssl/src/ssl_record.erl')
-rw-r--r-- | lib/ssl/src/ssl_record.erl | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_record.erl b/lib/ssl/src/ssl_record.erl index 0a086f5eeb..5bb1c92c2d 100644 --- a/lib/ssl/src/ssl_record.erl +++ b/lib/ssl/src/ssl_record.erl @@ -72,7 +72,8 @@ init_connection_states(Role, BeastMitigation) -> ConnectionEnd = record_protocol_role(Role), Current = initial_connection_state(ConnectionEnd, BeastMitigation), Pending = empty_connection_state(ConnectionEnd, BeastMitigation), - #connection_states{current_read = Current, + #connection_states{dtls_write_msg_seq = 1, % only used by dtls + current_read = Current, pending_read = Pending, current_write = Current, pending_write = Pending @@ -320,14 +321,25 @@ encode_handshake(Frag, Version, beast_mitigation = BeastMitigation, security_parameters = #security_parameters{bulk_cipher_algorithm = BCA}}} = - ConnectionStates) -> + ConnectionStates) +when is_list(Frag) -> case iolist_size(Frag) of N when N > ?MAX_PLAIN_TEXT_LENGTH -> Data = split_bin(iolist_to_binary(Frag), ?MAX_PLAIN_TEXT_LENGTH, Version, BCA, BeastMitigation), encode_iolist(?HANDSHAKE, Data, Version, ConnectionStates); _ -> encode_plain_text(?HANDSHAKE, Version, Frag, ConnectionStates) - end. + end; +%% TODO: this is a workarround for DTLS +%% +%% DTLS need to select the connection write state based on Epoch it wants to +%% send this fragment in. That Epoch does not nessarily has to be the same +%% as the current_write epoch. +%% The right solution might be to pass the WriteState instead of the ConnectionStates, +%% however, this will require substantion API changes. +encode_handshake(Frag, Version, ConnectionStates) -> + encode_plain_text(?HANDSHAKE, Version, Frag, ConnectionStates). + %%-------------------------------------------------------------------- -spec encode_alert_record(#alert{}, ssl_version(), #connection_states{}) -> {iolist(), #connection_states{}}. |