diff options
author | Péter Dimitrov <[email protected]> | 2019-01-30 17:03:00 +0100 |
---|---|---|
committer | Péter Dimitrov <[email protected]> | 2019-02-08 09:30:19 +0100 |
commit | c3e98b376063718cae7937784a8bada230ff2429 (patch) | |
tree | f8a0f33db071434b1161e1eeae0b7ef822a6c8bd /lib/ssl/src/tls_connection.erl | |
parent | 20b76b6c535bf0279950ea9ef5d02c52a9f8b51c (diff) | |
download | otp-c3e98b376063718cae7937784a8bada230ff2429.tar.gz otp-c3e98b376063718cae7937784a8bada230ff2429.tar.bz2 otp-c3e98b376063718cae7937784a8bada230ff2429.zip |
ssl: Improve TLS 1.3 statem
- Store FinishedKey in cipher_state.
- Implement state 'wait_finished'.
- Calculate traffic secrets in 'wait_finished' after Finished
received from client and go to state 'Connection'.
- Drop 'change_cipher_spec' messages (middlebox compatibility mode).
- Extend tests of 1-RTT.
Change-Id: Id69619ec5da053ffaaef75378678a27afeef6916
Diffstat (limited to 'lib/ssl/src/tls_connection.erl')
-rw-r--r-- | lib/ssl/src/tls_connection.erl | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index 159250e6d7..e7388f9573 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -50,7 +50,8 @@ handle_protocol_record/3]). %% Handshake handling --export([renegotiation/2, renegotiate/2, send_handshake/2, +-export([renegotiation/2, renegotiate/2, send_handshake/2, + send_handshake_flight/1, queue_handshake/2, queue_change_cipher/2, reinit/1, reinit_handshake_data/1, select_sni_extension/1, empty_connection_state/2]). @@ -225,8 +226,8 @@ decode_cipher_texts(Version, Type, {#ssl_tls{type = ?APPLICATION_DATA, fragment = Plain}, ConnectionStates} -> decode_cipher_texts(Version, Type, CipherTexts, ConnectionStates, Check, <<Acc/binary, Plain/binary>>); - {#ssl_tls{type = Type, fragment = Plain}, ConnectionStates} -> - {#ssl_tls{type = Type, fragment = Plain}, ConnectionStates, CipherTexts}; + {#ssl_tls{type = Type0, fragment = Plain}, ConnectionStates} -> + {#ssl_tls{type = Type0, fragment = Plain}, ConnectionStates, CipherTexts}; #alert{} = Alert -> {Alert, ConnectionStates0, CipherTexts} end; |