diff options
author | Ingela Anderton Andin <[email protected]> | 2016-05-09 09:23:23 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2016-05-09 09:23:23 +0200 |
commit | 87d869dd7b8711d4a43aaaf9a876df16f4f4f5b9 (patch) | |
tree | 33816ad1ce457aeb6fa18721d6f78fc78c3c38fb /lib/ssl/src | |
parent | db39317ea85f7d8646b3da3d96f2f05954e16665 (diff) | |
parent | 470976e07820f0c8cd99b3437d1b7fbebd76004c (diff) | |
download | otp-87d869dd7b8711d4a43aaaf9a876df16f4f4f5b9.tar.gz otp-87d869dd7b8711d4a43aaaf9a876df16f4f4f5b9.tar.bz2 otp-87d869dd7b8711d4a43aaaf9a876df16f4f4f5b9.zip |
Merge branch 'ingela/ssl/memory-foot-print'
* ingela/ssl/memory-foot-print:
ssl: Add reinitialization of handshake data lost in gen_statem refactorization
Diffstat (limited to 'lib/ssl/src')
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 6 | ||||
-rw-r--r-- | lib/ssl/src/tls_connection.erl | 13 |
2 files changed, 16 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 57fa1b904e..a7657c829a 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1920,9 +1920,11 @@ prepare_connection(#state{renegotiation = Renegotiate, start_or_recv_from = RecvFrom} = State0, Connection) when Renegotiate =/= {false, first}, RecvFrom =/= undefined -> - {Record, State} = Connection:next_record(State0), + State1 = Connection:reinit_handshake_data(State0), + {Record, State} = Connection:next_record(State1), {Record, ack_connection(State)}; -prepare_connection(State, _) -> +prepare_connection(State0, Connection) -> + State = Connection:reinit_handshake_data(State0), {no_record, ack_connection(State)}. ack_connection(#state{renegotiation = {true, Initiater}} = State) diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index 2193fc18c2..208edc644a 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -49,7 +49,8 @@ -export([next_record/1, next_event/3]). %% Handshake handling --export([renegotiate/2, send_handshake/2, send_change_cipher/2]). +-export([renegotiate/2, send_handshake/2, send_change_cipher/2, + reinit_handshake_data/1]). %% Alert and close handling -export([send_alert/2, handle_own_alert/4, handle_close_alert/3, @@ -131,6 +132,16 @@ send_change_cipher(Msg, #state{connection_states = ConnectionStates0, Transport:send(Socket, BinChangeCipher), State0#state{connection_states = ConnectionStates}. +reinit_handshake_data(State) -> + %% premaster_secret, public_key_info and tls_handshake_info + %% are only needed during the handshake phase. + %% To reduce memory foot print of a connection reinitialize them. + State#state{ + premaster_secret = undefined, + public_key_info = undefined, + tls_handshake_history = ssl_handshake:init_handshake_history() + }. + %%==================================================================== %% tls_connection_sup API %%==================================================================== |