Merge branch 'maint'

Conflicts: lib/ssl/src/tls_connection.erl
author: Ingela Anderton Andin <[email protected]> 2018-12-20 09:51:32 +0100
committer: Ingela Anderton Andin <[email protected]> 2018-12-20 09:51:32 +0100
commit: 12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724 (patch)
tree: 7b2ee758247a7aef1fcb385fc95f31258b04ecff /lib/ssl/src
parent: 11b53eb69628f16d2aaa49811fd060ddb1c91295 (diff)
parent: 9aac178d30c5bad940e68a7eb8a36596df5ed903 (diff)
download: otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.tar.gz
otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.tar.bz2
otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.zip
3 files changed, 36 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index afb2ab6020..19186336cb 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1153,7 +1153,7 @@ handle_common_event(internal, {handshake, {#hello_request{} = Handshake, _}}, co
 handle_common_event(internal, {handshake, {#hello_request{}, _}}, StateName,
                     #state{static_env = #static_env{role = client}}, _)
   when StateName =/= connection ->
-    {keep_state_and_data};
+    keep_state_and_data;
 handle_common_event(internal, {handshake, {Handshake, Raw}}, StateName,
 		    #state{tls_handshake_history = Hs0} = State0,
 		    Connection) ->
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index ea56aba34f..a49f0d99ca 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -683,12 +683,35 @@ connection(internal, #hello_request{},
                                            port = Port,
                                            session_cache = Cache,
                                            session_cache_cb = CacheCb},
+                  renegotiation = {Renegotiation, peer},
+		  session = #session{own_certificate = Cert} = Session0,
+		  ssl_options = SslOpts, 
+                  protocol_specific = #{sender := Pid},
+		  connection_states = ConnectionStates} = State0) ->
+    try tls_sender:peer_renegotiate(Pid) of
+        {ok, Write} ->
+            Hello = tls_handshake:client_hello(Host, Port, ConnectionStates, SslOpts,
+                                               Cache, CacheCb, Renegotiation, Cert),
+            {State, Actions} = send_handshake(Hello, State0#state{connection_states = ConnectionStates#{current_write => Write}}),
+            next_event(hello, no_record, State#state{session = Session0#session{session_id
+                                                                      = Hello#client_hello.session_id}}, Actions)
+        catch 
+            _:_ ->
+                {stop, {shutdown, sender_blocked}, State0}
+        end;
+connection(internal, #hello_request{},
+	   #state{static_env = #static_env{role = client,
+                                           host = Host,
+                                           port = Port,
+                                           session_cache = Cache,
+                                           session_cache_cb = CacheCb},
                   renegotiation = {Renegotiation, _},
 		  session = #session{own_certificate = Cert} = Session0,
-		  ssl_options = SslOpts,                
+		  ssl_options = SslOpts, 
 		  connection_states = ConnectionStates} = State0) ->
     Hello = tls_handshake:client_hello(Host, Port, ConnectionStates, SslOpts,
 				       Cache, CacheCb, Renegotiation, Cert, undefined),
+
     {State, Actions} = send_handshake(Hello, State0),
     next_event(hello, no_record, State#state{session = Session0#session{session_id
                                                                         = Hello#client_hello.session_id}}, Actions);
@@ -718,6 +741,7 @@ connection(internal, #client_hello{},
     send_alert_in_connection(Alert, State0),
     State = Connection:reinit_handshake_data(State0),
     next_event(?FUNCTION_NAME, no_record, State);
+
 connection(Type, Event, State) ->
     ssl_connection:?FUNCTION_NAME(Type, Event, State, ?MODULE).
 
diff --git a/lib/ssl/src/tls_sender.erl b/lib/ssl/src/tls_sender.erl
index 4399999221..1559fcbb37 100644
--- a/lib/ssl/src/tls_sender.erl
+++ b/lib/ssl/src/tls_sender.erl
@@ -29,7 +29,7 @@
 
 %% API
 -export([start/0, start/1, initialize/2, send_data/2, send_alert/2,
-         send_and_ack_alert/2, setopts/2, renegotiate/1, downgrade/2,
+         send_and_ack_alert/2, setopts/2, renegotiate/1, peer_renegotiate/1, downgrade/2,
          update_connection_state/3, dist_tls_socket/1, dist_handshake_complete/3]).
 
 %% gen_statem callbacks
@@ -119,6 +119,15 @@ setopts(Pid, Opts) ->
 renegotiate(Pid) ->
     %% Needs error handling for external API
     call(Pid, renegotiate).
+
+%%--------------------------------------------------------------------
+-spec peer_renegotiate(pid()) -> {ok, WriteState::map()} | {error, term()}.
+%% Description: So TLS connection process can synchronize the 
+%% encryption state to be used when handshaking.
+%%--------------------------------------------------------------------
+peer_renegotiate(Pid) ->
+     gen_statem:call(Pid, renegotiate, ?DEFAULT_TIMEOUT).
+
 %%--------------------------------------------------------------------
 -spec update_connection_state(pid(), WriteState::map(), tls_record:tls_version()) -> ok. 
 %% Description: So TLS connection process can synchronize the
author	Ingela Anderton Andin <[email protected]>	2018-12-20 09:51:32 +0100
committer	Ingela Anderton Andin <[email protected]>	2018-12-20 09:51:32 +0100
commit	12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724 (patch)
tree	7b2ee758247a7aef1fcb385fc95f31258b04ecff /lib/ssl/src
parent	11b53eb69628f16d2aaa49811fd060ddb1c91295 (diff)
parent	9aac178d30c5bad940e68a7eb8a36596df5ed903 (diff)
download	otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.tar.gz otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.tar.bz2 otp-12d4c5b8ec6310952ee5e72c4a07b5d6bb2bf724.zip