diff options
| author | Ingela Anderton Andin <[email protected]> | 2013-03-06 18:02:27 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2013-03-06 18:02:27 +0100 |
| commit | 77162de4d1fc15731f8c9a518435db9fa864525f (patch) | |
| tree | f61e4b0448a150993ba996d4baa797dc3ddd5528 /lib/ssl/src | |
| parent | 5086c3eea85e1c4cb7e9463c4ca919a32e3cb21c (diff) | |
| download | otp-77162de4d1fc15731f8c9a518435db9fa864525f.tar.gz otp-77162de4d1fc15731f8c9a518435db9fa864525f.tar.bz2 otp-77162de4d1fc15731f8c9a518435db9fa864525f.zip | |
ssl: Handle next protocol negotiation when reusing a session.
Diffstat (limited to 'lib/ssl/src')
| -rw-r--r-- | lib/ssl/src/ssl_connection.erl | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 52ddd3c932..4d29ecce7a 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -471,6 +471,13 @@ abbreviated(#finished{verify_data = Data} = Finished, handle_own_alert(Alert, Version, abbreviated, State) end; +%% only allowed to send next_protocol message after change cipher spec +%% & before finished message and it is not allowed during renegotiation +abbreviated(#next_protocol{selected_protocol = SelectedProtocol}, + #state{role = server, expecting_next_protocol_negotiation = true} = State0) -> + {Record, State} = next_record(State0#state{next_protocol = SelectedProtocol}), + next_state(abbreviated, abbreviated, Record, State); + abbreviated(timeout, State) -> { next_state, abbreviated, State, hibernate }; @@ -655,7 +662,7 @@ cipher(#certificate_verify{signature = Signature, hashsign_algorithm = CertHashS handle_own_alert(Alert, Version, cipher, State0) end; -% client must send a next protocol message if we are expecting it +%% client must send a next protocol message if we are expecting it cipher(#finished{}, #state{role = server, expecting_next_protocol_negotiation = true, next_protocol = undefined, negotiated_version = Version} = State0) -> handle_own_alert(?ALERT_REC(?FATAL,?UNEXPECTED_MESSAGE), Version, cipher, State0); @@ -680,8 +687,8 @@ cipher(#finished{verify_data = Data} = Finished, handle_own_alert(Alert, Version, cipher, State) end; -% only allowed to send next_protocol message after change cipher spec -% & before finished message and it is not allowed during renegotiation +%% only allowed to send next_protocol message after change cipher spec +%% & before finished message and it is not allowed during renegotiation cipher(#next_protocol{selected_protocol = SelectedProtocol}, #state{role = server, expecting_next_protocol_negotiation = true} = State0) -> {Record, State} = next_record(State0#state{next_protocol = SelectedProtocol}), |