diff options
author | Andreas Schultz <[email protected]> | 2016-05-04 10:57:16 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2016-06-13 22:24:14 +0200 |
commit | e919adc2411718514419ea91034a911a08d1605d (patch) | |
tree | e27275f62e7ced2214a256368b7458ae08669ef5 /lib/ssl | |
parent | 615ae720c1d123168623f411ccf5e8e528828088 (diff) | |
download | otp-e919adc2411718514419ea91034a911a08d1605d.tar.gz otp-e919adc2411718514419ea91034a911a08d1605d.tar.bz2 otp-e919adc2411718514419ea91034a911a08d1605d.zip |
dtls: sync handle_info for connection close with TLS
Diffstat (limited to 'lib/ssl')
-rw-r--r-- | lib/ssl/src/dtls_connection.erl | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index dfed9ce8c3..8d7763c7cb 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -338,11 +338,24 @@ handle_info({Protocol, _, Data}, StateName, {stop, {shutdown, own_alert}} end; handle_info({CloseTag, Socket}, StateName, - #state{socket = Socket, close_tag = CloseTag, - negotiated_version = _Version} = State) -> + #state{socket = Socket, close_tag = CloseTag, + negotiated_version = Version} = State) -> + %% Note that as of DTLS 1.2 (TLS 1.1), + %% failure to properly close a connection no longer requires that a + %% session not be resumed. This is a change from DTLS 1.0 to conform + %% with widespread implementation practice. + case Version of + {254, N} when N =< 253 -> + ok; + _ -> + %% As invalidate_sessions here causes performance issues, + %% we will conform to the widespread implementation + %% practice and go aginst the spec + %%invalidate_session(Role, Host, Port, Session) + ok + end, handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), StateName, State), {stop, {shutdown, transport_closed}}; - handle_info(Msg, StateName, State) -> ssl_connection:handle_info(Msg, StateName, State). |