aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
diff options
context:
space:
mode:
authorAndreas Schultz <[email protected]>2016-05-04 10:57:16 +0200
committerIngela Anderton Andin <[email protected]>2016-06-13 22:24:14 +0200
commite919adc2411718514419ea91034a911a08d1605d (patch)
treee27275f62e7ced2214a256368b7458ae08669ef5 /lib/ssl
parent615ae720c1d123168623f411ccf5e8e528828088 (diff)
downloadotp-e919adc2411718514419ea91034a911a08d1605d.tar.gz
otp-e919adc2411718514419ea91034a911a08d1605d.tar.bz2
otp-e919adc2411718514419ea91034a911a08d1605d.zip
dtls: sync handle_info for connection close with TLS
Diffstat (limited to 'lib/ssl')
-rw-r--r--lib/ssl/src/dtls_connection.erl19
1 files changed, 16 insertions, 3 deletions
diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl
index dfed9ce8c3..8d7763c7cb 100644
--- a/lib/ssl/src/dtls_connection.erl
+++ b/lib/ssl/src/dtls_connection.erl
@@ -338,11 +338,24 @@ handle_info({Protocol, _, Data}, StateName,
{stop, {shutdown, own_alert}}
end;
handle_info({CloseTag, Socket}, StateName,
- #state{socket = Socket, close_tag = CloseTag,
- negotiated_version = _Version} = State) ->
+ #state{socket = Socket, close_tag = CloseTag,
+ negotiated_version = Version} = State) ->
+ %% Note that as of DTLS 1.2 (TLS 1.1),
+ %% failure to properly close a connection no longer requires that a
+ %% session not be resumed. This is a change from DTLS 1.0 to conform
+ %% with widespread implementation practice.
+ case Version of
+ {254, N} when N =< 253 ->
+ ok;
+ _ ->
+ %% As invalidate_sessions here causes performance issues,
+ %% we will conform to the widespread implementation
+ %% practice and go aginst the spec
+ %%invalidate_session(Role, Host, Port, Session)
+ ok
+ end,
handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), StateName, State),
{stop, {shutdown, transport_closed}};
-
handle_info(Msg, StateName, State) ->
ssl_connection:handle_info(Msg, StateName, State).