diff options
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 14 | ||||
-rw-r--r-- | lib/ssl/src/ssl_connection.hrl | 4 |
2 files changed, 10 insertions, 8 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index e2c9423560..5510235b04 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -901,8 +901,8 @@ certify(internal, #server_hello_done{}, #state{static_env = #static_env{role = client}, session = #session{master_secret = undefined}, connection_env = #connection_env{negotiated_version = Version}, - handshake_env = #handshake_env{premaster_secret = undefined} = HsEnv, - psk_identity = PSKIdentity, + handshake_env = #handshake_env{premaster_secret = undefined, + server_psk_identity = PSKIdentity} = HsEnv, ssl_options = #ssl_options{user_lookup_fun = PSKLookup}, key_algorithm = Alg} = State0, Connection) when Alg == psk -> @@ -918,10 +918,10 @@ certify(internal, #server_hello_done{}, certify(internal, #server_hello_done{}, #state{static_env = #static_env{role = client}, connection_env = #connection_env{negotiated_version = {Major, Minor}} = Version, - handshake_env = #handshake_env{premaster_secret = undefined} = HsEnv, + handshake_env = #handshake_env{premaster_secret = undefined, + server_psk_identity = PSKIdentity} = HsEnv, session = #session{master_secret = undefined}, ssl_options = #ssl_options{user_lookup_fun = PSKLookup}, - psk_identity = PSKIdentity, key_algorithm = Alg} = State0, Connection) when Alg == rsa_psk -> Rand = ssl_cipher:random_bytes(?NUM_OF_PREMASTERSECRET_BYTES-2), @@ -2087,9 +2087,11 @@ calculate_secret(#server_ecdh_params{curve = ECCurve, public = ECServerPubKey}, calculate_secret(#server_psk_params{ hint = IdentityHint}, - State, Connection) -> + #state{handshake_env = HsEnv} = State, Connection) -> %% store for later use - Connection:next_event(certify, no_record, State#state{psk_identity = IdentityHint}); + Connection:next_event(certify, no_record, + State#state{handshake_env = + HsEnv#handshake_env{server_psk_identity = IdentityHint}}); calculate_secret(#server_dhe_psk_params{ dh_params = #server_dh_params{dh_p = Prime, dh_g = Base}} = ServerKey, diff --git a/lib/ssl/src/ssl_connection.hrl b/lib/ssl/src/ssl_connection.hrl index d598e513fa..27d414d351 100644 --- a/lib/ssl/src/ssl_connection.hrl +++ b/lib/ssl/src/ssl_connection.hrl @@ -70,7 +70,8 @@ cert_hashsign_algorithm = {undefined, undefined}, %% key exchange public_key_info :: ssl_handshake:public_key_info() | 'undefined', - premaster_secret :: binary() | secret_printout() | 'undefined' + premaster_secret :: binary() | secret_printout() | 'undefined', + server_psk_identity :: binary() | 'undefined' % server psk identity hint }). -record(connection_env, { @@ -109,7 +110,6 @@ key_algorithm :: ssl:key_algo(), diffie_hellman_params:: #'DHParameter'{} | undefined | secret_printout(), diffie_hellman_keys :: {PublicKey :: binary(), PrivateKey :: binary()} | #'ECPrivateKey'{} | undefined | secret_printout(), - psk_identity :: binary() | 'undefined', % server psk identity hint srp_params :: #srp_user{} | secret_printout() | 'undefined', srp_keys ::{PublicKey :: binary(), PrivateKey :: binary()} | secret_printout() | 'undefined', flight_buffer = [] :: list() | map() %% Buffer of TLS/DTLS records, used during the TLS handshake |