diff options
| -rw-r--r-- | lib/ssl/src/ssl_connection.erl | 7 | ||||
| -rw-r--r-- | lib/ssl/src/ssl_handshake.erl | 22 | ||||
| -rw-r--r-- | lib/ssl/src/ssl_handshake.hrl | 4 | ||||
| -rw-r--r-- | lib/ssl/src/ssl_internal.hrl | 4 | ||||
| -rw-r--r-- | lib/ssl/test/ssl_npn_handshake_SUITE.erl | 1 |
5 files changed, 18 insertions, 20 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 4e3f0bd46d..23f22987df 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1311,8 +1311,6 @@ verify_client_cert(#state{client_certificate_requested = true, role = client, verify_client_cert(#state{client_certificate_requested = false} = State) -> State. - - do_server_hello(Type, NextProtocolsToSend, #state{negotiated_version = Version, session = #session{session_id = SessId}, connection_states = ConnectionStates0, @@ -1588,7 +1586,6 @@ finalize_handshake(State, StateName) -> State2 = next_protocol(State1), finished(State2, StateName). - next_protocol(#state{role = server} = State) -> State; next_protocol(#state{next_protocol = undefined} = State) -> @@ -2115,8 +2112,8 @@ next_state_is_connection(_, State = next_state_is_connection(StateName, State0) -> {Record, State} = next_record_if_active(State0), next_state(StateName, connection, Record, State#state{premaster_secret = undefined, - public_key_info = undefined, - tls_handshake_history = ssl_handshake:init_handshake_history()}). + public_key_info = undefined, + tls_handshake_history = ssl_handshake:init_handshake_history()}). register_session(client, Host, Port, #session{is_resumable = new} = Session0) -> Session = Session0#session{is_resumable = true}, diff --git a/lib/ssl/src/ssl_handshake.erl b/lib/ssl/src/ssl_handshake.erl index 695721d51a..fa1784714f 100644 --- a/lib/ssl/src/ssl_handshake.erl +++ b/lib/ssl/src/ssl_handshake.erl @@ -44,14 +44,7 @@ -type tls_handshake() :: #client_hello{} | #server_hello{} | #server_hello_done{} | #certificate{} | #certificate_request{} | #client_key_exchange{} | #finished{} | #certificate_verify{} | - #hello_request{}. - -encode_client_protocol_negotiation(undefined, _) -> - undefined; -encode_client_protocol_negotiation(_, false) -> - #next_protocol_negotiation{extension_data = <<>>}; -encode_client_protocol_negotiation(_, _) -> - undefined. + #hello_request{} | #next_protocol{}. %%==================================================================== %% Internal application API @@ -104,7 +97,7 @@ encode_protocols_advertised_on_server(Protocols) -> %%-------------------------------------------------------------------- -spec server_hello(session_id(), tls_version(), #connection_states{}, - boolean(), list(string())) -> #server_hello{}. + boolean(), [binary()] | undefined) -> #server_hello{}. %% %% Description: Creates a server hello message. %%-------------------------------------------------------------------- @@ -716,7 +709,7 @@ next_protocol_extension_allowed(NextProtocolSelector, Renegotiating) -> handle_next_protocol_on_server(#client_hello{next_protocol_negotiation = undefined}, _Renegotiation, _SslOpts) -> undefined; -handle_next_protocol_on_server(#client_hello{next_protocol_negotiation = {next_protocol_negotiation,<<>>}}, +handle_next_protocol_on_server(#client_hello{next_protocol_negotiation = {next_protocol_negotiation, <<>>}}, false, #ssl_options{next_protocols_advertised = Protocols}) -> Protocols; @@ -1268,8 +1261,15 @@ enc_hello_extensions([#hash_sign_algos{hash_sign_algos = HashSignAlgos} | Rest], {Hash, Sign} <- HashSignAlgos >>, ListLen = byte_size(SignAlgoList), Len = ListLen + 2, - enc_hello_extensions(Rest, <<?UINT16(?SIGNATURE_ALGORITHMS_EXT), ?UINT16(Len), ?UINT16(ListLen), SignAlgoList/binary, Acc/binary>>). + enc_hello_extensions(Rest, <<?UINT16(?SIGNATURE_ALGORITHMS_EXT), + ?UINT16(Len), ?UINT16(ListLen), SignAlgoList/binary, Acc/binary>>). +encode_client_protocol_negotiation(undefined, _) -> + undefined; +encode_client_protocol_negotiation(_, false) -> + #next_protocol_negotiation{extension_data = <<>>}; +encode_client_protocol_negotiation(_, _) -> + undefined. from_3bytes(Bin3) -> from_3bytes(Bin3, []). diff --git a/lib/ssl/src/ssl_handshake.hrl b/lib/ssl/src/ssl_handshake.hrl index a4ce48c291..9af6511d68 100644 --- a/lib/ssl/src/ssl_handshake.hrl +++ b/lib/ssl/src/ssl_handshake.hrl @@ -100,7 +100,7 @@ compression_methods, % compression_methods<1..2^8-1>, renegotiation_info, hash_signs, % supported combinations of hashes/signature algos - next_protocol_negotiation = undefined :: undefined | list(binary()) + next_protocol_negotiation = undefined % [binary()] }). -record(server_hello, { @@ -111,7 +111,7 @@ compression_method, % compression_method renegotiation_info, hash_signs, % supported combinations of hashes/signature algos - next_protocol_negotiation = undefined :: undefined | list(binary()) + next_protocol_negotiation = undefined % [binary()] }). %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl index 643b3fbf7d..a5db2dcee7 100644 --- a/lib/ssl/src/ssl_internal.hrl +++ b/lib/ssl/src/ssl_internal.hrl @@ -107,8 +107,8 @@ % go into hibernation %% This option should only be set to true by inet_tls_dist erl_dist = false, - next_protocols_advertised = undefined :: list(binary()), - next_protocol_selector = undefined :: fun((list(binary())) -> binary()) + next_protocols_advertised = undefined, %% [binary()], + next_protocol_selector = undefined %% fun([binary()]) -> binary()) }). -record(socket_options, diff --git a/lib/ssl/test/ssl_npn_handshake_SUITE.erl b/lib/ssl/test/ssl_npn_handshake_SUITE.erl index 8bef2d8d22..eef09f42f2 100644 --- a/lib/ssl/test/ssl_npn_handshake_SUITE.erl +++ b/lib/ssl/test/ssl_npn_handshake_SUITE.erl @@ -27,6 +27,7 @@ suite() -> [{ct_hooks,[ts_install_cth]}]. init_per_suite(Config) -> + catch crypto:stop(), try crypto:start() of ok -> application:start(public_key), |