1 files changed, 42 insertions, 27 deletions
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index 14db4a6067..0186f9fca2 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -24,9 +24,6 @@
 
 -include_lib("public_key/include/public_key.hrl"). 
 
-%% Looks like it does for backwards compatibility reasons
--record(sslsocket, {fd = nil, pid = nil}).
-
 -type reason()            :: term().
 -type reply()             :: term().
 -type msg()               :: term().
@@ -37,7 +34,6 @@
 -type tls_atom_version()  :: sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'.
 -type certdb_ref()        :: reference().
 -type db_handle()         :: term().
--type key_algo()          :: null | rsa | dhe_rsa | dhe_dss | ecdhe_ecdsa| ecdh_ecdsa | ecdh_rsa| srp_rsa| srp_dss | psk | dhe_psk | rsa_psk | dh_anon | ecdh_anon | srp_anon.
 -type der_cert()          :: binary().
 -type private_key()       :: #'RSAPrivateKey'{} | #'DSAPrivateKey'{} | #'ECPrivateKey'{}.
 -type issuer()            :: tuple().
@@ -50,6 +46,7 @@
 -define(UINT16(X),   X:16/unsigned-big-integer).
 -define(UINT24(X),   X:24/unsigned-big-integer).
 -define(UINT32(X),   X:32/unsigned-big-integer).
+-define(UINT48(X),   X:48/unsigned-big-integer).
 -define(UINT64(X),   X:64/unsigned-big-integer).
 -define(STRING(X),   ?UINT32((size(X))), (X)/binary).
 
@@ -57,6 +54,7 @@
 -define(uint16(X), << ?UINT16(X) >> ).
 -define(uint24(X), << ?UINT24(X) >> ).
 -define(uint32(X), << ?UINT32(X) >> ).
+-define(uint48(X), << ?UINT48(X) >> ).
 -define(uint64(X), << ?UINT64(X) >> ).
 
 -define(CDR_MAGIC, "GIOP").
@@ -71,27 +69,30 @@
 
 -define(ALL_SUPPORTED_VERSIONS, ['tlsv1.2', 'tlsv1.1', tlsv1, sslv3]).
 -define(MIN_SUPPORTED_VERSIONS, ['tlsv1.1', tlsv1, sslv3]).
+-define(ALL_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
+-define(MIN_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
 
 -record(ssl_options, {
-	  versions,   % 'tlsv1.2' | 'tlsv1.1' | tlsv1 | sslv3
-	  verify,     %   verify_none | verify_peer
-	  verify_fun, % fun(CertVerifyErrors) -> boolean()
-	  fail_if_no_peer_cert, % boolean()
-	  verify_client_once,  % boolean()
+	  protocol    :: tls | dtls,
+	  versions    :: ['tlsv1.2' | 'tlsv1.1' | tlsv1 | sslv3] | ['dtlsv1.2' | dtlsv1],
+	  verify      :: verify_none | verify_peer,
+	  verify_fun,  %%:: fun(CertVerifyErrors::term()) -> boolean(),
+	  fail_if_no_peer_cert ::  boolean(),
+	  verify_client_once   ::  boolean(),
 	  %% fun(Extensions, State, Verify, AccError) ->  {Extensions, State, AccError}
 	  validate_extensions_fun, 
-	  depth,      % integer()
-	  certfile,   % file()
-	  cert,       % der_encoded()
-	  keyfile,    % file()
-	  key,	      % der_encoded()
-	  password,   % 
-	  cacerts,    % [der_encoded()]
-	  cacertfile, % file()
-	  dh,         % der_encoded()
-	  dhfile,     % file()
+	  depth                :: integer(),
+	  certfile             :: binary(),
+	  cert                 :: der_encoded(),
+	  keyfile              :: binary(),
+	  key	               :: {'RSAPrivateKey' | 'DSAPrivateKey' | 'ECPrivateKey' | 'PrivateKeyInfo', der_encoded()},
+	  password	       :: string(),
+	  cacerts              :: [der_encoded()],
+	  cacertfile           :: binary(),
+	  dh                   :: der_encoded(),
+	  dhfile               :: binary(),
 	  user_lookup_fun,  % server option, fun to lookup the user
-	  psk_identity,  % binary
+	  psk_identity         :: binary(),
 	  srp_identity,  % client option {User, Password}
 	  ciphers,    % 
 	  %% Local policy for the server if it want's to reuse the session
@@ -100,20 +101,30 @@
 	  reuse_session,  
 	  %% If false sessions will never be reused, if true they
 	  %% will be reused if possible.
-	  reuse_sessions, % boolean()
+	  reuse_sessions       :: boolean(),
 	  renegotiate_at,
 	  secure_renegotiate,
 	  debug,
-	  hibernate_after,% undefined if not hibernating,
-                          % or number of ms of inactivity
-			  % after which ssl_connection will
-                          % go into hibernation
+	  %% undefined if not hibernating, or number of ms of
+	  %% inactivity after which ssl_connection will go into
+	  %% hibernation
+	  hibernate_after      :: boolean(),
 	  %% This option should only be set to true by inet_tls_dist
-	  erl_dist = false,
+	  erl_dist = false     :: boolean(),
 	  next_protocols_advertised = undefined, %% [binary()],
-	  next_protocol_selector = undefined  %% fun([binary()]) -> binary())
+	  next_protocol_selector = undefined,  %% fun([binary()]) -> binary())
+	  log_alert             :: boolean(),
+	  server_name_indication = undefined
 	  }).
 
+-record(config, {ssl,               %% SSL parameters
+		 inet_user,         %% User set inet options
+		 emulated,          %% #socket_option{} emulated
+		 inet_ssl,          %% inet options for internal ssl socket
+		 transport_info,                 %% Callback info
+		 connection_cb
+		}).
+
 -record(socket_options,
 	{
 	  mode   = list, 
@@ -123,6 +134,10 @@
 	  active = true
 	 }).
 
+-type state_name()           :: hello | abbreviated | certify | cipher | connection.
+-type gen_fsm_state_return() :: {next_state, state_name(), term()} |
+				{next_state, state_name(), term(), timeout()} |
+				{stop, term(), term()}.
 -endif. % -ifdef(ssl_internal).