From 77162de4d1fc15731f8c9a518435db9fa864525f Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 6 Mar 2013 18:02:27 +0100
Subject: ssl: Handle next protocol negotiation when reusing a session.

---
 lib/ssl/src/ssl_connection.erl | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

(limited to 'lib/ssl/src/ssl_connection.erl')

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 52ddd3c932..4d29ecce7a 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -471,6 +471,13 @@ abbreviated(#finished{verify_data = Data} = Finished,
 	    handle_own_alert(Alert, Version, abbreviated, State)
     end;
 
+%% only allowed to send next_protocol message after change cipher spec
+%% & before finished message and it is not allowed during renegotiation
+abbreviated(#next_protocol{selected_protocol = SelectedProtocol},
+	    #state{role = server, expecting_next_protocol_negotiation = true} = State0) ->
+    {Record, State} = next_record(State0#state{next_protocol = SelectedProtocol}),
+    next_state(abbreviated, abbreviated, Record, State);
+
 abbreviated(timeout, State) ->
     { next_state, abbreviated, State, hibernate };
 
@@ -655,7 +662,7 @@ cipher(#certificate_verify{signature = Signature, hashsign_algorithm = CertHashS
 	    handle_own_alert(Alert, Version, cipher, State0)
     end;
 
-% client must send a next protocol message if we are expecting it
+%% client must send a next protocol message if we are expecting it
 cipher(#finished{}, #state{role = server, expecting_next_protocol_negotiation = true,
 			   next_protocol = undefined, negotiated_version = Version} = State0) ->
        handle_own_alert(?ALERT_REC(?FATAL,?UNEXPECTED_MESSAGE), Version, cipher, State0);
@@ -680,8 +687,8 @@ cipher(#finished{verify_data = Data} = Finished,
 	    handle_own_alert(Alert, Version, cipher, State)
     end;
 
-% only allowed to send next_protocol message after change cipher spec
-% & before finished message and it is not allowed during renegotiation
+%% only allowed to send next_protocol message after change cipher spec
+%% & before finished message and it is not allowed during renegotiation
 cipher(#next_protocol{selected_protocol = SelectedProtocol},
        #state{role = server, expecting_next_protocol_negotiation = true} = State0) ->
     {Record, State} = next_record(State0#state{next_protocol = SelectedProtocol}),
-- 
cgit v1.2.3