From 470976e07820f0c8cd99b3437d1b7fbebd76004c Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 4 May 2016 20:11:06 +0200
Subject: ssl: Add reinitialization of handshake data lost in gen_statem
 refactorization

---
 lib/ssl/src/ssl_connection.erl |  6 ++++--
 lib/ssl/src/tls_connection.erl | 13 ++++++++++++-
 2 files changed, 16 insertions(+), 3 deletions(-)

(limited to 'lib')

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 57fa1b904e..a7657c829a 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1920,9 +1920,11 @@ prepare_connection(#state{renegotiation = Renegotiate,
 			  start_or_recv_from = RecvFrom} = State0, Connection) 
   when Renegotiate =/= {false, first}, 
        RecvFrom =/= undefined ->
-    {Record, State} = Connection:next_record(State0),
+    State1 = Connection:reinit_handshake_data(State0),   
+    {Record, State} = Connection:next_record(State1),
     {Record, ack_connection(State)};
-prepare_connection(State, _) ->
+prepare_connection(State0, Connection) ->
+    State = Connection:reinit_handshake_data(State0),
     {no_record, ack_connection(State)}.
 
 ack_connection(#state{renegotiation = {true, Initiater}} = State) 
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 2193fc18c2..208edc644a 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -49,7 +49,8 @@
 -export([next_record/1, next_event/3]).
 
 %% Handshake handling
--export([renegotiate/2, send_handshake/2, send_change_cipher/2]).
+-export([renegotiate/2, send_handshake/2, send_change_cipher/2,
+	reinit_handshake_data/1]).
 
 %% Alert and close handling
 -export([send_alert/2, handle_own_alert/4, handle_close_alert/3,
@@ -131,6 +132,16 @@ send_change_cipher(Msg, #state{connection_states = ConnectionStates0,
     Transport:send(Socket, BinChangeCipher),
     State0#state{connection_states = ConnectionStates}.
 
+reinit_handshake_data(State) ->
+    %% premaster_secret, public_key_info and tls_handshake_info 
+    %% are only needed during the handshake phase. 
+    %% To reduce memory foot print of a connection reinitialize them.
+     State#state{
+       premaster_secret = undefined,
+       public_key_info = undefined,
+       tls_handshake_history = ssl_handshake:init_handshake_history()
+     }.
+			  
 %%====================================================================
 %% tls_connection_sup API
 %%====================================================================
-- 
cgit v1.2.3