From 6ce69af1ae46b6b09c5a7ecd8b1baa1dcde77e24 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 22 Jan 2019 10:43:03 +0100
Subject: ssl: If possible assemble several received application data records

---
 lib/ssl/src/tls_connection.erl | 40 ++++++++++++++++++++++++++++------------
 1 file changed, 28 insertions(+), 12 deletions(-)

(limited to 'lib')

diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 8b24151d9f..048c48dffb 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -147,18 +147,18 @@ next_record(#state{unprocessed_handshake_events = N} = State) when N > 0 ->
     {no_record, State#state{unprocessed_handshake_events = N-1}};
 					 
 next_record(#state{protocol_buffers =
-		       #protocol_buffers{tls_packets = [], tls_cipher_texts = [CT | Rest]}
-		   = Buffers,
-		   connection_states = ConnStates0,
-		   ssl_options = #ssl_options{padding_check = Check}} = State) ->
-    case tls_record:decode_cipher_text(CT, ConnStates0, Check) of
-	{Plain, ConnStates} ->		      
-	    {Plain, State#state{protocol_buffers =
-				    Buffers#protocol_buffers{tls_cipher_texts = Rest},
-				connection_states = ConnStates}};
-	#alert{} = Alert ->
-	    {Alert, State}
-    end;
+		       #protocol_buffers{tls_packets = [], tls_cipher_texts = [#ssl_tls{type = Type}| _] = CipherTexts0}
+                   = Buffers,
+                   connection_states = ConnectionStates0,
+                   ssl_options = #ssl_options{padding_check = Check}} = State) ->
+    case decode_cipher_texts(Type, CipherTexts0, ConnectionStates0, Check, <<>>) of
+        {#ssl_tls{} = Record, ConnectionStates, CipherTexts} ->
+            {Record, State#state{protocol_buffers = Buffers#protocol_buffers{tls_cipher_texts = CipherTexts},
+                                 connection_states = ConnectionStates}};
+        {#alert{} = Alert, ConnectionStates, CipherTexts} ->
+            {Alert, State#state{protocol_buffers = Buffers#protocol_buffers{tls_cipher_texts = CipherTexts},
+                                connection_states = ConnectionStates}}
+    end;            
 next_record(#state{protocol_buffers = #protocol_buffers{tls_packets = [], tls_cipher_texts = []},
                    protocol_specific = #{active_n_toggle := true, active_n := N} = ProtocolSpec,
                    static_env = #static_env{socket = Socket,
@@ -196,6 +196,22 @@ next_event(StateName, Record, State, Actions) ->
 	    {next_state, StateName, State, [{next_event, internal, Alert} | Actions]}
     end.
 
+decode_cipher_texts(Type, [] = CipherTexts, ConnectionStates, _, Acc) ->
+    {#ssl_tls{type = Type, fragment = Acc}, ConnectionStates, CipherTexts};
+decode_cipher_texts(Type, 
+                    [#ssl_tls{type = Type} = CT | CipherTexts], ConnectionStates0, Check, Acc) ->
+    case tls_record:decode_cipher_text(CT, ConnectionStates0, Check) of
+	{#ssl_tls{type = ?APPLICATION_DATA, fragment = Plain}, ConnectionStates} ->		      
+            decode_cipher_texts(Type, CipherTexts, 
+                                ConnectionStates, Check, <<Acc/binary, Plain/binary>>);
+        {#ssl_tls{type = Type, fragment = Plain}, ConnectionStates} ->
+            {#ssl_tls{type = Type, fragment = Plain}, ConnectionStates, CipherTexts};
+        #alert{} = Alert ->
+            {Alert, ConnectionStates0, CipherTexts}
+    end;
+decode_cipher_texts(Type, CipherTexts, ConnectionStates, _, Acc) ->
+    {#ssl_tls{type = Type, fragment = Acc}, ConnectionStates, CipherTexts}.
+
 %%% TLS record protocol level application data messages 
 
 handle_protocol_record(#ssl_tls{type = ?APPLICATION_DATA, fragment = Data}, StateName, State0) ->
-- 
cgit v1.2.3