From dd985c2097a29ca0812fdf6f0431aed2d8a7c752 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 9 Dec 2016 10:51:30 +0100
Subject: ssl: Correct terminate behaviour

When the terminate function is called explicitly, to make guarantees
that for instance the reuseaddr option works as expected, we must
make sure that the clean up code is not run again when gen_statem
calls terminate. This check was broken in the rewrite from gen_fsm to
gen_statem.

Caused PEM cache errors, that in some cases would
cause unexpected connection failures.
---
 lib/ssl/src/ssl_connection.erl | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 6e7c8c5ddd..6ed2fc83da 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -864,11 +864,11 @@ handle_call({close, {Pid, Timeout}}, From, StateName, State0, Connection) when i
     %% When downgrading an TLS connection to a transport connection
     %% we must recive the close alert from the peer before releasing the 
     %% transport socket.
-    {next_state, downgrade, State, [{timeout, Timeout, downgrade}]};
+    {next_state, downgrade, State#state{terminated = true}, [{timeout, Timeout, downgrade}]};
 handle_call({close, _} = Close, From, StateName, State, Connection) ->
     %% Run terminate before returning so that the reuseaddr
-    %% inet-option 
-    Result = Connection:terminate(Close, StateName, State),
+    %% inet-option works properly
+    Result = Connection:terminate(Close, StateName, State#state{terminated = true}),
     {stop_and_reply, {shutdown, normal},  
      {reply, From, Result}, State};
 handle_call({shutdown, How0}, From, _,
@@ -1010,7 +1010,10 @@ handle_info(Msg, StateName, #state{socket = Socket, error_tag = Tag} = State) ->
 terminate(_, _, #state{terminated = true}) ->
     %% Happens when user closes the connection using ssl:close/1
     %% we want to guarantee that Transport:close has been called
-    %% when ssl:close/1 returns.
+    %% when ssl:close/1 returns unless it is a downgrade where
+    %% we want to guarantee that close alert is recived before 
+    %% returning. In both cases terminate has been run manually
+    %% before run by gen_statem which will end up here
     ok;
 
 terminate({shutdown, transport_closed} = Reason, 
-- 
cgit v1.2.3