File 0583-ssl-Handle-possible-session-tickets-in-TLS... of Package erlang

Overview Repositories Revisions Requests Users Attributes Meta

File 0583-ssl-Handle-possible-session-tickets-in-TLS-1.3-downg.patch of Package erlang

From 6fc2829a444cbc1b4f73add2e2cc6ee0106ff145 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 7 Jul 2021 14:11:19 +0200
Subject: [PATCH 2/2] ssl: Handle possible session tickets in TLS-1.3 downgrade
 state

Closes #5009
---
 lib/ssl/src/ssl_gen_statem.erl     | 27 ++++++++++++++++++++++++++-
 lib/ssl/src/tls_connection.erl     | 19 +------------------
 lib/ssl/src/tls_connection_1_3.erl |  5 ++++-
 3 files changed, 31 insertions(+), 20 deletions(-)

diff --git a/lib/ssl/src/ssl_gen_statem.erl b/lib/ssl/src/ssl_gen_statem.erl
index cff3a1afd6..5df9e2a517 100644
--- a/lib/ssl/src/ssl_gen_statem.erl
+++ b/lib/ssl/src/ssl_gen_statem.erl
@@ -70,7 +70,8 @@
 %% Generic fsm states
 -export([initial_hello/3,
          config_error/3,
-         connection/3]).
+         connection/3,
+         downgrade/3]).
 
 -export([call/2,
          handle_common_event/4,
@@ -650,6 +651,30 @@ connection(internal, {recv, RecvFrom}, #state{start_or_recv_from = RecvFrom,
 connection(Type, Msg, State) ->
     handle_common_event(Type, Msg, ?FUNCTION_NAME, State).
 
+%%--------------------------------------------------------------------
+-spec downgrade(gen_statem:event_type(), term(), #state{}) ->
+		       gen_statem:state_function_result().
+%%--------------------------------------------------------------------
+downgrade(internal, #alert{description = ?CLOSE_NOTIFY},
+	  #state{static_env = #static_env{transport_cb = Transport,
+                                          socket = Socket},
+		 connection_env = #connection_env{downgrade = {Pid, From}}} = State) ->
+    tls_socket:setopts(Transport, Socket, [{active, false}, {packet, 0}, {mode, binary}]),
+    Transport:controlling_process(Socket, Pid),
+    {stop_and_reply, {shutdown, downgrade},[{reply, From, {ok, Socket}}], State};
+downgrade(timeout, downgrade, #state{ connection_env = #connection_env{downgrade = {_, From}}} = State) ->
+    {stop_and_reply, {shutdown, normal},[{reply, From, {error, timeout}}], State};
+downgrade(info, {CloseTag, Socket},
+          #state{static_env = #static_env{socket = Socket, 
+                                          close_tag = CloseTag},
+                 connection_env = #connection_env{downgrade = {_, From}}} =
+              State) ->
+    {stop_and_reply, {shutdown, normal},[{reply, From, {error, CloseTag}}], State};
+downgrade(info, Info, State) ->
+    tls_gen_connection:handle_info(Info, ?FUNCTION_NAME, State);
+downgrade(Type, Event, State) ->
+     tls_dtls_connection:?FUNCTION_NAME(Type, Event, State).
+
 %%====================================================================
 %%  Event/Msg handling
 %%====================================================================
diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl
index 90024b64b1..ff06b5dc71 100644
--- a/lib/ssl/src/tls_connection.erl
+++ b/lib/ssl/src/tls_connection.erl
@@ -401,25 +401,8 @@ connection(Type, Event, State) ->
 -spec downgrade(gen_statem:event_type(), term(), #state{}) ->
 		       gen_statem:state_function_result().
 %%--------------------------------------------------------------------
-downgrade(internal, #alert{description = ?CLOSE_NOTIFY},
-	  #state{static_env = #static_env{transport_cb = Transport,
-                                          socket = Socket},
-		 connection_env = #connection_env{downgrade = {Pid, From}}} = State) ->
-    tls_socket:setopts(Transport, Socket, [{active, false}, {packet, 0}, {mode, binary}]),
-    Transport:controlling_process(Socket, Pid),
-    {stop_and_reply, {shutdown, downgrade},[{reply, From, {ok, Socket}}], State};
-downgrade(timeout, downgrade, #state{ connection_env = #connection_env{downgrade = {_, From}}} = State) ->
-    {stop_and_reply, {shutdown, normal},[{reply, From, {error, timeout}}], State};
-downgrade(info, {CloseTag, Socket},
-          #state{static_env = #static_env{socket = Socket, 
-                                          close_tag = CloseTag},
-                 connection_env = #connection_env{downgrade = {_, From}}} =
-              State) ->
-    {stop_and_reply, {shutdown, normal},[{reply, From, {error, CloseTag}}], State};
-downgrade(info, Info, State) ->
-    tls_gen_connection:handle_info(Info, ?FUNCTION_NAME, State);
 downgrade(Type, Event, State) ->
-     tls_dtls_connection:?FUNCTION_NAME(Type, Event, State).
+     ssl_gen_statem:?FUNCTION_NAME(Type, Event, State).
 
 %--------------------------------------------------------------------
 %% gen_statem callbacks
diff --git a/lib/ssl/src/tls_connection_1_3.erl b/lib/ssl/src/tls_connection_1_3.erl
index dc794e302b..5c7875b27c 100644
--- a/lib/ssl/src/tls_connection_1_3.erl
+++ b/lib/ssl/src/tls_connection_1_3.erl
@@ -454,8 +454,11 @@ connection({call, From}, negotiated_protocol,
 connection(Type, Event, State) ->
     ssl_gen_statem:?FUNCTION_NAME(Type, Event, State).
 
+downgrade(internal, #new_session_ticket{} = NewSessionTicket, State) ->
+    _ = handle_new_session_ticket(NewSessionTicket, State),
+    {next_state, ?FUNCTION_NAME, State};
 downgrade(Type, Event, State) ->
-     tls_connection:?FUNCTION_NAME(Type, Event, State).
+     ssl_gen_statem:?FUNCTION_NAME(Type, Event, State).
 
 %--------------------------------------------------------------------
 %% internal functions
-- 
2.26.2

Places

File 0583-ssl-Handle-possible-session-tickets-in-TLS-1.3-downg.patch of Package erlang

Places