diff options
author | Ingela Anderton Andin <ingela@erlang.org> | 2022-06-21 08:15:54 +0200 |
---|---|---|
committer | Ingela Anderton Andin <ingela@erlang.org> | 2022-06-21 08:15:54 +0200 |
commit | 31415370a13290d589b3714227f537aa4a9b6ce9 (patch) | |
tree | 28d62e3978408177b00353f25d8722c0b0f34f96 /lib/ssl/src/dtls_connection.erl | |
parent | 64ebde8bba24332a45ba74864ea3c549e1305b01 (diff) | |
parent | 254f2728902bc7e80a67726ebbc1a0b3ab7742eb (diff) | |
download | erlang-31415370a13290d589b3714227f537aa4a9b6ce9.tar.gz |
Merge branch 'ingela/ssl/client-certification/OTP-18145' into maint
* ingela/ssl/client-certification/OTP-18145:
ssl: Enhanch handling of unexpected messages
Diffstat (limited to 'lib/ssl/src/dtls_connection.erl')
-rw-r--r-- | lib/ssl/src/dtls_connection.erl | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index d0a6032e28..8f2eb7d82b 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -46,7 +46,8 @@ %% ClientKeyExchange \ %% CertificateVerify* Flight 5 %% [ChangeCipherSpec] / -%% Finished --------> / +%% NextProtocol* / +%% Finished --------> / %% %% [ChangeCipherSpec] \ Flight 6 %% <-------- Finished / @@ -64,7 +65,8 @@ %% <-------- Finished / part 2 %% %% [ChangeCipherSpec] \ Abbrev Flight 3 -%% Finished --------> / +%% NextProtocol* / +%% Finished --------> / %% %% %% Message Flights for Abbbriviated Handshake @@ -142,6 +144,7 @@ user_hello/3, wait_ocsp_stapling/3, certify/3, + wait_cert_verify/3, cipher/3, abbreviated/3, connection/3]). @@ -463,6 +466,24 @@ certify(state_timeout, Event, State) -> certify(Type, Event, State) -> gen_handshake(?FUNCTION_NAME, Type, Event, State). + +%%-------------------------------------------------------------------- +-spec wait_cert_verify(gen_statem:event_type(), term(), #state{}) -> + gen_statem:state_function_result(). +%%-------------------------------------------------------------------- +wait_cert_verify(enter, _Event, State0) -> + {State, Actions} = handle_flight_timer(State0), + {keep_state, State, Actions}; +wait_cert_verify(info, Event, State) -> + gen_info(Event, ?FUNCTION_NAME, State); +wait_cert_verify(state_timeout, Event, State) -> + handle_state_timeout(Event, ?FUNCTION_NAME, State); +wait_cert_verify(Type, Event, State) -> + try tls_dtls_connection:gen_handshake(?FUNCTION_NAME, Type, Event, State) + catch throw:#alert{} = Alert -> + ssl_gen_statem:handle_own_alert(Alert, ?FUNCTION_NAME, State) + end. + %%-------------------------------------------------------------------- -spec cipher(gen_statem:event_type(), term(), #state{}) -> gen_statem:state_function_result(). |