diff options
Diffstat (limited to 'lib/ssl/src/ssl_session.erl')
-rw-r--r-- | lib/ssl/src/ssl_session.erl | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/lib/ssl/src/ssl_session.erl b/lib/ssl/src/ssl_session.erl index 3999b2fc0e..721a9ef4d5 100644 --- a/lib/ssl/src/ssl_session.erl +++ b/lib/ssl/src/ssl_session.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2007-2022. All Rights Reserved. +%% Copyright Ericsson AB 2007-2023. All Rights Reserved. %% %% Licensed under the Apache License, Version 2.0 (the "License"); %% you may not use this file except in compliance with the License. @@ -28,6 +28,7 @@ -include("ssl_handshake.hrl"). -include("ssl_internal.hrl"). -include("ssl_api.hrl"). +-include("ssl_record.hrl"). %% Internal application API -export([is_new/2, @@ -39,17 +40,19 @@ -type seconds() :: integer(). %%-------------------------------------------------------------------- --spec legacy_session_id() -> ssl:session_id(). +-spec legacy_session_id(map()) -> ssl:session_id(). %% %% Description: TLS-1.3 deprecates the session id but has a dummy %% value for it for protocol backwards-compatibility reasons. %% If now lower versions are configured this function can be called %% for a dummy value. %%-------------------------------------------------------------------- -legacy_session_id(#{middlebox_comp_mode := true}) -> - legacy_session_id(); -legacy_session_id(_) -> - ?EMPTY_ID. +legacy_session_id(Opts) -> + case maps:get(middlebox_comp_mode, Opts, true) of + true -> legacy_session_id(); + false -> ?EMPTY_ID + end. + %%-------------------------------------------------------------------- -spec is_new(ssl:session_id() | #session{}, ssl:session_id()) -> boolean(). %% @@ -87,7 +90,7 @@ client_select_session({_, _, #{versions := Versions, HVersion = RecordCb:highest_protocol_version(Versions), case LVersion of - {3, 4} -> + ?TLS_1_3 -> %% Session reuse is not supported, do pure legacy %% middlebox comp mode negotiation, by providing either %% empty session id (no middle box) or random id (middle @@ -239,7 +242,12 @@ record_cb(dtls) -> legacy_session_id() -> crypto:strong_rand_bytes(32). -maybe_handle_middlebox({3, 4}, #session{session_id = ?EMPTY_ID} = Session, #{middlebox_comp_mode := true})-> - Session#session{session_id = legacy_session_id()}; +maybe_handle_middlebox(?TLS_1_3, #session{session_id = ?EMPTY_ID} = Session, Options)-> + case maps:get(middlebox_comp_mode, Options,true) of + true -> + Session#session{session_id = legacy_session_id()}; + false -> + Session + end; maybe_handle_middlebox(_, Session, _) -> Session. |