File 2315-ssl-Add-DTLS-1-and-DTLS-1.2-ASCCII-picture.patch of Package erlang
From 35b7bd5e4175b1d49b1c7058090029abdf6505cb Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin <ingela@erlang.org> Date: Thu, 26 Nov 2020 15:47:44 +0100 Subject: [PATCH 5/6] ssl: Add DTLS-1 and DTLS-1.2 ASCCII picture --- lib/ssl/src/dtls_connection.erl | 90 +++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index 59ee6634ef..b030300a89 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -17,8 +17,98 @@ %% %% %CopyrightEnd% %% + -module(dtls_connection). +%%---------------------------------------------------------------------- +%% Purpose: DTLS-1-DTLS-1.2 FSM (* = optional) +%%---------------------------------------------------------------------- +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%% For UDP transport the following flights are used as retransmission units +%% in case of package loss. Flight timers are handled in state entry functions. +%% +%% Client Server +%% ------ ------ +%% +%% ClientHello --------> Flight 1 +%% +%% <------- HelloVerifyRequest Flight 2 +%% +%% ClientHello --------> Flight 3 +%% +%% ServerHello \ +%% Certificate* \ +%% ServerKeyExchange* Flight 4 +%% CertificateRequest* / +%% <-------- ServerHelloDone / +%% +%% Certificate* \ +%% ClientKeyExchange \ +%% CertificateVerify* Flight 5 +%% [ChangeCipherSpec] / +%% Finished --------> / +%% +%% [ChangeCipherSpec] \ Flight 6 +%% <-------- Finished / +%% +%% Message Flights for Full Handshake +%% +%% +%% Client Server +%% ------ ------ +%% +%% ClientHello --------> Abbrev Flight 1 +%% +%% ServerHello \ part 1 +%% [ChangeCipherSpec] Abbrev Flight 2 +%% <-------- Finished / part 2 +%% +%% [ChangeCipherSpec] \ Abbrev Flight 3 +%% Finished --------> / +%% +%% +%% Message Flights for Abbbriviated Handshake +%%---------------------------------------------------------------------- +%% Start FSM ---> CONFIG_ERROR +%% Send error to user +%% | and shutdown +%% | +%% V +%% INITIAL_HELLO +%% +%% | Send/ Recv Flight 1 +%% | +%% | +%% USER_HELLO | +%% <- Possibly let user provide V +%% options after looking at hello ex -> HELLO +%% | Send Recv Flight 2 to Flight 4 or +%% | Abbrev Flight 1 to Abbrev Flight 2 part 1 +%% | +%% New session | Resumed session +%% WAIT_OCSP_STAPELING CERTIFY <----------------------------------> ABBRIVIATED +%% +%% <- Possibly Receive -- | | +%% OCSP Stapel ------> | Send/ Recv Flight 5 | +%% | | +%% V | Send / Recv Abbrev Flight part 2 +%% | to Abbrev Flight 3 +%% CIPHER | +%% | | +%% | Send/ Recv Flight 6 | +%% | | +%% V V +%% ---------------------------------------------------- +%% | +%% | +%% V +%% CONNECTION +%% | +%% | Renegotiaton +%% V +%% GO BACK TO HELLO +%%---------------------------------------------------------------------- + %% Internal application API -behaviour(gen_fsm). -- 2.26.2
