Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:23
erlang
0830-ssl-Re-use-cookie-when-renegotiating-dtls....
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0830-ssl-Re-use-cookie-when-renegotiating-dtls.patch of Package erlang
From 81cb3c90897060d953c47163374b9047b46132e7 Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson <dgud@erlang.org> Date: Tue, 21 Dec 2021 10:29:34 +0100 Subject: [PATCH] ssl: Re-use cookie when renegotiating dtls Renegotiating with an Openssl server does not work if the cookie is not sent. --- lib/ssl/src/dtls_connection.erl | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index 42d77bd840..9be7f9a37a 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -305,7 +305,8 @@ hello(internal, #hello_verify_request{cookie = Cookie}, ocsp_nonce := OcspNonceOpt} = SslOpts, session = #session{own_certificates = OwnCerts, session_id = Id}, - connection_states = ConnectionStates0 + connection_states = ConnectionStates0, + protocol_specific = PS } = State0) -> OcspNonce = tls_handshake:ocsp_nonce(OcspNonceOpt, OcspStaplingOpt), Hello = dtls_handshake:client_hello(Host, Port, Cookie, ConnectionStates0, @@ -319,7 +320,8 @@ hello(internal, #hello_verify_request{cookie = Cookie}, {State2, Actions} = dtls_gen_connection:send_handshake(Hello, State1), - State = State2#state{connection_env = CEnv#connection_env{negotiated_version = Version} % RequestedVersion + State = State2#state{connection_env = CEnv#connection_env{negotiated_version = Version}, % RequestedVersion + protocol_specific = PS#{current_cookie_secret => Cookie} }, dtls_gen_connection:next_event(?FUNCTION_NAME, no_record, State, Actions); hello(internal, #client_hello{extensions = Extensions, client_version = ClientVersion} = Hello, @@ -521,16 +523,16 @@ connection(internal, #hello_request{}, #state{static_env = #static_env{host = Ho connection_states = ConnectionStates0, protocol_specific = PS } = State0) -> - + #{current_cookie_secret := Cookie} = PS, Session = ssl_session:client_select_session({Host, Port, SslOpts}, Cache, CacheCb, Session0), - Hello = dtls_handshake:client_hello(Host, Port, ConnectionStates0, SslOpts, - Session#session.session_id, Renegotiation, OwnCerts), + Hello = dtls_handshake:client_hello(Host, Port, Cookie, ConnectionStates0, SslOpts, + Session#session.session_id, Renegotiation, OwnCerts, undefined), Version = Hello#client_hello.client_version, HelloVersion = dtls_record:hello_version(Version, Versions), State1 = prepare_flight(State0), - {State2, Actions} = - dtls_gen_connection:send_handshake(Hello, - State1#state{connection_env = + {State2, Actions} = + dtls_gen_connection:send_handshake(Hello, + State1#state{connection_env = CEnv#connection_env{negotiated_version = HelloVersion}}), State = State2#state{protocol_specific = PS#{flight_state => dtls_gen_connection:initial_flight_state(DataTag)}, session = Session}, -- 2.31.1
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor