From 15274801f64f644006cb4295f641dd63b713fc5a Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 22 Jan 2020 17:58:04 +0100 Subject: ssl: Enhance alert logging diff --git a/lib/ssl/src/dtls_connection.erl b/lib/ssl/src/dtls_connection.erl index a658fe0..85ba4f0 100644 --- a/lib/ssl/src/dtls_connection.erl +++ b/lib/ssl/src/dtls_connection.erl @@ -908,12 +908,13 @@ handle_client_hello(#client_hello{client_version = ClientVersion} = Hello, %% raw data from socket, unpack records handle_info({Protocol, _, _, _, Data}, StateName, - #state{static_env = #static_env{data_tag = Protocol}} = State0) -> + #state{static_env = #static_env{role = Role, + data_tag = Protocol}} = State0) -> case next_dtls_record(Data, StateName, State0) of {Record, State} -> next_event(StateName, Record, State); #alert{} = Alert -> - ssl_connection:handle_normal_shutdown(Alert, StateName, State0), + ssl_connection:handle_normal_shutdown(Alert#alert{role = Role}, StateName, State0), {stop, {shutdown, own_alert}, State0} end; @@ -925,8 +926,10 @@ handle_info({PassiveTag, Socket}, StateName, State#state{protocol_specific = PS#{active_n_toggle => true}}); handle_info({CloseTag, Socket}, StateName, - #state{static_env = #static_env{socket = Socket, - close_tag = CloseTag}, + #state{static_env = #static_env{ + role = Role, + socket = Socket, + close_tag = CloseTag}, connection_env = #connection_env{negotiated_version = Version}, socket_options = #socket_options{active = Active}, protocol_buffers = #protocol_buffers{dtls_cipher_texts = CTs}, @@ -947,7 +950,8 @@ handle_info({CloseTag, Socket}, StateName, %%invalidate_session(Role, Host, Port, Session) ok end, - ssl_connection:handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), StateName, State), + Alert = ?ALERT_REC(?FATAL, ?CLOSE_NOTIFY, transport_closed), + ssl_connection:handle_normal_shutdown(Alert#alert{role = Role}, StateName, State), {stop, {shutdown, transport_closed}, State}; true -> %% Fixes non-delivery of final DTLS record in {active, once}. diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 20a080d..955841a 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1504,12 +1504,15 @@ handle_info({ErrorTag, Socket, econnaborted}, StateName, StartFrom, ?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), Role, StateName, Connection), {stop, {shutdown, normal}, State}; -handle_info({ErrorTag, Socket, Reason}, StateName, #state{static_env = #static_env{socket = Socket, - error_tag = ErrorTag}, +handle_info({ErrorTag, Socket, Reason}, StateName, #state{static_env = #static_env{ + role = Role, + socket = Socket, + error_tag = ErrorTag}, ssl_options = #{log_level := Level}} = State) -> ssl_logger:log(info, Level, #{description => "Socket error", reason => [{error_tag, ErrorTag}, {description, Reason}]}, ?LOCATION), - handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), StateName, State), + Alert = ?ALERT_REC(?FATAL, ?CLOSE_NOTIFY, {transport_error, Reason}), + handle_normal_shutdown(Alert#alert{role = Role}, StateName, State), {stop, {shutdown,normal}, State}; handle_info({'DOWN', MonitorRef, _, _, Reason}, _, @@ -2797,9 +2800,11 @@ ssl_options_list([{Key, Value}|T], Acc) -> handle_active_option(false, connection = StateName, To, Reply, State) -> hibernate_after(StateName, State, [{reply, To, Reply}]); -handle_active_option(_, connection = StateName, To, _Reply, #state{connection_env = #connection_env{terminated = true}, +handle_active_option(_, connection = StateName, To, _Reply, #state{static_env = #static_env{role = Role}, + connection_env = #connection_env{terminated = true}, user_data_buffer = {_,0,_}} = State) -> - handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY, all_data_deliverd), StateName, + Alert = ?ALERT_REC(?FATAL, ?CLOSE_NOTIFY, all_data_deliverd), + handle_normal_shutdown(Alert#alert{role = Role}, StateName, State#state{start_or_recv_from = To}), {stop,{shutdown, peer_close}, State}; handle_active_option(_, connection = StateName0, To, Reply, #state{static_env = #static_env{protocol_cb = Connection}, diff --git a/lib/ssl/src/tls_connection.erl b/lib/ssl/src/tls_connection.erl index babcf9f..2eb5f4b 100644 --- a/lib/ssl/src/tls_connection.erl +++ b/lib/ssl/src/tls_connection.erl @@ -256,14 +256,14 @@ next_record_done(#state{protocol_buffers = Buffers} = State, CipherTexts, Connec next_event(StateName, Record, State) -> next_event(StateName, Record, State, []). %% -next_event(StateName, no_record, State0, Actions) -> +next_event(StateName, no_record, #state{static_env = #static_env{role = Role}} = State0, Actions) -> case next_record(StateName, State0) of {no_record, State} -> ssl_connection:hibernate_after(StateName, State, Actions); {Record, State} -> next_event(StateName, Record, State, Actions); #alert{} = Alert -> - ssl_connection:handle_normal_shutdown(Alert, StateName, State0), + ssl_connection:handle_normal_shutdown(Alert#alert{role = Role}, StateName, State0), {stop, {shutdown, own_alert}, State0} end; next_event(StateName, #ssl_tls{} = Record, State, Actions) -> @@ -1149,7 +1149,10 @@ handle_info({PassiveTag, Socket}, StateName, next_event(StateName, no_record, State#state{protocol_specific = PS#{active_n_toggle => true}}); handle_info({CloseTag, Socket}, StateName, - #state{static_env = #static_env{socket = Socket, close_tag = CloseTag}, + #state{static_env = #static_env{ + role = Role, + socket = Socket, + close_tag = CloseTag}, connection_env = #connection_env{negotiated_version = Version}, socket_options = #socket_options{active = Active}, protocol_buffers = #protocol_buffers{tls_cipher_texts = CTs}, @@ -1173,8 +1176,8 @@ handle_info({CloseTag, Socket}, StateName, %%invalidate_session(Role, Host, Port, Session) ok end, - - ssl_connection:handle_normal_shutdown(?ALERT_REC(?FATAL, ?CLOSE_NOTIFY), StateName, State), + Alert = ?ALERT_REC(?FATAL, ?CLOSE_NOTIFY, transport_closed), + ssl_connection:handle_normal_shutdown(Alert#alert{role = Role}, StateName, State), {stop, {shutdown, transport_closed}, State}; true -> %% Fixes non-delivery of final TLS record in {active, once}. -- cgit v0.10.2-6-g49f6