Merge branch 'ingela/ssl/engine-vs-certfile/ERLERL-211/OTP-15193' into maint-20

* ingela/ssl/engine-vs-certfile/ERLERL-211/OTP-15193: ssl: Engine key trumps certfile option
author: Erlang/OTP <[email protected]> 2018-07-20 14:09:36 +0200
committer: Erlang/OTP <[email protected]> 2018-07-20 14:09:36 +0200
commit: c836bcd577762cef4b8475a7b6ad1bdf7aba9332 (patch)
tree: 71e46fd9f05bbb08485b40a3bc7eab1d5eaedefb
parent: 4f5729d3d2618e07d6e23dacbdcd57e2b51fc113 (diff)
parent: dcd0547dd2e1a78f89dced3ca5918ae539b11de3 (diff)
download: otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.tar.gz
otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.tar.bz2
otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.zip
2 files changed, 18 insertions, 3 deletions
diff --git a/lib/ssl/src/ssl_config.erl b/lib/ssl/src/ssl_config.erl
index 452a98e683..028721341c 100644
--- a/lib/ssl/src/ssl_config.erl
+++ b/lib/ssl/src/ssl_config.erl
@@ -91,9 +91,9 @@ init_certificates(undefined, #{pem_cache := PemCache} = Config, CertFile, server
     end;
 init_certificates(Cert, Config, _, _) ->
     {ok, Config#{own_certificate => Cert}}.
-init_private_key(_, #{algorithm := Alg} = Key, <<>>, _Password, _Client) when Alg == ecdsa;
-                                                                              Alg == rsa;
-                                                                              Alg == dss ->
+init_private_key(_, #{algorithm := Alg} = Key, _, _Password, _Client) when Alg == ecdsa;
+                                                                           Alg == rsa;
+                                                                           Alg == dss ->
     case maps:is_key(engine, Key) andalso maps:is_key(key_id, Key) of
         true ->
             Key;
diff --git a/lib/ssl/test/ssl_engine_SUITE.erl b/lib/ssl/test/ssl_engine_SUITE.erl
index 71891356e8..8025e4e0ed 100644
--- a/lib/ssl/test/ssl_engine_SUITE.erl
+++ b/lib/ssl/test/ssl_engine_SUITE.erl
@@ -117,8 +117,23 @@ private_key(Config) when is_list(Config) ->
     EngineServerConf = [{key, #{algorithm => rsa,
                                 engine => Engine,
                                 key_id => ServerKey}} | proplists:delete(key, ServerConf)],
+
+    EngineFileClientConf = [{key, #{algorithm => rsa,
+                                    engine => Engine,
+                                    key_id => ClientKey}} | 
+                            proplists:delete(keyfile, FileClientConf)],
+    
+    EngineFileServerConf = [{key, #{algorithm => rsa,
+                                    engine => Engine,
+                                    key_id => ServerKey}} | 
+                            proplists:delete(keyfile, FileServerConf)],
+
     %% Test with engine
     test_tls_connection(EngineServerConf, EngineClientConf, Config),
+    
+    %% Test with engine and present file arugments
+    test_tls_connection(EngineFileServerConf, EngineFileClientConf, Config),
+    
     %% Test that sofware fallback is available
     test_tls_connection(ServerConf, [{reuse_sessions, false} |ClientConf], Config).
author	Erlang/OTP <[email protected]>	2018-07-20 14:09:36 +0200
committer	Erlang/OTP <[email protected]>	2018-07-20 14:09:36 +0200
commit	c836bcd577762cef4b8475a7b6ad1bdf7aba9332 (patch)
tree	71e46fd9f05bbb08485b40a3bc7eab1d5eaedefb
parent	4f5729d3d2618e07d6e23dacbdcd57e2b51fc113 (diff)
parent	dcd0547dd2e1a78f89dced3ca5918ae539b11de3 (diff)
download	otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.tar.gz otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.tar.bz2 otp-c836bcd577762cef4b8475a7b6ad1bdf7aba9332.zip