ssl: Test ECDSA and improve test suite maintainability

Use generated certs instead of hard coded
author: Ingela Anderton Andin <[email protected]> 2014-08-05 09:45:07 +0200
committer: Ingela Anderton Andin <[email protected]> 2014-08-11 10:26:49 +0200
commit: cc4dbea1229e8903f3cca1589d7f87000cdb775a (patch)
tree: 54a6d0767df9591debc27a433fa88998e9a62e19 /lib/ssl/test
parent: 112ffb94dacc75ef4cebfbfa137ea8ce52b9631e (diff)
download: otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.tar.gz
otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.tar.bz2
otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.zip
13 files changed, 192 insertions, 304 deletions
diff --git a/lib/ssl/test/erl_make_certs.erl b/lib/ssl/test/erl_make_certs.erl
index 22dc951ac1..daf4466f11 100644
--- a/lib/ssl/test/erl_make_certs.erl
+++ b/lib/ssl/test/erl_make_certs.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2011-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2011-2014. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -325,14 +325,14 @@ sign_algorithm(#'RSAPrivateKey'{}, Opts) ->
     {Type, 'NULL'};
 sign_algorithm(#'DSAPrivateKey'{p=P, q=Q, g=G}, _Opts) ->
     {?'id-dsa-with-sha1', {params,#'Dss-Parms'{p=P, q=Q, g=G}}};
-sign_algorithm(#'ECPrivateKey'{}, Opts) ->
+sign_algorithm(#'ECPrivateKey'{parameters = Parms}, Opts) ->
     Type = case proplists:get_value(digest, Opts, sha1) of
 	       sha1 ->   ?'ecdsa-with-SHA1';
 	       sha512 -> ?'ecdsa-with-SHA512';
 	       sha384 -> ?'ecdsa-with-SHA384';
 	       sha256 -> ?'ecdsa-with-SHA256'
 	   end,
-    {Type, 'NULL'}.
+    {Type, Parms}.
 
 make_key(rsa, _Opts) ->
     %% (OBS: for testing only)
diff --git a/lib/ssl/test/ssl_ECC_SUITE.erl b/lib/ssl/test/ssl_ECC_SUITE.erl
index 608f2f11c3..77e4c80bbe 100644
--- a/lib/ssl/test/ssl_ECC_SUITE.erl
+++ b/lib/ssl/test/ssl_ECC_SUITE.erl
@@ -1,7 +1,7 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2007-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2007-2014. All Rights Reserved.
 %%
 %% The contents of this file are subject to the Erlang Public License,
 %% Version 1.1, (the "License"); you may not use this file except in
@@ -57,41 +57,51 @@ all_versions_groups ()->
     ].
 
 key_cert_combinations() ->
-    [client_ec_server_ec,
-     client_rsa_server_ec,
-     client_ec_server_rsa,
-     client_rsa_server_rsa].
+    [client_ecdh_server_ecdh,
+     client_rsa_server_ecdh,
+     client_ecdh_server_rsa,
+     client_rsa_server_rsa,
+     client_ecdsa_server_ecdsa,
+     client_ecdsa_server_rsa,
+     client_rsa_server_ecdsa
+    ].
 
 %%--------------------------------------------------------------------
-init_per_suite(Config) ->
-    catch crypto:stop(),
+init_per_suite(Config0) ->
+    end_per_suite(Config0),
     try crypto:start() of
 	ok ->
-	    ssl:start(),
-	    Config
+	    %% make rsa certs using oppenssl
+	    Result =
+		(catch make_certs:all(?config(data_dir, Config0),
+				      ?config(priv_dir, Config0))),
+	    ct:log("Make certs  ~p~n", [Result]),
+	    Config1 = ssl_test_lib:make_ecdsa_cert(Config0),
+	    Config2 = ssl_test_lib:make_ecdh_rsa_cert(Config1),
+	    ssl_test_lib:cert_options(Config2)
     catch _:_ ->
 	    {skip, "Crypto did not start"}
     end.
 
 end_per_suite(_Config) ->
-    ssl:stop(),
+    application:stop(ssl),
     application:stop(crypto).
 
 %%--------------------------------------------------------------------
-init_per_group(erlang_client, Config) ->
+init_per_group(erlang_client = Group, Config) ->
     case ssl_test_lib:is_sane_ecc(openssl) of
 	true ->
-	    common_init_per_group(erlang_client, [{server_type, openssl},
-						  {client_type, erlang} | Config]);
+	    common_init_per_group(Group, [{server_type, openssl},
+					  {client_type, erlang} | Config]);
 	false ->
 	    {skip, "Known ECC bug in openssl"}
     end;
 
-init_per_group(erlang_server, Config) ->
+init_per_group(erlang_server = Group, Config) ->
     case ssl_test_lib:is_sane_ecc(openssl) of 
 	true ->
-	    common_init_per_group(erlang_client, [{server_type, erlang},
-						  {client_type, openssl} | Config]);
+	    common_init_per_group(Group, [{server_type, erlang},
+					  {client_type, openssl} | Config]);
 	false ->
 	    {skip, "Known ECC bug in openssl"}
     end;
@@ -99,11 +109,21 @@ init_per_group(erlang_server, Config) ->
 init_per_group(erlang = Group, Config) ->
      case ssl_test_lib:sufficient_crypto_support(Group) of
 	 true ->
-	     common_init_per_group(erlang, [{server_type, erlang},
-					    {client_type, erlang} | Config]);
+	     common_init_per_group(Group, [{server_type, erlang},
+					   {client_type, erlang} | Config]);
+	 false ->
+	      {skip, "Crypto does not support ECC"}
+     end;
+
+init_per_group(openssl = Group, Config) ->
+     case ssl_test_lib:sufficient_crypto_support(Group) of
+	 true ->
+	     common_init_per_group(Group, [{server_type, openssl},
+					   {client_type, openssl} | Config]);
 	 false ->
 	      {skip, "Crypto does not support ECC"}
-     end;		 
+     end;
+		 
 init_per_group(Group, Config) ->
     common_init_per_group(Group, Config).
 
@@ -121,76 +141,118 @@ end_per_group(_GroupName, Config) ->
 
 %%--------------------------------------------------------------------
 
-init_per_testcase(_TestCase, Config) ->
+init_per_testcase(TestCase, Config) ->
     ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
     ct:log("Ciphers: ~p~n ", [ ssl:cipher_suites()]),
+    end_per_testcase(TestCase, Config),
+    ssl:start(),	
     Config.
 
-end_per_testcase(_TestCase, Config) ->
+end_per_testcase(_TestCase, Config) ->     
+    application:stop(ssl),
     Config.
 
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------
 
-client_ec_server_ec(Config) when is_list(Config) ->
-    basic_test("ec1.crt", "ec1.key", "ec2.crt", "ec2.key", Config).
-
-client_ec_server_rsa(Config)  when is_list(Config) ->
-    basic_test("ec1.crt", "ec1.key", "rsa1.crt", "rsa1.key", Config).
+client_ecdh_server_ecdh(Config) when is_list(Config) ->
+    COpts =  ?config(client_ecdh_rsa_opts, Config),
+    SOpts = ?config(server_ecdh_rsa_verify_opts, Config),
+    basic_test(COpts, SOpts, Config).
+    
+client_ecdh_server_rsa(Config)  when is_list(Config) ->
+    COpts =  ?config(client_ecdh_rsa_opts, Config),
+    SOpts = ?config(server_verification_opts, Config),
+    basic_test(COpts, SOpts, Config).
+  
+client_rsa_server_ecdh(Config)  when is_list(Config) ->
+    COpts =  ?config(client_verification_opts, Config),
+    SOpts = ?config(server_ecdh_rsa_verify_opts, Config),
+    basic_test(COpts, SOpts, Config).
+   
+client_rsa_server_rsa(Config)  when is_list(Config) ->
+    COpts =  ?config(client_verification_opts, Config),
+    SOpts = ?config(server_verification_opts, Config),
+    basic_test(COpts, SOpts, Config).
+   
+client_ecdsa_server_ecdsa(Config)  when is_list(Config) ->
+    COpts =  ?config(client_ecdsa_opts, Config),
+    SOpts = ?config(server_ecdsa_verify_opts, Config),
+    basic_test(COpts, SOpts, Config).
 
-client_rsa_server_ec(Config)  when is_list(Config) ->
-    basic_test("rsa1.crt", "rsa1.key", "ec2.crt", "ec2.key", Config).
+client_ecdsa_server_rsa(Config)  when is_list(Config) ->
+    COpts =  ?config(client_ecdsa_opts, Config),
+    SOpts = ?config(server_verification_opts, Config),
+    basic_test(COpts, SOpts, Config).
 
-client_rsa_server_rsa(Config)  when is_list(Config) ->
-    basic_test("rsa1.crt", "rsa1.key", "rsa2.crt", "rsa2.key", Config).
+client_rsa_server_ecdsa(Config)  when is_list(Config) ->
+    COpts =  ?config(client_verification_opts, Config),
+    SOpts = ?config(server_ecdsa_verify_opts, Config),
+    basic_test(COpts, SOpts, Config).
 
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------
 %%--------------------------------------------------------------------
-basic_test(ClientCert, ClientKey, ServerCert, ServerKey, Config) ->
-    DataDir = ?config(data_dir, Config),
+basic_test(COpts, SOpts, Config) ->
+    basic_test(proplists:get_value(certfile, COpts), 
+	       proplists:get_value(keyfile, COpts), 
+	       proplists:get_value(cacertfile, COpts), 
+	       proplists:get_value(certfile, SOpts), 
+	       proplists:get_value(keyfile, SOpts), 
+	       proplists:get_value(cacertfile, SOpts), 
+	       Config).
+    
+basic_test(ClientCert, ClientKey, ClientCA, ServerCert, ServerKey, ServerCA, Config) ->
     SType = ?config(server_type, Config),
     CType = ?config(client_type, Config),
     {Server, Port} = start_server(SType,
-				  filename:join(DataDir, "CA.pem"),
-				  filename:join(DataDir, ServerCert),
-				  filename:join(DataDir, ServerKey),
+				  ClientCA, ServerCA,
+				  ServerCert,
+				  ServerKey,
 				  Config),
-    Client = start_client(CType, Port, filename:join(DataDir, "CA.pem"),
-			  filename:join(DataDir, ClientCert),
-			  filename:join(DataDir, ClientKey), Config),
-    check_result(Server, SType, Client, CType).
+    Client = start_client(CType, Port, ServerCA, ClientCA,
+			  ClientCert,
+			  ClientKey, Config),
+    check_result(Server, SType, Client, CType),
+    close(Server, Client).    
 
-start_client(openssl, Port, CA, Cert, Key, _) ->
+start_client(openssl, Port, CA, OwnCa, Cert, Key, Config) ->
+    PrivDir = ?config(priv_dir, Config),
+    NewCA = new_ca(filename:join(PrivDir, "new_ca.pem"), CA, OwnCa),
     Version = tls_record:protocol_version(tls_record:highest_protocol_version([])),
-    Cmd = "openssl s_client -port " ++ integer_to_list(Port) ++  ssl_test_lib:version_flag(Version) ++
-	" -cert " ++ Cert ++ " -CAfile " ++ CA
-	++ " -key " ++ Key ++ " -host localhost -msg",
+    Cmd = "openssl s_client -verify 2 -port " ++ integer_to_list(Port) ++  ssl_test_lib:version_flag(Version) ++
+	" -cert " ++ Cert ++ " -CAfile " ++ NewCA
+	++ " -key " ++ Key ++ " -host localhost -msg -debug",
     OpenSslPort =  open_port({spawn, Cmd}, [stderr_to_stdout]),
     true = port_command(OpenSslPort, "Hello world"),
     OpenSslPort;
-start_client(erlang, Port, CA, Cert, Key, Config) ->
+start_client(erlang, Port, CA, _, Cert, Key, Config) ->
     {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
     ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
 			       {host, Hostname},
 			       {from, self()},
 			       {mfa, {ssl_test_lib, send_recv_result_active, []}},
-			       {options, [{verify, verify_peer}, {cacertfile, CA},
+			       {options, [{verify, verify_peer}, 
+					  {cacertfile, CA},
 					  {certfile, Cert}, {keyfile, Key}]}]).
 
-start_server(openssl, CA, Cert, Key, _) ->
+start_server(openssl, CA, OwnCa, Cert, Key, Config) ->
+    PrivDir = ?config(priv_dir, Config),
+    NewCA = new_ca(filename:join(PrivDir, "new_ca.pem"), CA, OwnCa),
+
     Port = ssl_test_lib:inet_port(node()),
     Version = tls_record:protocol_version(tls_record:highest_protocol_version([])),
     Cmd = "openssl s_server -accept " ++ integer_to_list(Port) ++ ssl_test_lib:version_flag(Version) ++
-	" -cert " ++ Cert ++ " -CAfile " ++ CA
-	++ " -key " ++ Key ++ " -Verify 2 -msg",
+	" -verify 2 -cert " ++ Cert ++ " -CAfile " ++ NewCA
+	++ " -key " ++ Key ++ " -msg -debug",
     OpenSslPort =  open_port({spawn, Cmd}, [stderr_to_stdout]),
     ssl_test_lib:wait_for_openssl_server(),
     true = port_command(OpenSslPort, "Hello world"),
     {OpenSslPort, Port};
 
-start_server(erlang, CA, Cert, Key, Config) ->
+start_server(erlang, CA, _, Cert, Key, Config) ->
+
     {_, ServerNode, _} = ssl_test_lib:run_where(Config),
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
 			       {from, self()},
@@ -217,9 +279,31 @@ openssl_check(_, Config) ->
     TLSVersion = ?config(tls_version, Config),
     case ssl_test_lib:check_sane_openssl_version(TLSVersion) of
 	true ->
-	    ssl:start(),
 	    Config;
 	false ->
 	    {skip, "TLS version not supported by openssl"}
     end.
 
+close(Port1, Port2) when is_port(Port1), is_port(Port2) ->
+    ssl_test_lib:close_port(Port1),
+    ssl_test_lib:close_port(Port2);
+close(Port, Pid) when is_port(Port) ->
+    ssl_test_lib:close_port(Port),
+    ssl_test_lib:close(Pid);
+close(Pid, Port) when is_port(Port) ->
+    ssl_test_lib:close_port(Port),
+    ssl_test_lib:close(Pid);
+close(Client, Server)  ->
+    ssl_test_lib:close(Server),
+    ssl_test_lib:close(Client).
+
+%% Work around OpenSSL bug, apparently the same bug as we had fixed in
+%% 11629690ba61f8e0c93ef9b2b6102fd279825977
+new_ca(FileName, CA, OwnCa) ->
+    {ok, P1} = file:read_file(CA),
+    E1 = public_key:pem_decode(P1),
+    {ok, P2} = file:read_file(OwnCa),
+    E2 = public_key:pem_decode(P2),
+    Pem = public_key:pem_encode(E2 ++E1),
+    file:write_file(FileName,  Pem),
+    FileName.
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/CA.pem b/lib/ssl/test/ssl_ECC_SUITE_data/CA.pem
deleted file mode 100644
index f82efdefc5..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/CA.pem
+++ /dev/null
@@ -1,14 +0,0 @@
------BEGIN CERTIFICATE-----
-MIICGjCCAYegAwIBAgIQZIIqq4RXfpBKJXV69Jc4BjAJBgUrDgMCHQUAMB0xGzAZ
-BgNVBAMTEklTQSBUZXN0IEF1dGhvcml0eTAeFw0xMjAzMjAxNzEzMjFaFw0zOTEy
-MzEyMzU5NTlaMB0xGzAZBgNVBAMTEklTQSBUZXN0IEF1dGhvcml0eTCBnzANBgkq
-hkiG9w0BAQEFAAOBjQAwgYkCgYEAqnt6FSyFQVSDyP7mY63IhCzgysTxBEg1qDb8
-nBHj9REReZA5UQ5iyEOdTbdLyOaSk2rJyA2wdTjYkNnLzK49nZFlpf89r3/bakAM
-wZv69S3FJi9W2z9m4JPv/5+QCYnFNRSnnHw3maNElwoQyknx96I3W7EuVOvKtKhh
-4DaD0WsCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zBOBgNVHQEERzBFgBBCHwn2
-8AmbN+cvJl1iJ1bsoR8wHTEbMBkGA1UEAxMSSVNBIFRlc3QgQXV0aG9yaXR5ghBk
-giqrhFd+kEoldXr0lzgGMAkGBSsOAwIdBQADgYEAIlVecua5Cr1z/cdwQ8znlgOU
-U+y/uzg0nupKkopzVnRYhwV4hxZt3izAz4C/SJZB7eL0bUKlg1ceGjbQsGEm0fzF
-LEV3vym4G51bxv03Iecwo96G4NgjJ7+9/7ciBVzfxZyfuCpYG1M2LyrbOyuevtTy
-2+vIueT0lv6UftgBfIE=
------END CERTIFICATE-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/ec1.crt b/lib/ssl/test/ssl_ECC_SUITE_data/ec1.crt
deleted file mode 100644
index 7d2b9cde9d..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/ec1.crt
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBhjCB8AIBBjANBgkqhkiG9w0BAQUFADAdMRswGQYDVQQDExJJU0EgVGVzdCBB
-dXRob3JpdHkwHhcNMTMwODA4MTAxNDI3WhcNMjMwODA2MTAxNDI3WjBFMQswCQYD
-VQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExFTATBgNVBAcTDEZvcnQgQmVsdm9p
-cjEMMAoGA1UEAxMDZWMxMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEpiRIxUCESROR
-P8IByg+vBv1fDdAg7yXfAh95GxFtvhBqZs6ATwaRKyLmZYgUm/4NUAyUeqmTBb7s
-2msKo5mnNzANBgkqhkiG9w0BAQUFAAOBgQAmwzoB1DVO69FQOUdBVnyups4t0c1c
-8h+1z/5P4EtPltk4o3mRn0AZogqdXCpNbuSGbSJh+dep5xW30VLxNHdc+tZSLK6j
-pT7A3hymMk8qbi13hxeH/VpEP25y1EjHowow9Wmb6ebtT/v7qFQ9AAHD9ONcIM4I
-FCC8vdFo7M5GgQ==
------END CERTIFICATE-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/ec1.key b/lib/ssl/test/ssl_ECC_SUITE_data/ec1.key
deleted file mode 100644
index 2dc9508b3c..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/ec1.key
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN EC PARAMETERS-----
-BgUrgQQACg==
------END EC PARAMETERS-----
------BEGIN EC PRIVATE KEY-----
-MHQCAQEEIOO0WK8znNzLyZIoGRIlaKnCNr2Wy8uk9i+GGFIhDGNAoAcGBSuBBAAK
-oUQDQgAEpiRIxUCESRORP8IByg+vBv1fDdAg7yXfAh95GxFtvhBqZs6ATwaRKyLm
-ZYgUm/4NUAyUeqmTBb7s2msKo5mnNw==
------END EC PRIVATE KEY-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/ec2.crt b/lib/ssl/test/ssl_ECC_SUITE_data/ec2.crt
deleted file mode 100644
index b0558a0ebc..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/ec2.crt
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIBhjCB8AIBBzANBgkqhkiG9w0BAQUFADAdMRswGQYDVQQDExJJU0EgVGVzdCBB
-dXRob3JpdHkwHhcNMTMwODA4MTAxNDM0WhcNMjMwODA2MTAxNDM0WjBFMQswCQYD
-VQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExFTATBgNVBAcTDEZvcnQgQmVsdm9p
-cjEMMAoGA1UEAxMDZWMyMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEzXaYReUyvoYl
-FwGOe0MJEXWCUncMfr2xG4GMjGYlfZsvLGEokefsJIvW+I+9jgUT2UFjxFXYNAvm
-uD1A1iWVWjANBgkqhkiG9w0BAQUFAAOBgQBFa6iIlrT9DWptIdB8uSYvp7qwiHxN
-hiVH5YhGIHHqjGZqtRHrSxqNEYMXXrgH9Hxc6gDbk9PsHZyVVoh/HgVWddqW1inh
-tStZm420PAKCuH4T6Cfsk76GE2m7FRzJvw9TM1f2A5nIy9abyrpup8lZGcIL4Kmq
-1Fix1LRtrmLNTA==
------END CERTIFICATE-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/ec2.key b/lib/ssl/test/ssl_ECC_SUITE_data/ec2.key
deleted file mode 100644
index 366d13648b..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/ec2.key
+++ /dev/null
@@ -1,8 +0,0 @@
------BEGIN EC PARAMETERS-----
-BgUrgQQACg==
------END EC PARAMETERS-----
------BEGIN EC PRIVATE KEY-----
-MHQCAQEEIPR3ORUpAFMTQhUJ0jllN38LKWziG8yP2H54Y/9vh1PwoAcGBSuBBAAK
-oUQDQgAEzXaYReUyvoYlFwGOe0MJEXWCUncMfr2xG4GMjGYlfZsvLGEokefsJIvW
-+I+9jgUT2UFjxFXYNAvmuD1A1iWVWg==
------END EC PRIVATE KEY-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.crt b/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.crt
deleted file mode 100644
index ed9beacf68..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDVjCCAr8CAQkwDQYJKoZIhvcNAQEFBQAwHTEbMBkGA1UEAxMSSVNBIFRlc3Qg
-QXV0aG9yaXR5MB4XDTEzMDgwODEwMTUzNFoXDTQwMTIyNDEwMTUzNFowRjELMAkG
-A1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRUwEwYDVQQHEwxGb3J0IEJlbHZv
-aXIxDTALBgNVBAMTBHJzYTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQC62v40w1AjV3oJuyYC2Fw6XhTOi1il6xZFnB9J1WhCmuxAB/VMhBcNypx38mNk
-eQ7a/ERQ5ddhZey29DYeFYU8oqfDURgWx5USHufb90xBen9KPmX3VNuQ8ZFP2q8Q
-b01/oRHBJQRBuaCtFHzpGIVBjC6dD5yeQgJsYaF4u+PBbonsIGROXMybcvUzXmjU
-dwpy2NhjGQL5sWcOdIeRP43APSyRYvq4tuBUZk2XxWfBcvA8LpcoYPMlRTf6jGL1
-/fAAcCYJ9lh3h92w0NZ/7ZRa/ebTplxK6yqCftuSKui1KdL69m0WZqHl79AUSfs9
-lsOwx9lHkyYvJeMofyeDbZ+3OYLmVqEBG1fza2aV2XVh9zJ8fAwmXy/c2IDhw/oD
-HAe/rSg/Sgt03ydIKqtZHbl3v0EexQQRlJRULIzdtON02dJMUd4EFUgQ9OUtEmC2
-Psj9Jdu1g5cevU7Mymu8Ot+fjHiGTcBUsXNuXFCbON3Gw7cIDl4+iv+cpDHHVC9L
-HK3PMEq3vu3qOGXSz+LDOoqkfROcLG7BclBuN2zoVSsMHFkB4aJhwy7eHhGz0z2W
-c6LTVd+GAApdY80kmjOjT//QxHEsX/n1useHza3OszQqZiArr4ub4rtq+l1DxAS/
-DWrZ/JGsbKL8cjWso6qBF94xTi8WhjkKuUYhsm+qLAbNOQIDAQABMA0GCSqGSIb3
-DQEBBQUAA4GBAIcuzqRkfypV/9Z85ZQCCoejPm5Urhv7dfg1/B3QtazogPBZLgL5
-e60fG1uAw5GmqTViHLvW06z73oQvJrFkrCLVvadDNtrKYKXnXqdkgVyk36F/B737
-A43HGnMfSxCfRhIOuKZB9clP5PiNlhw36yi3DratqT6TUvI69hg8a7jA
------END CERTIFICATE-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.key b/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.key
deleted file mode 100644
index 6e0d913d79..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/rsa1.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJKAIBAAKCAgEAutr+NMNQI1d6CbsmAthcOl4UzotYpesWRZwfSdVoQprsQAf1
-TIQXDcqcd/JjZHkO2vxEUOXXYWXstvQ2HhWFPKKnw1EYFseVEh7n2/dMQXp/Sj5l
-91TbkPGRT9qvEG9Nf6ERwSUEQbmgrRR86RiFQYwunQ+cnkICbGGheLvjwW6J7CBk
-TlzMm3L1M15o1HcKctjYYxkC+bFnDnSHkT+NwD0skWL6uLbgVGZNl8VnwXLwPC6X
-KGDzJUU3+oxi9f3wAHAmCfZYd4fdsNDWf+2UWv3m06ZcSusqgn7bkirotSnS+vZt
-Fmah5e/QFEn7PZbDsMfZR5MmLyXjKH8ng22ftzmC5lahARtX82tmldl1YfcyfHwM
-Jl8v3NiA4cP6AxwHv60oP0oLdN8nSCqrWR25d79BHsUEEZSUVCyM3bTjdNnSTFHe
-BBVIEPTlLRJgtj7I/SXbtYOXHr1OzMprvDrfn4x4hk3AVLFzblxQmzjdxsO3CA5e
-Por/nKQxx1QvSxytzzBKt77t6jhl0s/iwzqKpH0TnCxuwXJQbjds6FUrDBxZAeGi
-YcMu3h4Rs9M9lnOi01XfhgAKXWPNJJozo0//0MRxLF/59brHh82tzrM0KmYgK6+L
-m+K7avpdQ8QEvw1q2fyRrGyi/HI1rKOqgRfeMU4vFoY5CrlGIbJvqiwGzTkCAwEA
-AQKCAgBkXyaWKSRvF5pSh9lPRfGk2MzMdkXUOofoNIkKHDy5KocljiDSTVIk8mVC
-eU2ytuSn9UKtQgmEJEAXtu8rEdxUSftcC7+o3OTSqw9ZNWoc8jRWKVaUmVyoa1rn
-Tk0jwuYaXOcwnTXAKHqK/qpqe+V45FhVvgEfcc3jcj5OoH8jdMFZubyn62ltRz83
-rMsa9icCskDqWpEil40IUshP2ZfHYBUEs+qCNpoiPCIKGNw3KgqqCUzhP9LcfmYn
-jCnMge/eDGAikdXLv4vyYvwWFATRK/pGTuLcy542IvbHeY0vY5wVezH2CoOFBGD9
-xQ/UcZwE5hVtQToNsYhoRIVxL/3Of0qDk1M6W2Plh2MAstyejIHE3ct0pPfW3rsu
-j/9Z/H0P9Q5ghSjarwOp2qGrrz6/4LVbbTDY8V1L928l4SqbUMtEQxcxTBN8YFoD
-mPV3Jc3zls9wiiEX53RcH8MK5tjrcRwWqurTZvi/pkLfXlGDgKGCOaa3HgWVQyU+
-L6jVZM+u1nwN+jNXQYGeLEro/6tvG8WQbRMHQoxLG+rm4V3/SwH0DcfrVFDTg+i6
-3wMU1GC/aQEdTFWXvHAkpwrf4M9QWvjtheiaSxtBUoAY6l+ixCVHKrIk6glKLEjx
-92HxmcJdopQScFETAyg8eVKV0kOGfVeFEpIqwq7hVedmTflpQQKCAQEA44h4dAta
-cYeBqBr8eljWcgs79gmgwBEQxQUnwE/zuzLKn5NxAW324Kh25V/n/MupUzBlLPWn
-91UHfw9PCXT8/HvgYQ4S5sXbKRbGmuPSsTmz4Rfe2ix6RggVNUOwORVNDyM7SQh7
-USdzZH5dMxKfF5L/b4Byx7eQZaoeKlfaXcqgikNZZ6pkhVCNxUKi9vvjS9r2wwCd
-xtgu5MfTpdEci0zH1+uuRisVRcEbcRX9umUTCiZrmEeddZXNiwTAS3FtX7qGzuq9
-LKIeETwcOZrWj0E48UvbSfK4Axn7sf5J0n7/Qo7I089S5QQEI6ZDP501i71dNFhn
-qfcY30c1k3TC7QKCAQEA0juuVHExKNLLNmQejNPfuHYoH0Uk2BH/8x96/Mkj6k6K
-SUCHDS3iWOljXGw8YtpS8v5mGBGgMhJ+s/vCRM6R9eXYTc8u2ktY/kjyW0PgW8/Z
-vb9VrQpn5svTNwj2Q8qYsTqXnQKO7YuL+hnQpQNAcID6FTeOASVLGObEf810qRfN
-4y3RqCWUnYXXTyXj+cJdbXTxfF7HVZPIAQKqE7J5Qo9ynYILY62oSmUGC6m8VKyE
-rrvDMK1IVi0X4w+Jx4HX0IC2+DBKxCaLWT69bE1IwjB06Q5zoTQPVi6c6qQp7K0H
-kqSyLJ/ctwcEubu0DPNmvMlgWtAbAsoESA5GbIit/QKCAQEAxRzp9OYNAUM6AK74
-QOmLRZsT4+6tUxa1p2jy6fiZlnfG731kra9c630mG0n9iJPK6aWIUO20CGGiL+HM
-P84YiIaseIgfucp4NV1kyrRJR31MptjuF6Xme5ru/IjaNmmMq2uDJZ7ybfi2T73k
-8aTVLDANl8P4K6qLrnc00MvxAcXTVFRKNLN5h8CkQNqcoUjPvVxA3+g9xxBrd4jh
-gsnoZ4kpq5WiEWmrcRV8t3gsqfh8CRQFrBOGhmIzgZapG/J0pTTLKqBTKEJ9t8KS
-VRkdfVcshGWJ4MMjxJQS5zz7KR8Z9cgKlOwLzRiwmU2k/owr4hY3k2xuyeClrHBd
-KpRBdQKCAQBvDk/dE55gbloi9WieBB6eluxC+IeqDHgkunCBsM9kKvEqGQg+kgqL
-5V4zqImNvr8q1fCgrk7tpI+CDHBnYKgCOdS15cheUIdGbMp6I7UVSws/DR/5NRIF
-/Y4p+HX/Abr/hHAq5PsTyS+8gn6RbNJRnBB/vMUrHcQ5902+JY6G9KgyZjXmmVOU
-kutWSDHR8jbgZ3JZvMeYEWUKA5pMpW8hFh35zoStt0K7afpzlsqCAFBm7ZEC2cbo
-nxGLRN4HojObVSNSoFAepi3eiyINYBYbXvWjV5sFgTbI0/7YhLgQ6qahdJcas6go
-l3CLnPhUDxAqkkZwMpbSNl1kowXYt6sRAoIBAAOWnXgf9Bdb9OWKGgt42gVfC4cz
-zj2JoLpbDTtbEdHNn8XQvPhGbpdtgnsuEMijIMy1UTlmv17jbFWdZTDeN31EUJrC
-smgKX0OlVFKD90AI0BiIREK0hJUBV0pV4JoUjwnQBHGvranD06/wAtHEqgqF1Ipp
-DCAKwxggM7qtB1R1vkrc/aLQej+mlwA8N6q92rnEsg+EnEbhtLDDZQcV/q5cSDCN
-MMcnM+QdyjKwEeCVXHaqNfeSqKg/Ab2eZbS9VxA+XZD73+eUY/JeJsg7LfZrRz0T
-ij5LCS7A+nVB5/B5tGkk4fcNhk2n356be6l46S98BEgtuwGLC9pqXf7zyp4=
------END RSA PRIVATE KEY-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.crt b/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.crt
deleted file mode 100644
index 06ca92dda3..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDVjCCAr8CAQowDQYJKoZIhvcNAQEFBQAwHTEbMBkGA1UEAxMSSVNBIFRlc3Qg
-QXV0aG9yaXR5MB4XDTEzMDgwODEwMTYwMloXDTQwMTIyNDEwMTYwMlowRjELMAkG
-A1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRUwEwYDVQQHEwxGb3J0IEJlbHZv
-aXIxDTALBgNVBAMTBHJzYTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
-AQCjQUe0BGOpULjOAmLbXM4SSQzJvxJbCFi3tryyd+OARq6Fdp6/fslVhsr0PhWE
-X8yRbAugIjseTpLwz+1OC6LavOGV1ixzGTI/9HDXGKbf8qoCrSdh28sqQJnmqGT4
-UCKLn6Rqjg2iyBBcSK3LrtKEPI4C7NaSOZUtANkppvziEMwm+0r16sgHh2Xx6mxd
-22q01kq1lJqwEnIDPMSz3+ESUVQQ4T3ka7yFIhc9PYmILIXkZi0x7AiDeRkIILul
-GQrduTWSPGY3prXeDAbmQNazxrHp8fcR2AfFSI6HYxMALq9jWxc4xDIkss6BO2Et
-riJOIgXFpbyVsYCbkI1kXhEWFDt3uJBIcmtJKGzro4xv+XLG6BbUeTJgSHXMc7Cb
-fX87+CBIFR5a/aqkEKh/mcvsDdaV+kpNKdr7q4wAuIQb8g7IyXEDuAm1VZjQs9WC
-KFRGSq9sergEw9gna0iThRZjD+dzNzB17XmlAK4wa98a7MntwqpAt/GsCFOiPM8E
-c+8gpuo8WqC0kP8OpImyw9cQhlZ3dca1qkr2cyKyAOGxUxyA67FgiHSsxJJ2Xhse
-o49qeKTjMZd8zhSokM2TH6qEf7YfOePU51YRfAHUhzRmE31N/MExqDjFjklksEtM
-iHhbPo+cOoxV8x1u13umdUvtTaAUSBA/DpvzWdnORvnaqQIDAQABMA0GCSqGSIb3
-DQEBBQUAA4GBAFD+O7h+5R5S1rIN9eC+oEGpvRhMG4v4G3pJp+c7bbtO7ifFx1WP
-bta1b5YtiQYcKP0ORABm/3Kcvsb3VbaMH/zkxWEbASZsmIcBY3ml4f2kkn6WT2hD
-Wc6VMIAR3N6Mj1b30yI1qYVIid+zIouiykMB+zqllm+Uar0SPNjKxDU/
------END CERTIFICATE-----
diff --git a/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.key b/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.key
deleted file mode 100644
index d415ef0391..0000000000
--- a/lib/ssl/test/ssl_ECC_SUITE_data/rsa2.key
+++ /dev/null
@@ -1,51 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIJJwIBAAKCAgEAo0FHtARjqVC4zgJi21zOEkkMyb8SWwhYt7a8snfjgEauhXae
-v37JVYbK9D4VhF/MkWwLoCI7Hk6S8M/tTgui2rzhldYscxkyP/Rw1xim3/KqAq0n
-YdvLKkCZ5qhk+FAii5+kao4NosgQXEity67ShDyOAuzWkjmVLQDZKab84hDMJvtK
-9erIB4dl8epsXdtqtNZKtZSasBJyAzzEs9/hElFUEOE95Gu8hSIXPT2JiCyF5GYt
-MewIg3kZCCC7pRkK3bk1kjxmN6a13gwG5kDWs8ax6fH3EdgHxUiOh2MTAC6vY1sX
-OMQyJLLOgTthLa4iTiIFxaW8lbGAm5CNZF4RFhQ7d7iQSHJrSShs66OMb/lyxugW
-1HkyYEh1zHOwm31/O/ggSBUeWv2qpBCof5nL7A3WlfpKTSna+6uMALiEG/IOyMlx
-A7gJtVWY0LPVgihURkqvbHq4BMPYJ2tIk4UWYw/nczcwde15pQCuMGvfGuzJ7cKq
-QLfxrAhTojzPBHPvIKbqPFqgtJD/DqSJssPXEIZWd3XGtapK9nMisgDhsVMcgOux
-YIh0rMSSdl4bHqOPanik4zGXfM4UqJDNkx+qhH+2Hznj1OdWEXwB1Ic0ZhN9TfzB
-Mag4xY5JZLBLTIh4Wz6PnDqMVfMdbtd7pnVL7U2gFEgQPw6b81nZzkb52qkCAwEA
-AQKCAgBORLHXwHL3bdfsDIDQooG5ioQzBQQL2MiP63A0L/5GNZzeJ6ycKnDkLCeJ
-SWqPeE5fOemo8EBfm1QfV9BxpmqBbCTK7U+KLv5EYzDmLs9ydqjDd7h11iZlL2uZ
-hgpCckjdn7/3xfsLm9ccJ0wLZtlOxKlhBaMpn6nBVbLHoWOEDoGR/tBFbjZQRb2+
-aaFirhtOb56Jx6ER4QYAP1Ye1qrVWWBwZ0yBApXzThDOL36MZqwagFISqRK71YcG
-uoq78HGhM3ZXkdV/wNFYj3OPWG6W6h/KBVNqnqO7FbofdoRZhghYHgfYE1fm+ELA
-+nLwr5eK1gzmYTs0mVELRBZFlEOkCfYNOnuRgysFezEklS+ICp3HzIhYXza3kyTf
-B2ZBwZZVCv/94MKyibyANErmv1a5ugY5Hsn9/WKC8qTto+qLYoyFCvBjzj0PSaVX
-/3cty2DY0SK16K1Y4AOPtJMYTXYB3tVX8Akgjz1F6REBtZSOXrSQ3Vhy1ORl3Hzf
-WCBYDqL8K0hJiBVgkvneIyIjmFHsdM60Nr7EldBEnJ/UrPzsl2VuWFPZlnasfUaW
-x+vq1H4Dfz+bHt8coBRHDjKgUvwkfFeBQOBR5DG3vMrxguVRA1EYYMRR5C3yxk2m
-ARAtdh4VxUQDQjjrmr7Dl/y1rU34aInXIrrFWpuvIhl8Ht09sQKCAQEA1pXKK5f0
-HkKfM/qk5xzF+WdHClBrPXi0XwLN6UQ+WWMMNhkGZ+FMPXl/6IJDT91s6DA3tPhr
-OZF64n9ZFaGgHNBXNiB+Txjv5vZeSBMFt3hSonqt42aijx6gXfmLnkA+TYpa6Wex
-YCeEgdH8LocJa7Gj2vzrYliPYk3deh6SnZZ6N8bI+ciwK3ZGF/pkWaTX83dIFq3w
-YyZ+0dEpNGbA9812wNVourPg3OfqG3/CdnTfvY1M9KCC3JalpyzQL4Zm5soXF0wj
-36C2yTxA02AyFz3TvUIBrvsN6i0gmGfE79+UIp29JYrFRsIgBDt+ze2vQWUz2MX5
-GeX6/yCBgiTXtwKCAQEAwsNf6k2m5Cw+WtuLzzUfBBJCN+t1lrnYJ6lF0HubW6TZ
-vX1kBWyc+Rpo4ljr/+f4R9aC/gTEQOmV/hNVZy1RU2dAI8cH+r6JWG9lgif+8h//
-5R81txE7gnuK1Na7PmvnQPPN661zsQZ5e1ENPXS3TJmUW/M01JxAMqEQjvAPa/II
-H2KjL5NX28k9Hiw9rP6n+qXAfG/LEwXgoVCcehPwfANqQ1l95UgOdKDmjG94dipI
-h2DEK70ZbrsgQbT60Wd8I5h0yhiQsik2/bVkqLmcG4SSg0/5cf2vZMApgoH/adUz
-rJFdthm7iGPLhwS6fbhXew17Af96FvzfkifUV+cgnwKCAQBNUlYyFSQKz1jMgxFu
-kciokNVhWw75bIgaAEmwNz38OZuJ1sSfI+iz8hbr8hxNJ+15UP6RwD3q1YghG2A/
-Uij+mPgD8ftxhvvTDo10jR4vOTUVhP0phq8mwRNqKWRs1ptcl3Egz5NzoWm22bJ0
-FYaIfs8bNq2el2i7NHGM8n1EOZe6h2+dyfno/0pMk5YbUzHZce7Q9UY8g/+InUSq
-tCfuYuPaokuFkxGAqDSMSiIJSx3gEI1dTIU69TGlppkxts1XdhSR+YanqyKSKpr1
-T6FdDJNCjAlNQvuFmVM4d5PYF4kqXApu/60MTSD6RXHwxCe1ecEP6G5VLbCew9jG
-y33LAoIBAGsWyC9pwQEm/qYwn4AwYjx32acrtX1J9HtiTLvkqzjJvNu/DXcaEHm7
-tr32TNVp9A9z+JS5hDt49Hs+oC/aMCRe2lqRvmZ1y8kvfy4A1eLGC4stDPj65bDK
-QzziURRyejYxmCElPz6wI63VlCUdfwgEThn88SiSPY5ZF2SwxJoC+8peDwJCzwVP
-cmabxtHPOAfOibciNRPhoHCyhUdunUVjD1O26k1ewGwKaJoBVMgMWdLuNw8hq9FB
-3OukGmF3uD9OPbE9rpn3pX/89Dr9y8MpsvG20J6H8Z/BNVHILus/SmlxiIhvP7kv
-viIgTHaCHL/RWrhvg+8N3dRcSBqJQFsCggEAFe2TMEq2AlnBn4gsuAOIuZPYKQCg
-2a+tl1grQzmNth6AGGQcIqShadICD6SnVMIS64HHV/m18Cuz7GhJ06ZVjXJsHueG
-UpTE9wAmI2LxnNkupkLJu+SVcW3N86PujWmQBFpHkd+IRPLS51xjD9W5zLJ7HL4/
-fnKO+B+ZK6Imxbe5C5vJezkGfeOSyQoVtt6MT/XtSKNEGPBX+M6fLKgUMMg2H2Mt
-/SsD7DkOzFteKXzaEg/K8oOTpsOPkVDwNl2KErlEqbJv0k7yEVw50mYmsn/OLjh8
-+9EibISwCODbPxB+PhV6u2ue1IvGLRqtsN60lFOvbGn+kSewy9EUVHHQDQ==
------END RSA PRIVATE KEY-----
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 150b5037d7..74d71263de 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -450,7 +450,7 @@ make_ecdsa_cert(Config) ->
 				  {cacertfile, ServerCaCertFile},
 				  {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
 	     {server_ecdsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
-					 {cacertfile, ClientCaCertFile},
+					 {cacertfile, ServerCaCertFile},
 					 {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 					 {verify, verify_peer}]},
 	     {client_ecdsa_opts, [{ssl_imp, new},{reuseaddr, true},
@@ -475,7 +475,7 @@ make_ecdh_rsa_cert(Config) ->
 				     {cacertfile, ServerCaCertFile},
 				     {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
 	     {server_ecdh_rsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
-					    {cacertfile, ClientCaCertFile},
+					    {cacertfile, ServerCaCertFile},
 					    {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 					    {verify, verify_peer}]},
 	     {client_ecdh_rsa_opts, [{ssl_imp, new},{reuseaddr, true},
@@ -1136,3 +1136,36 @@ filter_suites(Ciphers0) ->
     Supported1 = ssl_cipher:filter_suites(Supported0),
     Supported2 = [ssl:suite_definition(S) || S <- Supported1],
     [Cipher || Cipher <- Ciphers0, lists:member(Cipher, Supported2)].
+
+-define(OPENSSL_QUIT, "Q\n").
+close_port(Port) ->
+    catch port_command(Port, ?OPENSSL_QUIT),
+    close_loop(Port, 500, false).
+
+close_loop(Port, Time, SentClose) ->
+    receive 
+	{Port, {data,Debug}} when is_port(Port) ->
+	    ct:log("openssl ~s~n",[Debug]),
+	    close_loop(Port, Time, SentClose);	
+	{ssl,_,Msg} ->
+	    ct:log("ssl Msg ~s~n",[Msg]),
+	    close_loop(Port, Time, SentClose);	
+	{Port, closed} -> 
+	    ct:log("Port Closed~n",[]),
+	    ok;
+	{'EXIT', Port, Reason} ->
+	    ct:log("Port Closed ~p~n",[Reason]),
+	    ok;
+	Msg ->
+	    ct:log("Port Msg ~p~n",[Msg]),
+	    close_loop(Port, Time, SentClose)
+    after Time ->
+	    case SentClose of
+		false -> 
+		    ct:log("Closing port ~n",[]),
+		    catch erlang:port_close(Port),
+		    close_loop(Port, Time, true);
+		true ->
+		    ct:log("Timeout~n",[])
+	    end
+    end.
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index d36e441c7a..942c446ec4 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -226,7 +226,7 @@ basic_erlang_client_openssl_server(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok),
   
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
 
@@ -259,7 +259,7 @@ basic_erlang_server_openssl_client(Config) when is_list(Config) ->
 
     %% Clean close down!   Server needs to be closed first !!
     ssl_test_lib:close(Server),
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false),
     ok.
 %%--------------------------------------------------------------------
@@ -298,7 +298,7 @@ erlang_client_openssl_server(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok),
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
 
@@ -332,11 +332,9 @@ erlang_server_openssl_client(Config) when is_list(Config) ->
 
     %% Clean close down!   Server needs to be closed first !!
     ssl_test_lib:close(Server),
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false).
 
-%%-------------------------------------------------------------------- 
-
 erlang_client_openssl_server_dsa_cert() ->
     [{doc,"Test erlang server with openssl client"}].
 erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
@@ -376,7 +374,7 @@ erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok), 
    
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false),
     ok.
@@ -414,7 +412,7 @@ erlang_server_openssl_client_dsa_cert(Config) when is_list(Config) ->
 
     %% Clean close down!   Server needs to be closed first !!
     ssl_test_lib:close(Server),
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false).
 
 %%-------------------------------------------------------------------- 
@@ -450,7 +448,7 @@ erlang_server_openssl_client_reuse_session(Config) when is_list(Config) ->
     
     %% Clean close down!   Server needs to be closed first !!
     ssl_test_lib:close(Server),
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false),
     ok.
 
@@ -496,7 +494,7 @@ erlang_client_openssl_server_renegotiate(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok), 
    
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false),
     ok.
@@ -542,7 +540,7 @@ erlang_client_openssl_server_nowrap_seqnum(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok), 
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
 %%--------------------------------------------------------------------
@@ -581,7 +579,7 @@ erlang_server_openssl_client_nowrap_seqnum(Config) when is_list(Config) ->
     
     %% Clean close down!   Server needs to be closed first !!
     ssl_test_lib:close(Server),
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false).
 
 %%--------------------------------------------------------------------
@@ -624,7 +622,7 @@ erlang_client_openssl_server_no_server_ca_cert(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok), 
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
 
@@ -666,7 +664,7 @@ erlang_client_openssl_server_client_cert(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Client, ok),
   
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort), 
+    ssl_test_lib:close_port(OpensslPort), 
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
 
@@ -708,7 +706,7 @@ erlang_server_openssl_client_client_cert(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Server, ok),
     
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     ssl_test_lib:close(Server),
     process_flag(trap_exit, false).
 
@@ -821,7 +819,7 @@ erlang_client_bad_openssl_server(Config) when is_list(Config) ->
 					  [{versions, [Version]} | ClientOpts]}]),
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client1),
     process_flag(trap_exit, false),
     ok.
@@ -878,7 +876,7 @@ expired_session(Config) when is_list(Config) ->
 				   {from, self()},  {options, ClientOpts}]),  
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
     ssl_test_lib:close(Client2),
     process_flag(trap_exit, false).
 
@@ -1089,7 +1087,7 @@ cipher(CipherSuite, Version, Config, ClientOpts, ServerOpts) ->
     Result = ssl_test_lib:wait_for_result(Client, ok),
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     ssl_test_lib:close(Client),
 
     Return = case Result of
@@ -1136,7 +1134,7 @@ start_erlang_client_and_openssl_server_with_opts(Config, ErlangClientOpts, Opens
     Callback(Client, OpensslPort),
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
 
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
@@ -1175,7 +1173,7 @@ start_erlang_client_and_openssl_server_for_npn_negotiation(Config, Data, Callbac
     Callback(Client, OpensslPort),
 
     %% Clean close down!   Server needs to be closed first !!
-    close_port(OpensslPort),
+    ssl_test_lib:close_port(OpensslPort),
 
     ssl_test_lib:close(Client),
     process_flag(trap_exit, false).
@@ -1205,7 +1203,7 @@ start_erlang_server_and_openssl_client_for_npn_negotiation(Config, Data, Callbac
 
     ssl_test_lib:close(Server),
 
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false).
 
 
@@ -1234,7 +1232,7 @@ start_erlang_server_and_openssl_client_with_opts(Config, ErlangServerOpts, OpenS
 
     ssl_test_lib:close(Server),
 
-    close_port(OpenSslPort),
+    ssl_test_lib:close_port(OpenSslPort),
     process_flag(trap_exit, false).
 
 
@@ -1282,39 +1280,6 @@ delayed_send(Socket, [ErlData, OpenSslData]) ->
     ssl:send(Socket, ErlData),
     erlang_ssl_receive(Socket, OpenSslData).
 
-close_port(Port) ->
-    catch port_command(Port, ?OPENSSL_QUIT),
-    close_loop(Port, 500, false).
-
-close_loop(Port, Time, SentClose) ->
-    receive 
-	{Port, {data,Debug}} when is_port(Port) ->
-	    ct:log("openssl ~s~n",[Debug]),
-	    close_loop(Port, Time, SentClose);	
-	{ssl,_,Msg} ->
-	    ct:log("ssl Msg ~s~n",[Msg]),
-	    close_loop(Port, Time, SentClose);	
-	{Port, closed} -> 
-	    ct:log("Port Closed~n",[]),
-	    ok;
-	{'EXIT', Port, Reason} ->
-	    ct:log("Port Closed ~p~n",[Reason]),
-	    ok;
-	Msg ->
-	    ct:log("Port Msg ~p~n",[Msg]),
-	    close_loop(Port, Time, SentClose)
-    after Time ->
-	    case SentClose of
-		false -> 
-		    ct:log("Closing port ~n",[]),
-		    catch erlang:port_close(Port),
-		    close_loop(Port, Time, true);
-		true ->
-		    ct:log("Timeout~n",[])
-	    end
-    end.
-
-
 server_sent_garbage(Socket) ->
     receive 
 	server_sent_garbage ->
author	Ingela Anderton Andin <[email protected]>	2014-08-05 09:45:07 +0200
committer	Ingela Anderton Andin <[email protected]>	2014-08-11 10:26:49 +0200
commit	cc4dbea1229e8903f3cca1589d7f87000cdb775a (patch)
tree	54a6d0767df9591debc27a433fa88998e9a62e19 /lib/ssl/test
parent	112ffb94dacc75ef4cebfbfa137ea8ce52b9631e (diff)
download	otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.tar.gz otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.tar.bz2 otp-cc4dbea1229e8903f3cca1589d7f87000cdb775a.zip