diff options
author | Ingela Anderton Andin <[email protected]> | 2014-02-24 09:35:37 +0100 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2014-02-24 09:35:37 +0100 |
commit | 7211dab352a2b5141c260680f2077ca792768b37 (patch) | |
tree | 48d687dfe1b2bfb37deb6fe585846dc95b43304c /lib | |
parent | 502b13aaf568e351bc30e44d0e14c063cbf5fc5a (diff) | |
parent | 794b3440b4eba119996be1966eb1244340de2e4f (diff) | |
download | otp-7211dab352a2b5141c260680f2077ca792768b37.tar.gz otp-7211dab352a2b5141c260680f2077ca792768b37.tar.bz2 otp-7211dab352a2b5141c260680f2077ca792768b37.zip |
Merge branch 'ia/ssl/cache-fix/OTP-11733'
* ia/ssl/cache-fix/OTP-11733:
ssl: Add test that memory is not leeked
ssl: Correct clean up of certificate database when certs are inputed in pure DER format.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/ssl/src/ssl_connection.erl | 6 | ||||
-rw-r--r-- | lib/ssl/test/ssl_basic_SUITE.erl | 9 |
2 files changed, 11 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 82106935cb..e283e6079e 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1,7 +1,7 @@ %% %% %CopyrightBegin% %% -%% Copyright Ericsson AB 2013-2013. All Rights Reserved. +%% Copyright Ericsson AB 2013-2014. All Rights Reserved. %% %% The contents of this file are subject to the Erlang Public License, %% Version 1.1, (the "License"); you may not use this file except in @@ -1757,12 +1757,12 @@ handle_unrecv_data(StateName, #state{socket = Socket, transport_cb = Transport, Connection:handle_close_alert(Data, StateName, State) end. -handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>}}) -> +handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>, cacerts = []}}) -> %% No trusted certs specified ok; handle_trusted_certs_db(#state{cert_db_ref = Ref, cert_db = CertDb, - ssl_options = #ssl_options{cacertfile = undefined}}) -> + ssl_options = #ssl_options{cacertfile = <<>>}}) -> %% Certs provided as DER directly can not be shared %% with other connections and it is safe to delete them when the connection ends. ssl_pkix_db:remove_trusted_certs(Ref, CertDb); diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index 2e216b32fa..3c23369923 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -2208,7 +2208,14 @@ der_input(Config) when is_list(Config) -> ssl_test_lib:check_result(Server, ok, Client, ok), ssl_test_lib:close(Server), - ssl_test_lib:close(Client). + ssl_test_lib:close(Client), + + {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)), + [_, _,_, _, Prop] = StatusInfo, + State = ssl_test_lib:state(Prop), + [CADb | _] = element(5, State), + [] = ets:tab2list(CADb). + %%-------------------------------------------------------------------- der_input_opts(Opts) -> Certfile = proplists:get_value(certfile, Opts), |