aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2014-02-24 09:35:37 +0100
committerIngela Anderton Andin <[email protected]>2014-02-24 09:35:37 +0100
commit7211dab352a2b5141c260680f2077ca792768b37 (patch)
tree48d687dfe1b2bfb37deb6fe585846dc95b43304c /lib
parent502b13aaf568e351bc30e44d0e14c063cbf5fc5a (diff)
parent794b3440b4eba119996be1966eb1244340de2e4f (diff)
downloadotp-7211dab352a2b5141c260680f2077ca792768b37.tar.gz
otp-7211dab352a2b5141c260680f2077ca792768b37.tar.bz2
otp-7211dab352a2b5141c260680f2077ca792768b37.zip
Merge branch 'ia/ssl/cache-fix/OTP-11733'
* ia/ssl/cache-fix/OTP-11733: ssl: Add test that memory is not leeked ssl: Correct clean up of certificate database when certs are inputed in pure DER format.
Diffstat (limited to 'lib')
-rw-r--r--lib/ssl/src/ssl_connection.erl6
-rw-r--r--lib/ssl/test/ssl_basic_SUITE.erl9
2 files changed, 11 insertions, 4 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 82106935cb..e283e6079e 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -1,7 +1,7 @@
%%
%% %CopyrightBegin%
%%
-%% Copyright Ericsson AB 2013-2013. All Rights Reserved.
+%% Copyright Ericsson AB 2013-2014. All Rights Reserved.
%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
@@ -1757,12 +1757,12 @@ handle_unrecv_data(StateName, #state{socket = Socket, transport_cb = Transport,
Connection:handle_close_alert(Data, StateName, State)
end.
-handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>}}) ->
+handle_trusted_certs_db(#state{ssl_options = #ssl_options{cacertfile = <<>>, cacerts = []}}) ->
%% No trusted certs specified
ok;
handle_trusted_certs_db(#state{cert_db_ref = Ref,
cert_db = CertDb,
- ssl_options = #ssl_options{cacertfile = undefined}}) ->
+ ssl_options = #ssl_options{cacertfile = <<>>}}) ->
%% Certs provided as DER directly can not be shared
%% with other connections and it is safe to delete them when the connection ends.
ssl_pkix_db:remove_trusted_certs(Ref, CertDb);
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 2e216b32fa..3c23369923 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -2208,7 +2208,14 @@ der_input(Config) when is_list(Config) ->
ssl_test_lib:check_result(Server, ok, Client, ok),
ssl_test_lib:close(Server),
- ssl_test_lib:close(Client).
+ ssl_test_lib:close(Client),
+
+ {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
+ [_, _,_, _, Prop] = StatusInfo,
+ State = ssl_test_lib:state(Prop),
+ [CADb | _] = element(5, State),
+ [] = ets:tab2list(CADb).
+
%%--------------------------------------------------------------------
der_input_opts(Opts) ->
Certfile = proplists:get_value(certfile, Opts),