1 files changed, 18 insertions, 14 deletions
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 5c7f76a28b..7ffc897757 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -542,7 +542,7 @@ handle_session(#server_hello{cipher_suite = CipherSuite,
 		      negotiated_version = ReqVersion,
 		      negotiated_protocol = CurrentProtocol} = State0) ->
     #{key_exchange := KeyAlgorithm} =
-	ssl_cipher:suite_definition(CipherSuite),
+	ssl_cipher_format:suite_definition(CipherSuite),
     
     PremasterSecret = make_premaster_secret(ReqVersion, KeyAlgorithm),
 
@@ -650,6 +650,8 @@ init(_Type, _Event, _State, _Connection) ->
             tls_connection | dtls_connection) ->
 		   gen_statem:state_function_result().
 %%--------------------------------------------------------------------
+error({call, From}, {close, _}, State, _Connection) ->
+    stop_and_reply(normal, {reply, From, ok}, State);
 error({call, From}, _Msg, State, _Connection) ->
     {next_state, ?FUNCTION_NAME, State, [{reply, From, {error, closed}}]}.
 
@@ -1488,7 +1490,7 @@ connection_info(#state{sni_hostname = SNIHostname,
 		       negotiated_version =  {_,_} = Version, 
 		       ssl_options = Opts}) ->
     RecordCB = record_cb(Connection),
-    CipherSuiteDef = #{key_exchange := KexAlg} = ssl_cipher:suite_definition(CipherSuite),
+    CipherSuiteDef = #{key_exchange := KexAlg} = ssl_cipher_format:suite_definition(CipherSuite),
     IsNamedCurveSuite = lists:member(KexAlg,
                                      [ecdh_ecdsa, ecdhe_ecdsa, ecdh_rsa, ecdhe_rsa, ecdh_anon]),
     CurveInfo = case ECCCurve of
@@ -1499,7 +1501,7 @@ connection_info(#state{sni_hostname = SNIHostname,
 		end,
     [{protocol, RecordCB:protocol_version(Version)},
      {session_id, SessionId},
-     {cipher_suite, ssl_cipher:erl_suite_definition(CipherSuiteDef)},
+     {cipher_suite, ssl_cipher_format:erl_suite_definition(CipherSuiteDef)},
      {selected_cipher_suite, CipherSuiteDef},
      {sni_hostname, SNIHostname} | CurveInfo] ++ ssl_options_list(Opts).
 
@@ -1627,7 +1629,7 @@ resumed_server_hello(#state{session = Session,
 
 server_hello(ServerHello, State0, Connection) ->
     CipherSuite = ServerHello#server_hello.cipher_suite,
-    #{key_exchange := KeyAlgorithm}  = ssl_cipher:suite_definition(CipherSuite),
+    #{key_exchange := KeyAlgorithm}  = ssl_cipher_format:suite_definition(CipherSuite),
     State = Connection:queue_handshake(ServerHello, State0),
     State#state{key_algorithm = KeyAlgorithm}.
 
@@ -1641,7 +1643,7 @@ handle_peer_cert(Role, PeerCert, PublicKeyInfo,
     State1 = State0#state{session =
 			 Session#session{peer_certificate = PeerCert},
 			 public_key_info = PublicKeyInfo},
-    #{key_exchange := KeyAlgorithm} = ssl_cipher:suite_definition(CipherSuite),
+    #{key_exchange := KeyAlgorithm} = ssl_cipher_format:suite_definition(CipherSuite),
     State2 = handle_peer_cert_key(Role, PeerCert, PublicKeyInfo, KeyAlgorithm, State1),
 
     {Record, State} = Connection:next_record(State2),
@@ -2248,22 +2250,24 @@ generate_srp_server_keys(_SrpParams, 10) ->
 generate_srp_server_keys(SrpParams =
 			     #srp_user{generator = Generator, prime = Prime,
 				       verifier = Verifier}, N) ->
-    case crypto:generate_key(srp, {host, [Verifier, Generator, Prime, '6a']}) of
-	error ->
-	    generate_srp_server_keys(SrpParams, N+1);
+    try crypto:generate_key(srp, {host, [Verifier, Generator, Prime, '6a']}) of
 	Keys ->
 	    Keys
+    catch
+	error:_ ->
+	    generate_srp_server_keys(SrpParams, N+1)
     end.
 
 generate_srp_client_keys(_Generator, _Prime, 10) ->
     ?ALERT_REC(?FATAL, ?ILLEGAL_PARAMETER);
 generate_srp_client_keys(Generator, Prime, N) ->
 
-    case crypto:generate_key(srp, {user, [Generator, Prime, '6a']}) of
-	error ->
-	    generate_srp_client_keys(Generator, Prime, N+1);
+    try crypto:generate_key(srp, {user, [Generator, Prime, '6a']}) of
 	Keys ->
 	    Keys
+    catch
+	error:_ ->
+	    generate_srp_client_keys(Generator, Prime, N+1)
     end.
 
 handle_srp_identity(Username, {Fun, UserState}) ->
@@ -2470,7 +2474,7 @@ handle_trusted_certs_db(#state{ssl_options =
 handle_trusted_certs_db(#state{cert_db_ref = Ref,
 			       cert_db = CertDb,
 			       ssl_options = #ssl_options{cacertfile = <<>>}}) when CertDb =/= undefined ->
-    %% Certs provided as DER directly can not be shared
+    %% Certs provided as DER directly cannot be shared
     %% with other connections and it is safe to delete them when the connection ends.
     ssl_pkix_db:remove_trusted_certs(Ref, CertDb);
 handle_trusted_certs_db(#state{file_ref_db = undefined}) ->
@@ -2606,7 +2610,7 @@ ssl_options_list([ciphers = Key | Keys], [Value | Values], Acc) ->
    ssl_options_list(Keys, Values, 
 		    [{Key, lists:map(
 			     fun(Suite) -> 
-				     ssl_cipher:suite_definition(Suite) 
+				     ssl_cipher_format:suite_definition(Suite) 
 			     end, Value)} 
 		     | Acc]);
 ssl_options_list([Key | Keys], [Value | Values], Acc) ->
@@ -2920,7 +2924,7 @@ erl_dist_stop_reason(
   Reason, #state{ssl_options = #ssl_options{erl_dist = true}}) ->
     case Reason of
         normal ->
-            %% We can not exit with normal since that will not bring
+            %% We cannot exit with normal since that will not bring
             %% down the rest of the distribution processes
             {shutdown, normal};
         _ -> Reason