1 files changed, 67 insertions, 26 deletions
diff --git a/lib/ssl/test/ssl_pem_cache_SUITE.erl b/lib/ssl/test/ssl_pem_cache_SUITE.erl
index 843079e2fe..25d2cb300d 100644
--- a/lib/ssl/test/ssl_pem_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_pem_cache_SUITE.erl
@@ -1,18 +1,19 @@
 %%
 %% %CopyrightBegin%
 %%
-%% Copyright Ericsson AB 2015-2015. All Rights Reserved.
+%% Copyright Ericsson AB 2015-2018. All Rights Reserved.
 %%
-%% The contents of this file are subject to the Erlang Public License,
-%% Version 1.1, (the "License"); you may not use this file except in
-%% compliance with the License. You should have received a copy of the
-%% Erlang Public License along with this software. If not, it can be
-%% retrieved online at http://www.erlang.org/.2
+%% Licensed under the Apache License, Version 2.0 (the "License");
+%% you may not use this file except in compliance with the License.
+%% You may obtain a copy of the License at
 %%
-%% Software distributed under the License is distributed on an "AS IS"
-%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-%% the License for the specific language governing rights and limitations
-%% under the License.
+%%     http://www.apache.org/licenses/LICENSE-2.0
+%%
+%% Unless required by applicable law or agreed to in writing, software
+%% distributed under the License is distributed on an "AS IS" BASIS,
+%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+%% See the License for the specific language governing permissions and
+%% limitations under the License.
 %%
 %% %CopyrightEnd%
 %%
@@ -33,7 +34,7 @@
 %% Common Test interface functions -----------------------------------
 %%--------------------------------------------------------------------
 all() ->
-    [pem_cleanup].
+    [pem_cleanup, invalid_insert].
 
 groups() ->
     [].
@@ -42,13 +43,10 @@ init_per_suite(Config0) ->
     catch crypto:stop(),
     try crypto:start() of
 	ok ->
-	    ssl:start(),
+	    ssl_test_lib:clean_start(),
 	    %% make rsa certs using oppenssl
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config0),
-				      ?config(priv_dir, Config0))),
-	    ct:log("Make certs  ~p~n", [Result]),
-
+	    {ok, _} =  make_certs:all(proplists:get_value(data_dir, Config0),
+				      proplists:get_value(priv_dir, Config0)),
 	    Config1 = ssl_test_lib:make_dsa_cert(Config0),
 	    ssl_test_lib:cert_options(Config1)
     catch _:_ ->
@@ -64,15 +62,21 @@ init_per_group(_GroupName, Config) ->
 end_per_group(_GroupName, Config) ->
     Config.
 
-init_per_testcase(pem_cleanup, Config) ->
-    ssl:stop(),
+init_per_testcase(pem_cleanup = Case, Config) ->
     application:load(ssl),
+    end_per_testcase(Case, Config) ,
     application:set_env(ssl, ssl_pem_cache_clean, ?CLEANUP_INTERVAL),
     ssl:start(),
+    ct:timetrap({minutes, 1}),
+    Config;
+init_per_testcase(_, Config) ->
+    ssl:start(),
+    ct:timetrap({seconds, 5}),
     Config.
 
 end_per_testcase(_TestCase, Config) ->
-    %%ssl:stop(),
+    ssl_test_lib:clean_env(),
+    ssl:stop(),
     Config.
 
 %%--------------------------------------------------------------------
@@ -82,8 +86,8 @@ pem_cleanup() ->
     [{doc, "Test pem cache invalidate mechanism"}].
 pem_cleanup(Config)when is_list(Config) ->
     process_flag(trap_exit, true),
-    ClientOpts = ?config(client_opts, Config),
-    ServerOpts = ?config(server_opts, Config),
+    ClientOpts = proplists:get_value(client_verification_opts, Config),
+    ServerOpts = proplists:get_value(server_verification_opts, Config),
     {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
 
     Server =
@@ -108,18 +112,55 @@ pem_cleanup(Config)when is_list(Config) ->
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client),
     false = Size == Size1.
-       
+
+invalid_insert() ->
+    [{doc, "Test that insert of invalid pem does not cause empty cache entry"}].
+invalid_insert(Config)when is_list(Config) ->      
+    process_flag(trap_exit, true),
+    
+    ClientOpts = proplists:get_value(client_verification_opts, Config),
+    ServerOpts = proplists:get_value(server_verification_opts, Config),
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+    BadClientOpts = [{cacertfile, "tmp/does_not_exist.pem"} | proplists:delete(cacertfile, ClientOpts)],
+    Server =
+	ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+				   {from, self()},
+				   {mfa, {ssl_test_lib, no_result, []}},
+				   {options, ServerOpts}]),
+    Port = ssl_test_lib:inet_port(Server),
+    ssl_test_lib:start_client_error([{node, ClientNode},
+                               {port, Port}, {host, Hostname},
+                               {from, self()}, {options, BadClientOpts}]),
+    ssl_test_lib:close(Server),
+    1 = ssl_pkix_db:db_size(get_fileref_db()).
+
+
+
+%%--------------------------------------------------------------------
+%% Internal funcations 
+%%--------------------------------------------------------------------
+
 get_pem_cache() ->
     {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
     [_, _,_, _, Prop] = StatusInfo,
     State = ssl_test_lib:state(Prop),
-    case element(5, State) of
-	[_CertDb, _FileRefDb, PemChace] ->
-	    PemChace;
+    case element(6, State) of
+	[_CertDb, _FileRefDb, PemCache| _] ->
+	    PemCache;
 	_ ->
 	    undefined
     end.
 
+get_fileref_db() ->
+    {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
+    [_, _,_, _, Prop] = StatusInfo,
+    State = ssl_test_lib:state(Prop),
+    case element(6, State) of
+	[_CertDb, {FileRefDb,_} | _] ->
+	    FileRefDb;
+	_ ->
+	    undefined
+    end.
 later()->
     DateTime = calendar:now_to_local_time(os:timestamp()), 
     Gregorian = calendar:datetime_to_gregorian_seconds(DateTime),