1 files changed, 60 insertions, 34 deletions

diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 150b5037d7..d2e6e41482 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -450,7 +450,7 @@ make_ecdsa_cert(Config) ->
 				  {cacertfile, ServerCaCertFile},
 				  {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
 	     {server_ecdsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
-					 {cacertfile, ClientCaCertFile},
+					 {cacertfile, ServerCaCertFile},
 					 {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 					 {verify, verify_peer}]},
 	     {client_ecdsa_opts, [{ssl_imp, new},{reuseaddr, true},
@@ -475,7 +475,7 @@ make_ecdh_rsa_cert(Config) ->
 				     {cacertfile, ServerCaCertFile},
 				     {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
 	     {server_ecdh_rsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
-					    {cacertfile, ClientCaCertFile},
+					    {cacertfile, ServerCaCertFile},
 					    {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 					    {verify, verify_peer}]},
 	     {client_ecdh_rsa_opts, [{ssl_imp, new},{reuseaddr, true},
@@ -811,48 +811,34 @@ openssl_rsa_suites(CounterPart) ->
 		false ->
 		    "DSS | ECDHE | ECDH"
 		end,
-    lists:filter(fun(Str) ->
-			 case re:run(Str, Names,[]) of
-			     nomatch ->
-				 false;
-			     _ ->
-				 true
-			 end 
-		     end, Ciphers).
+    lists:filter(fun(Str) -> string_regex_filter(Str, Names)
+		 end, Ciphers).
 
 openssl_dsa_suites() ->
     Ciphers = ssl:cipher_suites(openssl),
-    lists:filter(fun(Str) ->
-			 case re:run(Str,"DSS",[]) of
-			     nomatch ->
-				 false;
-			     _ ->
-				 true
-			 end 
+    lists:filter(fun(Str) -> string_regex_filter(Str, "DSS")
 		 end, Ciphers).
 
 openssl_ecdsa_suites() ->
     Ciphers = ssl:cipher_suites(openssl),
-    lists:filter(fun(Str) ->
-			 case re:run(Str,"ECDHE-ECDSA",[]) of
-			     nomatch ->
-				 false;
-			     _ ->
-				 true
-			 end
+    lists:filter(fun(Str) -> string_regex_filter(Str, "ECDHE-ECDSA")
 		 end, Ciphers).
 
 openssl_ecdh_rsa_suites() ->
     Ciphers = ssl:cipher_suites(openssl),
-    lists:filter(fun(Str) ->
-			 case re:run(Str,"ECDH-RSA",[]) of
-			     nomatch ->
-				 false;
-			     _ ->
-				 true
-			 end
+    lists:filter(fun(Str) -> string_regex_filter(Str, "ECDH-RSA")
 		 end, Ciphers).
 
+string_regex_filter(Str, Search) when is_list(Str) ->
+    case re:run(Str, Search, []) of
+	nomatch ->
+	    false;
+	_ ->
+	    true
+    end;
+string_regex_filter(Str, _Search) ->
+    false.
+
 anonymous_suites() ->
     Suites =
 	[{dh_anon, rc4_128, md5},
@@ -860,6 +846,8 @@ anonymous_suites() ->
 	 {dh_anon, '3des_ede_cbc', sha},
 	 {dh_anon, aes_128_cbc, sha},
 	 {dh_anon, aes_256_cbc, sha},
+	 {dh_anon, aes_128_gcm, null},
+	 {dh_anon, aes_256_gcm, null},
 	 {ecdh_anon,rc4_128,sha},
 	 {ecdh_anon,'3des_ede_cbc',sha},
 	 {ecdh_anon,aes_128_cbc,sha},
@@ -885,8 +873,13 @@ psk_suites() ->
 	 {rsa_psk, aes_128_cbc, sha},
 	 {rsa_psk, aes_256_cbc, sha},
 	 {rsa_psk, aes_128_cbc, sha256},
-	 {rsa_psk, aes_256_cbc, sha384}
-],
+	 {rsa_psk, aes_256_cbc, sha384},
+	 {psk, aes_128_gcm, null},
+	 {psk, aes_256_gcm, null},
+	 {dhe_psk, aes_128_gcm, null},
+	 {dhe_psk, aes_256_gcm, null},
+	 {rsa_psk, aes_128_gcm, null},
+	 {rsa_psk, aes_256_gcm, null}],
     ssl_cipher:filter_suites(Suites).
 
 psk_anon_suites() ->
@@ -1130,9 +1123,42 @@ version_flag(sslv3) ->
 filter_suites(Ciphers0) ->
     Version = tls_record:highest_protocol_version([]),
     Supported0 = ssl_cipher:suites(Version)
-	++ ssl_cipher:anonymous_suites()
+	++ ssl_cipher:anonymous_suites(Version)
 	++ ssl_cipher:psk_suites(Version)
 	++ ssl_cipher:srp_suites(),
     Supported1 = ssl_cipher:filter_suites(Supported0),
     Supported2 = [ssl:suite_definition(S) || S <- Supported1],
     [Cipher || Cipher <- Ciphers0, lists:member(Cipher, Supported2)].
+
+-define(OPENSSL_QUIT, "Q\n").
+close_port(Port) ->
+    catch port_command(Port, ?OPENSSL_QUIT),
+    close_loop(Port, 500, false).
+
+close_loop(Port, Time, SentClose) ->
+    receive 
+	{Port, {data,Debug}} when is_port(Port) ->
+	    ct:log("openssl ~s~n",[Debug]),
+	    close_loop(Port, Time, SentClose);	
+	{ssl,_,Msg} ->
+	    ct:log("ssl Msg ~s~n",[Msg]),
+	    close_loop(Port, Time, SentClose);	
+	{Port, closed} -> 
+	    ct:log("Port Closed~n",[]),
+	    ok;
+	{'EXIT', Port, Reason} ->
+	    ct:log("Port Closed ~p~n",[Reason]),
+	    ok;
+	Msg ->
+	    ct:log("Port Msg ~p~n",[Msg]),
+	    close_loop(Port, Time, SentClose)
+    after Time ->
+	    case SentClose of
+		false -> 
+		    ct:log("Closing port ~n",[]),
+		    catch erlang:port_close(Port),
+		    close_loop(Port, Time, true);
+		true ->
+		    ct:log("Timeout~n",[])
+	    end
+    end.