2 files changed, 56 insertions, 9 deletions

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 5cedde5d27..10bbd4d88b 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -156,7 +156,10 @@ cipher_tests() ->
      anonymous_cipher_suites,
      psk_cipher_suites,
      psk_with_hint_cipher_suites,
+     psk_anon_cipher_suites,
+     psk_anon_with_hint_cipher_suites,
      srp_cipher_suites,
+     srp_anon_cipher_suites,
      srp_dsa_cipher_suites,
      default_reject_anonymous].
 
@@ -1594,6 +1597,20 @@ psk_with_hint_cipher_suites(Config) when is_list(Config) ->
     Ciphers = ssl_test_lib:psk_suites(),
     run_suites(Ciphers, Version, Config, psk_with_hint).
 %%-------------------------------------------------------------------
+psk_anon_cipher_suites() ->
+    [{doc, "Test the anonymous PSK ciphersuites WITHOUT server supplied identity hint"}].
+psk_anon_cipher_suites(Config) when is_list(Config) ->
+    Version = ssl_record:protocol_version(ssl_record:highest_protocol_version([])),
+    Ciphers = ssl_test_lib:psk_anon_suites(),
+    run_suites(Ciphers, Version, Config, psk_anon).
+%%-------------------------------------------------------------------
+psk_anon_with_hint_cipher_suites()->
+    [{doc, "Test the anonymous PSK ciphersuites WITH server supplied identity hint"}].
+psk_anon_with_hint_cipher_suites(Config) when is_list(Config) ->
+    Version = ssl_record:protocol_version(ssl_record:highest_protocol_version([])),
+    Ciphers = ssl_test_lib:psk_anon_suites(),
+    run_suites(Ciphers, Version, Config, psk_anon_with_hint).
+%%-------------------------------------------------------------------
 srp_cipher_suites()->
     [{doc, "Test the SRP ciphersuites"}].
 srp_cipher_suites(Config) when is_list(Config) ->
@@ -1601,6 +1618,13 @@ srp_cipher_suites(Config) when is_list(Config) ->
     Ciphers = ssl_test_lib:srp_suites(),
     run_suites(Ciphers, Version, Config, srp).
 %%-------------------------------------------------------------------
+srp_anon_cipher_suites()->
+    [{doc, "Test the anonymous SRP ciphersuites"}].
+srp_anon_cipher_suites(Config) when is_list(Config) ->
+    Version = ssl_record:protocol_version(ssl_record:highest_protocol_version([])),
+    Ciphers = ssl_test_lib:srp_anon_suites(),
+    run_suites(Ciphers, Version, Config, srp_anon).
+%%-------------------------------------------------------------------
 srp_dsa_cipher_suites()->
     [{doc, "Test the SRP DSA ciphersuites"}].
 srp_dsa_cipher_suites(Config) when is_list(Config) ->
@@ -3151,9 +3175,18 @@ run_suites(Ciphers, Version, Config, Type) ->
 	    psk_with_hint ->
 		{?config(client_psk, Config),
 		 ?config(server_psk_hint, Config)};
+	    psk_anon ->
+		{?config(client_psk, Config),
+		 ?config(server_psk_anon, Config)};
+	    psk_anon_with_hint ->
+		{?config(client_psk, Config),
+		 ?config(server_psk_anon_hint, Config)};
 	    srp ->
 		{?config(client_srp, Config),
 		 ?config(server_srp, Config)};
+	    srp_anon ->
+		{?config(client_srp, Config),
+		 ?config(server_srp_anon, Config)};
 	    srp_dsa ->
 		{?config(client_srp_dsa, Config),
 		 ?config(server_srp_dsa, Config)}
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index d655d7659e..e4fedcd118 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -339,12 +339,22 @@ cert_options(Config) ->
 			{psk_identity, "HINT"},
 			{user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
 			{ciphers, psk_suites()}]},
+     {server_psk_anon, [{ssl_imp, new},{reuseaddr, true},
+			{user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
+			{ciphers, psk_anon_suites()}]},
+     {server_psk_anon_hint, [{ssl_imp, new},{reuseaddr, true},
+			     {psk_identity, "HINT"},
+			     {user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
+			     {ciphers, psk_anon_suites()}]},
      {client_srp, [{ssl_imp, new},{reuseaddr, true},
 		   {srp_identity, {"Test-User", "secret"}}]},
      {server_srp, [{ssl_imp, new},{reuseaddr, true},
 		   {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 		   {user_lookup_fun, {fun user_lookup/3, undefined}},
 		   {ciphers, srp_suites()}]},
+     {server_srp_anon, [{ssl_imp, new},{reuseaddr, true},
+			{user_lookup_fun, {fun user_lookup/3, undefined}},
+			{ciphers, srp_anon_suites()}]},
      {server_verification_opts, [{ssl_imp, new},{reuseaddr, true}, 
 		    {cacertfile, ServerCaCertFile},
 		    {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
@@ -711,6 +721,12 @@ anonymous_suites() ->
      {dh_anon, aes_256_cbc, sha}].
 
 psk_suites() ->
+    [{rsa_psk, rc4_128, sha},
+     {rsa_psk, '3des_ede_cbc', sha},
+     {rsa_psk, aes_128_cbc, sha},
+     {rsa_psk, aes_256_cbc, sha}].
+
+psk_anon_suites() ->
     [{psk, rc4_128, sha},
      {psk, '3des_ede_cbc', sha},
      {psk, aes_128_cbc, sha},
@@ -718,20 +734,18 @@ psk_suites() ->
      {dhe_psk, rc4_128, sha},
      {dhe_psk, '3des_ede_cbc', sha},
      {dhe_psk, aes_128_cbc, sha},
-     {dhe_psk, aes_256_cbc, sha},
-     {rsa_psk, rc4_128, sha},
-     {rsa_psk, '3des_ede_cbc', sha},
-     {rsa_psk, aes_128_cbc, sha},
-     {rsa_psk, aes_256_cbc, sha}].
+     {dhe_psk, aes_256_cbc, sha}].
 
 srp_suites() ->
-    [{srp_anon, '3des_ede_cbc', sha},
-     {srp_rsa, '3des_ede_cbc', sha},
-     {srp_anon, aes_128_cbc, sha},
+    [{srp_rsa, '3des_ede_cbc', sha},
      {srp_rsa, aes_128_cbc, sha},
-     {srp_anon, aes_256_cbc, sha},
      {srp_rsa, aes_256_cbc, sha}].
 
+srp_anon_suites() ->
+    [{srp_anon, '3des_ede_cbc', sha},
+     {srp_anon, aes_128_cbc, sha},
+     {srp_anon, aes_256_cbc, sha}].
+
 srp_dss_suites() ->
     [{srp_dss, '3des_ede_cbc', sha},
      {srp_dss, aes_128_cbc, sha},