2 files changed, 79 insertions, 16 deletions

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 9633800da5..37fe83192e 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -2118,15 +2118,21 @@ tls_downgrade(Config) when is_list(Config) ->
 
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
 					{from, self()},
-					{mfa, {?MODULE, tls_downgrade_result, []}},
+					{mfa, {?MODULE, tls_downgrade_result, [self()]}},
 					{options, [{active, false} | ServerOpts]}]),
     Port = ssl_test_lib:inet_port(Server),
     Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
 					{host, Hostname},
 					{from, self()},
-					{mfa, {?MODULE, tls_downgrade_result, []}},
+					{mfa, {?MODULE, tls_downgrade_result, [self()]}},
 					{options, [{active, false} |ClientOpts]}]),
 
+                                                   
+    ssl_test_lib:check_result(Server, ready, Client, ready),
+
+    Server ! go,
+    Client ! go,
+
     ssl_test_lib:check_result(Server, ok, Client, ok),
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client).
@@ -3980,8 +3986,8 @@ tls_tcp_error_propagation_in_active_mode(Config) when is_list(Config) ->
     {status, _, _, StatusInfo} = sys:get_status(Pid),
     [_, _,_, _, Prop] = StatusInfo,
     State = ssl_test_lib:state(Prop),
-    Socket = element(11, State),
-
+    StaticEnv = element(2, State),
+    Socket = element(10, StaticEnv),
     %% Fake tcp error
     Pid ! {tcp_error, Socket, etimedout},
 
@@ -5176,23 +5182,28 @@ connect_dist_c(S) ->
     {ok, Test} = ssl:recv(S, 0, 10000),
     ok.
 
-tls_downgrade_result(Socket) ->
+tls_downgrade_result(Socket, Pid) ->
     ok = ssl_test_lib:send_recv_result(Socket),
+    Pid ! {self(), ready},
+    receive 
+        go ->
+            ok
+    end,
     case ssl:close(Socket, {self(), 10000})  of
 	{ok, TCPSocket} -> 
-	    inet:setopts(TCPSocket, [{active, true}]),
+            inet:setopts(TCPSocket, [{active, true}]),
 	    gen_tcp:send(TCPSocket, "Downgraded"),
-	    receive 
-		{tcp, TCPSocket, <<"Downgraded">>} ->
-		    ok;
-		{tcp_closed, TCPSocket} ->
-		    ct:pal("Peer timed out, downgrade aborted"),
-		    ok;
-		Other ->
-		   {error, Other}
-	    end;
+            receive 
+                {tcp, TCPSocket, <<"Downgraded">>} ->
+	             ok;
+                {tcp_closed, TCPSocket} ->
+                    ct:fail("Peer timed out, downgrade aborted"),
+	            ok;
+	        Other ->
+                    {error, Other}
+            end;
 	{error, timeout} ->
-	    ct:pal("Timed out, downgrade aborted"),
+	    ct:fail("Timed out, downgrade aborted"),
 	    ok;
 	Fail ->
 	    {error, Fail}
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index 5a38f5f9c1..3c8b25b912 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -91,6 +91,7 @@ all_versions_tests() ->
      erlang_server_openssl_client_anon_with_cert,
      erlang_server_openssl_client_reuse_session,
      erlang_client_openssl_server_renegotiate,
+     erlang_client_openssl_server_renegotiate_after_client_data,
      erlang_client_openssl_server_nowrap_seqnum,
      erlang_server_openssl_client_nowrap_seqnum,
      erlang_client_openssl_server_no_server_ca_cert,
@@ -800,6 +801,51 @@ erlang_client_openssl_server_renegotiate(Config) when is_list(Config) ->
     ssl_test_lib:close(Client),
      process_flag(trap_exit, false),
     ok.
+%%--------------------------------------------------------------------
+erlang_client_openssl_server_renegotiate_after_client_data() ->
+    [{doc,"Test erlang client when openssl server issuses a renegotiate after reading client data"}].
+erlang_client_openssl_server_renegotiate_after_client_data(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
+    ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+
+    {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
+
+    ErlData = "From erlang to openssl",
+    OpenSslData = "From openssl to erlang",
+
+    Port = ssl_test_lib:inet_port(node()),
+    CertFile = proplists:get_value(certfile, ServerOpts),
+    KeyFile = proplists:get_value(keyfile, ServerOpts),
+    Version = ssl_test_lib:protocol_version(Config),
+
+    Exe = "openssl",
+    Args = ["s_server", "-accept", integer_to_list(Port),
+            ssl_test_lib:version_flag(Version),
+            "-cert", CertFile, "-key", KeyFile, "-msg"],
+
+    OpensslPort =  ssl_test_lib:portable_open_port(Exe, Args),
+
+    ssl_test_lib:wait_for_openssl_server(Port, proplists:get_value(protocol, Config)),
+
+    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+                                        {host, Hostname},
+                                        {from, self()},
+                                        {mfa, {?MODULE,
+                                               send_wait_send, [[ErlData, OpenSslData]]}},
+                                         {options, ClientOpts}]),
+
+    true = port_command(OpensslPort, ?OPENSSL_RENEGOTIATE),
+    ct:sleep(?SLEEP),
+    true = port_command(OpensslPort, OpenSslData),
+
+    ssl_test_lib:check_result(Client, ok),
+
+     %% Clean close down!   Server needs to be closed first !!
+    ssl_test_lib:close_port(OpensslPort),
+    ssl_test_lib:close(Client),
+     process_flag(trap_exit, false),
+    ok.
 
 %%--------------------------------------------------------------------
 
@@ -1924,6 +1970,12 @@ server_sent_garbage(Socket) ->
 	    {error, closed} == ssl:send(Socket, "data")
 	    
     end.
+
+send_wait_send(Socket, [ErlData, OpenSslData]) ->
+    ssl:send(Socket, ErlData),
+    ct:sleep(?SLEEP),
+    ssl:send(Socket, ErlData),
+    erlang_ssl_receive(Socket, OpenSslData).
     
 check_openssl_sni_support(Config) ->
     HelpText = os:cmd("openssl s_client --help"),