2 files changed, 29 insertions, 11 deletions

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 162c63850f..e8fb25e0e4 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -108,7 +108,8 @@ basic_tests() ->
      clear_pem_cache,
      defaults,
      fallback,
-     cipher_format
+     cipher_format,
+     suite_to_str
     ].
 
 basic_tests_tls() ->
@@ -1227,7 +1228,27 @@ cipher_format(Config) when is_list(Config) ->
     ssl:close(Socket1),
     {ok, Socket2} = ssl:listen(0, [{ciphers, ssl:cipher_suites(openssl)}]),
     ssl:close(Socket2).
-   
+
+%%--------------------------------------------------------------------
+suite_to_str() ->
+    [{doc, "Test that the suite_to_str API works"}].
+suite_to_str(Config) when is_list(Config) ->
+    "TLS_EMPTY_RENEGOTIATION_INFO_SCSV" =
+        ssl:suite_to_str(#{key_exchange => null,
+                           cipher => null,
+                           mac => null,
+                           prf => null}),
+    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" =
+        ssl:suite_to_str(#{key_exchange => ecdhe_ecdsa,
+                           cipher => aes_128_gcm,
+                           mac => aead,
+                           prf => sha256}),
+    "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256" =
+        ssl:suite_to_str(#{key_exchange => ecdh_rsa,
+                           cipher => aes_128_cbc,
+                           mac => sha256,
+                           prf => sha256}).
+
 %%--------------------------------------------------------------------
 
 peername() ->
diff --git a/lib/ssl/test/ssl_dist_bench_SUITE.erl b/lib/ssl/test/ssl_dist_bench_SUITE.erl
index f827ea12bb..3c7904cf24 100644
--- a/lib/ssl/test/ssl_dist_bench_SUITE.erl
+++ b/lib/ssl/test/ssl_dist_bench_SUITE.erl
@@ -117,19 +117,14 @@ init_per_suite(Config) ->
                   ?MODULE_STRING ++ " ROOT CA", CertOptions),
             SSLConf =
                 [{verify, verify_peer},
-                 {fail_if_no_peer_cert, true},
                  {versions, [TLSVersion]},
                  {ciphers, [TLSCipher]}],
             ServerConf =
-                [{verify_fun,
-                  {fun inet_tls_dist:verify_client/3,
-                   fun inet_tls_dist:cert_nodes/1}}
-                 | SSLConf],
-            ClientConf =
-                [{verify_fun,
-                  {fun inet_tls_dist:verify_server/3,
-                   fun inet_tls_dist:cert_nodes/1}}
+                [{fail_if_no_peer_cert, true},
+                 {verify_fun,
+                  {fun inet_tls_dist:verify_client/3,[]}}
                  | SSLConf],
+            ClientConf = SSLConf,
             %%
             write_node_conf(
               NodeAConfFile, NodeA, ServerConf, ClientConf,
@@ -291,6 +286,8 @@ roundtrip(A, B, Prefix, HA, HB) ->
     Rounds = 40000,
     [] = ssl_apply(HA, erlang, nodes, []),
     [] = ssl_apply(HB, erlang, nodes, []),
+    ok = ssl_apply(HA, net_kernel, allow, [[B]]),
+    ok = ssl_apply(HB, net_kernel, allow, [[A]]),
     Time = ssl_apply(HA, fun () -> roundtrip_runner(A, B, Rounds) end),
     [B] = ssl_apply(HA, erlang, nodes, []),
     [A] = ssl_apply(HB, erlang, nodes, []),