5 files changed, 353 insertions, 49 deletions
diff --git a/lib/ssl/test/ssl_ECC_SUITE.erl b/lib/ssl/test/ssl_ECC_SUITE.erl
index 85152fda22..3a9f21ea99 100644
--- a/lib/ssl/test/ssl_ECC_SUITE.erl
+++ b/lib/ssl/test/ssl_ECC_SUITE.erl
@@ -46,7 +46,7 @@ groups() ->
      {'tlsv1', [], all_versions_groups()},
      {'erlang_server', [], key_cert_combinations()},
      {'erlang_client', [], key_cert_combinations()},
-     {'erlang', [], key_cert_combinations()}
+     {'erlang', [], key_cert_combinations() ++ misc()}
     ].
 
 all_versions_groups ()->
@@ -65,6 +65,9 @@ key_cert_combinations() ->
      client_rsa_server_ecdsa
     ].
 
+misc()->
+    [client_ecdsa_server_ecdsa_with_raw_key].
+
 %%--------------------------------------------------------------------
 init_per_suite(Config0) ->
     end_per_suite(Config0),
@@ -189,6 +192,32 @@ client_rsa_server_ecdsa(Config)  when is_list(Config) ->
     SOpts = ?config(server_ecdsa_verify_opts, Config),
     basic_test(COpts, SOpts, Config).
 
+client_ecdsa_server_ecdsa_with_raw_key(Config)  when is_list(Config) ->
+    COpts =  ?config(client_ecdsa_opts, Config),
+    SOpts = ?config(server_ecdsa_verify_opts, Config),
+    ServerCert = proplists:get_value(certfile, SOpts),
+    ServerKeyFile = proplists:get_value(keyfile, SOpts),
+    {ok, PemBin} = file:read_file(ServerKeyFile),
+    PemEntries = public_key:pem_decode(PemBin),
+    {'ECPrivateKey', Key, not_encrypted} = proplists:lookup('ECPrivateKey', PemEntries),
+    ServerKey = {'ECPrivateKey', Key},
+    ServerCA = proplists:get_value(cacertfile, SOpts),
+    ClientCert = proplists:get_value(certfile, COpts),
+    ClientKey = proplists:get_value(keyfile, COpts),
+    ClientCA = proplists:get_value(cacertfile, COpts),
+    SType = ?config(server_type, Config),
+    CType = ?config(client_type, Config),
+    {Server, Port} = start_server_with_raw_key(SType,
+				  ClientCA, ServerCA,
+				  ServerCert,
+				  ServerKey,
+				  Config),
+    Client = start_client(CType, Port, ServerCA, ClientCA,
+			  ClientCert,
+			  ClientKey, Config),
+    check_result(Server, SType, Client, CType),
+    close(Server, Client).
+
 %%--------------------------------------------------------------------
 %% Internal functions ------------------------------------------------
 %%--------------------------------------------------------------------
@@ -247,9 +276,7 @@ start_server(openssl, CA, OwnCa, Cert, Key, Config) ->
     OpenSslPort =  open_port({spawn, Cmd}, [stderr_to_stdout]),
     true = port_command(OpenSslPort, "Hello world"),
     {OpenSslPort, Port};
-
 start_server(erlang, CA, _, Cert, Key, Config) ->
-
     {_, ServerNode, _} = ssl_test_lib:run_where(Config),
     Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
 			       {from, self()},
@@ -260,6 +287,17 @@ start_server(erlang, CA, _, Cert, Key, Config) ->
 				[{verify, verify_peer}, {cacertfile, CA},
 				 {certfile, Cert}, {keyfile, Key}]}]),
     {Server, ssl_test_lib:inet_port(Server)}.
+start_server_with_raw_key(erlang, CA, _, Cert, Key, Config) ->
+    {_, ServerNode, _} = ssl_test_lib:run_where(Config),
+    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+			       {from, self()},
+			       {mfa, {ssl_test_lib,
+				      send_recv_result_active,
+				      []}},
+			       {options,
+				[{verify, verify_peer}, {cacertfile, CA},
+				 {certfile, Cert}, {key, Key}]}]),
+    {Server, ssl_test_lib:inet_port(Server)}.
 
 check_result(Server, erlang, Client, erlang) ->
     ssl_test_lib:check_result(Server, ok, Client, ok);
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 378f42c2ee..6f6107de2c 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -129,6 +129,8 @@ api_tests() ->
      controlling_process,
      upgrade,
      upgrade_with_timeout,
+     downgrade,
+     close_with_timeout,
      shutdown,
      shutdown_write,
      shutdown_both,
@@ -320,7 +322,8 @@ init_per_testcase(rizzo, Config) ->
     Config;
 
 init_per_testcase(TestCase, Config) when TestCase == ssl_accept_timeout;
-					 TestCase == client_closes_socket ->
+					 TestCase == client_closes_socket;
+					 TestCase == downgrade ->
     ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
     ct:timetrap({seconds, 15}),
     Config;
@@ -1408,6 +1411,53 @@ upgrade_with_timeout(Config) when is_list(Config) ->
     ssl_test_lib:close(Client).
 
 %%--------------------------------------------------------------------
+downgrade() ->
+      [{doc,"Test that you can downgarde an ssl connection to an tcp connection"}].
+downgrade(Config) when is_list(Config) -> 
+    ClientOpts = ?config(client_opts, Config),
+    ServerOpts = ?config(server_opts, Config),
+    
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+					{from, self()},
+					{mfa, {?MODULE, tls_downgrade, []}},
+					{options, [{active, false} | ServerOpts]}]),
+    Port = ssl_test_lib:inet_port(Server),
+    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+					{host, Hostname},
+					{from, self()},
+					{mfa, {?MODULE, tls_downgrade, []}},
+					{options, [{active, false} |ClientOpts]}]),
+
+    ssl_test_lib:check_result(Server, ok, Client, ok),
+    ssl_test_lib:close(Server),
+    ssl_test_lib:close(Client).
+
+%%--------------------------------------------------------------------
+close_with_timeout() ->
+      [{doc,"Test normal (not downgrade) ssl:close/2"}].
+close_with_timeout(Config) when is_list(Config) -> 
+    ClientOpts = ?config(client_opts, Config),
+    ServerOpts = ?config(server_opts, Config),
+    
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+					{from, self()},
+					{mfa, {?MODULE, tls_close, []}},
+					{options,[{active, false} | ServerOpts]}]),
+    Port = ssl_test_lib:inet_port(Server),
+    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+					{host, Hostname},
+					{from, self()},
+					{mfa, {?MODULE, tls_close, []}},
+					{options, [{active, false} |ClientOpts]}]),
+
+    ssl_test_lib:check_result(Server, ok, Client, ok).
+
+
+%%--------------------------------------------------------------------
 tcp_connect() ->
     [{doc,"Test what happens when a tcp tries to connect, i,e. a bad (ssl) packet is sent first"}].
 
@@ -3931,6 +3981,33 @@ connect_dist_c(S) ->
     {ok, Test} = ssl:recv(S, 0, 10000),
     ok.
 
+tls_downgrade(Socket) ->
+    ok = ssl_test_lib:send_recv_result(Socket),
+    case ssl:close(Socket, {self(), 10000})  of
+	{ok, TCPSocket} -> 
+	    inet:setopts(TCPSocket, [{active, true}]),
+	    gen_tcp:send(TCPSocket, "Downgraded"),
+	    receive 
+		{tcp, TCPSocket, <<"Downgraded">>} ->
+		    ok;
+		{tcp_closed, TCPSocket} ->
+		    ct:pal("Peer timed out, downgrade aborted"),
+		    ok;
+		Other ->
+		   {error, Other}
+	    end;
+	{error, timeout} ->
+	    ct:pal("Timed out, downgrade aborted"),
+	    ok;
+	Fail ->
+	    {error, Fail}
+    end.
+
+tls_close(Socket) ->
+    ok = ssl_test_lib:send_recv_result(Socket),
+    ok = ssl:close(Socket, 5000).
+    
+
  %% First two clauses handles 1/n-1 splitting countermeasure Rizzo/Duong-Beast
 treashold(N, {3,0}) ->
     (N div 2) + 1;
diff --git a/lib/ssl/test/ssl_session_cache_SUITE.erl b/lib/ssl/test/ssl_session_cache_SUITE.erl
index 8ddc5db4b2..924898f6fa 100644
--- a/lib/ssl/test/ssl_session_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_session_cache_SUITE.erl
@@ -45,7 +45,8 @@
 all() ->
     [session_cleanup,
      session_cache_process_list,
-     session_cache_process_mnesia].
+     session_cache_process_mnesia,
+     client_unique_session].
 
 groups() ->
     [].
@@ -90,8 +91,8 @@ init_per_testcase(session_cleanup, Config) ->
     ct:timetrap({seconds, 20}),
     Config;
 
-init_per_testcase(_TestCase, Config) ->
-    ct:timetrap({seconds, 5}),
+init_per_testcase(client_unique_session, Config) ->
+    ct:timetrap({seconds, 20}),
     Config.
 
 init_customized_session_cache(Type, Config) ->
@@ -131,10 +132,40 @@ end_per_testcase(_, Config) ->
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------
+client_unique_session() ->
+    [{doc, "Test session table does not grow when client "
+      "sets up many connections"}].
+client_unique_session(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
+    ClientOpts = ?config(client_opts, Config),
+    ServerOpts = ?config(server_opts, Config),
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+    Server =
+	ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+				   {from, self()},
+				   {mfa, {ssl_test_lib, no_result, []}},
+				   {tcp_options, [{active, false}]},
+				   {options, ServerOpts}]),
+    Port = ssl_test_lib:inet_port(Server),
+    LastClient = clients_start(Server, 
+			    ClientNode, Hostname, Port, ClientOpts, 20),
+    receive 
+	{LastClient, {ok, _}} ->
+	    ok
+    end,
+    {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
+    [_, _,_, _, Prop] = StatusInfo,
+    State = ssl_test_lib:state(Prop),
+    ClientCache = element(2, State),
+    1 = ets:info(ClientCache, size),
+  
+    ssl_test_lib:close(Server, 500),
+    ssl_test_lib:close(LastClient).
+		
 session_cleanup() ->
     [{doc, "Test that sessions are cleand up eventually, so that the session table "
      "does not grow and grow ..."}].
-session_cleanup(Config)when is_list(Config) ->
+session_cleanup(Config) when is_list(Config) ->
     process_flag(trap_exit, true),
     ClientOpts = ?config(client_opts, Config),
     ServerOpts = ?config(server_opts, Config),
@@ -148,9 +179,9 @@ session_cleanup(Config)when is_list(Config) ->
     Port = ssl_test_lib:inet_port(Server),
     Client =
 	ssl_test_lib:start_client([{node, ClientNode},
-		      {port, Port}, {host, Hostname},
+				   {port, Port}, {host, Hostname},
 				   {mfa, {ssl_test_lib, no_result, []}},
-		      {from, self()},  {options, ClientOpts}]),
+				   {from, self()},  {options, ClientOpts}]),
     SessionInfo =
 	receive
 	    {Server, Info} ->
@@ -325,8 +356,8 @@ select_session(Cache, PartialKey) ->
 	mnesia ->
 	    Sel = fun() ->
 			  mnesia:select(Cache,
-					[{{Cache,{PartialKey,'$1'}, '$2'},
-					  [],['$$']}])
+					[{{Cache,{PartialKey,'_'}, '$1'},
+					  [],['$1']}])
 		  end,
 	    {atomic, Res} = mnesia:transaction(Sel),
 	    Res
@@ -354,8 +385,8 @@ session_loop(Sess) ->
 	    Pid ! {self(), Res},
 	    session_loop(Sess);
 	{Pid,select_session,PKey} ->
-	    Sel = fun({{PKey0, Id},Session}, Acc) when PKey == PKey0 ->
-			  [[Id, Session]|Acc];
+	    Sel = fun({{PKey0, _Id},Session}, Acc) when PKey == PKey0 ->
+			  [Session | Acc];
 		     (_,Acc) ->
 			  Acc
 		  end,
@@ -370,3 +401,23 @@ session_loop(Sess) ->
 
 session_cache_process(_Type,Config) when is_list(Config) ->
     ssl_basic_SUITE:reuse_session(Config).
+
+
+clients_start(_Server, ClientNode, Hostname, Port, ClientOpts, 0) ->
+    %% Make sure session is registered
+    ct:sleep(?SLEEP * 2),
+    ssl_test_lib:start_client([{node, ClientNode},
+			       {port, Port}, {host, Hostname},
+			       {mfa, {?MODULE, connection_info_result, []}},
+			       {from, self()},  {options, ClientOpts}]);
+clients_start(Server, ClientNode, Hostname, Port, ClientOpts, N) ->
+    spawn_link(ssl_test_lib, start_client, 
+	       [[{node, ClientNode},
+		 {port, Port}, {host, Hostname},
+		 {mfa, {ssl_test_lib, no_result, []}},
+		 {from, self()},  {options, ClientOpts}]]),
+    Server ! listen,
+    clients_start(Server, ClientNode, Hostname, Port, ClientOpts, N-1).
+	
+connection_info_result(Socket) ->
+    ssl:connection_information(Socket, [protocol, cipher_suite]).
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 8317148aa5..f25f6f9425 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -226,6 +226,17 @@ run_client(Opts) ->
 		    ct:log("~p:~p~nClient faild several times: connection failed: ~p ~n", [?MODULE,?LINE, Reason]),
 		    Pid ! {self(), {error, Reason}}
 	    end;
+	{error, econnreset = Reason} ->
+	      case get(retries) of
+		N when N < 5 ->
+		    ct:log("~p:~p~neconnreset retries=~p sleep ~p",[?MODULE,?LINE, N,?SLEEP]),
+		    put(retries, N+1),
+		    ct:sleep(?SLEEP),
+		    run_client(Opts);
+	       _ ->
+		    ct:log("~p:~p~nClient faild several times: connection failed: ~p ~n", [?MODULE,?LINE, Reason]),
+		    Pid ! {self(), {error, Reason}}
+	    end;
 	{error, Reason} ->
 	    ct:log("~p:~p~nClient: connection failed: ~p ~n", [?MODULE,?LINE, Reason]),
 	    Pid ! {connect_failed, Reason};
@@ -241,7 +252,21 @@ close(Pid) ->
     receive
 	{'DOWN', Monitor, process, Pid, Reason} ->
 	    erlang:demonitor(Monitor),
-	    ct:log("~p:~p~nPid: ~p down due to:~p ~n", [?MODULE,?LINE, Pid, Reason])
+	    ct:log("~p:~p~nPid: ~p down due to:~p ~n", [?MODULE,?LINE, Pid, Reason]) 
+		
+    end.
+
+close(Pid, Timeout) ->
+    ct:log("~p:~p~n Close ~p ~n", [?MODULE,?LINE, Pid]),
+    Monitor = erlang:monitor(process, Pid),
+    Pid ! close,
+    receive
+	{'DOWN', Monitor, process, Pid, Reason} ->
+	    erlang:demonitor(Monitor),
+	    ct:log("~p:~p~nPid: ~p down due to:~p ~n", [?MODULE,?LINE, Pid, Reason]) 
+    after 
+	Timeout ->
+	    exit(Pid, kill)
     end.
 
 check_result(Server, ServerMsg, Client, ClientMsg) -> 
@@ -360,7 +385,7 @@ cert_options(Config) ->
     SNIServerAKeyFile = filename:join([?config(priv_dir, Config), "a.server", "key.pem"]),
     SNIServerBCertFile = filename:join([?config(priv_dir, Config), "b.server", "cert.pem"]),
     SNIServerBKeyFile = filename:join([?config(priv_dir, Config), "b.server", "key.pem"]),
-    [{client_opts, [{ssl_imp, new},{reuseaddr, true}]}, 
+    [{client_opts, []}, 
      {client_verification_opts, [{cacertfile, ClientCaCertFile}, 
 				{certfile, ClientCertFile},  
 				{keyfile, ClientKeyFile},
diff --git a/lib/ssl/test/ssl_upgrade_SUITE.erl b/lib/ssl/test/ssl_upgrade_SUITE.erl
index 17b0240fe8..d65bdf6983 100644
--- a/lib/ssl/test/ssl_upgrade_SUITE.erl
+++ b/lib/ssl/test/ssl_upgrade_SUITE.erl
@@ -28,7 +28,8 @@
 	  config,
 	  server,
 	  client,
-	  soft
+	  soft,
+	  result_proxy
 	 }).
 
 all() -> 
@@ -77,45 +78,58 @@ upgrade_init(CTData, #state{config = Config} = State) ->
     {ok, {_, _, Up, _Down}} = ct_release_test:get_appup(CTData, ssl),
     ct:pal("Up: ~p", [Up]),
     Soft = is_soft(Up), %% It is symmetrical, if upgrade is soft so is downgrade  
+    Pid = spawn(?MODULE, result_proxy_init, [[]]),
     case Soft of 
 	true ->
-	    {Server, Client} = soft_start_connection(Config),
+	    {Server, Client} = soft_start_connection(Config, Pid),
 	    State#state{server = Server, client = Client,
-			soft = Soft};
+			soft = Soft,
+			result_proxy = Pid};
 	false ->
-	    State#state{soft = Soft}
+	    State#state{soft = Soft, result_proxy = Pid}
     end.
 
-upgrade_upgraded(_, #state{soft = false, config = Config} = State) -> 
-    {Server, Client} = restart_start_connection(Config),
-    ssl_test_lib:check_result(Server, ok, Client, ok),
+upgrade_upgraded(_, #state{soft = false, config = Config, result_proxy = Pid} = State) ->
+    ct:pal("Restart upgrade ~n", []),
+    {Server, Client} = restart_start_connection(Config, Pid),
+    Result = check_result(Pid, Server, Client),
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client),
+    ok = Result,
     State;
 
 upgrade_upgraded(_, #state{server = Server0, client = Client0,
-			   config = Config, soft = true} = State) -> 
+			   config = Config, soft = true,
+			   result_proxy = Pid} = State) ->
+    ct:pal("Soft upgrade: ~n", []),
     Server0 ! changed_version,
     Client0 ! changed_version,
-    ssl_test_lib:check_result(Server0, ok, Client0, ok),
+    Result = check_result(Pid, Server0, Client0),
     ssl_test_lib:close(Server0),
     ssl_test_lib:close(Client0),
-    {Server, Client} = soft_start_connection(Config),
+    ok = Result,
+    {Server, Client} = soft_start_connection(Config, Pid),
     State#state{server = Server, client = Client}.
 
-upgrade_downgraded(_, #state{soft = false, config = Config} = State) -> 
-    {Server, Client} = restart_start_connection(Config),
-    ssl_test_lib:check_result(Server, ok, Client, ok),
+upgrade_downgraded(_, #state{soft = false, config = Config, result_proxy = Pid} = State) ->
+    ct:pal("Restart downgrade: ~n", []),
+    {Server, Client} = restart_start_connection(Config, Pid),
+    Result = check_result(Pid, Server, Client),
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client),
+    Pid ! stop,
+    ok = Result,
     State;
 
-upgrade_downgraded(_, #state{server = Server, client = Client, soft = true} = State) -> 
+upgrade_downgraded(_, #state{server = Server, client = Client, soft = true, result_proxy = Pid} = State) ->
+    ct:pal("Soft downgrade: ~n", []),
     Server ! changed_version,
     Client ! changed_version,
-    ssl_test_lib:check_result(Server, ok, Client, ok),
+    Result = check_result(Pid, Server, Client),
+    Pid ! stop,
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client),
+    ok = Result,
     State.
 
 use_connection(Socket) ->
@@ -125,36 +139,35 @@ use_connection(Socket) ->
 	    ssl_test_lib:send_recv_result_active(Socket)
     end.
 
-soft_start_connection(Config) ->
+soft_start_connection(Config, ResulProxy) ->
     ClientOpts = ?config(client_verification_opts, Config),
     ServerOpts = ?config(server_verification_opts, Config),
     {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
-    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
-					{from, self()}, 
-					{mfa, {?MODULE, use_connection, []}},
-					{options, ServerOpts}]),
+    Server = start_server([{node, ServerNode}, {port, 0},
+			   {from, ResulProxy},
+			   {mfa, {?MODULE, use_connection, []}},
+			   {options, ServerOpts}]),
     
-    Port = ssl_test_lib:inet_port(Server),
-    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
-					{host, Hostname},
-					{from, self()}, 
-					{mfa, {?MODULE, use_connection, []}},
-					{options, ClientOpts}]),
+    Port = inet_port(ResulProxy, Server),
+    Client = start_client([{node, ClientNode}, {port, Port},
+			   {host, Hostname},
+			   {from, ResulProxy},
+			   {mfa, {?MODULE, use_connection, []}},
+			   {options, ClientOpts}]),
     {Server, Client}.
 
-restart_start_connection(Config) ->
+restart_start_connection(Config, ResulProxy) ->
     ClientOpts = ?config(client_verification_opts, Config),
     ServerOpts = ?config(server_verification_opts, Config),
     {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
-    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, 
-					{from, self()}, 
+    Server = start_server([{node, ServerNode}, {port, 0},
+					{from, ResulProxy},
 					{mfa, {ssl_test_lib, send_recv_result_active, []}},
 					{options, ServerOpts}]),
-    
-    Port = ssl_test_lib:inet_port(Server),
-    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+    Port = inet_port(ResulProxy, Server),
+    Client = start_client([{node, ClientNode}, {port, Port},
 					{host, Hostname},
-					{from, self()}, 
+					{from, ResulProxy},
 					{mfa, {ssl_test_lib, send_recv_result_active, []}},
 					{options, ClientOpts}]),
     {Server, Client}.
@@ -163,3 +176,103 @@ is_soft([{restart_application, ssl}]) ->
     false;
 is_soft(_) ->	
     true.
+
+result_proxy_init(Args) ->
+    result_proxy_loop(Args).
+
+result_proxy_loop(Args) ->
+    receive
+	{Pid, {check_result, Server, Client}} ->
+	    Result = do_check_result(Server, ok, Client, ok),
+	    Pid ! {self(), Result},
+	    result_proxy_loop(Args);
+	{Pid, port, Server} ->
+	    Port = recv_port(Server),
+	    Pid ! Port,
+	    result_proxy_loop(Args);
+	{Pid, listen} ->
+	    recv_listen(),
+	    Pid ! ok,
+	    result_proxy_loop(Args);
+	{Pid, connected} ->
+	    Connected = recv_connected(),
+	     Pid ! Connected,
+	    result_proxy_loop(Args)
+    end.
+
+check_result(Pid, Server, Client) ->
+    Pid ! {self(), {check_result, Server, Client}},
+    receive
+	{Pid, Result} ->
+	    Result
+    end.
+
+do_check_result(Server, ServerMsg, Client, ClientMsg) ->
+    receive
+	{Server, ServerMsg} ->
+	    do_check_result(Client, ClientMsg);
+
+	{Client, ClientMsg} ->
+	    do_check_result(Server, ServerMsg);
+	Unexpected ->
+	    {{expected, {Client, ClientMsg}},
+	     {expected, {Server, ServerMsg}}, {got, Unexpected}}
+    end.
+
+do_check_result(Pid, Msg) ->
+    receive
+	{Pid, Msg} ->
+	    ok;
+	Unexpected ->
+	    {{expected, {Pid, Msg}},
+	     {got, Unexpected}}
+    end.
+
+inet_port(Pid, Server) ->
+    Pid ! {self(), port, Server},
+    receive
+	{port, Port} ->
+	    Port
+    end.
+
+recv_port(Server) ->
+    receive
+	{Server, {port, Port}} ->
+	    {port, Port}
+    end.
+
+recv_connected() ->
+    receive
+	{connected, _Socket} ->
+	    ok;
+	{connect_failed, Reason} ->
+	    {connect_failed, Reason}
+    end.
+
+
+start_server(Args) ->
+    Pid = proplists:get_value(from, Args),
+    Result = spawn_link(ssl_test_lib, run_server, [Args]),
+    Pid ! {self(), listen},
+    receive
+	ok ->
+	    ok
+    end,
+    Result.
+
+start_client(Args) ->
+    Pid = proplists:get_value(from, Args),
+    Result = spawn_link(ssl_test_lib, run_client_init, [lists:delete(return_socket, Args)]),
+    Pid  ! {self(), connected},
+    receive
+	ok ->
+	    Result;
+	Reason ->
+	    exit(Reason)
+    end.
+
+recv_listen()->
+    receive
+	{listen, up} ->
+	    ok
+    end.