6 files changed, 30 insertions, 20 deletions

diff --git a/lib/ssl/test/openssl_renegotiate_SUITE.erl b/lib/ssl/test/openssl_renegotiate_SUITE.erl
index 91a8175ac6..787b5208b8 100644
--- a/lib/ssl/test/openssl_renegotiate_SUITE.erl
+++ b/lib/ssl/test/openssl_renegotiate_SUITE.erl
@@ -104,8 +104,9 @@ init_per_group(GroupName, Config) ->
                  true ->
                     case ssl_test_lib:check_sane_openssl_version(GroupName) of
                          true ->
-                            ssl_test_lib:init_tls_version(GroupName, Config);
-                         false ->
+                            ssl_test_lib:check_sane_openssl_renegotaite(ssl_test_lib:init_tls_version(GroupName, Config),
+                                                                        GroupName);
+                        false ->
                             {skip, openssl_does_not_support_version}
                     end;
                 false ->
diff --git a/lib/ssl/test/openssl_session_SUITE.erl b/lib/ssl/test/openssl_session_SUITE.erl
index 24dcaa7817..7c129633da 100644
--- a/lib/ssl/test/openssl_session_SUITE.erl
+++ b/lib/ssl/test/openssl_session_SUITE.erl
@@ -56,8 +56,8 @@ groups() ->
               {'tlsv1.1', [], tests()},
               {'tlsv1', [], tests()},
               {'sslv3', [], tests()},
-              {'dtlsv1.2', [], dtls_tests()},
-              {'dtlsv1', [], dtls_tests()}
+              {'dtlsv1.2', [], tests()},
+              {'dtlsv1', [], tests()}
              ];
         false ->
              [{'tlsv1.2', [], tests()},
@@ -73,11 +73,6 @@ tests() ->
          reuse_session_erlang_client
     ].
 
-dtls_tests() ->
-    [    
-         reuse_session_erlang_server
-    ].
-
 
 init_per_suite(Config0) ->
     case os:find_executable("openssl") of
@@ -154,6 +149,7 @@ reuse_session_erlang_server() ->
     [{doc, "Test erlang server with openssl client that reconnects with the"
       "same session id, to test reusing of sessions."}].
 reuse_session_erlang_server(Config) when is_list(Config) ->
+    process_flag(trap_exit, true),
     ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
     
     {_, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
@@ -193,19 +189,20 @@ reuse_session_erlang_client(Config) when is_list(Config) ->
     ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
     ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
     {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
-    
+
+    Version = ssl_test_lib:protocol_version(Config),    
     Port = ssl_test_lib:inet_port(node()),
     CertFile = proplists:get_value(certfile, ServerOpts),
     CACertFile = proplists:get_value(cacertfile, ServerOpts),
     KeyFile = proplists:get_value(keyfile, ServerOpts),
 
     Exe = "openssl",
-    Args = ["s_server", "-accept", integer_to_list(Port),
+    Args = ["s_server", "-accept", integer_to_list(Port), ssl_test_lib:version_flag(Version),
             "-cert", CertFile,"-key", KeyFile, "-CAfile", CACertFile],
 
     OpensslPort = ssl_test_lib:portable_open_port(Exe, Args), 
 
-    ssl_test_lib:wait_for_openssl_server(Port, tls),
+    ssl_test_lib:wait_for_openssl_server(Port,  proplists:get_value(protocol, Config)),
     
     Client0 =
         ssl_test_lib:start_client([{node, ClientNode},
diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl
index fefecc0b65..14e5024b91 100644
--- a/lib/ssl/test/ssl_api_SUITE.erl
+++ b/lib/ssl/test/ssl_api_SUITE.erl
@@ -1251,8 +1251,9 @@ der_input(Config) when is_list(Config) ->
     [_, _,_, _, Prop] = StatusInfo,
     State = ssl_test_lib:state(Prop),
     [CADb | _] = element(6, State),
-
+    ct:sleep(?SLEEP*2), %%Make sure there is no outstanding clean cert db msg in manager
     Size = ets:info(CADb, size),
+    ct:pal("Size ~p", [Size]),
 
     SeverVerifyOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
     {ServerCert, ServerKey, ServerCaCerts, DHParams} = der_input_opts([{dhfile, DHParamFile} |
@@ -1281,6 +1282,7 @@ der_input(Config) when is_list(Config) ->
     ssl_test_lib:check_result(Server, ok, Client, ok),
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client),
+    %% Using only DER input should not increase file indexed DB 
     Size = ets:info(CADb, size).
 
 %%--------------------------------------------------------------------
@@ -1902,7 +1904,7 @@ do_recv_close(Socket) ->
 
 tls_close(Socket) ->
     ok = ssl_test_lib:send_recv_result(Socket),
-    case ssl:close(Socket, 5000) of
+    case ssl:close(Socket, 10000) of
         ok ->
             ok;
         {error, closed} ->
diff --git a/lib/ssl/test/ssl_session_cache_SUITE.erl b/lib/ssl/test/ssl_session_cache_SUITE.erl
index b71b15b028..553c2d247b 100644
--- a/lib/ssl/test/ssl_session_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_session_cache_SUITE.erl
@@ -28,7 +28,7 @@
 -include_lib("common_test/include/ct.hrl").
 
 -define(DELAY, 500).
--define(SLEEP, 500).
+-define(SLEEP, 1000).
 -define(TIMEOUT, 60000).
 -define(LONG_TIMEOUT, 600000).
 -define(MAX_TABLE_SIZE, 5).
@@ -207,7 +207,7 @@ session_cleanup(Config) when is_list(Config) ->
 	end,
 
     %% Make sure session is registered
-    ct:sleep(?SLEEP),
+    ct:sleep(?SLEEP*2),
 
     {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
     [_, _,_, _, Prop] = StatusInfo,
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 7dd27fb5cb..c4f294771a 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -493,7 +493,10 @@ check_result(Server, ServerMsg, Client, ClientMsg) ->
 	    ct:log("~p:~p~n Openssl ~s~n",[?MODULE,?LINE, Debug]),
 	    check_result(Server, ServerMsg, Client, ClientMsg);
         {Port,closed} when is_port(Port) ->
-            ct:log("~p:~p~n Openssl port ~n",[?MODULE,?LINE]),
+            ct:log("~p:~p~n Openssl port closed ~n",[?MODULE,?LINE]),
+            check_result(Server, ServerMsg, Client, ClientMsg);
+        {'EXIT', epipe} ->
+            ct:log("~p:~p~n Openssl port died ~n",[?MODULE,?LINE]),
             check_result(Server, ServerMsg, Client, ClientMsg);
 	Unexpected ->
 	    Reason = {{expected, {Client, ClientMsg}},
@@ -2187,6 +2190,13 @@ check_sane_openssl_renegotaite(Config, Version) when Version == 'tlsv1.1';
 	_ ->
 	    check_sane_openssl_renegotaite(Config)
     end;
+check_sane_openssl_renegotaite(Config, 'sslv3') ->
+    case os:cmd("openssl version") of     
+	"OpenSSL 1" ++ _ ->
+	    {skip, "Known renegotiation bug with sslv3 in OpenSSL"};
+	_ ->
+	    check_sane_openssl_renegotaite(Config)
+    end;
 check_sane_openssl_renegotaite(Config, _) ->
     check_sane_openssl_renegotaite(Config).
 	
diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl
index 5a74ec1892..7239d4cb90 100644
--- a/lib/ssl/test/tls_api_SUITE.erl
+++ b/lib/ssl/test/tls_api_SUITE.erl
@@ -794,16 +794,16 @@ tls_downgrade_result(Socket, Pid) ->
                 {tcp, TCPSocket, <<"Downgraded">>} ->
 	             ok;
                 {tcp_closed, TCPSocket} ->
-                    ct:fail("Peer timed out, downgrade aborted"),
+                    ct:fail("Did not receive TCP data"),
 	            ok;
 	        Other ->
                     {error, Other}
             end;
 	{error, timeout} ->
-	    ct:fail("Timed out, downgrade aborted"),
+	    ct:comment("Timed out, downgrade aborted"),
 	    ok;
 	Fail ->
-	    {error, Fail}
+            ct:fail(Fail)
     end.
 
 tls_shutdown_result(Socket, server) ->