aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/hipe/arm/hipe_arm_pp.erl10
-rw-r--r--lib/ssl/src/ssl.erl3
-rw-r--r--lib/ssl/src/ssl_connection.erl3
-rw-r--r--lib/ssl/test/ssl_basic_SUITE.erl141
-rw-r--r--lib/ssl/test/ssl_test_lib.erl14
-rw-r--r--lib/ssl/test/ssl_to_openssl_SUITE.erl2
-rw-r--r--lib/ssl/vsn.mk2
-rw-r--r--lib/test_server/src/ts_run.erl60
-rw-r--r--lib/xmerl/doc/src/notes.xml24
-rw-r--r--lib/xmerl/vsn.mk9
10 files changed, 235 insertions, 33 deletions
diff --git a/lib/hipe/arm/hipe_arm_pp.erl b/lib/hipe/arm/hipe_arm_pp.erl
index cad56bf16d..c4dde31188 100644
--- a/lib/hipe/arm/hipe_arm_pp.erl
+++ b/lib/hipe/arm/hipe_arm_pp.erl
@@ -1,20 +1,20 @@
%% -*- erlang-indent-level: 2 -*-
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2005-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2005-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl
index 87a0939897..965e40a109 100644
--- a/lib/ssl/src/ssl.erl
+++ b/lib/ssl/src/ssl.erl
@@ -560,10 +560,11 @@ handle_options(Opts0, Role) ->
CbInfo = proplists:get_value(cb_info, Opts, {gen_tcp, tcp, tcp_closed}),
SslOptions = [versions, verify, verify_fun,
+ fail_if_no_peer_cert, verify_client_once,
depth, certfile, keyfile,
key, password, cacertfile, dhfile, ciphers,
debug, reuse_session, reuse_sessions, ssl_imp,
- cd_info, renegotiate_at],
+ cb_info, renegotiate_at],
SockOpts = lists:foldl(fun(Key, PropList) ->
proplists:delete(Key, PropList)
diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
index 4ec90600e9..dcf3331e6b 100644
--- a/lib/ssl/src/ssl_connection.erl
+++ b/lib/ssl/src/ssl_connection.erl
@@ -441,7 +441,8 @@ certify(#certificate{} = Cert,
Opts#ssl_options.verify,
Opts#ssl_options.verify_fun) of
{PeerCert, PublicKeyInfo} ->
- handle_peer_cert(PeerCert, PublicKeyInfo, State);
+ handle_peer_cert(PeerCert, PublicKeyInfo,
+ State#state{client_certificate_requested = false});
#alert{} = Alert ->
handle_own_alert(Alert, Version, certify_certificate, State),
{stop, normal, State}
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 8dc987e3ff..d1ee2ed77f 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -151,7 +151,7 @@ all(doc) ->
all(suite) ->
[app, connection_info, controlling_process, controller_dies,
peercert, connect_dist,
- peername, sockname, socket_options, versions, cipher_suites,
+ peername, sockname, socket_options, valid_ssl_options, versions, cipher_suites,
upgrade, upgrade_with_timeout, tcp_connect,
ipv6, ekeyfile, ecertfile, ecacertfile, eoptions, shutdown,
shutdown_write, shutdown_both, shutdown_error, ciphers,
@@ -159,8 +159,9 @@ all(suite) ->
server_verify_peer_passive,
server_verify_peer_active, server_verify_peer_active_once,
server_verify_none_passive, server_verify_none_active,
- server_verify_none_active_once,
- server_verify_no_cacerts, client_verify_none_passive,
+ server_verify_none_active_once, server_verify_no_cacerts,
+ server_require_peer_cert_ok, server_require_peer_cert_fail,
+ client_verify_none_passive,
client_verify_none_active, client_verify_none_active_once
%%, session_cache_process_list, session_cache_process_mnesia
,reuse_session, reuse_session_expired, server_does_not_want_to_reuse_session,
@@ -605,6 +606,59 @@ socket_options_result(Socket, Options, DefaultValues, NewOptions, NewValues) ->
ok.
%%--------------------------------------------------------------------
+valid_ssl_options(doc) ->
+ ["Test what happens when we give valid options"];
+
+valid_ssl_options(suite) ->
+ [];
+
+valid_ssl_options(Config) when is_list(Config) ->
+ ClientOpts = [{reuseaddr, true} | ?config(client_opts, Config)],
+ ServerOpts = [{reuseaddr, true} | ?config(server_opts, Config)],
+ {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+ Port = ssl_test_lib:inet_port(ServerNode),
+
+ StartOk =
+ fun(Peer, Pid, TestOpt) ->
+ receive
+ {Pid, ok} when Peer =:= server ->
+ ok;
+ {Pid, {ok, _}} when Peer =:= client ->
+ ok;
+ {Pid, Error} ->
+ test_server:fail({Peer,
+ {option_being_tested, TestOpt},
+ {got, Error}})
+ end
+ end,
+
+ %% The following contains both documented and undocumented options as
+ %% listed in ssl:handle_options/2. It excludes file options which are
+ %% tested elsewhere (cacertfile, certfile, keyfile).
+ TestOpts = [{versions, []}, {verify, verify_none}, {verify_fun, fun(_) -> false end},
+ {fail_if_no_peer_cert, false}, {verify_client_once, false},
+ {depth, 1}, {key, undefined}, {password, "secret"}, {ciphers, []},
+ {reuse_sessions, true}, {reuse_session, fun(_,_,_,_) -> true end},
+ {renegotiate_at, 1000000000}, {debug, []},
+ {cb_info, {gen_tcp, tcp, tcp_closed}}],
+ [begin
+ Server =
+ ssl_test_lib:start_server_error([{node, ServerNode}, {port, Port},
+ {from, self()},
+ {options, [TestOpt | ServerOpts]}]),
+ Client =
+ ssl_test_lib:start_client_error([{node, ClientNode}, {port, Port},
+ {host, Hostname}, {from, self()},
+ {options, [TestOpt | ClientOpts]}]),
+ StartOk(server, Server, TestOpt),
+ StartOk(client, Client, TestOpt),
+ ssl_test_lib:close(Server),
+ ssl_test_lib:close(Client),
+ ok
+ end || TestOpt <- TestOpts],
+ ok.
+
+%%--------------------------------------------------------------------
versions(doc) ->
["Test API function versions/0"];
@@ -806,7 +860,7 @@ tcp_connect(Config) when is_list(Config) ->
Server = ssl_test_lib:start_upgrade_server([{node, ServerNode}, {port, 0},
{from, self()},
{timeout, 5000},
- {mfa, {?MODULE, should_close, []}},
+ {mfa, {?MODULE, dummy, []}},
{tcp_options, TcpOpts},
{ssl_options, ServerOpts}]),
Port = ssl_test_lib:inet_port(Server),
@@ -815,18 +869,20 @@ tcp_connect(Config) when is_list(Config) ->
test_server:format("Testcase ~p connected to Server ~p ~n", [self(), Server]),
gen_tcp:send(Socket, "<SOME GARBLED NON SSL MESSAGE>"),
- ssl_test_lib:check_result(Server, {error,esslerrssl}, tcp_closed, Socket),
-
+ receive
+ {tcp_closed, Socket} ->
+ receive
+ {Server, {error, Error}} ->
+ test_server:format("Error ~p", [Error])
+ end
+ end,
ssl_test_lib:close(Server).
-should_close(Socket) ->
- receive
- {ssl, Socket, closed} ->
- server_closed;
- Other ->
- exit({?LINE, Other})
- end.
+dummy(Socket) ->
+ %% Should not happen as the ssl connection will not be established
+ %% due to fatal handshake failiure
+ exit(kill).
%%--------------------------------------------------------------------
ipv6(doc) ->
@@ -1779,7 +1835,66 @@ server_verify_no_cacerts(Config) when is_list(Config) ->
| ServerOpts]}]),
ssl_test_lib:check_result(Server, {error, {eoptions, {cacertfile, ""}}}).
+
+%%--------------------------------------------------------------------
+
+server_require_peer_cert_ok(doc) ->
+ ["Test server option fail_if_no_peer_cert when peer sends cert"];
+
+server_require_peer_cert_ok(suite) ->
+ [];
+
+server_require_peer_cert_ok(Config) when is_list(Config) ->
+ ServerOpts = [{verify, verify_peer}, {fail_if_no_peer_cert, true}
+ | ?config(server_verification_opts, Config)],
+ ClientOpts = ?config(client_verification_opts, Config),
+ {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+ Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+ {from, self()},
+ {mfa, {?MODULE, send_recv_result, []}},
+ {options, [{active, false} | ServerOpts]}]),
+ Port = ssl_test_lib:inet_port(Server),
+ Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+ {host, Hostname},
+ {from, self()},
+ {mfa, {?MODULE, send_recv_result, []}},
+ {options, [{active, false} | ClientOpts]}]),
+
+ ssl_test_lib:check_result(Server, ok, Client, ok),
+ ssl_test_lib:close(Server),
+ ssl_test_lib:close(Client).
+
+%%--------------------------------------------------------------------
+
+server_require_peer_cert_fail(doc) ->
+ ["Test server option fail_if_no_peer_cert when peer doesn't send cert"];
+
+server_require_peer_cert_fail(suite) ->
+ [];
+
+server_require_peer_cert_fail(Config) when is_list(Config) ->
+ ServerOpts = [{verify, verify_peer}, {fail_if_no_peer_cert, true}
+ | ?config(server_verification_opts, Config)],
+ BadClientOpts = ?config(client_opts, Config),
+ {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+ Port = ssl_test_lib:inet_port(ServerNode),
+
+ Server = ssl_test_lib:start_server_error([{node, ServerNode}, {port, Port},
+ {from, self()},
+ {mfa, {?MODULE, send_recv_result, []}},
+ {options, [{active, false} | ServerOpts]}]),
+ Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+ {host, Hostname},
+ {from, self()},
+ {mfa, {?MODULE, send_recv_result, []}},
+ {options, [{active, false} | BadClientOpts]}]),
+ ssl_test_lib:check_result(Server, {error, esslaccept},
+ Client, {error, esslconnect}),
+ ssl_test_lib:close(Server),
+ ssl_test_lib:close(Client).
+
%%--------------------------------------------------------------------
client_verify_none_passive(doc) ->
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index f985058cd7..ee799c50c8 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -448,9 +448,19 @@ trigger_renegotiate(Socket, _, 0, Id) ->
test_server:sleep(1000),
case ssl:session_info(Socket) of
[{session_id, Id} | _ ] ->
+ %% If a warning alert is received
+ %% from openssl this may not be
+ %% an error!
fail_session_not_renegotiated;
- _ ->
- ok
+ %% Tests that uses this function will no reuse
+ %% sessions so if we get a new session id the
+ %% renegotiation has seceded.
+ [{session_id, _} | _ ] ->
+ ok;
+ {error, closed} ->
+ fail_session_fatal_alert_during_renegotiation;
+ {error, timeout} ->
+ fail_timeout
end;
trigger_renegotiate(Socket, ErlData, N, Id) ->
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index adb5b9cd13..624404b556 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -327,7 +327,7 @@ erlang_client_openssl_server_no_wrap_sequence_number(Config) when is_list(Config
{ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
- ErlData = "From erlang to openssl",
+ ErlData = "From erlang to openssl\n",
N = 10,
Port = ssl_test_lib:inet_port(node()),
diff --git a/lib/ssl/vsn.mk b/lib/ssl/vsn.mk
index 6b76dffd86..0f3f8e95ec 100644
--- a/lib/ssl/vsn.mk
+++ b/lib/ssl/vsn.mk
@@ -19,7 +19,7 @@
SSL_VSN = 3.11
-TICKETS = OTP-8517 OTP-7046
+TICKETS = OTP-8517 OTP-7046 OTP-8557
#TICKETS_3.10.9 = OTP-8510
diff --git a/lib/test_server/src/ts_run.erl b/lib/test_server/src/ts_run.erl
index 3461e1383c..1d611f501c 100644
--- a/lib/test_server/src/ts_run.erl
+++ b/lib/test_server/src/ts_run.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 1997-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 1997-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -392,7 +392,7 @@ make_test_suite(Vars, _Spec, State) ->
{ok, Cwd} = file:get_cwd(),
ok = file:set_cwd(TestDir),
- Result = (catch make:all(Erl_flags)),
+ Result = (catch make_all(Erl_flags)),
ok = file:set_cwd(Cwd),
case Result of
up_to_date ->
@@ -743,4 +743,52 @@ split_one(Path) ->
split_path(Path) ->
string:tokens(Path,";").
+%%
+%% Run make:all/1 if the test suite seems to be designed
+%% to be built/re-built by ts.
+%%
+make_all(Flags) ->
+ case filelib:is_regular("Emakefile") of
+ false ->
+ make_all_no_emakefile(Flags);
+ true ->
+ make:all(Flags)
+ end.
+
+make_all_no_emakefile(Flags) ->
+ case filelib:wildcard("*.beam") of
+ [] ->
+ %% Since there are no *.beam files, we will assume
+ %% that this test suite was designed to be built and
+ %% re-built by ts. Create an Emakefile so that
+ %% make:all/1 will be run the next time too
+ %% (in case a test suite is being interactively
+ %% developed).
+ create_emakefile(Flags, "*.erl");
+ [_|_] ->
+ %% There is no Emakefile and there already are
+ %% some *.beam files here. Assume that this test
+ %% suite was not designed to be re-built by ts.
+ %% Only create a Emakefile that will compile
+ %% generated *_SUITE_make files (if any).
+ create_emakefile(Flags, "*_SUITE_make.erl")
+ end.
+create_emakefile(Flags, Wc) ->
+ case filelib:wildcard(Wc) of
+ [] ->
+ %% There are no files to be built (i.e. not even any
+ %% generated *_SUITE_make.erl files). We must handle
+ %% this case specially, because make:all/1 will crash
+ %% on Emakefile with an empty list of modules.
+ io:put_chars("No Emakefile found - not running make:all/1\n"),
+ up_to_date;
+ [_|_]=Ms0 ->
+ io:format("Creating an Emakefile for compiling files matching ~s\n",
+ [Wc]),
+ Ms = [list_to_atom(filename:rootname(M, ".erl")) || M <- Ms0],
+ Make0 = {Ms,Flags},
+ Make = io_lib:format("~p. \n", [Make0]),
+ ok = file:write_file("Emakefile", Make),
+ make:all(Flags)
+ end.
diff --git a/lib/xmerl/doc/src/notes.xml b/lib/xmerl/doc/src/notes.xml
index 3106c72bd8..207f6fdf16 100644
--- a/lib/xmerl/doc/src/notes.xml
+++ b/lib/xmerl/doc/src/notes.xml
@@ -31,6 +31,30 @@
<p>This document describes the changes made to the Xmerl application.</p>
+<section><title>Xmerl 1.2.5</title>
+
+ <section><title>Improvements and New Features</title>
+ <list>
+ <item>
+ <p>
+ All Erlang files are now built by the test server instead of the test directory Makefile.
+ </p>
+ <p>
+ Erlang files in data directories are now built by the test suites instead of using
+ prebuilt versions under version control.
+ </p>
+ <p>
+ Removed a number of obsolete guards.
+ </p>
+ <p>
+ Own Id: OTP-8537
+ </p>
+ </item>
+ </list>
+ </section>
+
+</section>
+
<section><title>Xmerl 1.2.4</title>
<section><title>Improvements and New Features</title>
diff --git a/lib/xmerl/vsn.mk b/lib/xmerl/vsn.mk
index 4162b52a80..83b9d4826f 100644
--- a/lib/xmerl/vsn.mk
+++ b/lib/xmerl/vsn.mk
@@ -17,14 +17,17 @@
# %CopyrightEnd%
#
-XMERL_VSN = 1.2.4
+XMERL_VSN = 1.2.5
TICKETS = \
- OTP-8343
+ OTP-8537
+
+TICKETS_1.2.5 = \
+ OTP-8537
TICKETS_1.2.4 = \
- OTP-8343
+ OTP-8343
TICKETS_1.2.3 = \
OTP-8251 \