From f435df0e065c06e2ae11308c0ec5a19a9ce887fa Mon Sep 17 00:00:00 2001 From: YAMASHINA Hio Date: Tue, 9 Feb 2010 10:46:38 +0900 Subject: prepend packet size bytes in ssl:send() in new_ssl implementation With the {ssl_imp,new} option enabled, {packet,PacketType} only works when receiving. When sending, {packet,0} is always used. --- lib/ssl/src/ssl_connection.erl | 33 ++- lib/ssl/test/ssl_packet_SUITE.erl | 481 ++++++++++++++++++++------------------ 2 files changed, 279 insertions(+), 235 deletions(-) diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index d9377fe3d6..0aed85a9ef 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -610,7 +610,7 @@ connection(hello, State = #state{host = Host, port = Port, %% gen_fsm:sync_send_event/2,3, the instance of this function with the same %% name as the current state name StateName is called to handle the event. %%-------------------------------------------------------------------- -connection({application_data, Data}, _From, +connection({application_data, Data0}, _From, State = #state{socket = Socket, negotiated_version = Version, transport_cb = Transport, @@ -618,10 +618,16 @@ connection({application_data, Data}, _From, %% We should look into having a worker process to do this to %% parallize send and receive decoding and not block the receiver %% if sending is overloading the socket. - {Msgs, ConnectionStates1} = encode_data(Data, Version, ConnectionStates0), - Result = Transport:send(Socket, Msgs), - {reply, Result, - connection, State#state{connection_states = ConnectionStates1}}. + try + Data = encode_packet(Data0, State#state.socket_options), + {Msgs, ConnectionStates1} = encode_data(Data, Version, ConnectionStates0), + Result = Transport:send(Socket, Msgs), + {reply, Result, + connection, State#state{connection_states = ConnectionStates1}} + + catch throw:Error -> + {reply, Error, connection, State} + end. %%-------------------------------------------------------------------- %% Function: @@ -1404,6 +1410,23 @@ encode_handshake(HandshakeRec, SigAlg, Version, ConnectionStates0, Hashes0) -> ssl_record:encode_handshake(Frag, Version, ConnectionStates0), {E, ConnectionStates1, Hashes1}. +encode_packet(Data, #socket_options{packet=Packet}) -> + case Packet of + 0 -> Data; + 1 -> encode_size_packet(Data, 8, (1 bsl 8) - 1); + 2 -> encode_size_packet(Data, 16, (1 bsl 16) - 1); + 4 -> encode_size_packet(Data, 32, (1 bsl 32) - 1); + _ -> + throw({error, {badarg, {eoptions, {packet, Packet}}}}) + end. + +encode_size_packet(Bin, Size, Max) -> + Len = byte_size(Bin), + case Len > Max of + true -> throw({error, {badarg, {packet_to_large, Len, Max}}}); + false -> <> + end. + encode_data(Data, Version, ConnectionStates) -> ssl_record:encode_data(Data, Version, ConnectionStates). diff --git a/lib/ssl/test/ssl_packet_SUITE.erl b/lib/ssl/test/ssl_packet_SUITE.erl index c59a5c9256..3f8a560be9 100644 --- a/lib/ssl/test/ssl_packet_SUITE.erl +++ b/lib/ssl/test/ssl_packet_SUITE.erl @@ -117,8 +117,8 @@ end_per_testcase(_TestCase, Config) -> %%-------------------------------------------------------------------- all(doc) -> ["Test that erlang:decode_packet/3 seems to be handled correctly." - "We only use the most basic packet types in our tests as testing of" - "the packet types are for inet to verify" + "We only use the most basic packet types in our tests as testing of" + "the packet types are for inet to verify" ]; all(suite) -> @@ -140,6 +140,7 @@ all(suite) -> packet_raw_active_some_big, packet_0_active_some_big, packet_1_active_some_big, packet_2_active_some_big, packet_4_active_some_big, + packet_send_to_large, packet_wait_passive, packet_wait_active, packet_baddata_passive, packet_baddata_active, packet_size_passive, packet_size_active @@ -157,25 +158,25 @@ packet_raw_passive_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, raw}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_raw, [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, passive_raw, [Data, ?MANY]}}, {options, [{active, false}, {packet, raw} | - ClientOpts]}]), - + ClientOpts]}]), + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -191,25 +192,25 @@ packet_raw_passive_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_raw, [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, passive_raw, [Data, ?SOME]}}, {options, [{active, false}, {packet, raw} | - ClientOpts]}]), - + ClientOpts]}]), + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -224,24 +225,24 @@ packet_0_passive_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 0}, equivalent to packet raw.", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_raw, [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, passive_raw, [Data, ?MANY]}}, {options, [{active, false}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -256,24 +257,24 @@ packet_0_passive_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_raw, [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, passive_raw, [Data, ?SOME]}}, {options, [{active, false}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -288,25 +289,25 @@ packet_1_passive_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 1}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?MANY]}}, {options, [{active, false}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -321,25 +322,25 @@ packet_1_passive_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(255, "1")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?SOME]}}, {options, [{active, false}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -354,25 +355,25 @@ packet_2_passive_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 2}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?MANY]}}, {options, [{active, false}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -387,28 +388,28 @@ packet_2_passive_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?SOME]}}, {options, [{active, false}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). - + %%-------------------------------------------------------------------- packet_4_passive_many_small(doc) -> ["Test packet option {packet, 4} in passive mode"]; @@ -420,26 +421,26 @@ packet_4_passive_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 4}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, {mfa, - {?MODULE, send_4 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 4}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?MANY]}}, {options, [{active, false}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -454,25 +455,25 @@ packet_4_passive_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_4 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 4}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, passive_recv_packet, - [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, passive_recv_packet, + [Data, ?SOME]}}, {options, [{active, false}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -485,27 +486,27 @@ packet_raw_active_once_many_small(suite) -> []; packet_raw_active_once_many_small(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, raw}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, active_once_raw, [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, active_once_raw, [Data, ?MANY]}}, {options, [{active, once}, {packet, raw} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -517,27 +518,27 @@ packet_raw_active_once_some_big(suite) -> []; packet_raw_active_once_some_big(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, active_once_raw, [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, active_once_raw, [Data, ?SOME]}}, {options, [{active, once}, {packet, raw} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -552,13 +553,13 @@ packet_0_active_once_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 0}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, @@ -569,9 +570,9 @@ packet_0_active_once_many_small(Config) when is_list(Config) -> {options, [{active, once}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -587,14 +588,14 @@ packet_0_active_once_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, {mfa, {?MODULE, send_raw , [Data, ?SOME]}}, - {options, ServerOpts}]), + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, @@ -605,9 +606,9 @@ packet_0_active_once_some_big(Config) when is_list(Config) -> {options, [{active, once}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -622,13 +623,13 @@ packet_1_active_once_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 1}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, @@ -640,9 +641,9 @@ packet_1_active_once_many_small(Config) when is_list(Config) -> {options, [{active, once}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -657,17 +658,17 @@ packet_1_active_once_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(255, "1")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_once_packet, @@ -675,9 +676,9 @@ packet_1_active_once_some_big(Config) when is_list(Config) -> {options, [{active, once}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -692,17 +693,17 @@ packet_2_active_once_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 2}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_once_packet, @@ -710,9 +711,9 @@ packet_2_active_once_many_small(Config) when is_list(Config) -> {options, [{active, once}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -728,17 +729,17 @@ packet_2_active_once_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_once_packet, @@ -746,9 +747,9 @@ packet_2_active_once_some_big(Config) when is_list(Config) -> {options, [{active, once}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -763,17 +764,17 @@ packet_4_active_once_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 4}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_4 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 4}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_once_packet, @@ -781,9 +782,9 @@ packet_4_active_once_many_small(Config) when is_list(Config) -> {options, [{active, once}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -798,17 +799,17 @@ packet_4_active_once_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_4 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 4}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_once_packet, @@ -816,9 +817,9 @@ packet_4_active_once_some_big(Config) when is_list(Config) -> {options, [{active, once}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -830,28 +831,28 @@ packet_raw_active_many_small(suite) -> []; packet_raw_active_many_small(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, raw}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, active_raw, - [Data, ?MANY]}}, + {from, self()}, + {mfa, {?MODULE, active_raw, + [Data, ?MANY]}}, {options, [{active, true}, {packet, raw} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -867,24 +868,24 @@ packet_raw_active_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, - {mfa, {?MODULE, active_raw, [Data, ?SOME]}}, + {from, self()}, + {mfa, {?MODULE, active_raw, [Data, ?SOME]}}, {options, [{active, true}, {packet, raw} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -899,13 +900,13 @@ packet_0_active_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 0}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?MANY]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, @@ -916,9 +917,9 @@ packet_0_active_many_small(Config) when is_list(Config) -> {options, [{active, true}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -933,13 +934,13 @@ packet_0_active_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send_raw ,[Data, ?SOME]}}, + {options, ServerOpts}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, @@ -950,9 +951,9 @@ packet_0_active_some_big(Config) when is_list(Config) -> {options, [{active, true}, {packet, 0} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -968,26 +969,26 @@ packet_1_active_many_small(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 1}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?MANY]}}, {options, [{active, true}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -1002,26 +1003,26 @@ packet_1_active_some_big(Config) when is_list(Config) -> ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(255, "1")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_1 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 1}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?SOME]}}, {options, [{active, true}, {packet, 1} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -1033,29 +1034,29 @@ packet_2_active_many_small(suite) -> []; packet_2_active_many_small(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 2}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?MANY]}}, {options, [{active, true}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -1067,29 +1068,29 @@ packet_2_active_some_big(suite) -> []; packet_2_active_some_big(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_2 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 2}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?SOME]}}, {options, [{active, true}, {packet, 2} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -1101,29 +1102,29 @@ packet_4_active_many_small(suite) -> []; packet_4_active_many_small(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = "Packet option is {packet, 4}", Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_4 ,[Data, ?MANY]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?MANY]}}, + {options, [{packet, 4}|ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?MANY]}}, {options, [{active, true}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). @@ -1136,33 +1137,64 @@ packet_4_active_some_big(suite) -> []; packet_4_active_some_big(Config) when is_list(Config) -> - ClientOpts = ?config(client_opts, Config), + ClientOpts = ?config(client_opts, Config), ServerOpts = ?config(server_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), - + Data = lists:append(lists:duplicate(100, "1234567890")), Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, - {mfa, {?MODULE, send_4 ,[Data, ?SOME]}}, - {options, ServerOpts}]), + {mfa, {?MODULE, send, [Data, ?SOME]}}, + {options, [{packet, 4} | ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, {host, Hostname}, - {from, self()}, + {from, self()}, {mfa, {?MODULE, active_packet, [Data, ?SOME]}}, {options, [{active, true}, {packet, 4} | ClientOpts]}]), - + ssl_test_lib:check_result(Client, ok), - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). +%%-------------------------------------------------------------------- +packet_send_to_large(doc) -> + ["Test setting the packet option {packet, 2} on the send side"]; + +packet_send_to_large(suite) -> []; + +packet_send_to_large(Config) when is_list(Config) -> + ClientOpts = ?config(client_opts, Config), + ServerOpts = ?config(server_opts, Config), + {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), + + Data = lists:append(lists:duplicate(30, "1234567890")), + + Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, + {from, self()}, + {mfa, {?MODULE, send, [Data, 1]}}, + {options, [{packet, 1}| ServerOpts]}]), + Port = ssl_test_lib:inet_port(Server), + Client = ssl_test_lib:start_client([{node, ServerNode}, {port, Port}, + {host, Hostname}, + {from, self()}, + {mfa, {?MODULE, active_packet, [Data, 1]}}, + {options, [{active, true} | ClientOpts]}]), + + ssl_test_lib:check_result(Server, {error, {badarg, {packet_to_large, 300, 255}}}), + + ssl_test_lib:close(Server), + ssl_test_lib:close(Client). + + + %%-------------------------------------------------------------------- @@ -1263,7 +1295,7 @@ packet_baddata_active(Config) when is_list(Config) -> test_server:fail({unexpected, Unexpected}) end, - + ssl_test_lib:close(Server), ssl_test_lib:close(Client). %%-------------------------------------------------------------------- @@ -1293,7 +1325,7 @@ packet_baddata_passive(Config) when is_list(Config) -> {options, [{active, false}, {packet, cdr} | ClientOpts]}]), - + receive {Client, {other, {error, {invalid_packet, _}},{error,closed}, 1}} -> ok; Unexpected -> @@ -1314,7 +1346,7 @@ packet_size_active(Config) when is_list(Config) -> {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Data = list_to_binary(lists:duplicate(100, "1234567890")), - + Server = ssl_test_lib:start_server([{node, ClientNode}, {port, 0}, {from, self()}, {mfa, {?MODULE, send_incomplete ,[Data, 1]}}, @@ -1393,27 +1425,16 @@ passive_recv_packet(Socket, Data, N) -> Other -> {other, Other, ssl:session_info(Socket), N} end. - -send_1(_,_, 0) -> - no_result_msg; -send_1(Socket, Data, N) -> - Length = length(Data), - ssl:send(Socket, [?byte(Length), Data]), - send_1(Socket, Data, N-1). - -send_2(_,_, 0) -> - no_result_msg; -send_2(Socket, Data, N) -> - Length = length(Data), - ssl:send(Socket, [?uint16(Length), Data]), - send_2(Socket, Data, N-1). -send_4(_,_, 0) -> +send(_,_, 0) -> no_result_msg; -send_4(Socket, Data, N) -> - Length = length(Data), - ssl:send(Socket, [?uint32(Length), Data]), - send_4(Socket, Data, N-1). +send(Socket, Data, N) -> + case ssl:send(Socket, [Data]) of + ok -> + send(Socket, Data, N-1); + Other -> + Other + end. send_incomplete(Socket, Data, N) -> send_incomplete(Socket, Data, N, <<>>). @@ -1446,7 +1467,7 @@ active_once_raw(Socket, Data, N, Acc) -> active_once_raw(Socket, Data, N, NewAcc) end end. - + active_once_packet(_,_, 0) -> ok; active_once_packet(Socket, Data, N) -> -- cgit v1.2.3 From 590a06126b813a306455d340f73c88ebfafce29a Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson Date: Tue, 9 Feb 2010 15:39:59 +0100 Subject: Allow ssl:listen/2 to be called with option {ssl_imp, old}. --- lib/ssl/doc/src/new_ssl.xml | 5 ++--- lib/ssl/src/ssl.erl | 3 ++- lib/ssl/src/ssl_broker.erl | 6 +++--- lib/ssl/test/old_ssl_active_SUITE.erl | 6 +++--- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/ssl/doc/src/new_ssl.xml b/lib/ssl/doc/src/new_ssl.xml index a11919eb51..b642280096 100644 --- a/lib/ssl/doc/src/new_ssl.xml +++ b/lib/ssl/doc/src/new_ssl.xml @@ -60,10 +60,9 @@ very crippled as the control of the ssl-socket was deep down in openssl making it hard if not impossible to support all inet options, ipv6 and upgrade of a tcp - connection to a ssl connection. The alfa version has a + connection to a ssl connection. This version has a few limitations that will be removed before the ssl-4.0 - release. Main differences and limitations in the alfa are - listed below.

+ release. Main differences and limitations are listed below.

New ssl requires the crypto diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 1222fe97fd..306e3f5419 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -129,7 +129,8 @@ listen(Port, Options0) -> %% so that new and old ssl can be run by the same %% code, however the option will be ignored by old ssl %% that hardcodes reuseaddr to true in its portprogram. - Options = proplists:delete(reuseaddr, Options0), + Options1 = proplists:delete(reuseaddr, Options0), + Options = proplists:delete(ssl_imp, Options1), old_listen(Port, Options); Value -> {error, {eoptions, {ssl_imp, Value}}} diff --git a/lib/ssl/src/ssl_broker.erl b/lib/ssl/src/ssl_broker.erl index 178fb5fcb9..a7a8fe0322 100644 --- a/lib/ssl/src/ssl_broker.erl +++ b/lib/ssl/src/ssl_broker.erl @@ -333,9 +333,9 @@ init([Client, Type]) -> debug1(Debug, Type, "in start, client = ~w", [Client]), {ok, #st{brokertype = Type, server = Server, client = Client, collector = Client, debug = Debug}}; - true -> - {stop, no_ssl_server} - end. + true -> + {stop, no_ssl_server} + end. %% diff --git a/lib/ssl/test/old_ssl_active_SUITE.erl b/lib/ssl/test/old_ssl_active_SUITE.erl index fc44fa23dd..26be69c300 100644 --- a/lib/ssl/test/old_ssl_active_SUITE.erl +++ b/lib/ssl/test/old_ssl_active_SUITE.erl @@ -145,16 +145,16 @@ sinit_return_chkclose(Config) when list(Config) -> ?line {ok, Host} = inet:gethostname(), LCmds = [{sockopts, [{backlog, NConns}]}, - {sslopts, SsslOpts}, + {sslopts, [{ssl_imp, old}|SsslOpts]}, {listen, LPort}, wait_sync, lclose], ACmds = [{timeout, Timeout}, accept, - {send, DataSize}, {recv, DataSize}, + {send, DataSize}, {recv, DataSize}, await_close], CCmds = [{timeout, Timeout}, - {sslopts, CsslOpts}, + {sslopts, [{ssl_imp, old}|CsslOpts]}, {connect, {Host, LPort}}, {recv, DataSize}, {send, DataSize}, close], -- cgit v1.2.3 From a39cf4a324eca0d5ae363350b79f37401c240cb5 Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson Date: Wed, 10 Feb 2010 15:27:58 +0100 Subject: Fixed bug file cache bug and improved the error messages. --- lib/ssl/src/ssl_certificate_db.erl | 41 ++++++++++++++++++++------------------ lib/ssl/src/ssl_connection.erl | 38 +++++++++++++++++++++++++---------- lib/ssl/src/ssl_manager.erl | 27 +++++++++++++------------ lib/ssl/test/ssl_basic_SUITE.erl | 2 +- 4 files changed, 65 insertions(+), 43 deletions(-) diff --git a/lib/ssl/src/ssl_certificate_db.erl b/lib/ssl/src/ssl_certificate_db.erl index decc6c9fea..2d729576b0 100644 --- a/lib/ssl/src/ssl_certificate_db.erl +++ b/lib/ssl/src/ssl_certificate_db.erl @@ -27,7 +27,7 @@ -export([create/0, remove/1, add_trusted_certs/3, remove_trusted_certs/2, lookup_trusted_cert/3, issuer_candidate/1, - cache_pem_file/3]). + lookup_cached_certs/1, cache_pem_file/3]). %%==================================================================== %% Internal application API @@ -74,6 +74,9 @@ lookup_trusted_cert(Ref, SerialNumber, Issuer) -> {ok, Certs} end. +lookup_cached_certs(File) -> + ets:lookup(certificate_db_name(), {file, File}). + %%-------------------------------------------------------------------- %% Function: add_trusted_certs(Pid, File, Db) -> {ok, Ref} %% Pid = pid() @@ -90,7 +93,7 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) -> undefined -> NewRef = make_ref(), add_certs_from_file(File, NewRef, CertsDb), - insert(File, NewRef, 1, FileToRefDb), + insert(File, NewRef, 1, FileToRefDb), NewRef; [OldRef] -> ref_count(File,FileToRefDb,1), @@ -104,14 +107,11 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) -> %% %% Description: Cache file as binary in DB %%-------------------------------------------------------------------- -cache_pem_file(Pid, File, [_CertsDb, FileToRefDb, PidToFileDb]) -> - try ref_count(File, FileToRefDb,1) - catch _:_ -> - {ok, Content} = public_key:pem_to_der(File), - insert(File,Content,1,FileToRefDb) - end, +cache_pem_file(Pid, File, [CertsDb, _FileToRefDb, PidToFileDb]) -> + Res = {ok, Content} = public_key:pem_to_der(File), + insert({file, File}, Content, CertsDb), insert(Pid, File, PidToFileDb), - {ok, FileToRefDb}. + Res. %%-------------------------------------------------------------------- %% Function: remove_trusted_certs(Pid, Db) -> _ @@ -123,15 +123,16 @@ remove_trusted_certs(Pid, [CertsDb, FileToRefDb, PidToFileDb]) -> Files = lookup(Pid, PidToFileDb), delete(Pid, PidToFileDb), Clear = fun(File) -> - case ref_count(File, FileToRefDb, -1) of - 0 -> - case lookup(File, FileToRefDb) of - [Ref] when is_reference(Ref) -> - remove_certs(Ref, CertsDb); - _ -> ok - end, - delete(File, FileToRefDb); - _ -> + delete({file,File}, CertsDb), + try + 0 = ref_count(File, FileToRefDb, -1), + case lookup(File, FileToRefDb) of + [Ref] when is_reference(Ref) -> + remove_certs(Ref, CertsDb); + _ -> ok + end, + delete(File, FileToRefDb) + catch _:_ -> ok end end, @@ -168,6 +169,8 @@ issuer_candidate(PrevCandidateKey) -> case ets:next(Db, PrevCandidateKey) of '$end_of_table' -> no_more_candidates; + {file, _} = Key -> + issuer_candidate(Key); Key -> [Cert] = lookup(Key, Db), {Key, Cert} @@ -189,7 +192,7 @@ ref_count(Key, Db,N) -> ets:update_counter(Db,Key,N). delete(Key, Db) -> - true = ets:delete(Db, Key). + _ = ets:delete(Db, Key). lookup(Key, Db) -> case ets:lookup(Db, Key) of diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 0aed85a9ef..4c8421912b 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -978,8 +978,14 @@ init_certificates(#ssl_options{cacertfile = CACertFile, case ssl_manager:connection_init(CACertFile, Role) of {ok, CertDbRef, CacheRef} -> init_certificates(CertDbRef, CacheRef, CertFile, Role); + {error, {badmatch, _Error}} -> + Report = io_lib:format("SSL: Error ~p Initializing: ~p ~n", + [_Error, CACertFile]), + error_logger:error_report(Report), + throw(ecacertfile); {error, _Error} -> - Report = io_lib:format("SSL: Error ~p ~n",[_Error]), + Report = io_lib:format("SSL: Error ~p Initializing: ~p ~n", + [_Error, CACertFile]), error_logger:error_report(Report), throw(ecacertfile) end. @@ -996,12 +1002,18 @@ init_certificates(CertDbRef, CacheRef, CertFile, server) -> try [OwnCert] = ssl_certificate:file_to_certificats(CertFile), {ok, CertDbRef, CacheRef, OwnCert} - catch _E:_R -> - Report = io_lib:format("SSL: ~p: ~p:~p ~p~n", - [?LINE, _E,_R, erlang:get_stacktrace()]), - error_logger:error_report(Report), - throw(ecertfile) - end. + catch + _E:{badmatch, _R={error,_}} -> + Report = io_lib:format("SSL: ~p: ~p:~p ~s~n ~p~n", + [?LINE, _E,_R, CertFile, erlang:get_stacktrace()]), + error_logger:error_report(Report), + throw(ecertfile); + _E:_R -> + Report = io_lib:format("SSL: ~p: ~p:~p ~s~n ~p~n", + [?LINE, _E,_R, CertFile, erlang:get_stacktrace()]), + error_logger:error_report(Report), + throw(ecertfile) + end. init_private_key(undefined, "", _Password, client) -> undefined; @@ -1012,9 +1024,15 @@ init_private_key(undefined, KeyFile, Password, _) -> PKey =:= rsa_private_key orelse PKey =:= dsa_private_key], {ok, Decoded} = public_key:decode_private_key(Der,Password), Decoded - catch _E:_R -> - Report = io_lib:format("SSL: ~p: ~p:~p ~p~n", - [?LINE, _E,_R, erlang:get_stacktrace()]), + catch + _E:{badmatch, _R={error,_}} -> + Report = io_lib:format("SSL: ~p: ~p:~p ~s~n ~p~n", + [?LINE, _E,_R, KeyFile, erlang:get_stacktrace()]), + error_logger:error_report(Report), + throw(ekeyfile); + _E:_R -> + Report = io_lib:format("SSL: ~p: ~p:~p ~s~n ~p~n", + [?LINE, _E,_R, KeyFile, erlang:get_stacktrace()]), error_logger:error_report(Report), throw(ekeyfile) end; diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl index 6b83c2ea46..ff20ee6025 100644 --- a/lib/ssl/src/ssl_manager.erl +++ b/lib/ssl/src/ssl_manager.erl @@ -74,13 +74,11 @@ connection_init(TrustedcertsFile, Role) -> call({connection_init, TrustedcertsFile, Role}). cache_pem_file(File) -> - case ets:lookup(ssl_file_to_ref,File) of - [{_,_,Content}] -> + case ssl_certificate_db:lookup_cached_certs(File) of + [{_,Content}] -> {ok, Content}; [] -> - {ok, Db} = call({cache_pem, File}), - [{_,_,Content}] = ets:lookup(Db,File), - {ok, Content} + call({cache_pem, File}) end. %%-------------------------------------------------------------------- @@ -170,13 +168,14 @@ handle_call({{connection_init, TrustedcertsFile, _Role}, Pid}, _From, session_cache = Cache} = State) -> erlang:monitor(process, Pid), Result = - case (catch ssl_certificate_db:add_trusted_certs(Pid, - TrustedcertsFile, - Db)) of - {ok, Ref} -> - {ok, Ref, Cache}; - Error -> - {error, Error} + try + {ok, Ref} = ssl_certificate_db:add_trusted_certs(Pid, TrustedcertsFile, Db), + {ok, Ref, Cache} + catch + _:{badmatch, Error} -> + {error, Error}; + _E:_R -> + {error, {_R,erlang:get_stacktrace()}} end, {reply, Result, State}; @@ -198,7 +197,9 @@ handle_call({{cache_pem, File},Pid}, _, State = #state{certificate_db = Db}) -> try ssl_certificate_db:cache_pem_file(Pid,File,Db) of Result -> {reply, Result, State} - catch _:Reason -> + catch _:{badmatch, Reason} -> + {reply, Reason, State}; + _:Reason -> {reply, {error, Reason}, State} end; diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index 2b247532ee..79b8b6c672 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -458,7 +458,7 @@ connect_dist(Config) when is_list(Config) -> connect_dist_s(S) -> Msg = term_to_binary({erlang,term}), - ok = ssl:send(S, <<(size(Msg)):32, Msg/binary>>). + ok = ssl:send(S, Msg). connect_dist_c(S) -> Test = binary_to_list(term_to_binary({erlang,term})), -- cgit v1.2.3 From 464f2bac3b5dadd35add52fdee2ccfe8e05facd9 Mon Sep 17 00:00:00 2001 From: Dan Gudmundsson Date: Thu, 11 Feb 2010 14:46:00 +0100 Subject: Fixed ssl:setopts(Socket, binary) which was didn't work for 'new' ssl. --- lib/ssl/src/ssl.erl | 6 ++++-- lib/ssl/src/ssl_connection.erl | 3 +-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/lib/ssl/src/ssl.erl b/lib/ssl/src/ssl.erl index 306e3f5419..19ae368781 100644 --- a/lib/ssl/src/ssl.erl +++ b/lib/ssl/src/ssl.erl @@ -367,8 +367,10 @@ getopts(#sslsocket{} = Socket, Options) -> %% %% Description: %%-------------------------------------------------------------------- -setopts(#sslsocket{fd = new_ssl, pid = Pid}, Options) when is_pid(Pid) -> - ssl_connection:set_opts(Pid, Options); +setopts(#sslsocket{fd = new_ssl, pid = Pid}, Opts0) when is_pid(Pid) -> + Opts = proplists:expand([{binary, [{mode, binary}]}, + {list, [{mode, list}]}], Opts0), + ssl_connection:set_opts(Pid, Opts); setopts(#sslsocket{fd = new_ssl, pid = {ListenSocket, _}}, OptTags) -> inet:setopts(ListenSocket, OptTags); setopts(#sslsocket{} = Socket, Options) -> diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl index 4c8421912b..bbffa1e564 100644 --- a/lib/ssl/src/ssl_connection.erl +++ b/lib/ssl/src/ssl_connection.erl @@ -1061,8 +1061,7 @@ send_all_state_event(FsmPid, Event) -> gen_fsm:send_all_state_event(FsmPid, Event). sync_send_all_state_event(FsmPid, Event) -> - sync_send_all_state_event(FsmPid, Event, ?DEFAULT_TIMEOUT -). + sync_send_all_state_event(FsmPid, Event, ?DEFAULT_TIMEOUT). sync_send_all_state_event(FsmPid, Event, Timeout) -> try gen_fsm:sync_send_all_state_event(FsmPid, Event, Timeout) -- cgit v1.2.3