From a06549fbe59333347232c56093791c0075fcd150 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Fri, 6 Jul 2018 11:14:25 +0200 Subject: ssl: Improve error handling When doing ssl:controlling_process on a ssl socket that has not performed the TLS/DTLS handshake that call will succeed even though the documentation stated otherwise. However if some other ssl option was incorrect the call would hang. Now {error, closed} will be returned in the latter case, which is logical independent on if it should succeed or not in the former case. The former case will continue to succeed, as it is not dependent of the TLS/DTLS connection being established, and the documentation is altered slightly to not explicitly disallow it. If the TLS/DTLS connection later fails and the socket mode is active, the new controlling process will be notified as expected. --- lib/ssl/test/ssl_basic_SUITE.erl | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) (limited to 'lib/ssl/test/ssl_basic_SUITE.erl') diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index e525ed138e..c63a6dbacc 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -242,7 +242,8 @@ error_handling_tests()-> [close_transport_accept, recv_active, recv_active_once, - recv_error_handling + recv_error_handling, + call_in_error_state ]. error_handling_tests_tls()-> @@ -4000,6 +4001,37 @@ recv_error_handling(Config) when is_list(Config) -> ssl:close(SslSocket), ssl_test_lib:check_result(Server, ok). + + +%%-------------------------------------------------------------------- +call_in_error_state() -> + [{doc,"Special case of call error handling"}]. +call_in_error_state(Config) when is_list(Config) -> + ServerOpts0 = ssl_test_lib:ssl_options(server_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_opts, Config), + ServerOpts = [{cacertfile, "foo.pem"} | proplists:delete(cacertfile, ServerOpts0)], + Pid = spawn_link(?MODULE, run_error_server, [[self() | ServerOpts]]), + receive + {Pid, Port} -> + spawn_link(?MODULE, run_client_error, [[Port, ClientOpts]]) + end, + receive + {error, closed} -> + ok; + Other -> + ct:fail(Other) + end. + +run_client_error([Port, Opts]) -> + ssl:connect("localhost", Port, Opts). + +run_error_server([ Pid | Opts]) -> + {ok, Listen} = ssl:listen(0, Opts), + {ok,{_, Port}} = ssl:sockname(Listen), + Pid ! {self(), Port}, + {ok, Socket} = ssl:transport_accept(Listen), + Pid ! ssl:controlling_process(Socket, self()). + %%-------------------------------------------------------------------- rizzo() -> -- cgit v1.2.3 From 8c757080aa5e4df486f9d7091878cf493ec74bc9 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Tue, 10 Jul 2018 18:09:02 +0200 Subject: ssl: Make sure tls_ssl_accept_timeout has a clean start --- lib/ssl/test/ssl_basic_SUITE.erl | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lib/ssl/test/ssl_basic_SUITE.erl') diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl index c63a6dbacc..0381d0d87d 100644 --- a/lib/ssl/test/ssl_basic_SUITE.erl +++ b/lib/ssl/test/ssl_basic_SUITE.erl @@ -476,6 +476,8 @@ init_per_testcase(TestCase, Config) when TestCase == tls_ssl_accept_timeout; TestCase == tls_client_closes_socket; TestCase == tls_closed_in_active_once; TestCase == tls_downgrade -> + ssl:stop(), + ssl:start(), ssl_test_lib:ct_log_supported_protocol_versions(Config), ct:timetrap({seconds, 15}), Config; -- cgit v1.2.3