From 69833e8f64e900eece91f5430c2462dd584fff31 Mon Sep 17 00:00:00 2001
From: Andreas Schultz <aschultz@tpip.net>
Date: Fri, 12 Apr 2013 10:42:31 +0200
Subject: fix srp_anon ciphers suites requiring certificates to work.

This problem was not caught by the test suites since all PSK and SRP
suites where always tested with certificates. Split those tests into
test with and without certificates.
---
 lib/ssl/test/ssl_test_lib.erl | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

(limited to 'lib/ssl/test/ssl_test_lib.erl')

diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index d655d7659e..e4fedcd118 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -339,12 +339,22 @@ cert_options(Config) ->
 			{psk_identity, "HINT"},
 			{user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
 			{ciphers, psk_suites()}]},
+     {server_psk_anon, [{ssl_imp, new},{reuseaddr, true},
+			{user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
+			{ciphers, psk_anon_suites()}]},
+     {server_psk_anon_hint, [{ssl_imp, new},{reuseaddr, true},
+			     {psk_identity, "HINT"},
+			     {user_lookup_fun, {fun user_lookup/3, PskSharedSecret}},
+			     {ciphers, psk_anon_suites()}]},
      {client_srp, [{ssl_imp, new},{reuseaddr, true},
 		   {srp_identity, {"Test-User", "secret"}}]},
      {server_srp, [{ssl_imp, new},{reuseaddr, true},
 		   {certfile, ServerCertFile}, {keyfile, ServerKeyFile},
 		   {user_lookup_fun, {fun user_lookup/3, undefined}},
 		   {ciphers, srp_suites()}]},
+     {server_srp_anon, [{ssl_imp, new},{reuseaddr, true},
+			{user_lookup_fun, {fun user_lookup/3, undefined}},
+			{ciphers, srp_anon_suites()}]},
      {server_verification_opts, [{ssl_imp, new},{reuseaddr, true}, 
 		    {cacertfile, ServerCaCertFile},
 		    {certfile, ServerCertFile}, {keyfile, ServerKeyFile}]},
@@ -711,6 +721,12 @@ anonymous_suites() ->
      {dh_anon, aes_256_cbc, sha}].
 
 psk_suites() ->
+    [{rsa_psk, rc4_128, sha},
+     {rsa_psk, '3des_ede_cbc', sha},
+     {rsa_psk, aes_128_cbc, sha},
+     {rsa_psk, aes_256_cbc, sha}].
+
+psk_anon_suites() ->
     [{psk, rc4_128, sha},
      {psk, '3des_ede_cbc', sha},
      {psk, aes_128_cbc, sha},
@@ -718,20 +734,18 @@ psk_suites() ->
      {dhe_psk, rc4_128, sha},
      {dhe_psk, '3des_ede_cbc', sha},
      {dhe_psk, aes_128_cbc, sha},
-     {dhe_psk, aes_256_cbc, sha},
-     {rsa_psk, rc4_128, sha},
-     {rsa_psk, '3des_ede_cbc', sha},
-     {rsa_psk, aes_128_cbc, sha},
-     {rsa_psk, aes_256_cbc, sha}].
+     {dhe_psk, aes_256_cbc, sha}].
 
 srp_suites() ->
-    [{srp_anon, '3des_ede_cbc', sha},
-     {srp_rsa, '3des_ede_cbc', sha},
-     {srp_anon, aes_128_cbc, sha},
+    [{srp_rsa, '3des_ede_cbc', sha},
      {srp_rsa, aes_128_cbc, sha},
-     {srp_anon, aes_256_cbc, sha},
      {srp_rsa, aes_256_cbc, sha}].
 
+srp_anon_suites() ->
+    [{srp_anon, '3des_ede_cbc', sha},
+     {srp_anon, aes_128_cbc, sha},
+     {srp_anon, aes_256_cbc, sha}].
+
 srp_dss_suites() ->
     [{srp_dss, '3des_ede_cbc', sha},
      {srp_dss, aes_128_cbc, sha},
-- 
cgit v1.2.3