From 7fa4c654f29a3231f707dcac7fffdf60140cf1b3 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Tue, 15 Jan 2013 11:32:19 +0100
Subject: ssl: Certificates and PEM-cache cleaning fixed to avoid memory leak

Certificate db cleaning messages where sent to the wrong process after
restructuring to avoid bottlenecks.

It is possible that the ssl manager process gets two cleaning messages
for the same entry. E.i. first cleaning message is sent and before it
is processed a new reference is allocated  and again released for the
entry, generating a second cleaning message.

Also in ssl_manger:handle_info/2 it is possible that there exists a
new reference to an "old" file name with a potential new content.
---
 lib/ssl/test/ssl_basic_SUITE.erl | 51 ++++++++++++++++++++++++++++++++++++++--
 1 file changed, 49 insertions(+), 2 deletions(-)

(limited to 'lib/ssl/test')

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 5ba71f9218..a313380ece 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -84,7 +84,8 @@ basic_tests() ->
      alerts,
      send_close,
      connect_twice,
-     connect_dist
+     connect_dist,
+     clear_pem_cache
     ].
 
 options_tests() ->
@@ -535,6 +536,33 @@ connect_dist(Config) when is_list(Config) ->
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client).
 
+%%--------------------------------------------------------------------
+
+clear_pem_cache() ->
+    [{doc,"Test that internal reference tabel is cleaned properly even when "
+     " the PEM cache is cleared" }].
+clear_pem_cache(Config) when is_list(Config) -> 
+    {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)),
+    [_, _,_, _, Prop] = StatusInfo,
+    State = ssl_test_lib:state(Prop),
+    [_,FilRefDb, _] = element(5, State),
+    {Server, Client} = basic_verify_test_no_close(Config),
+    2 = ets:info(FilRefDb, size), 
+    ssl:clear_pem_cache(),
+    _ = sys:get_status(whereis(ssl_manager)),
+    {Server1, Client1} = basic_verify_test_no_close(Config),
+    4 = ets:info(FilRefDb, size), 
+    ssl_test_lib:close(Server),
+    ssl_test_lib:close(Client),
+    ct:sleep(5000),
+    _ = sys:get_status(whereis(ssl_manager)),
+    2 = ets:info(FilRefDb, size),
+    ssl_test_lib:close(Server1),
+    ssl_test_lib:close(Client1),
+    ct:sleep(5000),
+    _ = sys:get_status(whereis(ssl_manager)),
+    0 = ets:info(FilRefDb, size).
+
 %%--------------------------------------------------------------------
 peername() ->
     [{doc,"Test API function peername/1"}].
@@ -2641,6 +2669,26 @@ tcp_send_recv_result(Socket) ->
     {ok,"Hello world"} = gen_tcp:recv(Socket, 11),
     ok.
 
+basic_verify_test_no_close(Config) ->
+    ClientOpts = ?config(client_verification_opts, Config),
+    ServerOpts = ?config(server_verification_opts, Config),
+
+    {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
+
+    Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+					{from, self()},
+					{mfa, {ssl_test_lib, send_recv_result_active, []}},
+					{options, ServerOpts}]),
+    Port = ssl_test_lib:inet_port(Server),
+    Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+					{host, Hostname},
+					{from, self()},
+					{mfa, {ssl_test_lib, send_recv_result_active, []}},
+					{options, ClientOpts}]),
+
+    ssl_test_lib:check_result(Server, ok, Client, ok),
+    {Server, Client}.
+
 basic_test(Config) ->
     ClientOpts = ?config(client_opts, Config),
     ServerOpts = ?config(server_opts, Config),
@@ -2659,7 +2707,6 @@ basic_test(Config) ->
 					{options, ClientOpts}]),
 
     ssl_test_lib:check_result(Server, ok, Client, ok),
-
     ssl_test_lib:close(Server),
     ssl_test_lib:close(Client).
 
-- 
cgit v1.2.3