Fixed bug file cache bug and improved the error messages.

uwiger · Feb 12, 2010 · a39cf4a · a39cf4a
1 parent 590a061
commit a39cf4a
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 43 deletions.
diff --git a/lib/ssl/src/ssl_certificate_db.erl b/lib/ssl/src/ssl_certificate_db.erl
@@ -27,7 +27,7 @@
 
 -export([create/0, remove/1, add_trusted_certs/3, 
 	 remove_trusted_certs/2, lookup_trusted_cert/3, issuer_candidate/1,
-	 cache_pem_file/3]).
+	 lookup_cached_certs/1, cache_pem_file/3]).
 
 %%====================================================================
 %% Internal application API
@@ -74,6 +74,9 @@ lookup_trusted_cert(Ref, SerialNumber, Issuer) ->
 	    {ok, Certs}
     end.
 
+lookup_cached_certs(File) ->
+    ets:lookup(certificate_db_name(), {file, File}).
+
 %%--------------------------------------------------------------------
 %% Function: add_trusted_certs(Pid, File, Db) -> {ok, Ref}
 %% Pid = pid() 
@@ -90,7 +93,7 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) ->
 	      undefined ->
 		  NewRef = make_ref(),
 		  add_certs_from_file(File, NewRef, CertsDb),
-		  insert(File, NewRef, 1, FileToRefDb),	     
+		  insert(File, NewRef, 1, FileToRefDb),
 		  NewRef;
 	      [OldRef] ->
 		  ref_count(File,FileToRefDb,1),
@@ -104,14 +107,11 @@ add_trusted_certs(Pid, File, [CertsDb, FileToRefDb, PidToFileDb]) ->
 %%
 %% Description: Cache file as binary in DB
 %%--------------------------------------------------------------------
-cache_pem_file(Pid, File, [_CertsDb, FileToRefDb, PidToFileDb]) ->
-    try ref_count(File, FileToRefDb,1)
-    catch _:_ -> 
-	    {ok, Content} = public_key:pem_to_der(File),
-	    insert(File,Content,1,FileToRefDb)
-    end,
+cache_pem_file(Pid, File, [CertsDb, _FileToRefDb, PidToFileDb]) ->
+    Res = {ok, Content} = public_key:pem_to_der(File),
+    insert({file, File}, Content, CertsDb),
     insert(Pid, File, PidToFileDb),
-    {ok, FileToRefDb}.
+    Res.
 
 %%--------------------------------------------------------------------
 %% Function: remove_trusted_certs(Pid, Db) -> _ 
@@ -123,15 +123,16 @@ remove_trusted_certs(Pid, [CertsDb, FileToRefDb, PidToFileDb]) ->
     Files = lookup(Pid, PidToFileDb),
     delete(Pid, PidToFileDb),
     Clear = fun(File) ->
-		    case ref_count(File, FileToRefDb, -1) of
-			0 -> 
-			    case lookup(File, FileToRefDb) of
-				[Ref] when is_reference(Ref) ->
-				    remove_certs(Ref, CertsDb);
-				_ -> ok
-			    end,
-			    delete(File, FileToRefDb);
-			_ ->
+		    delete({file,File}, CertsDb),
+		    try
+			0 = ref_count(File, FileToRefDb, -1),
+			case lookup(File, FileToRefDb) of
+			    [Ref] when is_reference(Ref) ->
+				remove_certs(Ref, CertsDb);
+			    _ -> ok
+			end,
+			delete(File, FileToRefDb)
+		    catch _:_ ->
 			    ok
 		    end
 	    end,
@@ -168,6 +169,8 @@ issuer_candidate(PrevCandidateKey) ->
     case ets:next(Db, PrevCandidateKey) of
  	'$end_of_table' ->
  	    no_more_candidates;
+	{file, _} = Key ->
+	    issuer_candidate(Key);
  	Key ->
 	    [Cert] = lookup(Key, Db),
  	    {Key, Cert}
@@ -189,7 +192,7 @@ ref_count(Key, Db,N) ->
     ets:update_counter(Db,Key,N).
 
 delete(Key, Db) ->
-    true = ets:delete(Db, Key).
+    _ = ets:delete(Db, Key).
 
 lookup(Key, Db) ->
     case ets:lookup(Db, Key) of

diff --git a/lib/ssl/src/ssl_connection.erl b/lib/ssl/src/ssl_connection.erl
@@ -978,8 +978,14 @@ init_certificates(#ssl_options{cacertfile = CACertFile,
     case ssl_manager:connection_init(CACertFile, Role) of
 	{ok, CertDbRef, CacheRef} ->
 	    init_certificates(CertDbRef, CacheRef, CertFile, Role);
+	{error, {badmatch, _Error}} ->
+	    Report = io_lib:format("SSL: Error ~p Initializing: ~p ~n",
+				   [_Error, CACertFile]),
+	    error_logger:error_report(Report),
+	    throw(ecacertfile);
 	{error, _Error} ->
-	    Report = io_lib:format("SSL: Error ~p ~n",[_Error]),
+	    Report = io_lib:format("SSL: Error ~p Initializing: ~p ~n",
+				   [_Error, CACertFile]),
 	    error_logger:error_report(Report),
 	    throw(ecacertfile)
     end.
@@ -996,12 +1002,18 @@ init_certificates(CertDbRef, CacheRef, CertFile, server) ->
      try 
 	[OwnCert] = ssl_certificate:file_to_certificats(CertFile),
 	{ok, CertDbRef, CacheRef, OwnCert}
-    catch _E:_R  ->
-	    Report = io_lib:format("SSL: ~p: ~p:~p ~p~n",
-				   [?LINE, _E,_R, erlang:get_stacktrace()]),
-	    error_logger:error_report(Report),
-	    throw(ecertfile)
-    end.
+     catch
+	 _E:{badmatch, _R={error,_}} ->
+	     Report = io_lib:format("SSL: ~p: ~p:~p ~s~n  ~p~n",
+				    [?LINE, _E,_R, CertFile, erlang:get_stacktrace()]),
+	     error_logger:error_report(Report),
+	     throw(ecertfile);
+	 _E:_R  ->
+	     Report = io_lib:format("SSL: ~p: ~p:~p ~s~n  ~p~n",
+				    [?LINE, _E,_R, CertFile, erlang:get_stacktrace()]),
+	     error_logger:error_report(Report),
+	     throw(ecertfile)
+     end.
 
 init_private_key(undefined, "", _Password, client) -> 
     undefined;
@@ -1012,9 +1024,15 @@ init_private_key(undefined, KeyFile, Password, _)  ->
 			PKey =:= rsa_private_key orelse PKey =:= dsa_private_key],
 	{ok, Decoded} = public_key:decode_private_key(Der,Password),
 	Decoded
-    catch _E:_R ->
-	    Report = io_lib:format("SSL: ~p: ~p:~p ~p~n",
-				   [?LINE, _E,_R, erlang:get_stacktrace()]),
+    catch
+	_E:{badmatch, _R={error,_}} ->
+	    Report = io_lib:format("SSL: ~p: ~p:~p ~s~n  ~p~n",
+				   [?LINE, _E,_R, KeyFile, erlang:get_stacktrace()]),
+	    error_logger:error_report(Report),
+	    throw(ekeyfile);
+	_E:_R ->
+	    Report = io_lib:format("SSL: ~p: ~p:~p ~s~n  ~p~n",
+				   [?LINE, _E,_R, KeyFile, erlang:get_stacktrace()]),
 	    error_logger:error_report(Report),
 	    throw(ekeyfile)
     end;

diff --git a/lib/ssl/src/ssl_manager.erl b/lib/ssl/src/ssl_manager.erl
@@ -74,13 +74,11 @@ connection_init(TrustedcertsFile, Role) ->
     call({connection_init, TrustedcertsFile, Role}).
 
 cache_pem_file(File) ->   
-    case ets:lookup(ssl_file_to_ref,File) of
-	[{_,_,Content}] -> 
+    case ssl_certificate_db:lookup_cached_certs(File) of
+	[{_,Content}] ->
 	    {ok, Content};
 	[] ->
-	    {ok, Db} = call({cache_pem, File}),
-	    [{_,_,Content}] = ets:lookup(Db,File),
-	    {ok, Content}
+	    call({cache_pem, File})
     end.
 
 %%--------------------------------------------------------------------
@@ -170,13 +168,14 @@ handle_call({{connection_init, TrustedcertsFile, _Role}, Pid}, _From,
 		   session_cache = Cache} = State) ->
     erlang:monitor(process, Pid),
     Result = 
-	case (catch ssl_certificate_db:add_trusted_certs(Pid, 
-							 TrustedcertsFile, 
-							 Db)) of
-	    {ok, Ref} ->
-		{ok, Ref, Cache};
-	    Error ->
-		{error, Error}
+	try
+	    {ok, Ref} = ssl_certificate_db:add_trusted_certs(Pid, TrustedcertsFile, Db),
+	    {ok, Ref, Cache}
+	catch
+	    _:{badmatch, Error} ->
+		{error, Error};
+	    _E:_R ->
+		{error, {_R,erlang:get_stacktrace()}}
 	end,
     {reply, Result, State};
 
@@ -198,7 +197,9 @@ handle_call({{cache_pem, File},Pid}, _, State = #state{certificate_db = Db}) ->
     try ssl_certificate_db:cache_pem_file(Pid,File,Db) of
 	Result ->
 	    {reply, Result, State}
-    catch _:Reason ->
+    catch _:{badmatch, Reason} ->
+	    {reply, Reason, State};
+	  _:Reason ->
 	    {reply, {error, Reason}, State}
     end;
 

diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -458,7 +458,7 @@ connect_dist(Config) when is_list(Config) ->
 
 connect_dist_s(S) ->
     Msg = term_to_binary({erlang,term}),
-    ok = ssl:send(S, <<(size(Msg)):32, Msg/binary>>).
+    ok = ssl:send(S, Msg).
 
 connect_dist_c(S) ->
     Test = binary_to_list(term_to_binary({erlang,term})),