bosky101 · December 18, 2015 20:59
diff --git a/test_ssl.erl b/test_ssl.erl
 -module(test_ssl).
 -author('Bhasker Kode').
 -compile([export_all]).
 
 -define(USE_ACCEPT_TIMEOUT,false). %% ssl:ssl_accept is passed a timeout
 -define(USE_VERIFY_PEER,false).   %% ssl:listen is passed {verify,verify_peer}
 
 %% R15B02 => Works  with/without ?USE_VERIFY_PEER      Fails when         ?USE_SSL_TIMEOUT 
 %% R15B03 => Works  with/without ?USE_VERIFY_PEER      Fails when         ?USE_SSL_TIMEOUT
 %% R16A   => Fails* with/without ?USE_VERIFY_PEER      Fails with/without ?USE_SSL_TIMEOUT
 %% R16B   => Fails* with/without ?USE_VERIFY_PEER      Fails with/without ?USE_SSL_TIMEOUT
 %% R16B01 => Fails* with/without ?USE_VERIFY_PEER      Fails with/without ?USE_SSL_TIMEOUT
 %% where [*] is, Chrome gives "Error 141 (net::ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED): Unknown error."

 %% Tested on Ubuntu 11.04
 %% Tested similiar results, with openssl versions
 %%  OpenSSL 0.9.8o 01 Jun 2010 through
 %%  OpenSSL 1.0.1e 11 Feb 2013
 
 -define(PORT,8443).
 -define(home,os:getenv("KEYS_HOME")).
 -define(CERT,?home++"/certificate.crt").
 -define(KEY ,?home++"/privatekey.pem").
 -define(CA  ,?home++"/ca.crt").

 %% Choose your preferred paradigm
 %% ssl:recv or a receive block
 -define(USE_SSL_RECV,false). 
 %%%-------------------------------------------------------------------
 %%% SSL SERVER
 %%%-------------------------------------------------------------------
 
 init()->
    application:start(crypto),
    application:start(asn1), %% Required
    application:start(public_key),
    application:start(ssl).
 
 start()->
    init(),
    ?MODULE:start(?PORT).
 
 start(Port)->
  ToggleOpts = case ?USE_VERIFY_PEER of 
  	true -> [{verify, verify_peer}];
 		false -> []
 	end,
    spawn(fun()->
 		  {ok,TlsSocket} =
 		      ssl:listen(Port,
 				 ToggleOpts ++ 
 				     [
 				      {active, false},
 				      {certfile,?CERT},{keyfile,?KEY},{cacertfile,?CA},
 				      {mode,binary}

 				      %% The following had no effect
 				      %% ,{exit_on_close, false}
 				      %% ,{fail_if_no_peer_cert,false}
 				      %% ,{reuseaddr, true}
 				      %% ,{verify_fun,{fun verify_peer/3,[]}},{depth,3}
 						   
 			     ]),
 		   io:format("~n ~p listening on ~w use_verify_peer:~p use_accept_timeout:~p~n",
 			     [self(),Port,?USE_VERIFY_PEER,?USE_ACCEPT_TIMEOUT]),
 		   server_loop(TlsSocket)
 	   end).
 
 server_loop(Socket)->
    {ok,NextSocket} = ssl:transport_accept(Socket),
    spawn(fun()->
 		  ssl_accept(NextSocket)
 	  end),
    server_loop(Socket).
 
 ssl_accept(Socket)->
    io:format("~nNew connection",[]),
    Accept = case ?USE_ACCEPT_TIMEOUT of 
 		 true ->
 		     io:format("~nUsing ssl_accept timeout"),
 		     ssl:ssl_accept(Socket,1000);
 		 _ ->
 		     ssl:ssl_accept(Socket)
 	     end,
    case catch Accept of
 	ok ->
 	    case ?USE_SSL_RECV of
 		true ->
 		    %%Use ssl:recv
 		    spawn(fun() -> sslrecv(Socket) end);
 		_ ->
 	    	%% Use receive block
 		    _Controller = spawn(fun() -> loopdata(Socket) end),
 		    %% Note to self: Rightly wont work without passing on control
 		    ssl:controlling_process(Socket,_Controller),
 		    _Controller
 	    end;
 	AcceptErr ->
 	    Msg = ssl:format_error(AcceptErr),
 	    error_logger:error_msg(Msg), %% [*]"TLS connection is closed" on R16+*
 	    io:format("~nssl socket info ~p",[ssl:connection_info(Socket)]) %% [*}"{error,closed}" on R16+
    end.
 
 loopdata(Socket)->
    ssl:setopts(Socket,[{active,once}]),
    io:format("~nloopdata Accepted! Ready to receive data",[]),
    receive 
 	{ssl_closed,_S} ->
 	    io:format("~nSocket closed."),
            ok;
 	{ssl,_,Data} ->
 	    format(Socket,Data),
            loopdata(Socket)
    end.
 	    
    
 % Echo back whatever data we receive on Socket.
 sslrecv(Socket) ->
    io:format("~nsslrecv Accepted! Ready to receive data",[]),
    case ssl:recv(Socket, 0) of
        {ok, Data} ->
 	    format(Socket,Data),
            sslrecv(Socket);
        {error, closed} ->
 	    io:format("~nSocket closed."),
            ok
    end.
 
 format(Socket,Data)->
    io:format("~nSocket received data...~n~p~n", [Data]),
    ssl:send(Socket,<<"{\"ok\":true}">>),
    ssl:close(Socket).
 
 %%%-------------------------------------------------------------------
 %%% SSL CLIENT to the above server
 %%%-------------------------------------------------------------------
 
 client(Host)->
    HostBin = it_utils:atob(Host),
    PortBin = it_utils:itob(?PORT),
    client(Host,?PORT,<<"GET / HTTP/1.1\r\nHost: ",HostBin/binary,":",PortBin/binary," \r\n">>).
 
 client(Host,Port,Data)->
    {ok,Socket} = ssl:connect(Host,Port,[{mode,binary}]),
    ssl:send(Socket,Data),
    client_loop(<<>>).
 
 client_loop(Data)->
    receive
 	{ssl_closed,_}->
 	    io:format("~nclient got back ~n",[]),
 	    Data;
 	{ssl,_,Chunk} ->
 	    client_loop(<<Data/binary,Chunk/binary>>)
    after 5000 ->
 	    io:format("client timed out",[])
    end.
	-module(test_ssl).
	-author('Bhasker Kode').
	-compile([export_all]).

	-define(USE_ACCEPT_TIMEOUT,false). %% ssl:ssl_accept is passed a timeout
	-define(USE_VERIFY_PEER,false). %% ssl:listen is passed {verify,verify_peer}

	%% R15B02 => Works with/without ?USE_VERIFY_PEER Fails when ?USE_SSL_TIMEOUT
	%% R15B03 => Works with/without ?USE_VERIFY_PEER Fails when ?USE_SSL_TIMEOUT
	%% R16A => Fails* with/without ?USE_VERIFY_PEER Fails with/without ?USE_SSL_TIMEOUT
	%% R16B => Fails* with/without ?USE_VERIFY_PEER Fails with/without ?USE_SSL_TIMEOUT
	%% R16B01 => Fails* with/without ?USE_VERIFY_PEER Fails with/without ?USE_SSL_TIMEOUT
	%% where [*] is, Chrome gives "Error 141 (net::ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED): Unknown error."

	%% Tested on Ubuntu 11.04
	%% Tested similiar results, with openssl versions
	%% OpenSSL 0.9.8o 01 Jun 2010 through
	%% OpenSSL 1.0.1e 11 Feb 2013

	-define(PORT,8443).
	-define(home,os:getenv("KEYS_HOME")).
	-define(CERT,?home++"/certificate.crt").
	-define(KEY ,?home++"/privatekey.pem").
	-define(CA ,?home++"/ca.crt").

	%% Choose your preferred paradigm
	%% ssl:recv or a receive block
	-define(USE_SSL_RECV,false).
	%%%-------------------------------------------------------------------
	%%% SSL SERVER
	%%%-------------------------------------------------------------------

	init()->
	application:start(crypto),
	application:start(asn1), %% Required
	application:start(public_key),
	application:start(ssl).

	start()->
	init(),
	?MODULE:start(?PORT).

	start(Port)->
	ToggleOpts = case ?USE_VERIFY_PEER of
	true -> [{verify, verify_peer}];
	false -> []
	end,
	spawn(fun()->
	{ok,TlsSocket} =
	ssl:listen(Port,
	ToggleOpts ++
	[
	{active, false},
	{certfile,?CERT},{keyfile,?KEY},{cacertfile,?CA},
	{mode,binary}

	%% The following had no effect
	%% ,{exit_on_close, false}
	%% ,{fail_if_no_peer_cert,false}
	%% ,{reuseaddr, true}
	%% ,{verify_fun,{fun verify_peer/3,[]}},{depth,3}

	]),
	io:format("~n ~p listening on ~w use_verify_peer:~p use_accept_timeout:~p~n",
	[self(),Port,?USE_VERIFY_PEER,?USE_ACCEPT_TIMEOUT]),
	server_loop(TlsSocket)
	end).

	server_loop(Socket)->
	{ok,NextSocket} = ssl:transport_accept(Socket),
	spawn(fun()->
	ssl_accept(NextSocket)
	end),
	server_loop(Socket).

	ssl_accept(Socket)->
	io:format("~nNew connection",[]),
	Accept = case ?USE_ACCEPT_TIMEOUT of
	true ->
	io:format("~nUsing ssl_accept timeout"),
	ssl:ssl_accept(Socket,1000);
	_ ->
	ssl:ssl_accept(Socket)
	end,
	case catch Accept of
	ok ->
	case ?USE_SSL_RECV of
	true ->
	%%Use ssl:recv
	spawn(fun() -> sslrecv(Socket) end);
	_ ->
	%% Use receive block
	_Controller = spawn(fun() -> loopdata(Socket) end),
	%% Note to self: Rightly wont work without passing on control
	ssl:controlling_process(Socket,_Controller),
	_Controller
	end;
	AcceptErr ->
	Msg = ssl:format_error(AcceptErr),
	error_logger:error_msg(Msg), %% []"TLS connection is closed" on R16+
	io:format("~nssl socket info ~p",[ssl:connection_info(Socket)]) %% [*}"{error,closed}" on R16+
	end.

	loopdata(Socket)->
	ssl:setopts(Socket,[{active,once}]),
	io:format("~nloopdata Accepted! Ready to receive data",[]),
	receive
	{ssl_closed,_S} ->
	io:format("~nSocket closed."),
	ok;
	{ssl,_,Data} ->
	format(Socket,Data),
	loopdata(Socket)
	end.


	% Echo back whatever data we receive on Socket.
	sslrecv(Socket) ->
	io:format("~nsslrecv Accepted! Ready to receive data",[]),
	case ssl:recv(Socket, 0) of
	{ok, Data} ->
	format(Socket,Data),
	sslrecv(Socket);
	{error, closed} ->
	io:format("~nSocket closed."),
	ok
	end.

	format(Socket,Data)->
	io:format("~nSocket received data...~n~p~n", [Data]),
	ssl:send(Socket,<<"{\"ok\":true}">>),
	ssl:close(Socket).

	%%%-------------------------------------------------------------------
	%%% SSL CLIENT to the above server
	%%%-------------------------------------------------------------------

	client(Host)->
	HostBin = it_utils:atob(Host),
	PortBin = it_utils:itob(?PORT),
	client(Host,?PORT,<<"GET / HTTP/1.1\r\nHost: ",HostBin/binary,":",PortBin/binary," \r\n">>).

	client(Host,Port,Data)->
	{ok,Socket} = ssl:connect(Host,Port,[{mode,binary}]),
	ssl:send(Socket,Data),
	client_loop(<<>>).

	client_loop(Data)->
	receive
	{ssl_closed,_}->
	io:format("~nclient got back ~n",[]),
	Data;
	{ssl,_,Chunk} ->
	client_loop(<<Data/binary,Chunk/binary>>)
	after 5000 ->
	io:format("client timed out",[])
	end.