Skip to content

Commit

Permalink
Merge branch 'dgud/ssl/test-version-cuddling' into maint
Browse files Browse the repository at this point in the history 
* dgud/ssl/test-version-cuddling:
  ssl test cuddle
  • Loading branch information
@dgud
dgud committed Nov 2, 2022
2 parents 693eb74 + e39b40c commit 19bce3c
Show file tree
Hide file tree
Showing 17 changed files with 243 additions and 344 deletions.
28 changes: 11 additions & 17 deletions lib/ssl/test/openssl_ECC_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,26 +60,22 @@ groups() ->
false ->
[{'tlsv1.2', [], [mix_sign]}]
end.

init_per_suite(Config0) ->
end_per_suite(Config0),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
case ssl_test_lib:sufficient_crypto_support(cipher_ec) of
case ssl_test_lib:init_per_suite(Config0, openssl) of
{skip, _} = Skip ->
Skip;
Config ->
case ssl_test_lib:sufficient_crypto_support(cipher_ec) of
true ->
Config0;
Config;
false ->
{skip, "Openssl does not support ECC"}
end
catch _:_ ->
{skip, "Crypto did not start"}
end.

end_per_suite(_Config) ->
application:stop(ssl),
application:stop(crypto),
ssl_test_lib:kill_openssl().
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(GroupName, Config) ->
ssl_test_lib:init_per_group_openssl(GroupName, Config).
Expand All @@ -90,15 +86,13 @@ end_per_group(GroupName, Config) ->
init_per_testcase(skip, Config) ->
Config;
init_per_testcase(TestCase, Config) ->
ssl_test_lib:ct_log_supported_protocol_versions(Config),
Version = proplists:get_value(tls_version, Config),
ct:log("Ciphers: ~p~n ", [ssl:cipher_suites(default, Version)]),
end_per_testcase(TestCase, Config),
ssl:start(),
ssl_test_lib:ct_log_supported_protocol_versions(Config),
ct:timetrap({seconds, 30}),
Config.

end_per_testcase(_TestCase, Config) ->
end_per_testcase(_TestCase, Config) ->
application:stop(ssl),
Config.

Expand Down
42 changes: 14 additions & 28 deletions lib/ssl/test/openssl_alpn_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,30 +116,16 @@ rengotiation_tests() ->
].

init_per_suite(Config0) ->
case os:find_executable("openssl") of
Config1 = ssl_test_lib:init_per_suite(Config0, openssl),
case check_openssl_alpn_support(Config1) of
false ->
{skip, "Openssl not found"};
_ ->
case check_openssl_alpn_support(Config0) of
false ->
{skip, "No ALPN support"};
true ->
ct:pal("Version: ~p", [os:cmd("openssl version")]),
catch crypto:stop(),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
ssl_test_lib:make_rsa_cert(Config0)
catch _:_ ->
{skip, "Crypto did not start"}
end
end
{skip, "No ALPN support"};
true ->
ssl_test_lib:make_rsa_cert(Config1)
end.

end_per_suite(_Config) ->
ssl:stop(),
application:stop(crypto),
ssl_test_lib:kill_openssl().
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(GroupName, Config) ->
ssl_test_lib:init_per_group_openssl(GroupName, Config).
Expand All @@ -163,9 +149,9 @@ special_init(TestCase, Config) when TestCase == erlang_client_alpn_openssl_serve
special_init(TestCase, Config) when TestCase == erlang_client_alpn_npn_openssl_server_alpn_npn;
TestCase == erlang_server_alpn_npn_openssl_client_alpn_npn ->
case ssl_test_lib:check_openssl_npn_support(Config) of
{skip, _} = Skip ->
Skip;
Config ->
false ->
{skip, "npn not supported"};
true ->
Config
end;
special_init(_, Config) ->
Expand Down Expand Up @@ -427,8 +413,8 @@ erlang_client_alpn_npn_openssl_server_alpn_npn(Config) when is_list(Config) ->
return_socket],
[{client_opts,
[{alpn_advertised_protocols, [AlpnProtocol]},
{next_protocols_advertised,
[<<"spdy/3">>, <<"http/1.1">>]}]} | ClientOpts] ++ Config),
{client_preferred_next_protocols,
{client, [<<"spdy/3">>, <<"http/1.1">>]}}]} | ClientOpts] ++ Config),
case ssl:negotiated_protocol(CSocket) of
{ok, AlpnProtocol} ->
ok;
Expand Down Expand Up @@ -474,8 +460,8 @@ erlang_server_alpn_npn_openssl_client_alpn_npn(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
%% Internal functions -----------------------------------------------
%%--------------------------------------------------------------------
check_openssl_alpn_support(_Config) ->
case ssl_test_lib:portable_cmd("openssl", ["version"]) of
check_openssl_alpn_support(Config) ->
case proplists:get_value(openssl_version, Config) of
"OpenSSL 1.0." ++ _ = Str->
SubStr = Str -- "OpenSSL 1.0.",
atleast(SubStr, 2);
Expand Down
31 changes: 11 additions & 20 deletions lib/ssl/test/openssl_cipher_suite_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -95,13 +95,8 @@
%% Common Test interface functions -----------------------------------
%%--------------------------------------------------------------------
all() ->
case ssl_test_lib:working_openssl_client() of
true ->
[{group, openssl_server},
{group, openssl_client}];
false ->
[{group, openssl_server}]
end.
[{group, openssl_server},
{group, openssl_client}].

all_protocol_groups() ->
[
Expand Down Expand Up @@ -260,22 +255,18 @@ anonymous() ->
].

init_per_suite(Config) ->
catch crypto:stop(),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
Config
catch _:_ ->
{skip, "Crypto did not start"}
end.
ssl_test_lib:init_per_suite(Config, openssl).

end_per_suite(_Config) ->
ssl:stop(),
application:stop(crypto),
ssl_test_lib:kill_openssl().
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

%%--------------------------------------------------------------------
init_per_group(GroupName, Config) ->
case ssl_test_lib:working_openssl_client(Config) of
false when GroupName =:= openssl_client ->
throw({skip, "Ignore non-working openssl_client"});
_ -> ok
end,
case ssl_test_lib:is_protocol_version(GroupName) of
true ->
ssl_test_lib:init_per_group_openssl(GroupName, Config);
Expand Down Expand Up @@ -388,7 +379,7 @@ init_per_testcase(TestCase, Config) when TestCase == psk_3des_ede_cbc;
SupCiphers = proplists:get_value(ciphers, crypto:supports()),
case lists:member(des_ede3_cbc, SupCiphers) of
true ->
ct:timetrap({seconds, ?DEFAULT_TIMEOUT}),
ct:timetrap(?DEFAULT_TIMEOUT),
Config;
_ ->
{skip, "Missing 3DES crypto support"}
Expand Down
24 changes: 7 additions & 17 deletions lib/ssl/test/openssl_client_cert_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -148,25 +148,15 @@ all_version_tests() ->
missing_root_cert_no_auth
].

init_per_suite(Config) ->
catch crypto:stop(),
try crypto:start() of
ok ->
case ssl_test_lib:working_openssl_client() of
true ->
ssl_test_lib:clean_start(),
Config;
false ->
{skip, "Broken OpenSSL s_client"}
end
catch _:_ ->
{skip, "Crypto did not start"}
init_per_suite(Config0) ->
Config = ssl_test_lib:init_per_suite(Config0, openssl),
case ssl_test_lib:working_openssl_client(Config) of
true -> Config;
false -> throw({skip, "Broken OpenSSL s_client"})
end.

end_per_suite(_Config) ->
ssl:stop(),
application:unload(ssl),
application:stop(crypto).
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(openssl_client, Config) ->
[{client_type, openssl}, {server_type, erlang} | Config];
Expand Down
25 changes: 9 additions & 16 deletions lib/ssl/test/openssl_key_update_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,24 +48,17 @@ tls_1_3_tests() ->
openssl_server_explicit_key_update].

init_per_suite(Config0) ->
catch crypto:stop(),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
case proplists:get_bool(ecdh, proplists:get_value(public_keys, crypto:supports())) of
true ->
ssl_test_lib:make_ecdsa_cert(Config0);
false ->
{skip, "Missing EC crypto support"}
end
catch _:_ ->
{skip, "Crypto did not start"}
Config1 = ssl_test_lib:init_per_suite(Config0, openssl),
case proplists:get_bool(ecdh, proplists:get_value(public_keys, crypto:supports()))
of
true ->
ssl_test_lib:make_ecdsa_cert(Config1);
false ->
{skip, "Missing EC crypto support"}
end.

end_per_suite(_Config) ->
ssl:stop(),
application:unload(ssl),
application:stop(crypto).
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(GroupName, Config) ->
ssl_test_lib:init_per_group_openssl(GroupName, Config).
Expand Down
26 changes: 9 additions & 17 deletions lib/ssl/test/openssl_mfl_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,25 +64,17 @@ groups() ->
].

init_per_suite(Config0) ->
catch crypto:stop(),
try crypto:start() of
ok ->
case ssl_test_lib:openssl_maxfraglen_support() of
true ->
ssl_test_lib:clean_start(),
ssl:clear_pem_cache(),
Config = ssl_test_lib:make_rsa_cert(Config0),
ssl_test_lib:cert_options(Config);
false ->
{skip, "max_fragment_length not supported by OpenSSL"}
end
catch _:_ ->
{skip, "Crypto did not start"}
Config1 = ssl_test_lib:init_per_suite(Config0, openssl),
case ssl_test_lib:openssl_maxfraglen_support() of
true ->
Config = ssl_test_lib:make_rsa_cert(Config1),
ssl_test_lib:cert_options(Config);
false ->
{skip, "max_fragment_length not supported by OpenSSL"}
end.

end_per_suite(_Config) ->
ssl:stop(),
application:stop(crypto).
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(GroupName, Config) ->
ssl_test_lib:init_per_group_openssl(GroupName, Config).
Expand Down
29 changes: 7 additions & 22 deletions lib/ssl/test/openssl_npn_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,31 +82,16 @@ npn_renegotiate_tests() ->
].

init_per_suite(Config0) ->
case os:find_executable("openssl") of
Config1 = ssl_test_lib:init_per_suite(Config0, openssl),
case ssl_test_lib:check_openssl_npn_support(Config1) of
true ->
ssl_test_lib:make_rsa_cert(Config1);
false ->
{skip, "Openssl not found"};
_ ->
case ssl_test_lib:check_openssl_npn_support(Config0) of
{skip, _} = Skip ->
Skip;
_ ->
ct:pal("Version: ~p", [os:cmd("openssl version")]),
catch crypto:stop(),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
ssl:clear_pem_cache(),
ssl_test_lib:make_rsa_cert(Config0)
catch _:_ ->
{skip, "Crypto did not start"}
end
end
{skip, "npn_not_supported"}
end.

end_per_suite(_Config) ->
ssl:stop(),
application:stop(crypto),
ssl_test_lib:kill_openssl().
end_per_suite(Config) ->
ssl_test_lib:end_per_suite(Config).

init_per_group(GroupName, Config) ->
ssl_test_lib:init_per_group_openssl(GroupName, Config).
Expand Down
39 changes: 15 additions & 24 deletions lib/ssl/test/openssl_ocsp_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,47 +70,38 @@ ocsp_tests() ->
].

%%--------------------------------------------------------------------
init_per_suite(Config) ->
case ssl_test_lib:openssl_ocsp_support() of
init_per_suite(Config0) ->
Config = ssl_test_lib:init_per_suite(Config0, openssl),
case ssl_test_lib:openssl_ocsp_support(Config) of
true ->
do_init_per_suite(Config);
false ->
{skip, "OCSP not well supported in openSSL"}
end.

do_init_per_suite(Config) ->
catch crypto:stop(),
try crypto:start() of
ok ->
ssl_test_lib:clean_start(),
DataDir = proplists:get_value(data_dir, Config),
PrivDir = proplists:get_value(priv_dir, Config),
DataDir = proplists:get_value(data_dir, Config),
PrivDir = proplists:get_value(priv_dir, Config),

%% Prepare certs
{ok, _} = make_certs:all(DataDir, PrivDir),
%% Prepare certs
{ok, _} = make_certs:all(DataDir, PrivDir),

ResponderPort = get_free_port(),
Pid = start_ocsp_responder(ResponderPort, PrivDir),
ResponderPort = get_free_port(),
Pid = start_ocsp_responder(ResponderPort, PrivDir),

NewConfig =
NewConfig =
lists:merge(
[{responder_port, ResponderPort},
{responder_pid, Pid}
], Config),
[{responder_port, ResponderPort},
{responder_pid, Pid}
], Config),

ssl_test_lib:cert_options(NewConfig)
catch _:_ ->
{skip, "Crypto did not start"}
end.
ssl_test_lib:cert_options(NewConfig).


end_per_suite(Config) ->
ResponderPid = proplists:get_value(responder_pid, Config),
ssl_test_lib:close(ResponderPid),
ok = ssl:stop(),
%% terminate OpenSSL processes (OCSP responder in particular)
ssl_test_lib:kill_openssl(),
application:stop(crypto).
ssl_test_lib:end_per_suite(Config).

%%--------------------------------------------------------------------
init_per_group(GroupName, Config) ->
Expand Down
Loading

0 comments on commit 19bce3c

Please sign in to comment.