diff options
| author | Péter Dimitrov <[email protected]> | 2018-03-21 14:53:56 +0100 |
|---|---|---|
| committer | Péter Dimitrov <[email protected]> | 2018-03-28 10:19:38 +0200 |
| commit | 8bccc0bab9fce7ef00f64965b308ef9328e594fa (patch) | |
| tree | dc4c34131f26d8fb2dd0040b4ab9a7de0924f5bf | |
| parent | f3458d831769ed7c37362eeaea780f218922cfab (diff) | |
| download | otp-8bccc0bab9fce7ef00f64965b308ef9328e594fa.tar.gz otp-8bccc0bab9fce7ef00f64965b308ef9328e594fa.tar.bz2 otp-8bccc0bab9fce7ef00f64965b308ef9328e594fa.zip | |
ftp: Fix ftp test suite
- vsftpd =< 3.0.2 does not support ECDHE ciphers and the ssl application
removed ciphers with RSA key exchange from its default cipher list.
To allow interoperability with old versions of vsftpd, cipher suites
with RSA key exchange are appended to the default cipher list.
- Fix regex in ftp.appup.src
Change-Id: I53ce3b7f198ae95825eb0b5d39e94bdcebe78391
| -rw-r--r-- | lib/ftp/src/ftp.appup.src | 4 | ||||
| -rw-r--r-- | lib/ftp/test/ftp_SUITE.erl | 21 | ||||
| -rw-r--r-- | lib/ftp/test/ftp_SUITE_data/vsftpd.conf | 8 |
3 files changed, 27 insertions, 6 deletions
diff --git a/lib/ftp/src/ftp.appup.src b/lib/ftp/src/ftp.appup.src index f5798ef976..d79c7b60ff 100644 --- a/lib/ftp/src/ftp.appup.src +++ b/lib/ftp/src/ftp.appup.src @@ -18,9 +18,9 @@ %% %CopyrightEnd% {"%VSN%", [ - {<<"*">>,[{restart_application, ftp}]} + {<<".*">>,[{restart_application, ftp}]} ], [ - {<<"*">>,[{restart_application, ftp}]} + {<<".*">>,[{restart_application, ftp}]} ] }. diff --git a/lib/ftp/test/ftp_SUITE.erl b/lib/ftp/test/ftp_SUITE.erl index 3ebff82302..92d2c36a86 100644 --- a/lib/ftp/test/ftp_SUITE.erl +++ b/lib/ftp/test/ftp_SUITE.erl @@ -55,7 +55,7 @@ all() -> {group, ftps_active}, {group, ftp_sup}, app, - app_upp, + appup, error_ehost, clean_shutdown ]. @@ -228,9 +228,24 @@ end_per_group(_Group, Config) -> Config. %%-------------------------------------------------------------------- +init_per_testcase(T, Config0) when T =:= app; T =:= appup -> + Config0; init_per_testcase(Case, Config0) -> Group = proplists:get_value(name, proplists:get_value(tc_group_properties,Config0)), - TLS = [{tls,[{reuse_sessions,true}]}], + + %% Workaround for interoperability issues with vsftpd =< 3.0.2: + %% + %% vsftpd =< 3.0.2 does not support ECDHE ciphers and the ssl application + %% removed ciphers with RSA key exchange from its default cipher list. + %% To allow interoperability with old versions of vsftpd, cipher suites + %% with RSA key exchange are appended to the default cipher list. + All = ssl:cipher_suites(all, 'tlsv1.2'), + Default = ssl:cipher_suites(default, 'tlsv1.2'), + RSASuites = + ssl:filter_cipher_suites(All, [{key_exchange, fun(rsa) -> true; + (_) -> false end}]), + Suites = ssl:append_cipher_suites(RSASuites, Default), + TLS = [{tls,[{reuse_sessions,true},{ciphers, Suites}]}], ACTIVE = [{mode,active}], PASSIVE = [{mode,passive}], CaseOpts = case Case of @@ -261,7 +276,7 @@ init_per_testcase(Case, Config0) -> Config end. - +end_per_testcase(T, _Config) when T =:= app; T =:= appup -> ok; end_per_testcase(user, _Config) -> ok; end_per_testcase(bad_user, _Config) -> ok; end_per_testcase(error_elogin, _Config) -> ok; diff --git a/lib/ftp/test/ftp_SUITE_data/vsftpd.conf b/lib/ftp/test/ftp_SUITE_data/vsftpd.conf index 2a177644d4..4568fad147 100644 --- a/lib/ftp/test/ftp_SUITE_data/vsftpd.conf +++ b/lib/ftp/test/ftp_SUITE_data/vsftpd.conf @@ -11,7 +11,7 @@ listen=YES listen_port=9999 run_as_launching_user=YES ssl_enable=YES -ssl_ciphers=RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5 +ssl_ciphers=HIGH:!aNULL:!MD5 allow_anon_ssl=YES background=YES @@ -25,3 +25,9 @@ anon_world_readable_only=NO ### Shouldn't be necessary.... require_ssl_reuse=NO + +### Logging +#vsftpd_log_file=/devel/otp/vsftpd.log +#xferlog_enable=YES +#xferlog_std_format=NO +#log_ftp_protocol=YES
\ No newline at end of file |