Add test suite for the ssl application

1 files changed, 180 insertions, 0 deletions

diff --git a/lib/ssl/test/old_ssl_peer_cert_SUITE.erl b/lib/ssl/test/old_ssl_peer_cert_SUITE.erl
new file mode 100644
index 0000000000..f0b8db2607
--- /dev/null
+++ b/lib/ssl/test/old_ssl_peer_cert_SUITE.erl
@@ -0,0 +1,180 @@
+%%
+%% %CopyrightBegin%
+%% 
+%% Copyright Ericsson AB 2003-2009. All Rights Reserved.
+%% 
+%% The contents of this file are subject to the Erlang Public License,
+%% Version 1.1, (the "License"); you may not use this file except in
+%% compliance with the License. You should have received a copy of the
+%% Erlang Public License along with this software. If not, it can be
+%% retrieved online at http://www.erlang.org/.
+%% 
+%% Software distributed under the License is distributed on an "AS IS"
+%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+%% the License for the specific language governing rights and limitations
+%% under the License.
+%% 
+%% %CopyrightEnd%
+%%
+
+%%
+-module(old_ssl_peer_cert_SUITE).
+
+-export([all/1,
+	 init_per_testcase/2,
+	 fin_per_testcase/2,
+	 config/1,
+	 finish/1,
+	 cinit_plain/1,
+	 cinit_both_verify/1,
+	 cinit_cnocert/1
+	 ]).
+
+-import(ssl_test_MACHINE, [mk_ssl_cert_opts/1, test_one_listener/7,
+			   test_server_only/6]).
+-include("test_server.hrl").
+-include("ssl_test_MACHINE.hrl").
+
+
+init_per_testcase(_Case, Config) ->
+    WatchDog = ssl_test_lib:timetrap(?DEFAULT_TIMEOUT),
+    [{watchdog, WatchDog}| Config].
+
+fin_per_testcase(_Case, Config) ->
+    WatchDog = ?config(watchdog, Config),
+    test_server:timetrap_cancel(WatchDog).
+
+all(doc) ->
+    "Test of ssl verification and peer certificate retrieval.";
+all(suite) ->
+    {conf,
+     config,
+     [cinit_plain,
+      cinit_both_verify,
+      cinit_cnocert],
+     finish}.
+
+config(doc) ->
+    "Want to se what Config contains.";
+config(suite) ->
+    [];
+config(Config) ->
+    io:format("Config: ~p~n", [Config]),
+
+    %% Check if SSL exists. If this case fails, all other cases are skipped
+    case ssl:start() of
+	ok -> ssl:stop();
+	{error, {already_started, _}} -> ssl:stop();
+	Error -> ?t:fail({failed_starting_ssl,Error})
+    end,
+    Config.
+
+finish(doc) ->
+    "This test case has no mission other than closing the conf case";
+finish(suite) ->
+    [];
+finish(Config) ->
+    Config.
+
+cinit_plain(doc) ->
+    "Server closes after accept, Client waits for close. Both have certs "
+	"but both use the defaults for verify and depth, but still tries "
+	"to retreive each others certificates.";
+cinit_plain(suite) ->
+    [];
+cinit_plain(Config) when list(Config) ->
+    process_flag(trap_exit, true),
+    DataSize = 1000, LPort = 3456,
+    Timeout = 40000, NConns = 1,
+
+    ?line {ok, {CsslOpts, SsslOpts}} = mk_ssl_cert_opts(Config),
+
+    ?line {ok, Host} = inet:gethostname(),
+
+    LCmds = [{sockopts, [{backlog, NConns}]},
+	     {sslopts, SsslOpts},
+	     {listen, LPort}, 
+	     wait_sync,
+	     lclose],
+    ACmds = [{timeout, Timeout}, 
+	     accept,
+	     nopeercert,
+	     {recv, DataSize},
+	     close],
+    CCmds = [{timeout, Timeout}, 
+	     {sslopts, CsslOpts},
+	     {connect, {Host, LPort}},
+	     peercert,
+	     {send, DataSize},
+	     await_close],
+    ?line test_one_listener(NConns, LCmds, ACmds, CCmds, Timeout, 
+			    ?MODULE, Config).
+
+cinit_both_verify(doc) ->
+    "Server closes after accept, Client waits for close. Both have certs "
+	"and both verify each other.";
+cinit_both_verify(suite) ->
+    [];
+cinit_both_verify(Config) when list(Config) ->
+    process_flag(trap_exit, true),
+    DataSize = 1000, LPort = 3456,
+    Timeout = 40000, NConns = 1,
+
+    ?line {ok, {CsslOpts0, SsslOpts0}} = mk_ssl_cert_opts(Config),
+    ?line CsslOpts = [{verify, 2}, {depth, 2} | CsslOpts0],
+    ?line SsslOpts = [{verify, 2}, {depth, 3} | SsslOpts0],
+
+    ?line {ok, Host} = inet:gethostname(),
+
+    LCmds = [{sockopts, [{backlog, NConns}]},
+	     {sslopts, SsslOpts},
+	     {listen, LPort}, 
+	     wait_sync,
+	     lclose],
+    ACmds = [{timeout, Timeout}, 
+	     accept,
+	     peercert,
+	     {recv, DataSize},
+	     close],
+    CCmds = [{timeout, Timeout}, 
+	     {sslopts, CsslOpts},
+	     {connect, {Host, LPort}},
+	     peercert,
+	     {send, DataSize},
+	     await_close],
+    ?line test_one_listener(NConns, LCmds, ACmds, CCmds, Timeout, 
+			    ?MODULE, Config).
+
+cinit_cnocert(doc) ->
+    "Client has no cert. Nor the client, nor the server is verifying its "
+	"peer. Server closes, client waits for close.";
+cinit_cnocert(suite) ->
+    [];
+cinit_cnocert(Config) when list(Config) ->
+    process_flag(trap_exit, true),
+    DataSize = 1000, LPort = 3457,
+    Timeout = 40000, NConns = 1,
+
+    ?line {ok, {_, SsslOpts0}} = mk_ssl_cert_opts(Config),
+    ?line SsslOpts = [{verify, 0}, {depth, 2} | SsslOpts0],
+
+    ?line {ok, Host} = inet:gethostname(),
+
+    LCmds = [{sockopts, [{backlog, NConns}]},
+	     {sslopts, SsslOpts},
+	     {listen, LPort}, 
+	     wait_sync,
+	     lclose],
+    ACmds = [{timeout, Timeout}, 
+	     accept,
+	     {recv, DataSize},
+	     close],
+    CCmds = [{timeout, Timeout}, 
+	     {connect, {Host, LPort}},
+	     peercert,
+	     {send, DataSize},
+	     await_close],
+    ?line test_one_listener(NConns, LCmds, ACmds, CCmds, Timeout,
+			    ?MODULE, Config).
+
+