aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/test
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2010-06-11 08:21:23 +0000
committerErlang/OTP <[email protected]>2010-06-11 08:21:23 +0000
commit4d0e43b5e252b979d50c17592c08ae68ece5fa07 (patch)
tree179408fb7b2eb80ae402a00443c5158c9c6d9428 /lib/ssl/test
parenta346eb92eb7b5bedb36768c0a63b82547919bc0b (diff)
downloadotp-4d0e43b5e252b979d50c17592c08ae68ece5fa07.tar.gz
otp-4d0e43b5e252b979d50c17592c08ae68ece5fa07.tar.bz2
otp-4d0e43b5e252b979d50c17592c08ae68ece5fa07.zip
OTP-8695 New ssl default
Ssl has now switched default implementation and removed deprecated certificate handling. All certificate handling is done by the public_key application.
Diffstat (limited to 'lib/ssl/test')
-rw-r--r--lib/ssl/test/Makefile4
-rw-r--r--lib/ssl/test/old_ssl_active_SUITE.erl2
-rw-r--r--lib/ssl/test/old_ssl_active_once_SUITE.erl12
-rw-r--r--lib/ssl/test/old_ssl_dist_SUITE.erl52
-rw-r--r--lib/ssl/test/old_ssl_misc_SUITE.erl12
-rw-r--r--lib/ssl/test/old_ssl_passive_SUITE.erl12
-rw-r--r--lib/ssl/test/old_ssl_peer_cert_SUITE.erl12
-rw-r--r--lib/ssl/test/old_ssl_protocol_SUITE.erl12
-rw-r--r--lib/ssl/test/old_ssl_verify_SUITE.erl12
-rw-r--r--lib/ssl/test/old_transport_accept_SUITE.erl19
-rw-r--r--lib/ssl/test/ssl_basic_SUITE.erl13
-rw-r--r--lib/ssl/test/ssl_packet_SUITE.erl1
-rw-r--r--lib/ssl/test/ssl_payload_SUITE.erl11
-rw-r--r--lib/ssl/test/ssl_test_MACHINE.erl27
-rw-r--r--lib/ssl/test/ssl_to_openssl_SUITE.erl129
15 files changed, 225 insertions, 105 deletions
diff --git a/lib/ssl/test/Makefile b/lib/ssl/test/Makefile
index d35cafc47b..9e4aecac45 100644
--- a/lib/ssl/test/Makefile
+++ b/lib/ssl/test/Makefile
@@ -59,12 +59,10 @@ ERL_FILES = $(MODULES:%=%.erl)
HRL_FILES = ssl_test_MACHINE.hrl
HRL_FILES_SRC = \
- ssl_pkix.hrl \
ssl_alert.hrl \
ssl_handshake.hrl
-HRL_FILES_INC = \
- OTP-PKIX.hrl
+HRL_FILES_INC =
HRL_FILES_NEEDED_IN_TEST = \
$(HRL_FILES_SRC:%=../src/%) \
diff --git a/lib/ssl/test/old_ssl_active_SUITE.erl b/lib/ssl/test/old_ssl_active_SUITE.erl
index 010596f351..d1cec26827 100644
--- a/lib/ssl/test/old_ssl_active_SUITE.erl
+++ b/lib/ssl/test/old_ssl_active_SUITE.erl
@@ -87,6 +87,8 @@ config(Config) ->
%% operating system, version of OTP, Erts, kernel and stdlib.
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_active_once_SUITE.erl b/lib/ssl/test/old_ssl_active_once_SUITE.erl
index 6224b17aa7..63eaa730e9 100644
--- a/lib/ssl/test/old_ssl_active_once_SUITE.erl
+++ b/lib/ssl/test/old_ssl_active_once_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2002-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2002-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -79,6 +79,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_dist_SUITE.erl b/lib/ssl/test/old_ssl_dist_SUITE.erl
index 56209c3530..97090c1409 100644
--- a/lib/ssl/test/old_ssl_dist_SUITE.erl
+++ b/lib/ssl/test/old_ssl_dist_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2007-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2007-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -254,7 +254,8 @@ mk_node_cmdline(ListenPort, Name, Args) ->
Prog ++ " "
++ Static ++ " "
++ NameSw ++ " " ++ Name ++ " "
- ++ "-pa " ++ Pa ++ " "
+ ++ "-pa " ++ Pa ++ " "
+ ++ "-run application start crypto -run application start public_key "
++ "-run " ++ atom_to_list(?MODULE) ++ " cnct2tstsrvr "
++ host_name() ++ " "
++ integer_to_list(ListenPort) ++ " "
@@ -524,23 +525,10 @@ add_ssl_opts_config(Config) ->
KrnlDir = filename:join([LibDir, "kernel-" ++ KRNL_VSN]),
{ok, _} = file:read_file_info(StdlDir),
{ok, _} = file:read_file_info(KrnlDir),
- SSL_VSN = case lists:keysearch(ssl, 1, Apps) of
- {value, {ssl, _, VSN}} ->
- VSN;
- _ ->
- application:start(ssl),
- try
- {value,
- {ssl,
- _,
- VSN}} = lists:keysearch(ssl,
- 1,
- application:which_applications()),
- VSN
- after
- application:stop(ssl)
- end
- end,
+ SSL_VSN = vsn(ssl),
+ VSN_CRYPTO = vsn(crypto),
+ VSN_PKEY = vsn(public_key),
+
SslDir = filename:join([LibDir, "ssl-" ++ SSL_VSN]),
{ok, _} = file:read_file_info(SslDir),
%% We are using an installed otp system, create the boot script.
@@ -552,6 +540,8 @@ add_ssl_opts_config(Config) ->
" {erts, \"~s\"},~n"
" [{kernel, \"~s\"},~n"
" {stdlib, \"~s\"},~n"
+ " {crypto, \"~s\"},~n"
+ " {public_key, \"~s\"},~n"
" {ssl, \"~s\"}]}.~n",
[case catch erlang:system_info(otp_release) of
{'EXIT', _} -> "R11B";
@@ -560,6 +550,8 @@ add_ssl_opts_config(Config) ->
erlang:system_info(version),
KRNL_VSN,
STDL_VSN,
+ VSN_CRYPTO,
+ VSN_PKEY,
SSL_VSN]),
ok = file:close(RelFile),
ok = systools:make_script(Script, []),
@@ -593,3 +585,17 @@ success(Config) ->
{value, {comment, _} = Res} -> Res;
_ -> ok
end.
+
+vsn(App) ->
+ application:start(App),
+ try
+ {value,
+ {ssl,
+ _,
+ VSN}} = lists:keysearch(App,
+ 1,
+ application:which_applications()),
+ VSN
+ after
+ application:stop(ssl)
+ end.
diff --git a/lib/ssl/test/old_ssl_misc_SUITE.erl b/lib/ssl/test/old_ssl_misc_SUITE.erl
index 55d1b71025..2767123a12 100644
--- a/lib/ssl/test/old_ssl_misc_SUITE.erl
+++ b/lib/ssl/test/old_ssl_misc_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2003-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2003-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -61,6 +61,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_passive_SUITE.erl b/lib/ssl/test/old_ssl_passive_SUITE.erl
index 4cb8c1f0cd..96a7938583 100644
--- a/lib/ssl/test/old_ssl_passive_SUITE.erl
+++ b/lib/ssl/test/old_ssl_passive_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 1999-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 1999-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -78,6 +78,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_peer_cert_SUITE.erl b/lib/ssl/test/old_ssl_peer_cert_SUITE.erl
index f0b8db2607..e5b3975d41 100644
--- a/lib/ssl/test/old_ssl_peer_cert_SUITE.erl
+++ b/lib/ssl/test/old_ssl_peer_cert_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2003-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2003-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -62,6 +62,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_protocol_SUITE.erl b/lib/ssl/test/old_ssl_protocol_SUITE.erl
index 7bde5d6749..efdbf45a3d 100644
--- a/lib/ssl/test/old_ssl_protocol_SUITE.erl
+++ b/lib/ssl/test/old_ssl_protocol_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2005-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2005-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -55,6 +55,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_ssl_verify_SUITE.erl b/lib/ssl/test/old_ssl_verify_SUITE.erl
index 5db964526f..7a8cd1578a 100644
--- a/lib/ssl/test/old_ssl_verify_SUITE.erl
+++ b/lib/ssl/test/old_ssl_verify_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 1999-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 1999-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -60,6 +60,8 @@ config(Config) ->
io:format("Config: ~p~n", [Config]),
%% Check if SSL exists. If this case fails, all other cases are skipped
+ crypto:start(),
+ application:start(public_key),
case ssl:start() of
ok -> ssl:stop();
{error, {already_started, _}} -> ssl:stop();
diff --git a/lib/ssl/test/old_transport_accept_SUITE.erl b/lib/ssl/test/old_transport_accept_SUITE.erl
index 4bb09cee19..71c1d9e181 100644
--- a/lib/ssl/test/old_transport_accept_SUITE.erl
+++ b/lib/ssl/test/old_transport_accept_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2007-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2007-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -224,12 +224,9 @@ tolerant_server_loop(Client, LSock, Msg, N) ->
tolerant_server_loop(Client, LSock, Msg, N-1).
app() ->
- case application:get_application(ssl) of
- undefined ->
- application:start(ssl);
- _ ->
- ok
- end.
+ crypto:start(),
+ application:start(public_key),
+ ssl:start().
start_node(Kind, Params) ->
S = atom_to_list(?MODULE)++"_" ++ atom_to_list(Kind),
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index 0d9a912e30..8a1b90ed98 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -50,18 +50,21 @@
%% Note: This function is free to add any key/value pairs to the Config
%% variable, but should NOT alter/remove any existing entries.
%%--------------------------------------------------------------------
-init_per_suite(Config) ->
+init_per_suite(Config0) ->
+ Dog = ssl_test_lib:timetrap(?TIMEOUT *2),
crypto:start(),
+ application:start(public_key),
ssl:start(),
%% make rsa certs using oppenssl
Result =
- (catch make_certs:all(?config(data_dir, Config),
- ?config(priv_dir, Config))),
+ (catch make_certs:all(?config(data_dir, Config0),
+ ?config(priv_dir, Config0))),
test_server:format("Make certs ~p~n", [Result]),
- NewConfig = ssl_test_lib:make_dsa_cert(Config),
- ssl_test_lib:cert_options(NewConfig).
+ Config1 = ssl_test_lib:make_dsa_cert(Config0),
+ Config = ssl_test_lib:cert_options(Config1),
+ [{watchdog, Dog} | Config].
%%--------------------------------------------------------------------
%% Function: end_per_suite(Config) -> _
diff --git a/lib/ssl/test/ssl_packet_SUITE.erl b/lib/ssl/test/ssl_packet_SUITE.erl
index a019e660e9..1b8754afe9 100644
--- a/lib/ssl/test/ssl_packet_SUITE.erl
+++ b/lib/ssl/test/ssl_packet_SUITE.erl
@@ -54,6 +54,7 @@
%%--------------------------------------------------------------------
init_per_suite(Config) ->
crypto:start(),
+ application:start(public_key),
ssl:start(),
Result =
(catch make_certs:all(?config(data_dir, Config),
diff --git a/lib/ssl/test/ssl_payload_SUITE.erl b/lib/ssl/test/ssl_payload_SUITE.erl
index a0aa92bdf2..d80df0bfbd 100644
--- a/lib/ssl/test/ssl_payload_SUITE.erl
+++ b/lib/ssl/test/ssl_payload_SUITE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2008-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2008-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -38,6 +38,7 @@
%%--------------------------------------------------------------------
init_per_suite(Config) ->
crypto:start(),
+ application:start(public_key),
ssl:start(),
make_certs:all(?config(data_dir, Config), ?config(priv_dir, Config)),
ssl_test_lib:cert_options(Config).
diff --git a/lib/ssl/test/ssl_test_MACHINE.erl b/lib/ssl/test/ssl_test_MACHINE.erl
index e75f7079ed..e0ffa15d80 100644
--- a/lib/ssl/test/ssl_test_MACHINE.erl
+++ b/lib/ssl/test/ssl_test_MACHINE.erl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2003-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2003-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -60,10 +60,12 @@ many_conns_1() ->
%%
mk_ssl_cert_opts(_Config) ->
Dir = filename:join([code:lib_dir(ssl), "examples", "certs", "etc"]),
- COpts = [{cacertfile, filename:join([Dir, "client", "cacerts.pem"])},
+ COpts = [{ssl_imp, old},
+ {cacertfile, filename:join([Dir, "client", "cacerts.pem"])},
{certfile, filename:join([Dir, "client", "cert.pem"])},
{keyfile, filename:join([Dir, "client", "key.pem"])}],
- SOpts = [{cacertfile, filename:join([Dir, "server", "cacerts.pem"])},
+ SOpts = [{ssl_imp, old},
+ {cacertfile, filename:join([Dir, "server", "cacerts.pem"])},
{certfile, filename:join([Dir, "server", "cert.pem"])},
{keyfile, filename:join([Dir, "server", "key.pem"])}],
{ok, {COpts, SOpts}}.
@@ -225,11 +227,13 @@ start_ssl(Nodes, Config) ->
ok.
do_start(Env) ->
+ application:start(crypto),
+ application:start(public_key),
application:load(ssl),
lists:foreach(
fun({Par, Val}) -> application:set_env(ssl, Par, Val) end, Env),
- application:start(ssl),
- application:start(crypto).
+ application:start(ssl).
+
%%
%% start_node(Name) -> {ok, Node}
@@ -542,7 +546,7 @@ get_active(St) ->
listen(St, LPort) ->
case St#st.protomod of
ssl ->
- ssl:listen(LPort, St#st.sockopts ++ St#st.sslopts);
+ ssl:listen(LPort, [{ssl_imp, old} | St#st.sockopts ++ St#st.sslopts]);
gen_tcp ->
gen_tcp:listen(LPort, St#st.sockopts)
end.
@@ -584,7 +588,8 @@ connect(St, Host, Port) ->
case St#st.protomod of
ssl ->
- case ssl:connect(Host, Port, St#st.sockopts ++ St#st.sslopts,
+ case ssl:connect(Host, Port,
+ [{ssl_imp, old} | St#st.sockopts ++ St#st.sslopts],
St#st.timeout) of
{ok, Sock} ->
{ok, LPort} = ssl:sockname(Sock),
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index 4981ac0424..d2a4ca8db5 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -25,8 +25,6 @@
-compile(export_all).
-include("test_server.hrl").
--include("test_server_line.hrl").
--include("ssl_pkix.hrl").
-define(TIMEOUT, 120000).
-define(SLEEP, 1000).
@@ -45,19 +43,22 @@
%% Note: This function is free to add any key/value pairs to the Config
%% variable, but should NOT alter/remove any existing entries.
%%--------------------------------------------------------------------
-init_per_suite(Config) ->
+init_per_suite(Config0) ->
+ Dog = ssl_test_lib:timetrap(?TIMEOUT *2),
case os:find_executable("openssl") of
false ->
{skip, "Openssl not found"};
_ ->
crypto:start(),
+ application:start(public_key),
ssl:start(),
Result =
- (catch make_certs:all(?config(data_dir, Config),
- ?config(priv_dir, Config))),
+ (catch make_certs:all(?config(data_dir, Config0),
+ ?config(priv_dir, Config0))),
test_server:format("Make certs ~p~n", [Result]),
- NewConfig = ssl_test_lib:make_dsa_cert(Config),
- ssl_test_lib:cert_options(NewConfig)
+ Config1 = ssl_test_lib:make_dsa_cert(Config0),
+ Config = ssl_test_lib:cert_options(Config1),
+ [{watchdog, Dog} | Config]
end.
%%--------------------------------------------------------------------
@@ -143,9 +144,10 @@ all(doc) ->
all(suite) ->
[erlang_client_openssl_server,
erlang_server_openssl_client,
- %% Comment out when new crypto sign functions is available
- %%erlang_client_openssl_server_dsa_cert,
- %%erlang_server_openssl_client_dsa_cert,
+ tls1_erlang_client_openssl_server_dsa_cert,
+ tls1_erlang_server_openssl_client_dsa_cert,
+ ssl3_erlang_client_openssl_server_dsa_cert,
+ ssl3_erlang_server_openssl_client_dsa_cert,
erlang_server_openssl_client_reuse_session,
erlang_client_openssl_server_renegotiate,
erlang_client_openssl_server_no_wrap_sequence_number,
@@ -252,11 +254,11 @@ erlang_server_openssl_client(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
-erlang_client_openssl_server_dsa_cert(doc) ->
+tls1_erlang_client_openssl_server_dsa_cert(doc) ->
["Test erlang server with openssl client"];
-erlang_client_openssl_server_dsa_cert(suite) ->
+tls1_erlang_client_openssl_server_dsa_cert(suite) ->
[];
-erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
+tls1_erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
process_flag(trap_exit, true),
ClientOpts = ?config(client_dsa_opts, Config),
ServerOpts = ?config(server_dsa_opts, Config),
@@ -300,11 +302,11 @@ erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
-erlang_server_openssl_client_dsa_cert(doc) ->
+tls1_erlang_server_openssl_client_dsa_cert(doc) ->
["Test erlang server with openssl client"];
-erlang_server_openssl_client_dsa_cert(suite) ->
+tls1_erlang_server_openssl_client_dsa_cert(suite) ->
[];
-erlang_server_openssl_client_dsa_cert(Config) when is_list(Config) ->
+tls1_erlang_server_openssl_client_dsa_cert(Config) when is_list(Config) ->
process_flag(trap_exit, true),
ClientOpts = ?config(client_dsa_opts, Config),
ServerOpts = ?config(server_dsa_opts, Config),
@@ -338,6 +340,97 @@ erlang_server_openssl_client_dsa_cert(Config) when is_list(Config) ->
close_port(OpenSslPort),
process_flag(trap_exit, false),
ok.
+
+%%--------------------------------------------------------------------
+
+ssl3_erlang_client_openssl_server_dsa_cert(doc) ->
+ ["Test erlang server with openssl client"];
+ssl3_erlang_client_openssl_server_dsa_cert(suite) ->
+ [];
+ssl3_erlang_client_openssl_server_dsa_cert(Config) when is_list(Config) ->
+ process_flag(trap_exit, true),
+ ClientOpts = ?config(client_dsa_opts, Config),
+ ServerOpts = ?config(server_dsa_opts, Config),
+
+ {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
+
+ Data = "From openssl to erlang",
+
+ Port = ssl_test_lib:inet_port(node()),
+ CaCertFile = proplists:get_value(cacertfile, ServerOpts),
+ CertFile = proplists:get_value(certfile, ServerOpts),
+ KeyFile = proplists:get_value(keyfile, ServerOpts),
+
+ Cmd = "openssl s_server -accept " ++ integer_to_list(Port) ++
+ " -cert " ++ CertFile ++ " -CAfile " ++ CaCertFile
+ ++ " -key " ++ KeyFile ++ " -Verify 2 -ssl3 -msg",
+
+ test_server:format("openssl cmd: ~p~n", [Cmd]),
+
+ OpensslPort = open_port({spawn, Cmd}, [stderr_to_stdout]),
+
+ wait_for_openssl_server(),
+
+ Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
+ {host, Hostname},
+ {from, self()},
+ {mfa, {?MODULE,
+ erlang_ssl_receive, [Data]}},
+ {options, ClientOpts}]),
+
+ port_command(OpensslPort, Data),
+
+ ssl_test_lib:check_result(Client, ok),
+
+ %% Clean close down! Server needs to be closed first !!
+ close_port(OpensslPort),
+
+ ssl_test_lib:close(Client),
+ process_flag(trap_exit, false),
+ ok.
+
+%%--------------------------------------------------------------------
+
+ssl3_erlang_server_openssl_client_dsa_cert(doc) ->
+ ["Test erlang server with openssl client"];
+ssl3_erlang_server_openssl_client_dsa_cert(suite) ->
+ [];
+ssl3_erlang_server_openssl_client_dsa_cert(Config) when is_list(Config) ->
+ process_flag(trap_exit, true),
+ ClientOpts = ?config(client_dsa_opts, Config),
+ ServerOpts = ?config(server_dsa_opts, Config),
+
+ {_, ServerNode, _} = ssl_test_lib:run_where(Config),
+
+ Data = "From openssl to erlang",
+ CaCertFile = proplists:get_value(cacertfile, ClientOpts),
+ CertFile = proplists:get_value(certfile, ClientOpts),
+ KeyFile = proplists:get_value(keyfile, ClientOpts),
+
+ Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+ {from, self()},
+ {mfa, {?MODULE, erlang_ssl_receive, [Data]}},
+ {options, ServerOpts}]),
+ Port = ssl_test_lib:inet_port(Server),
+
+ Cmd = "openssl s_client -port " ++ integer_to_list(Port) ++
+ " -host localhost " ++ " -cert " ++ CertFile ++ " -CAfile " ++ CaCertFile
+ ++ " -key " ++ KeyFile ++ " -ssl3 -msg",
+
+ test_server:format("openssl cmd: ~p~n", [Cmd]),
+
+ OpenSslPort = open_port({spawn, Cmd}, [stderr_to_stdout]),
+ port_command(OpenSslPort, Data),
+
+ ssl_test_lib:check_result(Server, ok),
+
+ ssl_test_lib:close(Server),
+
+ close_port(OpenSslPort),
+ process_flag(trap_exit, false),
+ ok.
+
+
%%--------------------------------------------------------------------
erlang_server_openssl_client_reuse_session(doc) ->
@@ -1314,7 +1407,9 @@ wait_for_openssl_server() ->
check_sane_openssl_renegotaite(Config) ->
case os:cmd("openssl version") of
- "OpenSSL 0.9.8l" ++ _ ->
+ "OpenSSL 0.9.8" ++ _ ->
+ {skip, "Known renegotiation bug in OppenSSL"};
+ "OpenSSL 0.9.7" ++ _ ->
{skip, "Known renegotiation bug in OppenSSL"};
_ ->
Config