diff options
| author | Erlang/OTP <[email protected]> | 2019-06-17 16:51:13 +0200 |
|---|---|---|
| committer | Erlang/OTP <[email protected]> | 2019-06-17 16:51:13 +0200 |
| commit | e68145c61ad3ecbb81fd58bf32110da9e45d3deb (patch) | |
| tree | d038a7401089f62ffc293677a44c3c04d3167634 /lib/ssl/test | |
| parent | b4fb2e5669acb02697d9a9ab168eb0fbff6f370c (diff) | |
| parent | faaf5bb3085d351715672684c6f6f9601ad1208a (diff) | |
| download | otp-e68145c61ad3ecbb81fd58bf32110da9e45d3deb.tar.gz otp-e68145c61ad3ecbb81fd58bf32110da9e45d3deb.tar.bz2 otp-e68145c61ad3ecbb81fd58bf32110da9e45d3deb.zip | |
Merge branch 'ingela/ssl/handshake-handling/ERL-968/OTP-15879' into maint-22
* ingela/ssl/handshake-handling/ERL-968/OTP-15879:
ssl: Correct handshake handling
Diffstat (limited to 'lib/ssl/test')
| -rw-r--r-- | lib/ssl/test/ssl_certificate_verify_SUITE.erl | 41 |
1 files changed, 40 insertions, 1 deletions
diff --git a/lib/ssl/test/ssl_certificate_verify_SUITE.erl b/lib/ssl/test/ssl_certificate_verify_SUITE.erl index 55dee9a48f..5431cda5af 100644 --- a/lib/ssl/test/ssl_certificate_verify_SUITE.erl +++ b/lib/ssl/test/ssl_certificate_verify_SUITE.erl @@ -89,7 +89,8 @@ tests() -> critical_extension_verify_server, critical_extension_verify_none, customize_hostname_check, - incomplete_chain + incomplete_chain, + long_chain ]. error_handling_tests()-> @@ -1157,6 +1158,44 @@ incomplete_chain(Config) when is_list(Config) -> ssl_test_lib:close(Server), ssl_test_lib:close(Client). +long_chain() -> + [{doc,"Test option verify_peer"}]. +long_chain(Config) when is_list(Config) -> + #{server_config := ServerConf, + client_config := ClientConf} = public_key:pkix_test_data(#{server_chain => #{root => [{key, ssl_test_lib:hardcode_rsa_key(1)}], + intermediates => [[{key, ssl_test_lib:hardcode_rsa_key(2)}], + [{key, ssl_test_lib:hardcode_rsa_key(3)}], + [{key, ssl_test_lib:hardcode_rsa_key(4)}]], + peer => [{key, ssl_test_lib:hardcode_rsa_key(5)}]}, + client_chain => #{root => [{key, ssl_test_lib:hardcode_rsa_key(3)}], + intermediates => [[{key, ssl_test_lib:hardcode_rsa_key(2)}]], + peer => [{key, ssl_test_lib:hardcode_rsa_key(1)}]}}), + [ServerRoot| _] = ServerCas = proplists:get_value(cacerts, ServerConf), + ClientCas = proplists:get_value(cacerts, ClientConf), + + Active = proplists:get_value(active, Config), + ReceiveFunction = proplists:get_value(receive_function, Config), + {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), + Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, + {from, self()}, + {mfa, {ssl_test_lib, ReceiveFunction, []}}, + {options, [{active, Active}, {verify, verify_peer}, + {cacerts, [ServerRoot]} | + proplists:delete(cacerts, ServerConf)]}]), + Port = ssl_test_lib:inet_port(Server), + Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, + {host, Hostname}, + {from, self()}, + {mfa, {ssl_test_lib, ReceiveFunction, []}}, + {options, [{active, Active}, + {verify, verify_peer}, + {depth, 5}, + {cacerts, ServerCas ++ ClientCas} | + proplists:delete(cacerts, ClientConf)]}]), + ssl_test_lib:check_result(Server, ok, Client, ok), + ssl_test_lib:close(Server), + ssl_test_lib:close(Client). + %%-------------------------------------------------------------------- %% Internal functions ------------------------------------------------ |