aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2017-08-14 10:07:15 +0200
committerIngela Anderton Andin <[email protected]>2017-08-23 08:53:57 +0200
commit6beee41654d80fcc2779ab6b51b5b141f592354d (patch)
tree43874212d778d128441cfdd4614abd85a009ed4a /lib/ssl
parent7e3d979418747e30e55274c6b5ea805625e19dc4 (diff)
downloadotp-6beee41654d80fcc2779ab6b51b5b141f592354d.tar.gz
otp-6beee41654d80fcc2779ab6b51b5b141f592354d.tar.bz2
otp-6beee41654d80fcc2779ab6b51b5b141f592354d.zip
ssl: Enable more DTLS tests
Problems with failure of ssl_certificate_verify_SUITE when enabling DTLS-1 tests in ssl_basic_SUITE was a combination of the bug fixed by the previous commit and missing clean up code for dtls_protocol_versions application environment variable
Diffstat (limited to 'lib/ssl')
-rw-r--r--lib/ssl/test/ssl_ECC_SUITE.erl8
-rw-r--r--lib/ssl/test/ssl_basic_SUITE.erl10
-rw-r--r--lib/ssl/test/ssl_test_lib.erl7
-rw-r--r--lib/ssl/test/ssl_to_openssl_SUITE.erl19
4 files changed, 30 insertions, 14 deletions
diff --git a/lib/ssl/test/ssl_ECC_SUITE.erl b/lib/ssl/test/ssl_ECC_SUITE.erl
index 0fbb0bb79a..c48ccfb83b 100644
--- a/lib/ssl/test/ssl_ECC_SUITE.erl
+++ b/lib/ssl/test/ssl_ECC_SUITE.erl
@@ -36,7 +36,9 @@ all() ->
[
{group, 'tlsv1.2'},
{group, 'tlsv1.1'},
- {group, 'tlsv1'}
+ {group, 'tlsv1'},
+ {group, 'dtlsv1.2'},
+ {group, 'dtlsv1'}
].
groups() ->
@@ -44,6 +46,8 @@ groups() ->
{'tlsv1.2', [], all_versions_groups()},
{'tlsv1.1', [], all_versions_groups()},
{'tlsv1', [], all_versions_groups()},
+ {'dtlsv1.2', [], all_versions_groups()},
+ {'dtlsv1', [], all_versions_groups()},
{'erlang_server', [], openssl_key_cert_combinations()},
%%{'erlang_client', [], openssl_key_cert_combinations()},
{'erlang', [], key_cert_combinations() ++ misc()
@@ -197,7 +201,7 @@ common_init_per_group(GroupName, Config) ->
end.
end_per_group(_GroupName, Config) ->
- Config.
+ proplists:delete(tls_version, Config).
%%--------------------------------------------------------------------
diff --git a/lib/ssl/test/ssl_basic_SUITE.erl b/lib/ssl/test/ssl_basic_SUITE.erl
index aeb4897d7e..8e1a6a8892 100644
--- a/lib/ssl/test/ssl_basic_SUITE.erl
+++ b/lib/ssl/test/ssl_basic_SUITE.erl
@@ -53,8 +53,7 @@ all() ->
{group, options_tls},
{group, session},
{group, 'dtlsv1.2'},
- %% {group, 'dtlsv1'}, Breaks dtls in cert_verify_SUITE enable later when
- %% problem is identified and fixed
+ {group, 'dtlsv1'},
{group, 'tlsv1.2'},
{group, 'tlsv1.1'},
{group, 'tlsv1'},
@@ -277,6 +276,13 @@ end_per_suite(_Config) ->
application:stop(crypto).
%%--------------------------------------------------------------------
+init_per_group(GroupName, Config) when GroupName == basic;
+ GroupName == basic_tls;
+ GroupName == options;
+ GroupName == options_tls;
+ GroupName == session ->
+ ssl_test_lib:init_tls_version_default(Config);
+
init_per_group(GroupName, Config) ->
case ssl_test_lib:is_tls_version(GroupName) andalso ssl_test_lib:sufficient_crypto_support(GroupName) of
true ->
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index f627ebce2e..c919f901a1 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -1115,6 +1115,10 @@ init_tls_version(Version, Config) ->
NewConfig = proplists:delete(protocol_opts, proplists:delete(protocol, Config)),
[{protocol, tls} | NewConfig].
+init_tls_version_default(Config) ->
+ %% Remove non default options that may be left from other test groups
+ proplists:delete(protocol_opts, proplists:delete(protocol, Config)).
+
sufficient_crypto_support(Version)
when Version == 'tlsv1.2'; Version == 'dtlsv1.2' ->
CryptoSupport = crypto:supports(),
@@ -1224,7 +1228,7 @@ is_fips(_) ->
false.
cipher_restriction(Config0) ->
- Version = tls_record:protocol_version(protocol_version(Config0)),
+ Version = protocol_version(Config0, tuple),
case is_sane_ecc(openssl) of
false ->
Opts = proplists:get_value(server_opts, Config0),
@@ -1455,6 +1459,7 @@ ct_log_supported_protocol_versions(Config) ->
clean_env() ->
application:unset_env(ssl, protocol_version),
+ application:unset_env(ssl, dtls_protocol_version),
application:unset_env(ssl, session_lifetime),
application:unset_env(ssl, session_cb),
application:unset_env(ssl, session_cb_init_args),
diff --git a/lib/ssl/test/ssl_to_openssl_SUITE.erl b/lib/ssl/test/ssl_to_openssl_SUITE.erl
index c9a1b8c735..43a4a0b6d1 100644
--- a/lib/ssl/test/ssl_to_openssl_SUITE.erl
+++ b/lib/ssl/test/ssl_to_openssl_SUITE.erl
@@ -85,19 +85,19 @@ all_versions_tests() ->
].
dtls_all_versions_tests() ->
[
- %%erlang_client_openssl_server,
+ erlang_client_openssl_server,
erlang_server_openssl_client,
- %%erlang_client_openssl_server_dsa_cert,
+ erlang_client_openssl_server_dsa_cert,
erlang_server_openssl_client_dsa_cert,
- erlang_server_openssl_client_reuse_session
+ erlang_server_openssl_client_reuse_session,
%%erlang_client_openssl_server_renegotiate,
%%erlang_client_openssl_server_nowrap_seqnum,
%%erlang_server_openssl_client_nowrap_seqnum,
- %%erlang_client_openssl_server_no_server_ca_cert,
- %%erlang_client_openssl_server_client_cert,
- %%erlang_server_openssl_client_client_cert
- %%ciphers_rsa_signed_certs,
- %%ciphers_dsa_signed_certs,
+ erlang_client_openssl_server_no_server_ca_cert,
+ erlang_client_openssl_server_client_cert,
+ erlang_server_openssl_client_client_cert,
+ ciphers_rsa_signed_certs,
+ ciphers_dsa_signed_certs
%%erlang_client_bad_openssl_server,
%%expired_session
].
@@ -875,7 +875,8 @@ ciphers_dsa_signed_certs() ->
[{doc,"Test cipher suites that uses dsa certs"}].
ciphers_dsa_signed_certs(Config) when is_list(Config) ->
Version = ssl_test_lib:protocol_version(Config),
- Ciphers = ssl_test_lib:dsa_suites(tls_record:protocol_version(Version)),
+ NVersion = ssl_test_lib:protocol_version(Config, tuple),
+ Ciphers = ssl_test_lib:dsa_suites(NVersion),
run_suites(Ciphers, Version, Config, dsa).
%%--------------------------------------------------------------------