diff options
Diffstat (limited to 'lib/ssl/test')
-rw-r--r-- | lib/ssl/test/openssl_renegotiate_SUITE.erl | 5 | ||||
-rw-r--r-- | lib/ssl/test/openssl_session_SUITE.erl | 17 | ||||
-rw-r--r-- | lib/ssl/test/ssl_api_SUITE.erl | 6 | ||||
-rw-r--r-- | lib/ssl/test/ssl_session_cache_SUITE.erl | 4 | ||||
-rw-r--r-- | lib/ssl/test/ssl_test_lib.erl | 12 | ||||
-rw-r--r-- | lib/ssl/test/tls_api_SUITE.erl | 6 |
6 files changed, 30 insertions, 20 deletions
diff --git a/lib/ssl/test/openssl_renegotiate_SUITE.erl b/lib/ssl/test/openssl_renegotiate_SUITE.erl index 91a8175ac6..787b5208b8 100644 --- a/lib/ssl/test/openssl_renegotiate_SUITE.erl +++ b/lib/ssl/test/openssl_renegotiate_SUITE.erl @@ -104,8 +104,9 @@ init_per_group(GroupName, Config) -> true -> case ssl_test_lib:check_sane_openssl_version(GroupName) of true -> - ssl_test_lib:init_tls_version(GroupName, Config); - false -> + ssl_test_lib:check_sane_openssl_renegotaite(ssl_test_lib:init_tls_version(GroupName, Config), + GroupName); + false -> {skip, openssl_does_not_support_version} end; false -> diff --git a/lib/ssl/test/openssl_session_SUITE.erl b/lib/ssl/test/openssl_session_SUITE.erl index 24dcaa7817..7c129633da 100644 --- a/lib/ssl/test/openssl_session_SUITE.erl +++ b/lib/ssl/test/openssl_session_SUITE.erl @@ -56,8 +56,8 @@ groups() -> {'tlsv1.1', [], tests()}, {'tlsv1', [], tests()}, {'sslv3', [], tests()}, - {'dtlsv1.2', [], dtls_tests()}, - {'dtlsv1', [], dtls_tests()} + {'dtlsv1.2', [], tests()}, + {'dtlsv1', [], tests()} ]; false -> [{'tlsv1.2', [], tests()}, @@ -73,11 +73,6 @@ tests() -> reuse_session_erlang_client ]. -dtls_tests() -> - [ - reuse_session_erlang_server - ]. - init_per_suite(Config0) -> case os:find_executable("openssl") of @@ -154,6 +149,7 @@ reuse_session_erlang_server() -> [{doc, "Test erlang server with openssl client that reconnects with the" "same session id, to test reusing of sessions."}]. reuse_session_erlang_server(Config) when is_list(Config) -> + process_flag(trap_exit, true), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {_, ServerNode, Hostname} = ssl_test_lib:run_where(Config), @@ -193,19 +189,20 @@ reuse_session_erlang_client(Config) when is_list(Config) -> ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ClientNode, _, Hostname} = ssl_test_lib:run_where(Config), - + + Version = ssl_test_lib:protocol_version(Config), Port = ssl_test_lib:inet_port(node()), CertFile = proplists:get_value(certfile, ServerOpts), CACertFile = proplists:get_value(cacertfile, ServerOpts), KeyFile = proplists:get_value(keyfile, ServerOpts), Exe = "openssl", - Args = ["s_server", "-accept", integer_to_list(Port), + Args = ["s_server", "-accept", integer_to_list(Port), ssl_test_lib:version_flag(Version), "-cert", CertFile,"-key", KeyFile, "-CAfile", CACertFile], OpensslPort = ssl_test_lib:portable_open_port(Exe, Args), - ssl_test_lib:wait_for_openssl_server(Port, tls), + ssl_test_lib:wait_for_openssl_server(Port, proplists:get_value(protocol, Config)), Client0 = ssl_test_lib:start_client([{node, ClientNode}, diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl index fefecc0b65..14e5024b91 100644 --- a/lib/ssl/test/ssl_api_SUITE.erl +++ b/lib/ssl/test/ssl_api_SUITE.erl @@ -1251,8 +1251,9 @@ der_input(Config) when is_list(Config) -> [_, _,_, _, Prop] = StatusInfo, State = ssl_test_lib:state(Prop), [CADb | _] = element(6, State), - + ct:sleep(?SLEEP*2), %%Make sure there is no outstanding clean cert db msg in manager Size = ets:info(CADb, size), + ct:pal("Size ~p", [Size]), SeverVerifyOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ServerCert, ServerKey, ServerCaCerts, DHParams} = der_input_opts([{dhfile, DHParamFile} | @@ -1281,6 +1282,7 @@ der_input(Config) when is_list(Config) -> ssl_test_lib:check_result(Server, ok, Client, ok), ssl_test_lib:close(Server), ssl_test_lib:close(Client), + %% Using only DER input should not increase file indexed DB Size = ets:info(CADb, size). %%-------------------------------------------------------------------- @@ -1902,7 +1904,7 @@ do_recv_close(Socket) -> tls_close(Socket) -> ok = ssl_test_lib:send_recv_result(Socket), - case ssl:close(Socket, 5000) of + case ssl:close(Socket, 10000) of ok -> ok; {error, closed} -> diff --git a/lib/ssl/test/ssl_session_cache_SUITE.erl b/lib/ssl/test/ssl_session_cache_SUITE.erl index b71b15b028..553c2d247b 100644 --- a/lib/ssl/test/ssl_session_cache_SUITE.erl +++ b/lib/ssl/test/ssl_session_cache_SUITE.erl @@ -28,7 +28,7 @@ -include_lib("common_test/include/ct.hrl"). -define(DELAY, 500). --define(SLEEP, 500). +-define(SLEEP, 1000). -define(TIMEOUT, 60000). -define(LONG_TIMEOUT, 600000). -define(MAX_TABLE_SIZE, 5). @@ -207,7 +207,7 @@ session_cleanup(Config) when is_list(Config) -> end, %% Make sure session is registered - ct:sleep(?SLEEP), + ct:sleep(?SLEEP*2), {status, _, _, StatusInfo} = sys:get_status(whereis(ssl_manager)), [_, _,_, _, Prop] = StatusInfo, diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl index 7dd27fb5cb..c4f294771a 100644 --- a/lib/ssl/test/ssl_test_lib.erl +++ b/lib/ssl/test/ssl_test_lib.erl @@ -493,7 +493,10 @@ check_result(Server, ServerMsg, Client, ClientMsg) -> ct:log("~p:~p~n Openssl ~s~n",[?MODULE,?LINE, Debug]), check_result(Server, ServerMsg, Client, ClientMsg); {Port,closed} when is_port(Port) -> - ct:log("~p:~p~n Openssl port ~n",[?MODULE,?LINE]), + ct:log("~p:~p~n Openssl port closed ~n",[?MODULE,?LINE]), + check_result(Server, ServerMsg, Client, ClientMsg); + {'EXIT', epipe} -> + ct:log("~p:~p~n Openssl port died ~n",[?MODULE,?LINE]), check_result(Server, ServerMsg, Client, ClientMsg); Unexpected -> Reason = {{expected, {Client, ClientMsg}}, @@ -2187,6 +2190,13 @@ check_sane_openssl_renegotaite(Config, Version) when Version == 'tlsv1.1'; _ -> check_sane_openssl_renegotaite(Config) end; +check_sane_openssl_renegotaite(Config, 'sslv3') -> + case os:cmd("openssl version") of + "OpenSSL 1" ++ _ -> + {skip, "Known renegotiation bug with sslv3 in OpenSSL"}; + _ -> + check_sane_openssl_renegotaite(Config) + end; check_sane_openssl_renegotaite(Config, _) -> check_sane_openssl_renegotaite(Config). diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl index 5a74ec1892..7239d4cb90 100644 --- a/lib/ssl/test/tls_api_SUITE.erl +++ b/lib/ssl/test/tls_api_SUITE.erl @@ -794,16 +794,16 @@ tls_downgrade_result(Socket, Pid) -> {tcp, TCPSocket, <<"Downgraded">>} -> ok; {tcp_closed, TCPSocket} -> - ct:fail("Peer timed out, downgrade aborted"), + ct:fail("Did not receive TCP data"), ok; Other -> {error, Other} end; {error, timeout} -> - ct:fail("Timed out, downgrade aborted"), + ct:comment("Timed out, downgrade aborted"), ok; Fail -> - {error, Fail} + ct:fail(Fail) end. tls_shutdown_result(Socket, server) -> |