From 3cc134ef693e6c8184d82635faa195d1010603c7 Mon Sep 17 00:00:00 2001
From: Geoff Cant <nem@erlang.geek.nz>
Date: Sun, 28 Apr 2013 01:15:45 -0700
Subject: Allow ranch_ssl to use DER cert/key/ca options.

The Erlang SSL library allows keys, certs and cacerts to be passed either as DER encoded binaries or in PEM encoded files. This patch allows ranch_ssl to be configured in either manner.
---
 test/acceptor_SUITE.erl | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

(limited to 'test')

diff --git a/test/acceptor_SUITE.erl b/test/acceptor_SUITE.erl
index 861ea33..f7f3b31 100644
--- a/test/acceptor_SUITE.erl
+++ b/test/acceptor_SUITE.erl
@@ -30,6 +30,7 @@
 %% ssl.
 -export([ssl_accept_error/1]).
 -export([ssl_accept_socket/1]).
+-export([ssl_accept_socket_nofile/1]).
 -export([ssl_active_echo/1]).
 -export([ssl_echo/1]).
 
@@ -70,6 +71,7 @@ groups() ->
 	]}, {ssl, [
 		ssl_accept_error,
 		ssl_accept_socket,
+		ssl_accept_socket_nofile,
 		ssl_active_echo,
 		ssl_echo
 	]}, {misc, [
@@ -136,6 +138,31 @@ ssl_accept_error(Config) ->
 	true = is_process_alive(AcceptorPid),
 	ranch:stop_listener(Name).
 
+ssl_accept_socket_nofile(Config) ->
+	%%% XXX we can't do the spawn to test the controlling process change
+	%%% because of the bug in ssl
+	{ok, Pem} = file:read_file(filename:join(?config(data_dir, Config),
+											 "cert.pem")),
+	[{KeyType, Key, not_encrypted},
+	 {_CertType, Cert, not_encrypted}] = public_key:pem_decode(Pem),
+	Name = ssl_accept_socket,
+	{ok, S} = ssl:listen(0,
+		[{cert, Cert}, {key, {KeyType, Key}}, binary,
+			{active, false}, {packet, raw}, {reuseaddr, true}]),
+	{ok, _} = ranch:start_listener(Name, 1,
+		ranch_ssl, [{socket, S}], echo_protocol, []),
+	Port = ranch:get_port(Name),
+	{ok, Socket} = ssl:connect("localhost", Port,
+		[binary, {active, false}, {packet, raw},
+		{certfile, ?config(data_dir, Config) ++ "cert.pem"}]),
+	ok = ssl:send(Socket, <<"TCP Ranch is working!">>),
+	{ok, <<"TCP Ranch is working!">>} = ssl:recv(Socket, 21, 1000),
+	ok = ranch:stop_listener(Name),
+	{error, closed} = ssl:recv(Socket, 0, 1000),
+	%% Make sure the listener stopped.
+	{'EXIT', _} = begin catch ranch:get_port(Name) end,
+	ok.
+
 ssl_accept_socket(Config) ->
 	%%% XXX we can't do the spawn to test the controlling process change
 	%%% because of the bug in ssl
-- 
cgit v1.2.3