diff options
author | Ingela Anderton Andin <ingela@erlang.org> | 2021-02-12 14:16:39 +0100 |
---|---|---|
committer | Ingela Anderton Andin <ingela@erlang.org> | 2021-02-12 14:16:39 +0100 |
commit | 6c238977764f804eb793ea075961f81d0d2b584c (patch) | |
tree | 0a0544203634a12dba26443beb855b417964657a | |
parent | 4b607f92b743c3e03e4864f753b79ded60e39bb1 (diff) | |
parent | 36a5a73d6776685c20035835d5635176f0dbadbb (diff) | |
download | erlang-6c238977764f804eb793ea075961f81d0d2b584c.tar.gz |
Merge branch 'ingela/ssl/cuddle-timeouts-and-versions' into maint
* ingela/ssl/cuddle-timeouts-and-versions:
ssl: Cuddle tests
-rw-r--r-- | lib/ssl/test/openssl_cipher_suite_SUITE.erl | 4 | ||||
-rw-r--r-- | lib/ssl/test/openssl_session_SUITE.erl | 35 | ||||
-rw-r--r-- | lib/ssl/test/ssl_api_SUITE.erl | 15 | ||||
-rw-r--r-- | lib/ssl/test/ssl_test_lib.erl | 3 |
4 files changed, 39 insertions, 18 deletions
diff --git a/lib/ssl/test/openssl_cipher_suite_SUITE.erl b/lib/ssl/test/openssl_cipher_suite_SUITE.erl index fc17827a1b..fb1f28aa4a 100644 --- a/lib/ssl/test/openssl_cipher_suite_SUITE.erl +++ b/lib/ssl/test/openssl_cipher_suite_SUITE.erl @@ -89,7 +89,7 @@ ecdhe_ecdsa_with_aes_256_ccm_8/1 ]). --define(DEFAULT_TIMEOUT, {seconds, 6}). +-define(DEFAULT_TIMEOUT, {seconds, 10}). %%-------------------------------------------------------------------- %% Common Test interface functions ----------------------------------- @@ -388,7 +388,7 @@ init_per_testcase(TestCase, Config) when TestCase == psk_3des_ede_cbc; SupCiphers = proplists:get_value(ciphers, crypto:supports()), case lists:member(des_ede3, SupCiphers) of true -> - ct:timetrap({seconds, 5}), + ct:timetrap({seconds, ?DEFAULT_TIMEOUT}), Config; _ -> {skip, "Missing 3DES crypto support"} diff --git a/lib/ssl/test/openssl_session_SUITE.erl b/lib/ssl/test/openssl_session_SUITE.erl index 1ea6398b2d..08369733dc 100644 --- a/lib/ssl/test/openssl_session_SUITE.erl +++ b/lib/ssl/test/openssl_session_SUITE.erl @@ -124,19 +124,24 @@ init_per_testcase(reuse_session_erlang_client, Config) -> ssl:start(), Config; init_per_testcase(reuse_session_erlang_server, Config) -> - Version = ssl_test_lib:protocol_version(Config), - case ssl_test_lib:is_dtls_version(Version) of + case ssl_test_lib:working_openssl_client() of true -> - case ssl_test_lib:openssl_sane_dtls_session_reuse() of + Version = ssl_test_lib:protocol_version(Config), + case ssl_test_lib:is_dtls_version(Version) of true -> - ct:timetrap(?TIMEOUT), - Config; + case ssl_test_lib:openssl_sane_dtls_session_reuse() of + true -> + ct:timetrap(?TIMEOUT), + Config; + false -> + {skip, "Broken OpenSSL DTLS session reuse"} + end; false -> - {skip, "Broken OpenSSL DTLS session reuse"} + ct:timetrap(?TIMEOUT), + Config end; - false -> - ct:timetrap(?TIMEOUT), - Config + false -> + {skip, "Broken OpenSSL s_client"} end; init_per_testcase(_TestCase, Config) -> ct:timetrap(?TIMEOUT), @@ -171,7 +176,8 @@ reuse_session_erlang_server(Config) when is_list(Config) -> {from, self()}, {mfa, {ssl_test_lib, active_recv, [length(Data)]}}, {reconnect_times, 5}, - {options, [{ciphers, Ciphers} | ServerOpts]}]), + {options, [{ciphers, Ciphers}, + {versions, [Version]}| ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), @@ -206,7 +212,8 @@ reuse_session_erlang_client(Config) when is_list(Config) -> {from, self()}, {options, [{reuse_sessions, save}, {verify, verify_peer}, - {ciphers, Ciphers} | ClientOpts]}]), + {ciphers, Ciphers}, + {versions, [Version]} | ClientOpts]}]), SID = receive {Client0, Id0} -> @@ -219,7 +226,8 @@ reuse_session_erlang_client(Config) when is_list(Config) -> ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_id, []}}, - {from, self()}, {options, [ {ciphers, Ciphers}, + {from, self()}, {options, [ {ciphers, Ciphers}, + {versions, [Version]}, {reuse_session, SID} | ClientOpts]}]), receive {Client1, SID} -> @@ -237,7 +245,8 @@ reuse_session_erlang_client(Config) when is_list(Config) -> ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_id, []}}, - {from, self()}, {options, [{ciphers, Ciphers} | ClientOpts]}]), + {from, self()}, {options, [{ciphers, Ciphers}, + {versions, [Version]} | ClientOpts]}]), receive {Client2, ID} -> case ID of diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl index 0d23e9acc0..8f325bec90 100644 --- a/lib/ssl/test/ssl_api_SUITE.erl +++ b/lib/ssl/test/ssl_api_SUITE.erl @@ -395,6 +395,15 @@ init_per_testcase(connection_information_with_srp, Config) -> false -> {skip, "Missing SRP crypto support"} end; +init_per_testcase(conf_signature_algs, Config) -> + case ssl_test_lib:appropriate_sha(crypto:supports()) of + sha256 -> + ssl_test_lib:ct_log_supported_protocol_versions(Config), + ct:timetrap({seconds, 10}), + Config; + sha -> + {skip, "Tests needs certs with sha256"} + end; init_per_testcase(_TestCase, Config) -> ssl_test_lib:ct_log_supported_protocol_versions(Config), ct:timetrap({seconds, 10}), @@ -694,14 +703,16 @@ conf_signature_algs(Config) when is_list(Config) -> ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, {from, self()}, {mfa, {ssl_test_lib, send_recv_result, []}}, - {options, [{active, false}, {signature_algs, [{sha256, rsa}]} | ServerOpts]}]), + {options, [{active, false}, {signature_algs, [{sha256, rsa}]}, + {versions, ['tlsv1.2']} | ServerOpts]}]), Port = ssl_test_lib:inet_port(Server), Client = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {from, self()}, {mfa, {ssl_test_lib, send_recv_result, []}}, - {options, [{active, false}, {signature_algs, [{sha256, rsa}]} | ClientOpts]}]), + {options, [{active, false}, {signature_algs, [{sha256, rsa}]}, + {versions, ['tlsv1.2']} | ClientOpts]}]), ct:log("Testcase ~p, Client ~p Server ~p ~n", [self(), Client, Server]), diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl index fd0bf0ccfa..ddaba06bca 100644 --- a/lib/ssl/test/ssl_test_lib.erl +++ b/lib/ssl/test/ssl_test_lib.erl @@ -175,7 +175,8 @@ ecdh_dh_anonymous_suites/1, ecdsa_suites/1, der_to_pem/2, - pem_to_der/1 + pem_to_der/1, + appropriate_sha/1 ]). -export([maybe_force_ipv4/1, |