summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIngela Anderton Andin <ingela@erlang.org>2021-02-12 14:16:39 +0100
committerIngela Anderton Andin <ingela@erlang.org>2021-02-12 14:16:39 +0100
commit6c238977764f804eb793ea075961f81d0d2b584c (patch)
tree0a0544203634a12dba26443beb855b417964657a
parent4b607f92b743c3e03e4864f753b79ded60e39bb1 (diff)
parent36a5a73d6776685c20035835d5635176f0dbadbb (diff)
downloaderlang-6c238977764f804eb793ea075961f81d0d2b584c.tar.gz
Merge branch 'ingela/ssl/cuddle-timeouts-and-versions' into maint
* ingela/ssl/cuddle-timeouts-and-versions: ssl: Cuddle tests
Diffstat
-rw-r--r--lib/ssl/test/openssl_cipher_suite_SUITE.erl4
-rw-r--r--lib/ssl/test/openssl_session_SUITE.erl35
-rw-r--r--lib/ssl/test/ssl_api_SUITE.erl15
-rw-r--r--lib/ssl/test/ssl_test_lib.erl3
4 files changed, 39 insertions, 18 deletions
diff --git a/lib/ssl/test/openssl_cipher_suite_SUITE.erl b/lib/ssl/test/openssl_cipher_suite_SUITE.erl
index fc17827a1b..fb1f28aa4a 100644
--- a/lib/ssl/test/openssl_cipher_suite_SUITE.erl
+++ b/lib/ssl/test/openssl_cipher_suite_SUITE.erl
@@ -89,7 +89,7 @@
ecdhe_ecdsa_with_aes_256_ccm_8/1
]).
--define(DEFAULT_TIMEOUT, {seconds, 6}).
+-define(DEFAULT_TIMEOUT, {seconds, 10}).
%%--------------------------------------------------------------------
%% Common Test interface functions -----------------------------------
@@ -388,7 +388,7 @@ init_per_testcase(TestCase, Config) when TestCase == psk_3des_ede_cbc;
SupCiphers = proplists:get_value(ciphers, crypto:supports()),
case lists:member(des_ede3, SupCiphers) of
true ->
- ct:timetrap({seconds, 5}),
+ ct:timetrap({seconds, ?DEFAULT_TIMEOUT}),
Config;
_ ->
{skip, "Missing 3DES crypto support"}
diff --git a/lib/ssl/test/openssl_session_SUITE.erl b/lib/ssl/test/openssl_session_SUITE.erl
index 1ea6398b2d..08369733dc 100644
--- a/lib/ssl/test/openssl_session_SUITE.erl
+++ b/lib/ssl/test/openssl_session_SUITE.erl
@@ -124,19 +124,24 @@ init_per_testcase(reuse_session_erlang_client, Config) ->
ssl:start(),
Config;
init_per_testcase(reuse_session_erlang_server, Config) ->
- Version = ssl_test_lib:protocol_version(Config),
- case ssl_test_lib:is_dtls_version(Version) of
+ case ssl_test_lib:working_openssl_client() of
true ->
- case ssl_test_lib:openssl_sane_dtls_session_reuse() of
+ Version = ssl_test_lib:protocol_version(Config),
+ case ssl_test_lib:is_dtls_version(Version) of
true ->
- ct:timetrap(?TIMEOUT),
- Config;
+ case ssl_test_lib:openssl_sane_dtls_session_reuse() of
+ true ->
+ ct:timetrap(?TIMEOUT),
+ Config;
+ false ->
+ {skip, "Broken OpenSSL DTLS session reuse"}
+ end;
false ->
- {skip, "Broken OpenSSL DTLS session reuse"}
+ ct:timetrap(?TIMEOUT),
+ Config
end;
- false ->
- ct:timetrap(?TIMEOUT),
- Config
+ false ->
+ {skip, "Broken OpenSSL s_client"}
end;
init_per_testcase(_TestCase, Config) ->
ct:timetrap(?TIMEOUT),
@@ -171,7 +176,8 @@ reuse_session_erlang_server(Config) when is_list(Config) ->
{from, self()},
{mfa, {ssl_test_lib, active_recv, [length(Data)]}},
{reconnect_times, 5},
- {options, [{ciphers, Ciphers} | ServerOpts]}]),
+ {options, [{ciphers, Ciphers},
+ {versions, [Version]}| ServerOpts]}]),
Port = ssl_test_lib:inet_port(Server),
@@ -206,7 +212,8 @@ reuse_session_erlang_client(Config) when is_list(Config) ->
{from, self()},
{options, [{reuse_sessions, save},
{verify, verify_peer},
- {ciphers, Ciphers} | ClientOpts]}]),
+ {ciphers, Ciphers},
+ {versions, [Version]} | ClientOpts]}]),
SID = receive
{Client0, Id0} ->
@@ -219,7 +226,8 @@ reuse_session_erlang_client(Config) when is_list(Config) ->
ssl_test_lib:start_client([{node, ClientNode},
{port, Port}, {host, Hostname},
{mfa, {ssl_test_lib, session_id, []}},
- {from, self()}, {options, [ {ciphers, Ciphers},
+ {from, self()}, {options, [ {ciphers, Ciphers},
+ {versions, [Version]},
{reuse_session, SID} | ClientOpts]}]),
receive
{Client1, SID} ->
@@ -237,7 +245,8 @@ reuse_session_erlang_client(Config) when is_list(Config) ->
ssl_test_lib:start_client([{node, ClientNode},
{port, Port}, {host, Hostname},
{mfa, {ssl_test_lib, session_id, []}},
- {from, self()}, {options, [{ciphers, Ciphers} | ClientOpts]}]),
+ {from, self()}, {options, [{ciphers, Ciphers},
+ {versions, [Version]} | ClientOpts]}]),
receive
{Client2, ID} ->
case ID of
diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl
index 0d23e9acc0..8f325bec90 100644
--- a/lib/ssl/test/ssl_api_SUITE.erl
+++ b/lib/ssl/test/ssl_api_SUITE.erl
@@ -395,6 +395,15 @@ init_per_testcase(connection_information_with_srp, Config) ->
false ->
{skip, "Missing SRP crypto support"}
end;
+init_per_testcase(conf_signature_algs, Config) ->
+ case ssl_test_lib:appropriate_sha(crypto:supports()) of
+ sha256 ->
+ ssl_test_lib:ct_log_supported_protocol_versions(Config),
+ ct:timetrap({seconds, 10}),
+ Config;
+ sha ->
+ {skip, "Tests needs certs with sha256"}
+ end;
init_per_testcase(_TestCase, Config) ->
ssl_test_lib:ct_log_supported_protocol_versions(Config),
ct:timetrap({seconds, 10}),
@@ -694,14 +703,16 @@ conf_signature_algs(Config) when is_list(Config) ->
ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
{from, self()},
{mfa, {ssl_test_lib, send_recv_result, []}},
- {options, [{active, false}, {signature_algs, [{sha256, rsa}]} | ServerOpts]}]),
+ {options, [{active, false}, {signature_algs, [{sha256, rsa}]},
+ {versions, ['tlsv1.2']} | ServerOpts]}]),
Port = ssl_test_lib:inet_port(Server),
Client =
ssl_test_lib:start_client([{node, ClientNode}, {port, Port},
{host, Hostname},
{from, self()},
{mfa, {ssl_test_lib, send_recv_result, []}},
- {options, [{active, false}, {signature_algs, [{sha256, rsa}]} | ClientOpts]}]),
+ {options, [{active, false}, {signature_algs, [{sha256, rsa}]},
+ {versions, ['tlsv1.2']} | ClientOpts]}]),
ct:log("Testcase ~p, Client ~p Server ~p ~n",
[self(), Client, Server]),
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index fd0bf0ccfa..ddaba06bca 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -175,7 +175,8 @@
ecdh_dh_anonymous_suites/1,
ecdsa_suites/1,
der_to_pem/2,
- pem_to_der/1
+ pem_to_der/1,
+ appropriate_sha/1
]).
-export([maybe_force_ipv4/1,
View Lorry Controller Status