diff options
author | Erlang/OTP <otp@erlang.org> | 2023-04-20 14:11:13 +0200 |
---|---|---|
committer | Erlang/OTP <otp@erlang.org> | 2023-04-20 14:11:13 +0200 |
commit | 04826f9a431760bdd05df4c6d427002fb7c38db3 (patch) | |
tree | a18d5d120ce88f1136c40b70e400284169aa6541 | |
parent | cc1f3cdc5f5ab88b26412ad0f8ff7ed6730788e2 (diff) | |
parent | 1c57460735abb922c395b3428d420f1d91c4cac1 (diff) | |
download | erlang-04826f9a431760bdd05df4c6d427002fb7c38db3.tar.gz |
Merge branch 'ingela/ssl/test-stop-using-weak-key' into maint-24
* ingela/ssl/test-stop-using-weak-key:
ssl: Let test case use stronger key
-rw-r--r-- | lib/ssl/test/ssl_session_SUITE.erl | 22 |
1 files changed, 15 insertions, 7 deletions
diff --git a/lib/ssl/test/ssl_session_SUITE.erl b/lib/ssl/test/ssl_session_SUITE.erl index 40fff3bbbd..f597c78bb5 100644 --- a/lib/ssl/test/ssl_session_SUITE.erl +++ b/lib/ssl/test/ssl_session_SUITE.erl @@ -464,8 +464,11 @@ no_reuses_session_server_restart_new_cert() -> no_reuses_session_server_restart_new_cert(Config) when is_list(Config) -> ClientOpts = ssl_test_lib:ssl_options(client_rsa_der_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_der_verify_opts, Config), - RSA1024ServerOpts = ssl_test_lib:ssl_options(server_rsa_1024_der_opts, Config), - RSA1024ClientOpts = ssl_test_lib:ssl_options(client_rsa_1024_der_opts, Config), + #{client_config := NewCOpts, + server_config := NewSOpts} = ssl_test_lib:make_cert_chains_der(rsa, + [[{key, ssl_test_lib:hardcode_rsa_key(4)}], + [{key, ssl_test_lib:hardcode_rsa_key(5)}], + [{key, ssl_test_lib:hardcode_rsa_key(6)}]]), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), @@ -490,12 +493,12 @@ no_reuses_session_server_restart_new_cert(Config) when is_list(Config) -> Server1 = ssl_test_lib:start_server([{node, ServerNode}, {port, Port}, {from, self()}, {mfa, {ssl_test_lib, session_info_result, []}}, - {options, [{reuseaddr, true} | RSA1024ServerOpts]}]), + {options, [{reuseaddr, true} | NewSOpts]}]), Client1 = ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_info_result, []}}, - {from, self()}, {options, RSA1024ClientOpts}]), + {from, self()}, {options, NewCOpts}]), Info1 = receive {Server1, Info10} -> Info10 end, receive @@ -517,7 +520,12 @@ no_reuses_session_server_restart_new_cert_file() -> no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), - RSA1024ServerOpts = ssl_test_lib:ssl_options(server_rsa_1024_verify_opts, Config), + #{client_config := NewCOpts, + server_config := NewSOpts} = ssl_test_lib:make_cert_chains_pem(rsa, + [[{key, ssl_test_lib:hardcode_rsa_key(4)}], + [{key, ssl_test_lib:hardcode_rsa_key(5)}], + [{key, ssl_test_lib:hardcode_rsa_key(6)}]], + Config, "ssl_session_new_rsa"), PrivDir = proplists:get_value(priv_dir, Config), NewServerOpts0 = ssl_test_lib:new_config(PrivDir, ServerOpts), @@ -548,7 +556,7 @@ no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ssl:clear_pem_cache(), - NewServerOpts1 = ssl_test_lib:new_config(PrivDir, RSA1024ServerOpts), + NewServerOpts1 = ssl_test_lib:new_config(PrivDir, NewSOpts), Server1 = ssl_test_lib:start_server([{node, ServerNode}, {port, Port}, @@ -559,7 +567,7 @@ no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) -> ssl_test_lib:start_client([{node, ClientNode}, {port, Port}, {host, Hostname}, {mfa, {ssl_test_lib, session_info_result, []}}, - {from, self()}, {options, ClientOpts}]), + {from, self()}, {options, NewCOpts}]), receive {Client1, SessionInfo} -> ct:fail(session_reused_when_server_has_new_cert); |