Merge branch 'ingela/ssl/test-cuddle' into maint

* ingela/ssl/test-cuddle:
  ssl: Check if OpenSSL allows client initiate renegotiation

4 files changed, 47 insertions, 53 deletions

diff --git a/lib/ssl/test/openssl_alpn_SUITE.erl b/lib/ssl/test/openssl_alpn_SUITE.erl
index 5008dba922..a54286c2cd 100644
--- a/lib/ssl/test/openssl_alpn_SUITE.erl
+++ b/lib/ssl/test/openssl_alpn_SUITE.erl
@@ -85,13 +85,11 @@ alpn_npn_coexist() ->
      erlang_server_alpn_npn_openssl_client_alpn_npn  
     ].
 rengotiation_tests() ->
-    case ssl_test_lib:sane_openssl_alpn_npn_renegotiate() of
-        true ->
-            [erlang_client_alpn_openssl_server_alpn_renegotiate,
-             erlang_server_alpn_openssl_client_alpn_renegotiate];
-        false ->
-            []
-    end.
+    [
+     erlang_client_alpn_openssl_server_alpn_renegotiate,
+     erlang_server_alpn_openssl_client_alpn_renegotiate
+    ].
+
 init_per_suite(Config0) ->
     case os:find_executable("openssl") of
         false ->
@@ -148,15 +146,17 @@ init_per_testcase(TestCase, Config) ->
     ct:timetrap({seconds, 10}),
     special_init(TestCase, Config).
 
-special_init(TestCase, Config)
-     when TestCase == erlang_client_alpn_openssl_server_alpn_renegotiate;
-          TestCase == erlang_server_alpn_openssl_client_alpn_renegotiate ->
-     {ok, Version} = application:get_env(ssl, protocol_version),
+special_init(erlang_client_alpn_openssl_server_alpn_renegotiate, Config) ->
+    {ok, Version} = application:get_env(ssl, protocol_version),
     ssl_test_lib:check_sane_openssl_renegotaite(Config, Version);
-special_init(TestCase, Config)
-  when TestCase == erlang_client_alpn_npn_openssl_server_alpn_npn;
-       TestCase == erlang_server_alpn_npn_openssl_client_alpn_npn ->
-    ssl_test_lib:check_openssl_npn_support(Config);
+special_init(erlang_server_alpn_openssl_client_alpn_renegotiate, Config) ->
+    {ok, Version} = application:get_env(ssl, protocol_version),
+    case ssl_test_lib:check_sane_openssl_renegotaite(Config, Version) of
+        Config ->
+            ssl_test_lib:openssl_allows_client_renegotaite(Config);
+        Skip ->
+            Skip
+    end;
 special_init(_, Config) ->
      Config.
 
diff --git a/lib/ssl/test/openssl_npn_SUITE.erl b/lib/ssl/test/openssl_npn_SUITE.erl
index 0294f4997f..ed3d81eba7 100644
--- a/lib/ssl/test/openssl_npn_SUITE.erl
+++ b/lib/ssl/test/openssl_npn_SUITE.erl
@@ -55,13 +55,10 @@ npn_tests() ->
      erlang_client_openssl_server_npn_only_server].
 
 npn_renegotiate_tests() ->
-   case ssl_test_lib:sane_openssl_alpn_npn_renegotiate() of
-        true ->
-           [erlang_server_openssl_client_npn_renegotiate,
-            erlang_client_openssl_server_npn_renegotiate];
-        false ->
-            []
-    end.
+           [
+            erlang_server_openssl_client_npn_renegotiate,
+            erlang_client_openssl_server_npn_renegotiate
+           ].
 
 init_per_suite(Config0) ->
     case os:find_executable("openssl") of
@@ -119,13 +116,19 @@ init_per_testcase(TestCase, Config) ->
     ct:timetrap({seconds, 10}),
     special_init(TestCase, Config).
 
-special_init(TestCase, Config)
-     when TestCase == erlang_client_npn_openssl_server_npn_renegotiate;
-          TestCase == erlang_server_npn_openssl_client_npn_renegotiate ->
-     {ok, Version} = application:get_env(ssl, protocol_version),
+special_init(erlang_client_openssl_server_npn_renegotiate, Config) ->
+    {ok, Version} = application:get_env(ssl, protocol_version),
     ssl_test_lib:check_sane_openssl_renegotaite(Config, Version);
+special_init(erlang_server_openssl_client_npn_renegotiate, Config) ->
+    {ok, Version} = application:get_env(ssl, protocol_version),
+    case ssl_test_lib:check_sane_openssl_renegotaite(Config, Version) of
+        Config ->
+            ssl_test_lib:openssl_allows_client_renegotaite(Config);
+        Skip ->
+            Skip
+    end;
 special_init(_, Config) ->
-     Config.
+    Config.
 
 end_per_testcase(_, Config) ->
     Config.
diff --git a/lib/ssl/test/openssl_renegotiate_SUITE.erl b/lib/ssl/test/openssl_renegotiate_SUITE.erl
index 787b5208b8..a5c6056d63 100644
--- a/lib/ssl/test/openssl_renegotiate_SUITE.erl
+++ b/lib/ssl/test/openssl_renegotiate_SUITE.erl
@@ -104,7 +104,8 @@ init_per_group(GroupName, Config) ->
                  true ->
                     case ssl_test_lib:check_sane_openssl_version(GroupName) of
                          true ->
-                            ssl_test_lib:check_sane_openssl_renegotaite(ssl_test_lib:init_tls_version(GroupName, Config),
+                            ssl_test_lib:check_sane_openssl_renegotaite(ssl_test_lib:init_tls_version(GroupName, 
+                                                                                                      Config),
                                                                         GroupName);
                         false ->
                             {skip, openssl_does_not_support_version}
@@ -123,21 +124,12 @@ end_per_group(GroupName, Config) ->
        false ->
             Config
     end.
-
+init_per_testcase(erlang_client_openssl_server_nowrap_seqnum, Config) ->
+    ct:timetrap({seconds, 10}),
+    ssl_test_lib:openssl_allows_client_renegotaite(Config);
 init_per_testcase(TestCase, Config) ->
     ct:timetrap({seconds, 10}),
-    special_init(TestCase, Config).
-
-special_init(TestCase, Config)
-  when TestCase == erlang_client_openssl_server_renegotiate;
-       TestCase == erlang_client_openssl_server_nowrap_seqnum;
-       TestCase == erlang_server_openssl_client_nowrap_seqnum;
-       TestCase == erlang_client_openssl_server_renegotiate_after_client_data
-        ->
-    {ok, Version} = application:get_env(ssl, protocol_version),
-    ssl_test_lib:check_sane_openssl_renegotaite(Config, Version);
-special_init(_, Config) ->
-     Config.
+    Config.
 
 end_per_testcase(_, Config) ->
     Config.
@@ -287,7 +279,7 @@ erlang_client_openssl_server_nowrap_seqnum(Config) when is_list(Config) ->
     process_flag(trap_exit, false).
 %%--------------------------------------------------------------------
 erlang_server_openssl_client_nowrap_seqnum() ->
-    [{doc, "Test that erlang client will renegotiate session when",
+    [{doc, "Test that erlang server will renegotiate session when",
       "max sequence number celing is about to be reached. Although"
       "in the testcase we use the test option renegotiate_at"
       " to lower treashold substantially."}].
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index c4f294771a..b96eef461e 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -2212,6 +2212,16 @@ check_sane_openssl_renegotaite(Config) ->
 	    Config
     end.
 
+openssl_allows_client_renegotaite(Config) ->
+     case os:cmd("openssl version") of  
+	"OpenSSL 1.1" ++ _ ->
+	    {skip, "OpenSSL does not allow client renegotiation"};
+	"LibreSSL 2" ++ _ ->
+	    {skip, "LibreSSL does not allow client renegotiation"};
+         _ ->
+             Config
+     end.
+
 workaround_openssl_s_clinent() ->
     %% http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683159
     %% https://bugs.archlinux.org/task/33919
@@ -2777,17 +2787,6 @@ new_config(PrivDir, ServerOpts0) ->
     [{cacertfile, NewCaCertFile}, {certfile, NewCertFile},
      {keyfile, NewKeyFile} | ServerOpts].
 
-sane_openssl_alpn_npn_renegotiate() ->
-     case os:cmd("openssl version") of 
-         "LibreSSL 2.9.1" ++ _ ->
-             false;
-         "LibreSSL 2.6.4" ++ _ ->
-             false;
-         "OpenSSL 1.1.1a-freebsd" ++ _ ->
-             false;
-         _  ->
-             true
-     end.
 
 openssl_sane_dtls_alpn() ->
     case os:cmd("openssl version") of