Overview

File 0355-ssl-Gaurd-tests-better.patch of Package erlang

From e6b390ec621a4c424d6396d58e58a00fee93a743 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Fri, 29 May 2020 19:11:12 +0200
Subject: [PATCH] ssl: Gaurd tests better

Better check for OpenSSL compliance so that we do not try to test
something that the specific OpenSSL version does not support.
---
 lib/ssl/test/openssl_client_cert_SUITE.erl | 13 ++++++++-----
 lib/ssl/test/openssl_server_cert_SUITE.erl | 19 ++++++++++++-------
 lib/ssl/test/ssl_cert_tests.erl            |  2 +-
 3 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/lib/ssl/test/openssl_client_cert_SUITE.erl b/lib/ssl/test/openssl_client_cert_SUITE.erl
index 3c97822915..d9068cff7e 100644
--- a/lib/ssl/test/openssl_client_cert_SUITE.erl
+++ b/lib/ssl/test/openssl_client_cert_SUITE.erl
@@ -124,7 +124,7 @@ init_per_group(Group, Config0) when Group == rsa;
     COpts = proplists:get_value(client_rsa_opts, Config),
     SOpts = proplists:get_value(server_rsa_opts, Config),
     %% Make sure _rsa* suite is choosen by ssl_test_lib:start_server
-    Version = proplists:get_value(version,Config),
+    Version = ssl_test_lib:protocol_version(Config),
     Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) -> 
                                                   true;
                                              (ecdhe_rsa) -> 
@@ -169,13 +169,15 @@ init_per_group(Group, Config0) when Group == ecdsa;
                                     Group == ecdsa_1_3 ->
     PKAlg = crypto:supports(public_keys),
     case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse 
-                                             lists:member(dh, PKAlg)) of
+                                             lists:member(dh, PKAlg)) 
+        andalso (ssl_test_lib:openssl_ecdsa_suites() =/= []) 
+    of
         true ->
             Config = ssl_test_lib:make_ecdsa_cert(Config0),
             COpts = proplists:get_value(client_ecdsa_opts, Config),
             SOpts = proplists:get_value(server_ecdsa_opts, Config),
             %% Make sure ecdh* suite is choosen by ssl_test_lib:start_server
-            Version = proplists:get_value(version,Config),
+            Version = ssl_test_lib:protocol_version(Config),
             Ciphers =  ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) -> 
                                                            true;
                                                       (ecdhe_ecdsa) -> 
@@ -200,13 +202,14 @@ init_per_group(Group, Config0) when Group == ecdsa;
     end;
 init_per_group(Group, Config0) when Group == dsa ->
     PKAlg = crypto:supports(public_keys),
-    case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) of
+    case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) 
+        andalso (ssl_test_lib:openssl_dsa_suites() =/= []) of
         true ->
             Config = ssl_test_lib:make_dsa_cert(Config0),    
             COpts = proplists:get_value(client_dsa_opts, Config),
             SOpts = proplists:get_value(server_dsa_opts, Config),
             %% Make sure dhe_dss* suite is choosen by ssl_test_lib:start_server
-            Version = proplists:get_value(version,Config),
+            Version = ssl_test_lib:protocol_version(Config),
             Ciphers =  ssl_cert_tests:test_ciphers(fun(dh_dss) -> 
                                                            true;
                                                       (dhe_dss) -> 
diff --git a/lib/ssl/test/openssl_server_cert_SUITE.erl b/lib/ssl/test/openssl_server_cert_SUITE.erl
index 805da27510..de8c74fee5 100644
--- a/lib/ssl/test/openssl_server_cert_SUITE.erl
+++ b/lib/ssl/test/openssl_server_cert_SUITE.erl
@@ -118,7 +118,7 @@ init_per_group(rsa = Group, Config0) ->
     COpts = proplists:get_value(client_rsa_opts, Config),
     SOpts = proplists:get_value(server_rsa_opts, Config),
     %% Make sure _rsa* suite is choosen by ssl_test_lib:start_server
-    Version = proplists:get_value(version,Config),
+    Version = ssl_test_lib:protocol_version(Config),
     Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) -> 
                                                   true;
                                              (ecdhe_rsa) -> 
@@ -142,7 +142,7 @@ init_per_group(rsa_1_3 = Group, Config0) ->
     COpts = proplists:get_value(client_rsa_opts, Config),
     SOpts = proplists:get_value(server_rsa_opts, Config),
     %% Make sure _rsa* suite is choosen by ssl_test_lib:start_server
-    Version = proplists:get_value(version,Config),
+    Version = ssl_test_lib:protocol_version(Config),
     Ciphers = ssl_cert_tests:test_ciphers(undefined, Version),
     case Ciphers of
         [_|_] ->
@@ -180,13 +180,15 @@ init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
 init_per_group(ecdsa = Group, Config0) ->
     PKAlg = crypto:supports(public_keys),
     case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse 
-                                             lists:member(dh, PKAlg)) of
+                                                lists:member(dh, PKAlg)) 
+        andalso (ssl_test_lib:openssl_ecdsa_suites() =/= []) 
+    of
         true ->
             Config = ssl_test_lib:make_ecdsa_cert(Config0),
             COpts = proplists:get_value(client_ecdsa_opts, Config),
             SOpts = proplists:get_value(server_ecdsa_opts, Config),
             %% Make sure ecdh* suite is choosen by ssl_test_lib:start_server
-            Version = proplists:get_value(version,Config),
+            Version = ssl_test_lib:protocol_version(Config),
             Ciphers =  ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) -> 
                                                            true;
                                                       (ecdhe_ecdsa) -> 
@@ -212,13 +214,15 @@ init_per_group(ecdsa = Group, Config0) ->
 init_per_group(ecdsa_1_3 = Group, Config0) ->
     PKAlg = crypto:supports(public_keys),
     case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse
-                                             lists:member(dh, PKAlg)) of
+                                             lists:member(dh, PKAlg)) 
+        andalso (ssl_test_lib:openssl_ecdsa_suites() =/= []) 
+    of
         true ->
             Config = ssl_test_lib:make_ecdsa_cert(Config0),
             COpts = proplists:get_value(client_ecdsa_opts, Config),
             SOpts = proplists:get_value(server_ecdsa_opts, Config),
             %% Make sure ecdh* suite is choosen by ssl_test_lib:start_server
-            Version = proplists:get_value(version,Config),
+            Version = proplists:get_value(version,Config),            
             Ciphers =  ssl_cert_tests:test_ciphers(undefined, Version),
             case Ciphers of
                 [_|_] ->
@@ -237,7 +241,8 @@ init_per_group(ecdsa_1_3 = Group, Config0) ->
     end;
 init_per_group(Group, Config0) when Group == dsa ->
     PKAlg = crypto:supports(public_keys),
-    case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) of
+    case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg)  andalso 
+        (ssl_test_lib:openssl_dsa_suites() =/= [])  of
         true ->
             Config = ssl_test_lib:make_dsa_cert(Config0),    
             COpts = proplists:get_value(client_dsa_opts, Config),
diff --git a/lib/ssl/test/ssl_cert_tests.erl b/lib/ssl/test/ssl_cert_tests.erl
index ee50d1cf84..453a0ae7c2 100644
--- a/lib/ssl/test/ssl_cert_tests.erl
+++ b/lib/ssl/test/ssl_cert_tests.erl
@@ -413,7 +413,7 @@ test_ciphers(_, Version) when Version == 'dtlsv1';
                          lists:member(ssl_cipher_format:suite_map_to_openssl_str(C), OpenSSLCiphers)
                  end, Ciphers);
 test_ciphers(Kex, Version) ->
-    Ciphers = ssl:filter_cipher_suites(ssl:cipher_suites(default, Version), 
+    Ciphers = ssl:filter_cipher_suites(ssl:cipher_suites(all, Version), 
                                        [{key_exchange, Kex}]),
     ct:log("Version ~p Testing  ~p~n", [Version, Ciphers]),
     OpenSSLCiphers = openssl_ciphers(),
-- 
2.26.2
openSUSE Build Service is sponsored by
Places