File 0393-ssl-Add-test-cases-to-cover-handling-of-max-session-.patch of Package erlang
From 3fb2290222391dadc9afd679975ad0303035ff4d Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 28 Apr 2021 10:48:24 +0200
Subject: [PATCH] ssl: Add test cases to cover handling of max session table
---
lib/ssl/test/ssl_session_SUITE.erl | 119 +++++++++++++++++++++++++++--
1 file changed, 114 insertions(+), 5 deletions(-)
diff --git a/lib/ssl/test/ssl_session_SUITE.erl b/lib/ssl/test/ssl_session_SUITE.erl
index 552be7ddd6..57e8944fe2 100644
--- a/lib/ssl/test/ssl_session_SUITE.erl
+++ b/lib/ssl/test/ssl_session_SUITE.erl
@@ -41,7 +41,7 @@
]).
%% Test cases
--export([reuse_session/0,
+ -export([reuse_session/0,
reuse_session/1,
reuse_session_expired/0,
reuse_session_expired/1,
@@ -53,6 +53,10 @@
no_reuses_session_server_restart_new_cert/1,
no_reuses_session_server_restart_new_cert_file/0,
no_reuses_session_server_restart_new_cert_file/1,
+ client_max_session_table/0,
+ client_max_session_table/1,
+ server_max_session_table/0,
+ server_max_session_table/1,
session_table_stable_size_on_tcp_close/0,
session_table_stable_size_on_tcp_close/1
]).
@@ -87,7 +91,10 @@ session_tests() ->
server_does_not_want_to_reuse_session,
explicit_session_reuse,
no_reuses_session_server_restart_new_cert,
- no_reuses_session_server_restart_new_cert_file].
+ no_reuses_session_server_restart_new_cert_file,
+ client_max_session_table,
+ server_max_session_table
+ ].
tls_session_tests() ->
[session_table_stable_size_on_tcp_close].
@@ -124,9 +131,29 @@ init_per_testcase(reuse_session_expired, Config) ->
ssl_test_lib:ct_log_supported_protocol_versions(Config),
ct:timetrap({seconds, 30}),
Config;
-init_per_testcase(_, Config) ->
+init_per_testcase(client_max_session_table, Config) ->
+ Versions = ssl_test_lib:protocol_version(Config),
+ ssl:stop(),
+ application:load(ssl),
+ ssl_test_lib:clean_env(),
+ ssl_test_lib:set_protocol_versions(Versions),
+ application:set_env(ssl, session_cache_client_max, 2),
+ ssl:start(),
ssl_test_lib:ct_log_supported_protocol_versions(Config),
- ct:timetrap({seconds, 15}),
+ ct:timetrap({seconds, 30}),
+ Config;
+init_per_testcase(server_max_session_table, Config) ->
+ Versions = ssl_test_lib:protocol_version(Config),
+ ssl:stop(),
+ application:load(ssl),
+ ssl_test_lib:clean_env(),
+ ssl_test_lib:set_protocol_versions(Versions),
+ application:set_env(ssl, session_cache_server_max, 2),
+ ssl:start(),
+ ssl_test_lib:ct_log_supported_protocol_versions(Config),
+ ct:timetrap({seconds, 30}),
+ Config;
+init_per_testcase(_, Config) ->
Config.
end_per_testcase(reuse_session_expired, Config) ->
@@ -337,7 +364,7 @@ no_reuses_session_server_restart_new_cert(Config) when is_list(Config) ->
{from, self()}, {options, [{reuse_sessions, save} | ClientOpts]}]),
SessionInfo =
receive
- {Server, Info} ->
+ {Server, Info} ->
Info
end,
@@ -424,6 +451,25 @@ no_reuses_session_server_restart_new_cert_file(Config) when is_list(Config) ->
ssl_test_lib:close(Server1),
ssl_test_lib:close(Client1).
+
+client_max_session_table() ->
+ [{doc, "Check that max session table limit handling set max to 1 in init_per_testcase"}].
+
+client_max_session_table(Config) when is_list(Config)->
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ {ClientNode, ServerNode, HostName} = ssl_test_lib:run_where(Config),
+ test_max_session_limit(ClientOpts,ServerOpts,ClientNode, ServerNode, HostName).
+
+server_max_session_table() ->
+ [{doc, "Check that max session table limit handling set max to 1 in init_per_testcase"}].
+
+server_max_session_table(Config) when is_list(Config)->
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ {ClientNode, ServerNode, HostName} = ssl_test_lib:run_where(Config),
+ test_max_session_limit(ClientOpts,ServerOpts,ClientNode, ServerNode, HostName).
+
session_table_stable_size_on_tcp_close() ->
[{doc, "Check that new sessions are cleanup when connection is closed abruptly during first handshake"}].
@@ -593,3 +639,66 @@ connection_states(Random) ->
server_random = undefined,
exportable = undefined},
sequence_number => 0,server_verify_data => undefined,max_fragment_length => undefined}}.
+
+
+
+test_max_session_limit(ClientOpts, ServerOpts, ClientNode, ServerNode, HostName) ->
+ Server0 =
+ ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
+ {from, self()},
+ {mfa, {ssl_test_lib, no_result, []}},
+ {tcp_options, [{active, false}]},
+ {options, ServerOpts}]),
+ Port0 = ssl_test_lib:inet_port(Server0),
+
+ Client0 = ssl_test_lib:start_client([{node, ClientNode},
+ {port, Port0}, {host, HostName},
+ {mfa, {ssl_test_lib, session_id, []}},
+ {from, self()}, {options, [{reuse_sessions, save} | ClientOpts]}]),
+ SID0 = receive
+ {Client0, Id0} ->
+ Id0
+ end,
+
+
+ Server0 ! listen,
+
+ Client1 = ssl_test_lib:start_client([{node, ClientNode},
+ {port, Port0}, {host, HostName},
+ {mfa, {ssl_test_lib, session_id, []}},
+ {from, self()}, {options, [{reuse_sessions, save} | ClientOpts]}]),
+
+ SID1 = receive
+ {Client1, Id1} ->
+ Id1
+ end,
+
+ false = SID0 == SID1,
+
+
+ Server0 ! listen,
+
+ Client2 = ssl_test_lib:start_client([{node, ClientNode},
+ {port, Port0}, {host, HostName},
+ {mfa, {ssl_test_lib, session_id, []}},
+ {from, self()}, {options, [{reuse_sessions, save}| ClientOpts]}]),
+
+
+ SID2 = receive
+ {Client2, Id2} ->
+ Id2
+ end,
+
+ Server0 ! listen,
+
+ Client3 = ssl_test_lib:start_client([{node, ClientNode},
+ {port, Port0}, {host, HostName},
+ {mfa, {ssl_test_lib, session_id, []}},
+ {from, self()}, {options, [{reuse_session, SID2}| ClientOpts]}]),
+
+ receive
+ {Client3, SID2} ->
+ ok;
+ Other ->
+ ct:fail({{expected, SID2}, {got,Other}})
+ end.
--
2.26.2
