File 1614-Store-test-config-certs-in-funs.patch of Package erlang
From 2c05db76ac2b70aa43b9af097002a3545f18467d Mon Sep 17 00:00:00 2001
From: Dan Gudmundsson <dgud@erlang.org>
Date: Tue, 12 Nov 2024 13:03:54 +0100
Subject: [PATCH 4/4] Store test config certs in funs
Reduce the output of (almost) every testcase output, by putting
some settings in fun().
This is just done to reduce the printing of
`=== Config value: ....`
That is printed in each testcase and could be up to 2000 lines.
---
lib/ssl/test/openssl_alpn_SUITE.erl | 22 ++--
lib/ssl/test/openssl_client_cert_SUITE.erl | 32 ++---
lib/ssl/test/openssl_mfl_SUITE.erl | 8 +-
lib/ssl/test/openssl_npn_SUITE.erl | 30 ++---
lib/ssl/test/openssl_server_cert_SUITE.erl | 52 +++++----
lib/ssl/test/openssl_session_ticket_SUITE.erl | 6 +-
lib/ssl/test/ssl_api_SUITE.erl | 24 ++--
lib/ssl/test/ssl_cert_SUITE.erl | 44 +++----
lib/ssl/test/ssl_dist_bench_SUITE.erl | 2 +
lib/ssl/test/ssl_pem_cache_SUITE.erl | 14 +--
lib/ssl/test/ssl_session_cache_SUITE.erl | 4 +-
lib/ssl/test/ssl_socket_SUITE.erl | 4 +-
lib/ssl/test/ssl_test_lib.erl | 110 ++++++++++--------
lib/ssl/test/tls_api_SUITE.erl | 6 +-
14 files changed, 186 insertions(+), 172 deletions(-)
diff --git a/lib/ssl/test/openssl_alpn_SUITE.erl b/lib/ssl/test/openssl_alpn_SUITE.erl
index 1d0bc82c4e..838ee8d5a7 100644
--- a/lib/ssl/test/openssl_alpn_SUITE.erl
+++ b/lib/ssl/test/openssl_alpn_SUITE.erl
@@ -165,8 +165,8 @@ end_per_testcase(_, Config) ->
%%--------------------------------------------------------------------
erlang_client_alpn_openssl_server_alpn(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
- ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
AlpnProtocol = <<"spdy/2">>,
{Server, OpenSSLPort} =
@@ -193,7 +193,7 @@ erlang_client_alpn_openssl_server_alpn(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
erlang_server_alpn_openssl_client_alpn(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
Protocol = <<"spdy/2">>,
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
@@ -222,7 +222,7 @@ erlang_server_alpn_openssl_client_alpn(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_client_alpn_openssl_server(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
Protocol = <<"spdy/2">>,
@@ -248,7 +248,7 @@ erlang_client_alpn_openssl_server(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_client_openssl_server_alpn(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
{Server, OpenSSLPort} = ssl_test_lib:start_server(openssl, [{alpn,"spdy/2"}, return_port],
@@ -269,7 +269,7 @@ erlang_client_openssl_server_alpn(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_server_alpn_openssl_client(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
[{server_opts, [{alpn_preferred_protocols,
@@ -296,7 +296,7 @@ erlang_server_alpn_openssl_client(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_server_openssl_client_alpn(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
[{server_opts, [ServerOpts]} | Config]),
@@ -324,7 +324,7 @@ erlang_server_openssl_client_alpn(Config) when is_list(Config) ->
erlang_client_alpn_openssl_server_alpn_renegotiate(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
AlpnProtocol = <<"spdy/2">>,
@@ -361,7 +361,7 @@ erlang_client_alpn_openssl_server_alpn_renegotiate(Config) when is_list(Config)
%%--------------------------------------------------------------------
erlang_server_alpn_openssl_client_alpn_renegotiate(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
AlpnProtocol = <<"spdy/2">>,
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
@@ -398,7 +398,7 @@ erlang_server_alpn_openssl_client_alpn_renegotiate(Config) when is_list(Config)
%%--------------------------------------------------------------------
erlang_client_alpn_npn_openssl_server_alpn_npn(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
AlpnProtocol = <<"spdy/2">>,
@@ -426,7 +426,7 @@ erlang_client_alpn_npn_openssl_server_alpn_npn(Config) when is_list(Config) ->
%%--------------------------------------------------------------------
erlang_server_alpn_npn_openssl_client_alpn_npn(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
AlpnProtocol = <<"spdy/2">>,
Server = ssl_test_lib:start_server(erlang,
diff --git a/lib/ssl/test/openssl_client_cert_SUITE.erl b/lib/ssl/test/openssl_client_cert_SUITE.erl
index 0b60e5d58a..9a692067aa 100644
--- a/lib/ssl/test/openssl_client_cert_SUITE.erl
+++ b/lib/ssl/test/openssl_client_cert_SUITE.erl
@@ -164,8 +164,8 @@ init_per_group(openssl_client, Config) ->
init_per_group(Group, Config0) when Group == rsa;
Group == rsa_1_3 ->
Config = ssl_test_lib:make_rsa_cert(Config0),
- COpts = proplists:get_value(client_rsa_opts, Config),
- SOpts = proplists:get_value(server_rsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
%% Make sure _rsa* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) ->
@@ -179,8 +179,8 @@ init_per_group(Group, Config0) when Group == rsa;
[_|_] ->
[{cert_key_alg, rsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
@@ -205,8 +205,8 @@ init_per_group(Alg, Config) when
server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(rsa_alg(Alg), [], Config, ""),
[{cert_key_alg, rsa_alg(Alg)} |
lists:delete(cert_key_alg,
- [{client_cert_opts, openssl_sig_algs(rsa_alg(Alg)) ++ COpts},
- {server_cert_opts, ssl_test_lib:sig_algs(Alg, Version) ++ SOpts} |
+ [{client_cert_opts, fun() -> openssl_sig_algs(rsa_alg(Alg)) ++ COpts end},
+ {server_cert_opts, fun() -> ssl_test_lib:sig_algs(Alg, Version) ++ SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
false ->
@@ -221,8 +221,8 @@ init_per_group(Group, Config0) when Group == ecdsa;
of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
- COpts = proplists:get_value(client_ecdsa_opts, Config),
- SOpts = proplists:get_value(server_ecdsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config),
%% Make sure ecdh* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) ->
@@ -236,8 +236,8 @@ init_per_group(Group, Config0) when Group == ecdsa;
[_|_] ->
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
@@ -268,8 +268,8 @@ init_per_group(eddsa_1_3, Config0) ->
[{cert_key_alg, eddsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config0))]
)];
@@ -286,8 +286,8 @@ init_per_group(Group, Config0) when Group == dsa ->
of
true ->
Config = ssl_test_lib:make_dsa_cert(Config0),
- COpts = SigAlgs ++ proplists:get_value(client_dsa_opts, Config),
- SOpts = SigAlgs ++ proplists:get_value(server_dsa_opts, Config),
+ COpts = SigAlgs ++ ssl_test_lib:ssl_options(client_dsa_opts, Config),
+ SOpts = SigAlgs ++ ssl_test_lib:ssl_options(server_dsa_opts, Config),
%% Make sure dhe_dss* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) ->
@@ -301,8 +301,8 @@ init_per_group(Group, Config0) when Group == dsa ->
[_|_] ->
[{cert_key_alg, dsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, [{ciphers, Ciphers} | SOpts]} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> [{ciphers, Ciphers} | SOpts] end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
diff --git a/lib/ssl/test/openssl_mfl_SUITE.erl b/lib/ssl/test/openssl_mfl_SUITE.erl
index 1acd18e422..7fabffa159 100644
--- a/lib/ssl/test/openssl_mfl_SUITE.erl
+++ b/lib/ssl/test/openssl_mfl_SUITE.erl
@@ -111,7 +111,7 @@ openssl_client(Config) when is_list(Config) ->
%--------------------------------------------------------------------------------
reuse_session_erlang_server(Config) when is_list(Config) ->
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
Protocol = proplists:get_value(protocol, ServerOpts, tls),
{_, ServerNode, _} = ssl_test_lib:run_where(Config),
MFL = 512,
@@ -136,7 +136,7 @@ reuse_session_erlang_server(Config) when is_list(Config) ->
reuse_session_erlang_client(Config) when is_list(Config) ->
process_flag(trap_exit, true),
ClientOpts0 = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
- ServerOpts = proplists:get_value(server_rsa_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
{ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
Protocol = proplists:get_value(protocol, ClientOpts0, tls),
MFL = 512,
@@ -180,7 +180,7 @@ reuse_session_erlang_client(Config) when is_list(Config) ->
openssl_client(MFL, Config) ->
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
Protocol = proplists:get_value(protocol, ServerOpts, tls),
{_, ServerNode, _} = ssl_test_lib:run_where(Config),
@@ -205,7 +205,7 @@ openssl_client(MFL, Config) ->
openssl_server(MFL, Config) ->
ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
- ServerOpts = proplists:get_value(server_rsa_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
Protocol = proplists:get_value(protocol, ClientOpts, tls),
{ClientNode, _, Hostname} = ssl_test_lib:run_where(Config),
diff --git a/lib/ssl/test/openssl_npn_SUITE.erl b/lib/ssl/test/openssl_npn_SUITE.erl
index fb8aee6ef7..2348080f66 100644
--- a/lib/ssl/test/openssl_npn_SUITE.erl
+++ b/lib/ssl/test/openssl_npn_SUITE.erl
@@ -129,8 +129,8 @@ erlang_client_openssl_server_npn() ->
[{doc,"Test erlang client with openssl server doing npn negotiation"}].
erlang_client_openssl_server_npn(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
- ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
NpnProtocol = <<"spdy/2">>,
{Server, OpenSSLPort} =
@@ -161,8 +161,8 @@ erlang_client_openssl_server_npn_renegotiate() ->
erlang_client_openssl_server_npn_renegotiate(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
- ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
NpnProtocol = <<"spdy/2">>,
Server = ssl_test_lib:start_server(openssl, [{np,"http/1.1,spdy/2"}],
@@ -197,8 +197,8 @@ erlang_server_openssl_client_npn() ->
[{doc,"Test erlang server with openssl client and npn negotiation"}].
erlang_server_openssl_client_npn(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_opts, Config),
- ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
Protocol = <<"spdy/2">>,
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
[{server_opts, [{next_protocols_advertised,
@@ -230,8 +230,8 @@ erlang_server_openssl_client_npn(Config) when is_list(Config) ->
%% [{doc,"Test erlang server with openssl client and npn negotiation with renegotiation"}].
erlang_server_openssl_client_npn_renegotiate(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
- ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
NpnProtocol = <<"spdy/2">>,
Server =
ssl_test_lib:start_server(erlang, [{from, self()}],
@@ -266,8 +266,8 @@ erlang_server_openssl_client_npn_renegotiate(Config) when is_list(Config) ->
ssl:close(SSocket).
%%--------------------------------------------------------------------------
erlang_client_openssl_server_npn_only_client(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
- ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
{Server, OpenSSLPort} =
ssl_test_lib:start_server(openssl, [{np,"spdy/2"}, return_port],
@@ -290,8 +290,8 @@ erlang_client_openssl_server_npn_only_client(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_client_openssl_server_npn_only_server(Config) when is_list(Config) ->
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
- ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
{Server, OpenSSLPort} =
ssl_test_lib:start_server(openssl, [{np,"spdy/2"}, return_port],
@@ -314,7 +314,7 @@ erlang_client_openssl_server_npn_only_server(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_server_openssl_client_npn_only_server(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
Server =
ssl_test_lib:start_server(erlang, [{from, self()}],
@@ -344,8 +344,8 @@ erlang_server_openssl_client_npn_only_server(Config) when is_list(Config) ->
%%--------------------------------------------------------------------------
erlang_server_openssl_client_npn_only_client(Config) when is_list(Config) ->
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
- ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
Server = ssl_test_lib:start_server(erlang, [{from, self()}],
[{server_opts, [ServerOpts]} | Config]),
Port = ssl_test_lib:inet_port(Server),
diff --git a/lib/ssl/test/openssl_server_cert_SUITE.erl b/lib/ssl/test/openssl_server_cert_SUITE.erl
index 057d80b6f3..53bc990e4b 100644
--- a/lib/ssl/test/openssl_server_cert_SUITE.erl
+++ b/lib/ssl/test/openssl_server_cert_SUITE.erl
@@ -159,8 +159,8 @@ init_per_group(openssl_server, Config0) ->
[{client_type, erlang}, {server_type, openssl} | Config];
init_per_group(rsa = Group, Config0) ->
Config = ssl_test_lib:make_rsa_cert(Config0),
- COpts = proplists:get_value(client_rsa_opts, Config),
- SOpts = proplists:get_value(server_rsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
%% Make sure _rsa* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) ->
@@ -174,8 +174,8 @@ init_per_group(rsa = Group, Config0) ->
[_|_] ->
[{cert_key_alg, rsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
@@ -183,8 +183,8 @@ init_per_group(rsa = Group, Config0) ->
end;
init_per_group(rsa_1_3 = Group, Config0) ->
Config = ssl_test_lib:make_rsa_cert(Config0),
- COpts = proplists:get_value(client_rsa_opts, Config),
- SOpts = proplists:get_value(server_rsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
%% Make sure _rsa* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(undefined, Version),
@@ -192,8 +192,8 @@ init_per_group(rsa_1_3 = Group, Config0) ->
[_|_] ->
[{cert_key_alg, rsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
@@ -202,7 +202,7 @@ init_per_group(rsa_1_3 = Group, Config0) ->
init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
Alg == rsa_pss_pss ->
Supports = crypto:supports(),
- RSAOpts = proplists:get_value(rsa_opts, Supports),
+ RSAOpts = ssl_test_lib:ssl_options(rsa_opts, Supports),
case lists:member(rsa_pkcs1_pss_padding, RSAOpts)
andalso lists:member(rsa_pss_saltlen, RSAOpts)
@@ -214,8 +214,8 @@ init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(Alg, [], Config, ""),
[{cert_key_alg, Alg} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
false ->
@@ -229,8 +229,8 @@ init_per_group(ecdsa = Group, Config0) ->
of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
- COpts = proplists:get_value(client_ecdsa_opts, Config),
- SOpts = proplists:get_value(server_ecdsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config),
%% Make sure ecdh* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) ->
@@ -244,8 +244,8 @@ init_per_group(ecdsa = Group, Config0) ->
[_|_] ->
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
@@ -263,8 +263,8 @@ init_per_group(ecdsa_1_3 = Group, Config0) ->
of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
- COpts = proplists:get_value(client_ecdsa_opts, Config),
- SOpts = proplists:get_value(server_ecdsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config),
%% Make sure ecdh* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(undefined, Version),
@@ -272,8 +272,8 @@ init_per_group(ecdsa_1_3 = Group, Config0) ->
[_|_] ->
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts]},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
@@ -301,8 +301,8 @@ init_per_group(eddsa_1_3, Config0) ->
[{cert_key_alg, eddsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config0))]
)];
@@ -317,8 +317,8 @@ init_per_group(dsa = Group, Config0) ->
of
true ->
Config = ssl_test_lib:make_dsa_cert(Config0),
- COpts = proplists:get_value(client_dsa_opts, Config),
- SOpts = proplists:get_value(server_dsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_dsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_dsa_opts, Config),
%% Make sure dhe_dss* suite is chosen by ssl_test_lib:start_server
Version = ssl_test_lib:protocol_version(Config),
Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) ->
@@ -332,8 +332,10 @@ init_per_group(dsa = Group, Config0) ->
[_|_] ->
[{cert_key_alg, dsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, [{ciphers, Ciphers} | COpts] ++ ssl_test_lib:sig_algs(dsa, Version)},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] ++
+ ssl_test_lib:sig_algs(dsa, Version)
+ end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
[] ->
diff --git a/lib/ssl/test/openssl_session_ticket_SUITE.erl b/lib/ssl/test/openssl_session_ticket_SUITE.erl
index 991f290dc7..e0732257c9 100644
--- a/lib/ssl/test/openssl_session_ticket_SUITE.erl
+++ b/lib/ssl/test/openssl_session_ticket_SUITE.erl
@@ -168,7 +168,7 @@ openssl_client_basic() ->
[{doc,"Test session resumption with session tickets (openssl client - erlang server)"}].
openssl_client_basic(Config) when is_list(Config) ->
ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
- ClientOpts = proplists:get_value(client_rsa_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
{_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config),
TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]),
@@ -264,7 +264,7 @@ openssl_client_hrr() ->
[{doc,"Test session resumption with session tickets and hello_retry_request (openssl client - erlang server)"}].
openssl_client_hrr(Config) when is_list(Config) ->
ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
- ClientOpts = proplists:get_value(client_rsa_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
{_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config),
TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]),
TicketFile1 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket1"]),
@@ -650,7 +650,7 @@ openssl_client_early_data_basic() ->
[{doc,"Test early data (openssl client - erlang server)"}].
openssl_client_early_data_basic(Config) when is_list(Config) ->
ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
- ClientOpts = proplists:get_value(client_rsa_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
{_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config),
TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]),
diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl
index e4c65b8816..09cc27b96d 100644
--- a/lib/ssl/test/ssl_api_SUITE.erl
+++ b/lib/ssl/test/ssl_api_SUITE.erl
@@ -3857,8 +3857,8 @@ export_key_materials(Config) when is_list(Config) ->
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Version = ssl_test_lib:protocol_version(Config, atom),
BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}],
- ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []),
- ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []),
+ ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config),
+ ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config),
Label = <<"EXPERIMENTAL-otp">>,
@@ -3894,8 +3894,8 @@ exporter_master_secret_consumed(Config) when is_list(Config) ->
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Version = ssl_test_lib:protocol_version(Config, atom),
BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}],
- ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []),
- ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []),
+ ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config),
+ ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config),
Label1 = <<"EXPERIMENTAL-otp1">>,
Label2 = <<"EXPERIMENTAL-otp2">>,
@@ -3927,14 +3927,14 @@ legacy_prf(Config) when is_list(Config) ->
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Version = ssl_test_lib:protocol_version(Config, atom),
BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}],
- ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []),
- ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []),
+ ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config),
+ ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Version = ssl_test_lib:protocol_version(Config, atom),
BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}],
- ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []),
- ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []),
+ ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config),
+ ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config),
Label = <<"EXPERIMENTAL-otp">>,
@@ -4570,12 +4570,12 @@ test_config('dtlsv1.2', Config) ->
];
test_config(_, Config) ->
RSAConf1 = ssl_test_lib:make_rsa_cert(Config),
- SRSA1Opts = proplists:get_value(server_rsa_opts, RSAConf1),
- CRSA1Opts = proplists:get_value(client_rsa_opts, RSAConf1),
+ SRSA1Opts = ssl_test_lib:ssl_options(server_rsa_opts, RSAConf1),
+ CRSA1Opts = ssl_test_lib:ssl_options(client_rsa_opts, RSAConf1),
RSAConf2 = ssl_test_lib:make_rsa_1024_cert(Config),
- SRSA2Opts = proplists:get_value(server_rsa_1024_opts, RSAConf2),
- CRSA2Opts = proplists:get_value(client_rsa_1024_opts, RSAConf2),
+ SRSA2Opts = ssl_test_lib:ssl_options(server_rsa_1024_opts, RSAConf2),
+ CRSA2Opts = ssl_test_lib:ssl_options(client_rsa_1024_opts, RSAConf2),
{SRSA1Cert, SRSA1Key, _SRSA1CACerts} = get_single_options(certfile, keyfile, cacertfile, SRSA1Opts),
{CRSA1Cert, CRSA1Key, _CRSA1CACerts} = get_single_options(certfile, keyfile, cacertfile, CRSA1Opts),
diff --git a/lib/ssl/test/ssl_cert_SUITE.erl b/lib/ssl/test/ssl_cert_SUITE.erl
index 39f163f6f5..9be561e5e7 100644
--- a/lib/ssl/test/ssl_cert_SUITE.erl
+++ b/lib/ssl/test/ssl_cert_SUITE.erl
@@ -295,15 +295,15 @@ do_init_per_group(Group, Config0) when Group == rsa;
Group == rsa_1_3 ->
Config1 = ssl_test_lib:make_rsa_cert(Config0),
Config = ssl_test_lib:make_rsa_1024_cert(Config1),
- COpts = proplists:get_value(client_rsa_verify_opts, Config),
- SOpts = proplists:get_value(server_rsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
Version = proplists:get_value(version, Config),
[{cert_key_alg, rsa},
{extra_client, ssl_test_lib:sig_algs(rsa, Version)},
{extra_server, ssl_test_lib:sig_algs(rsa, Version)} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
@@ -322,8 +322,8 @@ do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae;
{extra_client, ssl_test_lib:sig_algs(Alg, Version)},
{extra_server, ssl_test_lib:sig_algs(Alg, Version)} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
false ->
@@ -343,8 +343,8 @@ do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae_1_3;
server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(rsa_alg(Alg), [], Config, ""),
[{cert_key_alg, rsa_alg(Alg)} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
false ->
@@ -357,12 +357,12 @@ do_init_per_group(Group, Config0) when Group == ecdsa;
case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse lists:member(dh, PKAlg)) of
true ->
Config = ssl_test_lib:make_ecdsa_cert(Config0),
- COpts = proplists:get_value(client_ecdsa_verify_opts, Config),
- SOpts = proplists:get_value(server_ecdsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_ecdsa_verify_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config),
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
@@ -386,8 +386,8 @@ do_init_per_group(eddsa_1_3, Config0) ->
[{cert_key_alg, eddsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config0))]
)];
@@ -400,8 +400,8 @@ do_init_per_group(dsa = Alg, Config0) ->
case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) of
true ->
Config = ssl_test_lib:make_dsa_cert(Config0),
- COpts = proplists:get_value(client_dsa_opts, Config),
- SOpts = proplists:get_value(server_dsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_dsa_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_dsa_opts, Config),
ShaDSA = case Version of
{3, 3} ->
[{signature_algs, [{sha, dsa}]}];
@@ -414,8 +414,8 @@ do_init_per_group(dsa = Alg, Config0) ->
{extra_server, ssl_test_lib:sig_algs(Alg, Version) ++
[{ciphers, ssl_test_lib:dsa_suites(Version)}] ++ ShaDSA} |
lists:delete(cert_key_alg,
- [{client_cert_opts, COpts},
- {server_cert_opts, SOpts} |
+ [{client_cert_opts, fun() -> COpts end},
+ {server_cert_opts, fun() -> SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))])];
false ->
@@ -447,12 +447,12 @@ init_ecdsa_opts(Config0, Curve) ->
case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse lists:member(dh, PKAlg)) of
true ->
Config = ssl_test_lib:make_rsa_ecdsa_cert(Config0, Curve),
- COpts = proplists:get_value(client_ecdsa_verify_opts, Config),
- SOpts = proplists:get_value(server_ecdsa_opts, Config),
+ COpts = ssl_test_lib:ssl_options(client_ecdsa_verify_opts, Config),
+ SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config),
[{cert_key_alg, ecdsa} |
lists:delete(cert_key_alg,
- [{client_cert_opts, ssl_test_lib:sig_algs(ecdsa, Version) ++ COpts},
- {server_cert_opts, ssl_test_lib:sig_algs(ecdsa, Version) ++ SOpts} |
+ [{client_cert_opts, fun() -> ssl_test_lib:sig_algs(ecdsa, Version) ++ COpts end},
+ {server_cert_opts, fun() -> ssl_test_lib:sig_algs(ecdsa, Version) ++ SOpts end} |
lists:delete(server_cert_opts,
lists:delete(client_cert_opts, Config))]
)];
diff --git a/lib/ssl/test/ssl_dist_bench_SUITE.erl b/lib/ssl/test/ssl_dist_bench_SUITE.erl
index b516b6988a..ef7eb6b9e5 100644
--- a/lib/ssl/test/ssl_dist_bench_SUITE.erl
+++ b/lib/ssl/test/ssl_dist_bench_SUITE.erl
@@ -211,6 +211,8 @@ init_per_suite(Config) ->
catch
throw : {Skip, Reason} ->
{skip, Reason};
+ throw : {skipped, Reason} ->
+ {skip, Reason};
Class : Reason : Stacktrace ->
{fail, {Class, Reason, Stacktrace}}
end.
diff --git a/lib/ssl/test/ssl_pem_cache_SUITE.erl b/lib/ssl/test/ssl_pem_cache_SUITE.erl
index 4d2a370c31..865ef7957b 100644
--- a/lib/ssl/test/ssl_pem_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_pem_cache_SUITE.erl
@@ -243,8 +243,8 @@ invalid_insert() ->
invalid_insert(Config) when is_list(Config) ->
process_flag(trap_exit, true),
[0, 0, 0, 0] = get_table_sizes(), %% Initialy all tables are empty
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
BadClientOpts = [{cacertfile, "tmp/does_not_exist.pem"} |
proplists:delete(cacertfile, ClientOpts)],
@@ -614,8 +614,8 @@ alternative_path_helper(Config, GetAlternative,
%% Init - represents initial state
%% ConnectedN - state after establishing Nth connection
%% Disconnected - state after closing connections
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
- CACertFilePath0 = proplists:get_value(cacertfile, ClientOpts),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ CACertFilePath0 = ssl_test_lib:ssl_options(cacertfile, ClientOpts),
{ok, CACertFilename} = strip_path(CACertFilePath0),
{ok, Cwd} = file:get_cwd(),
@@ -705,8 +705,8 @@ create_initial_config(Config) ->
ClientBase = filename:join(PrivDir, "client_test"),
ServerBase = filename:join(PrivDir, "server_test"),
PemConfig = x509_test:gen_pem_config_files(DerConfig, ClientBase, ServerBase),
- ClientConf = proplists:get_value(client_config, PemConfig),
- ServerConf = proplists:get_value(server_config, PemConfig),
+ ClientConf = ssl_test_lib:ssl_options(client_config, PemConfig),
+ ServerConf = ssl_test_lib:ssl_options(server_config, PemConfig),
{proplists:get_value(cacertfile, ServerConf), ClientConf, ServerConf, ServerRootCert0,
ClientBase, ServerBase}.
@@ -752,7 +752,7 @@ pem_periodical_cleanup(Config, FileIds,
ct:sleep(4 * ?SLEEP_AMOUNT),
Init = get_table_sizes(),
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
{Server, Client} = basic_verify_test_no_close(Config),
diff --git a/lib/ssl/test/ssl_session_cache_SUITE.erl b/lib/ssl/test/ssl_session_cache_SUITE.erl
index e2559b156e..bc0250318c 100644
--- a/lib/ssl/test/ssl_session_cache_SUITE.erl
+++ b/lib/ssl/test/ssl_session_cache_SUITE.erl
@@ -360,8 +360,8 @@ max_table_size() ->
[{doc,"Test max limit on session table"}].
max_table_size(Config) when is_list(Config) ->
process_flag(trap_exit, true),
- ClientOpts = proplists:get_value(client_rsa_verify_opts, Config),
- ServerOpts = proplists:get_value(server_rsa_verify_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Server =
ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
diff --git a/lib/ssl/test/ssl_socket_SUITE.erl b/lib/ssl/test/ssl_socket_SUITE.erl
index 6cfd111f35..5dd1e09789 100644
--- a/lib/ssl/test/ssl_socket_SUITE.erl
+++ b/lib/ssl/test/ssl_socket_SUITE.erl
@@ -151,8 +151,8 @@ getstat() ->
[{doc,"Test API function getstat/2"}].
getstat(Config) when is_list(Config) ->
- ClientOpts = ?config(client_rsa_opts, Config),
- ServerOpts = ?config(server_rsa_opts, Config),
+ ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config),
+ ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Server1 =
ssl_test_lib:start_server([{node, ServerNode}, {port, 0},
diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl
index 931fb1602e..67970b537d 100644
--- a/lib/ssl/test/ssl_test_lib.erl
+++ b/lib/ssl/test/ssl_test_lib.erl
@@ -730,7 +730,7 @@ connect(_, _, 0, AcceptSocket, _, _, _) ->
connect(ListenSocket, Node, _N, _, Timeout, SslOpts, cancel) ->
?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]),
{ok, AcceptSocket} = ssl:transport_accept(ListenSocket),
- ?CT_LOG("~nssl:handshake(~p,~p,~p)~n", [AcceptSocket, format_options(SslOpts),Timeout]),
+ ?CT_LOG("~nssl:handshake(~p,~0.p,~0.p)~n", [AcceptSocket, format_options(SslOpts),Timeout]),
case ssl:handshake(AcceptSocket, SslOpts, Timeout) of
{ok, Socket0, Ext} ->
@@ -742,9 +742,9 @@ connect(ListenSocket, Node, _N, _, Timeout, SslOpts, cancel) ->
Result
end;
connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) ->
- ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]),
+ ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]),
{ok, AcceptSocket} = ssl:transport_accept(ListenSocket),
- ?CT_LOG("~nssl:handshake(~p,~p,~p)~n", [AcceptSocket, SslOpts,Timeout]),
+ ?CT_LOG("~nssl:handshake(~p,~0.p,~0.p)~n", [AcceptSocket, SslOpts,Timeout]),
case ssl:handshake(AcceptSocket, SslOpts, Timeout) of
{ok, Socket0, Ext} ->
@@ -761,7 +761,7 @@ connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) ->
_ ->
ContOpts0
end,
- ?CT_LOG("~nssl:handshake_continue(~p,~p,~p)~n", [Socket0, ContOpts,Timeout]),
+ ?CT_LOG("~nssl:handshake_continue(~p,~0.p,~0.p)~n", [Socket0, ContOpts,Timeout]),
case ssl:handshake_continue(Socket0, ContOpts, Timeout) of
{ok, Socket} ->
connect(ListenSocket, Node, N-1, Socket, Timeout, SslOpts, ContOpts0);
@@ -774,7 +774,7 @@ connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) ->
Result
end;
connect(ListenSocket, Node, N, _, Timeout, [], ContOpts) ->
- ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]),
+ ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]),
{ok, AcceptSocket} = ssl:transport_accept(ListenSocket),
?CT_LOG("~nssl:handshake(~p, ~p)~n", [AcceptSocket, Timeout]),
@@ -786,9 +786,9 @@ connect(ListenSocket, Node, N, _, Timeout, [], ContOpts) ->
Result
end;
connect(ListenSocket, _Node, _, _, Timeout, Opts, _) ->
- ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]),
- {ok, AcceptSocket} = ssl:transport_accept(ListenSocket),
- ?CT_LOG("ssl:handshake(~p,~p, ~p)~n", [AcceptSocket, Opts, Timeout]),
+ ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]),
+ {ok, AcceptSocket} = ssl:transport_accept(ListenSocket),
+ ?CT_LOG("ssl:handshake(~p,~0.p, ~0.p)~n", [AcceptSocket, Opts, Timeout]),
ssl:handshake(AcceptSocket, Opts, Timeout),
AcceptSocket.
@@ -1891,12 +1891,11 @@ make_ecdsa_cert(Config) ->
[{server_config, ServerConf},
{client_config, ClientConf}] =
x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
- [{server_ecdsa_opts, [{reuseaddr, true} | ServerConf]},
-
- {server_ecdsa_verify_opts, [{reuseaddr, true},
- {verify, verify_peer} | ServerConf]},
- {client_ecdsa_opts, [{verify, verify_none} | ClientConf]},
- {client_ecdsa_verify_opts, [{verify, verify_peer} | ClientConf]}
+ [{server_ecdsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end},
+ {server_ecdsa_verify_opts,
+ fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end},
+ {client_ecdsa_opts, fun() -> [{verify, verify_none} | ClientConf] end},
+ {client_ecdsa_verify_opts, fun() -> [{verify, verify_peer} | ClientConf] end}
| Config];
false ->
Config
@@ -1913,17 +1912,18 @@ make_rsa_cert(Config) ->
GenCertData = public_key:pkix_test_data(CertChainConf),
#{client_config := ClientDerConf, server_config := ServerDerConf} = GenCertData,
- [{server_config, ServerConf},
- {client_config, ClientConf}] =
- x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
- [{server_rsa_opts, [{reuseaddr, true} | ServerConf]},
- {server_rsa_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerConf]},
- {client_rsa_opts, [{verify, verify_none} | ClientConf]},
- {client_rsa_verify_opts, [{verify, verify_peer} | ClientConf]},
- {server_rsa_der_opts, [{reuseaddr, true}, {verify, verify_none} | ServerDerConf]},
- {server_rsa_der_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf]},
- {client_rsa_der_opts, [{verify, verify_none} | ClientDerConf]},
- {client_rsa_der_verify_opts, [{verify, verify_peer} |ClientDerConf]}
+ [{server_config, ServerConf},
+ {client_config, ClientConf}] =
+ x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
+
+ [{server_rsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end},
+ {server_rsa_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end},
+ {client_rsa_opts, fun() -> [{verify, verify_none} | ClientConf] end},
+ {client_rsa_verify_opts, fun() -> [{verify, verify_peer} | ClientConf] end},
+ {server_rsa_der_opts, fun() -> [{reuseaddr, true}, {verify, verify_none} | ServerDerConf] end},
+ {server_rsa_der_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf] end},
+ {client_rsa_der_opts, fun() -> [{verify, verify_none} | ClientDerConf] end},
+ {client_rsa_der_verify_opts, fun() -> [{verify, verify_peer} |ClientDerConf] end}
| Config];
false ->
Config
@@ -1955,7 +1955,8 @@ make_rsa_cert_with_protected_keyfile(Config0, Password) ->
"tls_password_client.pem"),
der_to_pem(ProtectedClientKeyFile, [ProtectedPemEntry]),
ProtectedClientOpts = [{keyfile,ProtectedClientKeyFile} | proplists:delete(keyfile, ClientOpts)],
- [{client_protected_rsa_opts, ProtectedClientOpts} | Config1].
+ [{client_protected_rsa_opts, fun() -> ProtectedClientOpts end}
+ | Config1].
make_rsa_1024_cert(Config) ->
CryptoSupport = crypto:supports(),
@@ -1971,14 +1972,14 @@ make_rsa_1024_cert(Config) ->
[{server_config, ServerConf},
{client_config, ClientConf}] =
x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
- [{server_rsa_1024_opts, [{ssl_imp, new},{reuseaddr, true} | ServerConf]},
- {server_rsa_1024_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerConf]},
- {client_rsa_1024_opts, [{verify, verify_none} | ClientConf]},
- {client_rsa_1024_verify_opts, [{verify, verify_peer} |ClientConf]},
- {server_rsa_1024_der_opts, [{reuseaddr, true} | ServerDerConf]},
- {server_rsa_1024_der_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf]},
- {client_rsa_1024_der_opts, [{verify, verify_none} | ClientDerConf]},
- {client_rsa_1024_der_verify_opts, [{verify, verify_peer} |ClientDerConf]}
+ [{server_rsa_1024_opts, fun() -> [{ssl_imp, new},{reuseaddr, true} | ServerConf] end},
+ {server_rsa_1024_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end},
+ {client_rsa_1024_opts, fun() -> [{verify, verify_none} | ClientConf] end},
+ {client_rsa_1024_verify_opts, fun() -> [{verify, verify_peer} |ClientConf] end},
+ {server_rsa_1024_der_opts, fun() -> [{reuseaddr, true} | ServerDerConf] end},
+ {server_rsa_1024_der_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf] end},
+ {client_rsa_1024_der_opts, fun() -> [{verify, verify_none} | ClientDerConf] end},
+ {client_rsa_1024_der_verify_opts, fun() -> [{verify, verify_peer} |ClientDerConf] end}
| Config];
false ->
Config
@@ -2016,13 +2017,10 @@ make_ecdh_rsa_cert(Config) ->
{client_config, ClientConf}] =
x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
- [{server_ecdh_rsa_opts, [{ssl_imp, new},{reuseaddr, true} | ServerConf]},
-
- {server_ecdh_rsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
- {verify, verify_peer} | ServerConf]},
-
- {client_ecdh_rsa_opts, ClientConf}
-
+ [{server_ecdh_rsa_opts, fun() -> [{ssl_imp, new},{reuseaddr, true} | ServerConf] end},
+ {server_ecdh_rsa_verify_opts,
+ fun() ->[{ssl_imp, new},{reuseaddr, true}, {verify, verify_peer} | ServerConf] end},
+ {client_ecdh_rsa_opts, fun() -> ClientConf end}
| Config];
_ ->
Config
@@ -2044,10 +2042,11 @@ make_rsa_ecdsa_cert(Config, Curve) ->
{client_config, ClientConf}] =
x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase),
- [{server_rsa_ecdsa_opts, [{reuseaddr, true} | ServerConf]},
- {server_rsa_ecdsa_verify_opts, [{ssl_imp, new},{reuseaddr, true},
- {verify, verify_peer} | ServerConf]},
- {client_rsa_ecdsa_opts, [{verify, verify_none} | ClientConf]} | Config];
+ [{server_rsa_ecdsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end},
+ {server_rsa_ecdsa_verify_opts,
+ fun() -> [{ssl_imp, new},{reuseaddr, true},{verify, verify_peer} | ServerConf] end},
+ {client_rsa_ecdsa_opts, fun() -> [{verify, verify_none} | ClientConf] end}
+ | Config];
_ ->
Config
end.
@@ -2833,7 +2832,7 @@ is_dtls_version(_) ->
openssl_tls_version_support(Version, Config0) ->
Config = make_rsa_cert(Config0),
- ServerOpts = proplists:get_value(server_rsa_opts, Config),
+ ServerOpts = ssl_options(server_rsa_opts, Config),
Port = inet_port(node()),
CaCertFile = proplists:get_value(cacertfile, ServerOpts),
CertFile = proplists:get_value(certfile, ServerOpts),
@@ -3667,16 +3666,27 @@ ubuntu_legacy_support() ->
end.
ssl_options(Extra, Option, Config) ->
- ExtraOpts = proplists:get_value(Extra, Config, []),
+ ExtraOpts = case proplists:get_value(Extra, Config, []) of
+ Settings when is_list(Settings) -> Settings;
+ Fun when is_function(Fun, 0) -> Fun();
+ Other -> Other
+ end,
ExtraOpts ++ ssl_options(Option, Config).
ssl_options(Option, Config) when is_atom(Option) ->
ProtocolOpts = proplists:get_value(protocol_opts, Config, []),
- Opts = proplists:get_value(Option, Config, []),
+ Opts = case proplists:get_value(Option, Config, []) of
+ Settings when is_list(Settings) -> Settings;
+ Fun when is_function(Fun, 0) -> Fun();
+ Other -> Other
+ end,
Opts ++ ProtocolOpts;
-ssl_options(Options, Config) ->
+ssl_options(Options, Config) when is_list(Options) ->
+ ProtocolOpts = proplists:get_value(protocol_opts, Config, []),
+ Options ++ ProtocolOpts;
+ssl_options(OptionFun, Config) when is_function(OptionFun, 0) ->
ProtocolOpts = proplists:get_value(protocol_opts, Config, []),
- Options ++ ProtocolOpts.
+ OptionFun() ++ ProtocolOpts.
protocol_version(Config) ->
case proplists:get_value(version, Config, undefined) of
diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl
index 79cb932f9d..af33c4d3f4 100644
--- a/lib/ssl/test/tls_api_SUITE.erl
+++ b/lib/ssl/test/tls_api_SUITE.erl
@@ -1259,7 +1259,7 @@ tls_password_correct() ->
[{doc, "Test that connection is possible with a correct password"}].
tls_password_correct(Config) when is_list(Config) ->
F = fun (P) ->
- ProtectedClientOpts = ?config(client_protected_rsa_opts, Config),
+ ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
@@ -1289,7 +1289,7 @@ tls_password_incorrect() ->
[{doc, "Test that connection is not possible with wrong password"}].
tls_password_incorrect(Config) when is_list(Config) ->
F = fun (P) ->
- ProtectedClientOpts = ?config(client_protected_rsa_opts, Config),
+ ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
@@ -1323,7 +1323,7 @@ tls_password_badarg() ->
[{doc, "Test that connection is not possible with badarg password"}].
tls_password_badarg(Config) when is_list(Config) ->
F = fun (P, ServerError, ClientError) ->
- ProtectedClientOpts = ?config(client_protected_rsa_opts, Config),
+ ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config),
ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config),
{ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config),
Server = ssl_test_lib:start_server_error([{node, ServerNode}, {port, 0},
--
2.43.0
