Skip to content
This repository has been archived by the owner on Nov 17, 2020. It is now read-only.

Commit

Permalink
system_SUITE: Adapt to Erlang 24's ssl application
Browse files Browse the repository at this point in the history 
* DSA key were apparently dropped
* Some return values were updated

(cherry picked from commit 88a6b66)
  • Loading branch information
@dumbbell
dumbbell committed Aug 7, 2020
1 parent ce88c64 commit 456228a
Showing 1 changed file with 19 additions and 6 deletions.
25 changes: 19 additions & 6 deletions test/system_SUITE.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,11 @@

-define(SERVER_REJECT_CLIENT, {tls_alert, "unknown ca"}).
-define(SERVER_REJECT_CLIENT_NEW, {tls_alert, {unknown_ca, _}}).
-define(SERVER_REJECT_CLIENT_ERLANG24,
{tls_alert,
{handshake_failure,
"TLS client: In state cipher received SERVER ALERT: Fatal - "
"Handshake Failure\n"}}).

all() ->
[
Expand Down Expand Up @@ -182,7 +187,7 @@ validation_success_for_AMQP_client1(Config) ->
%% Note that when this test is executed together with the HTTP provider group
%% it runs into unexpected interference and fails, even if TLS app PEM cache is force
%% cleared. That's why originally each group was made to use a separate node.
AuthorityInfo = {Root, _AuthorityKey} = erl_make_certs:make_cert([{key, dsa}]),
AuthorityInfo = {Root, _AuthorityKey} = erl_make_certs:make_cert([]),
{Certificate, Key} = chain(AuthorityInfo),
{Certificate2, Key2} = chain(AuthorityInfo),
Port = port(Config),
Expand Down Expand Up @@ -238,6 +243,7 @@ validation_failure_for_AMQP_client1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% With Erlang 18.3, there is a regression which causes the SSL
%% connection to crash with the following exception:
Expand Down Expand Up @@ -297,12 +303,12 @@ validate_longer_chain1(Config) ->
%% AND a certificate `CertUntrusted` that is not whitelisted with the same root as `CertTrusted`
%% AND `CertInter` intermediate CA
%% AND `RootTrusted` CA
AuthorityInfo = {RootCA, _AuthorityKey} = erl_make_certs:make_cert([{key, dsa}]),
Inter = {CertInter, {KindInter, KeyDataInter, _}} = erl_make_certs:make_cert([{key, dsa}, {issuer, AuthorityInfo}]),
AuthorityInfo = {RootCA, _AuthorityKey} = erl_make_certs:make_cert([]),
Inter = {CertInter, {KindInter, KeyDataInter, _}} = erl_make_certs:make_cert([{issuer, AuthorityInfo}]),
KeyInter = {KindInter, KeyDataInter},
{CertUntrusted, {KindUntrusted, KeyDataUntrusted, _}} = erl_make_certs:make_cert([{key, dsa}, {issuer, Inter}]),
{CertUntrusted, {KindUntrusted, KeyDataUntrusted, _}} = erl_make_certs:make_cert([{issuer, Inter}]),
KeyUntrusted = {KindUntrusted, KeyDataUntrusted},
{CertTrusted, {Kind, KeyData, _}} = erl_make_certs:make_cert([{key, dsa}, {issuer, Inter}]),
{CertTrusted, {Kind, KeyData, _}} = erl_make_certs:make_cert([{issuer, Inter}]),
KeyTrusted = {Kind, KeyData},

Port = port(Config),
Expand Down Expand Up @@ -352,6 +358,7 @@ validate_longer_chain1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand All @@ -370,6 +377,7 @@ validate_longer_chain1(Config) ->
%% Expected error from amqp_client.
{error, {tls_alert, "bad certificate"}} -> ok;
{error, {tls_alert, {bad_certificate, _}}} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand Down Expand Up @@ -412,6 +420,7 @@ validate_chain_without_whitelisted1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand Down Expand Up @@ -490,6 +499,7 @@ removed_certificate_denied_from_AMQP_client1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand Down Expand Up @@ -585,6 +595,7 @@ whitelist_directory_DELTA1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand Down Expand Up @@ -641,6 +652,7 @@ replaced_whitelisted_certificate_should_be_accepted1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand All @@ -667,6 +679,7 @@ replaced_whitelisted_certificate_should_be_accepted1(Config) ->
%% Expected error from amqp_client.
{error, ?SERVER_REJECT_CLIENT} -> ok;
{error, ?SERVER_REJECT_CLIENT_NEW} -> ok;
{error, ?SERVER_REJECT_CLIENT_ERLANG24} -> ok;

%% See previous comment in validation_failure_for_AMQP_client1/1.
{error, closed} -> expected_erlang_18_ssl_regression
Expand Down Expand Up @@ -858,7 +871,7 @@ cfg() ->

chain(Issuer) ->
%% Theses are DER encoded.
{Certificate, {Kind, Key, _}} = erl_make_certs:make_cert([{key, dsa}, {issuer, Issuer}]),
{Certificate, {Kind, Key, _}} = erl_make_certs:make_cert([{issuer, Issuer}]),
{Certificate, {Kind, Key}}.

change_configuration(App, Props) ->
Expand Down

0 comments on commit 456228a

Please sign in to comment.