diff options
| author | Ingela Anderton Andin <ingela@erlang.org> | 2021-03-15 15:51:35 +0100 |
|---|---|---|
| committer | Ingela Anderton Andin <ingela@erlang.org> | 2021-03-16 11:44:45 +0100 |
| commit | 95c1f6c7320eadc04dc3c4c3fdc17c1aae51bfd2 (patch) | |
| tree | 1356e8dccf561445c591aa161cf005757ce833de /lib/ssl/test | |
| parent | 37cbbaccc522de1912c95730ad2a7ca90831df46 (diff) | |
| download | erlang-95c1f6c7320eadc04dc3c4c3fdc17c1aae51bfd2.tar.gz | |
ssl: Correct handling of emulated socket options
When upgrading a TCP socket to TLS and setting new socket options
in upgrade call to ssl:connect/2,3 or ssl:handshake/2,3 the new
options shall be used and not the options set on the TCP socket.
Diffstat (limited to 'lib/ssl/test')
| -rw-r--r-- | lib/ssl/test/tls_api_SUITE.erl | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl index 26f086f11c..4d57dddb8d 100644 --- a/lib/ssl/test/tls_api_SUITE.erl +++ b/lib/ssl/test/tls_api_SUITE.erl @@ -39,6 +39,8 @@ %% Test cases -export([tls_upgrade/0, tls_upgrade/1, + tls_upgrade_new_opts/0, + tls_upgrade_new_opts/1, tls_upgrade_with_timeout/0, tls_upgrade_with_timeout/1, tls_downgrade/0, @@ -83,6 +85,7 @@ %% Apply export -export([upgrade_result/1, + upgrade_result_new_opts/1, tls_downgrade_result/2, tls_shutdown_result/2, tls_shutdown_write_result/2, @@ -117,6 +120,7 @@ groups() -> api_tests() -> [ tls_upgrade, + tls_upgrade_new_opts, tls_upgrade_with_timeout, tls_downgrade, tls_shutdown, @@ -199,6 +203,44 @@ tls_upgrade(Config) when is_list(Config) -> ssl_test_lib:close(Server), ssl_test_lib:close(Client). + +%%-------------------------------------------------------------------- +tls_upgrade_new_opts() -> + [{doc,"Test that you can upgrade an tcp connection to an ssl connection and give new socket opts"}]. + +tls_upgrade_new_opts(Config) when is_list(Config) -> + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), + {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), + TcpOpts = [binary, {reuseaddr, true}], + + Server = ssl_test_lib:start_upgrade_server([{node, ServerNode}, {port, 0}, + {from, self()}, + {mfa, {?MODULE, + upgrade_result_new_opts, []}}, + {tcp_options, + [{active, false} | TcpOpts]}, + {ssl_options, [{verify, verify_peer}, + {mode, list} | ServerOpts]}]), + Port = ssl_test_lib:inet_port(Server), + Client = ssl_test_lib:start_upgrade_client([{node, ClientNode}, + {port, Port}, + {host, Hostname}, + {from, self()}, + {mfa, {?MODULE, upgrade_result_new_opts, []}}, + {tcp_options, [binary]}, + {ssl_options, [{verify, verify_peer}, + {mode, list}, + {server_name_indication, Hostname} | ClientOpts]}]), + + ct:log("Testcase ~p, Client ~p Server ~p ~n", + [self(), Client, Server]), + + ssl_test_lib:check_result(Server, ok, Client, ok), + + ssl_test_lib:close(Server), + ssl_test_lib:close(Client). + %%-------------------------------------------------------------------- tls_upgrade_with_timeout() -> [{doc,"Test ssl_accept/3"}]. @@ -817,6 +859,14 @@ upgrade_result(Socket) -> <<"Hello world">> = ssl_test_lib:active_recv(Socket, length("Hello world")), ok. +upgrade_result_new_opts(Socket) -> + ssl:setopts(Socket, [{active, true}]), + ok = ssl:send(Socket, "Hello world"), + %% Make sure list option set in ssl:connect/handskae overrides + %% previous gen_tcp socket option that was set to binary. + "Hello world" = ssl_test_lib:active_recv(Socket, length("Hello world")), + ok. + tls_downgrade_result(Socket, Pid) -> ok = ssl_test_lib:send_recv_result(Socket), Pid ! {self(), ready}, |