diff --git a/lib/ssl/test/openssl_alpn_SUITE.erl b/lib/ssl/test/openssl_alpn_SUITE.erl index 1d0bc82c4e9..838ee8d5a74 100644 --- a/lib/ssl/test/openssl_alpn_SUITE.erl +++ b/lib/ssl/test/openssl_alpn_SUITE.erl @@ -165,8 +165,8 @@ end_per_testcase(_, Config) -> %%-------------------------------------------------------------------- erlang_client_alpn_openssl_server_alpn(Config) when is_list(Config) -> - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), - ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), AlpnProtocol = <<"spdy/2">>, {Server, OpenSSLPort} = @@ -193,7 +193,7 @@ erlang_client_alpn_openssl_server_alpn(Config) when is_list(Config) -> %%-------------------------------------------------------------------- erlang_server_alpn_openssl_client_alpn(Config) when is_list(Config) -> - ClientOpts = proplists:get_value(client_rsa_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), Protocol = <<"spdy/2">>, Server = ssl_test_lib:start_server(erlang, [{from, self()}], @@ -222,7 +222,7 @@ erlang_server_alpn_openssl_client_alpn(Config) when is_list(Config) -> %%-------------------------------------------------------------------------- erlang_client_alpn_openssl_server(Config) when is_list(Config) -> - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), Protocol = <<"spdy/2">>, @@ -248,7 +248,7 @@ erlang_client_alpn_openssl_server(Config) when is_list(Config) -> %%-------------------------------------------------------------------------- erlang_client_openssl_server_alpn(Config) when is_list(Config) -> - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), {Server, OpenSSLPort} = ssl_test_lib:start_server(openssl, [{alpn,"spdy/2"}, return_port], @@ -269,7 +269,7 @@ erlang_client_openssl_server_alpn(Config) when is_list(Config) -> %%-------------------------------------------------------------------------- erlang_server_alpn_openssl_client(Config) when is_list(Config) -> - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), Server = ssl_test_lib:start_server(erlang, [{from, self()}], [{server_opts, [{alpn_preferred_protocols, @@ -296,7 +296,7 @@ erlang_server_alpn_openssl_client(Config) when is_list(Config) -> %%-------------------------------------------------------------------------- erlang_server_openssl_client_alpn(Config) when is_list(Config) -> - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), Server = ssl_test_lib:start_server(erlang, [{from, self()}], [{server_opts, [ServerOpts]} | Config]), @@ -324,7 +324,7 @@ erlang_server_openssl_client_alpn(Config) when is_list(Config) -> erlang_client_alpn_openssl_server_alpn_renegotiate(Config) when is_list(Config) -> - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), AlpnProtocol = <<"spdy/2">>, @@ -361,7 +361,7 @@ erlang_client_alpn_openssl_server_alpn_renegotiate(Config) when is_list(Config) %%-------------------------------------------------------------------- erlang_server_alpn_openssl_client_alpn_renegotiate(Config) when is_list(Config) -> - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), AlpnProtocol = <<"spdy/2">>, Server = ssl_test_lib:start_server(erlang, [{from, self()}], @@ -398,7 +398,7 @@ erlang_server_alpn_openssl_client_alpn_renegotiate(Config) when is_list(Config) %%-------------------------------------------------------------------- erlang_client_alpn_npn_openssl_server_alpn_npn(Config) when is_list(Config) -> - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), AlpnProtocol = <<"spdy/2">>, @@ -426,7 +426,7 @@ erlang_client_alpn_npn_openssl_server_alpn_npn(Config) when is_list(Config) -> %%-------------------------------------------------------------------- erlang_server_alpn_npn_openssl_client_alpn_npn(Config) when is_list(Config) -> - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), AlpnProtocol = <<"spdy/2">>, Server = ssl_test_lib:start_server(erlang, diff --git a/lib/ssl/test/openssl_client_cert_SUITE.erl b/lib/ssl/test/openssl_client_cert_SUITE.erl index 0b60e5d58a7..9a692067aa2 100644 --- a/lib/ssl/test/openssl_client_cert_SUITE.erl +++ b/lib/ssl/test/openssl_client_cert_SUITE.erl @@ -164,8 +164,8 @@ init_per_group(openssl_client, Config) -> init_per_group(Group, Config0) when Group == rsa; Group == rsa_1_3 -> Config = ssl_test_lib:make_rsa_cert(Config0), - COpts = proplists:get_value(client_rsa_opts, Config), - SOpts = proplists:get_value(server_rsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), %% Make sure _rsa* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) -> @@ -179,8 +179,8 @@ init_per_group(Group, Config0) when Group == rsa; [_|_] -> [{cert_key_alg, rsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; [] -> @@ -205,8 +205,8 @@ init_per_group(Alg, Config) when server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(rsa_alg(Alg), [], Config, ""), [{cert_key_alg, rsa_alg(Alg)} | lists:delete(cert_key_alg, - [{client_cert_opts, openssl_sig_algs(rsa_alg(Alg)) ++ COpts}, - {server_cert_opts, ssl_test_lib:sig_algs(Alg, Version) ++ SOpts} | + [{client_cert_opts, fun() -> openssl_sig_algs(rsa_alg(Alg)) ++ COpts end}, + {server_cert_opts, fun() -> ssl_test_lib:sig_algs(Alg, Version) ++ SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; false -> @@ -221,8 +221,8 @@ init_per_group(Group, Config0) when Group == ecdsa; of true -> Config = ssl_test_lib:make_ecdsa_cert(Config0), - COpts = proplists:get_value(client_ecdsa_opts, Config), - SOpts = proplists:get_value(server_ecdsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config), %% Make sure ecdh* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) -> @@ -236,8 +236,8 @@ init_per_group(Group, Config0) when Group == ecdsa; [_|_] -> [{cert_key_alg, ecdsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))] )]; @@ -268,8 +268,8 @@ init_per_group(eddsa_1_3, Config0) -> [{cert_key_alg, eddsa} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config0))] )]; @@ -286,8 +286,8 @@ init_per_group(Group, Config0) when Group == dsa -> of true -> Config = ssl_test_lib:make_dsa_cert(Config0), - COpts = SigAlgs ++ proplists:get_value(client_dsa_opts, Config), - SOpts = SigAlgs ++ proplists:get_value(server_dsa_opts, Config), + COpts = SigAlgs ++ ssl_test_lib:ssl_options(client_dsa_opts, Config), + SOpts = SigAlgs ++ ssl_test_lib:ssl_options(server_dsa_opts, Config), %% Make sure dhe_dss* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) -> @@ -301,8 +301,8 @@ init_per_group(Group, Config0) when Group == dsa -> [_|_] -> [{cert_key_alg, dsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, [{ciphers, Ciphers} | SOpts]} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> [{ciphers, Ciphers} | SOpts] end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; [] -> diff --git a/lib/ssl/test/openssl_server_cert_SUITE.erl b/lib/ssl/test/openssl_server_cert_SUITE.erl index 057d80b6f32..53bc990e4bc 100644 --- a/lib/ssl/test/openssl_server_cert_SUITE.erl +++ b/lib/ssl/test/openssl_server_cert_SUITE.erl @@ -159,8 +159,8 @@ init_per_group(openssl_server, Config0) -> [{client_type, erlang}, {server_type, openssl} | Config]; init_per_group(rsa = Group, Config0) -> Config = ssl_test_lib:make_rsa_cert(Config0), - COpts = proplists:get_value(client_rsa_opts, Config), - SOpts = proplists:get_value(server_rsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), %% Make sure _rsa* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(dhe_rsa) -> @@ -174,8 +174,8 @@ init_per_group(rsa = Group, Config0) -> [_|_] -> [{cert_key_alg, rsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; [] -> @@ -183,8 +183,8 @@ init_per_group(rsa = Group, Config0) -> end; init_per_group(rsa_1_3 = Group, Config0) -> Config = ssl_test_lib:make_rsa_cert(Config0), - COpts = proplists:get_value(client_rsa_opts, Config), - SOpts = proplists:get_value(server_rsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), %% Make sure _rsa* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(undefined, Version), @@ -192,8 +192,8 @@ init_per_group(rsa_1_3 = Group, Config0) -> [_|_] -> [{cert_key_alg, rsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; [] -> @@ -202,7 +202,7 @@ init_per_group(rsa_1_3 = Group, Config0) -> init_per_group(Alg, Config) when Alg == rsa_pss_rsae; Alg == rsa_pss_pss -> Supports = crypto:supports(), - RSAOpts = proplists:get_value(rsa_opts, Supports), + RSAOpts = ssl_test_lib:ssl_options(rsa_opts, Supports), case lists:member(rsa_pkcs1_pss_padding, RSAOpts) andalso lists:member(rsa_pss_saltlen, RSAOpts) @@ -214,8 +214,8 @@ init_per_group(Alg, Config) when Alg == rsa_pss_rsae; server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(Alg, [], Config, ""), [{cert_key_alg, Alg} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; false -> @@ -229,8 +229,8 @@ init_per_group(ecdsa = Group, Config0) -> of true -> Config = ssl_test_lib:make_ecdsa_cert(Config0), - COpts = proplists:get_value(client_ecdsa_opts, Config), - SOpts = proplists:get_value(server_ecdsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config), %% Make sure ecdh* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(ecdh_ecdsa) -> @@ -244,8 +244,8 @@ init_per_group(ecdsa = Group, Config0) -> [_|_] -> [{cert_key_alg, ecdsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))] )]; @@ -263,8 +263,8 @@ init_per_group(ecdsa_1_3 = Group, Config0) -> of true -> Config = ssl_test_lib:make_ecdsa_cert(Config0), - COpts = proplists:get_value(client_ecdsa_opts, Config), - SOpts = proplists:get_value(server_ecdsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_ecdsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config), %% Make sure ecdh* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(undefined, Version), @@ -272,8 +272,8 @@ init_per_group(ecdsa_1_3 = Group, Config0) -> [_|_] -> [{cert_key_alg, ecdsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts]}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))] )]; @@ -301,8 +301,8 @@ init_per_group(eddsa_1_3, Config0) -> [{cert_key_alg, eddsa} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config0))] )]; @@ -317,8 +317,8 @@ init_per_group(dsa = Group, Config0) -> of true -> Config = ssl_test_lib:make_dsa_cert(Config0), - COpts = proplists:get_value(client_dsa_opts, Config), - SOpts = proplists:get_value(server_dsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_dsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_dsa_opts, Config), %% Make sure dhe_dss* suite is chosen by ssl_test_lib:start_server Version = ssl_test_lib:protocol_version(Config), Ciphers = ssl_cert_tests:test_ciphers(fun(dh_dss) -> @@ -332,8 +332,10 @@ init_per_group(dsa = Group, Config0) -> [_|_] -> [{cert_key_alg, dsa} | lists:delete(cert_key_alg, - [{client_cert_opts, [{ciphers, Ciphers} | COpts] ++ ssl_test_lib:sig_algs(dsa, Version)}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> [{ciphers, Ciphers} | COpts] ++ + ssl_test_lib:sig_algs(dsa, Version) + end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; [] -> diff --git a/lib/ssl/test/openssl_session_ticket_SUITE.erl b/lib/ssl/test/openssl_session_ticket_SUITE.erl index 991f290dc78..e0732257c9a 100644 --- a/lib/ssl/test/openssl_session_ticket_SUITE.erl +++ b/lib/ssl/test/openssl_session_ticket_SUITE.erl @@ -168,7 +168,7 @@ openssl_client_basic() -> [{doc,"Test session resumption with session tickets (openssl client - erlang server)"}]. openssl_client_basic(Config) when is_list(Config) -> ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), - ClientOpts = proplists:get_value(client_rsa_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), {_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config), TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]), @@ -264,7 +264,7 @@ openssl_client_hrr() -> [{doc,"Test session resumption with session tickets and hello_retry_request (openssl client - erlang server)"}]. openssl_client_hrr(Config) when is_list(Config) -> ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), - ClientOpts = proplists:get_value(client_rsa_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), {_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config), TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]), TicketFile1 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket1"]), @@ -650,7 +650,7 @@ openssl_client_early_data_basic() -> [{doc,"Test early data (openssl client - erlang server)"}]. openssl_client_early_data_basic(Config) when is_list(Config) -> ServerOpts0 = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), - ClientOpts = proplists:get_value(client_rsa_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), {_, ServerNode, _Hostname} = ssl_test_lib:run_where(Config), TicketFile0 = filename:join([proplists:get_value(priv_dir, Config), "session_ticket0"]), diff --git a/lib/ssl/test/ssl_api_SUITE.erl b/lib/ssl/test/ssl_api_SUITE.erl index e4c65b88165..09cc27b96db 100644 --- a/lib/ssl/test/ssl_api_SUITE.erl +++ b/lib/ssl/test/ssl_api_SUITE.erl @@ -3857,8 +3857,8 @@ export_key_materials(Config) when is_list(Config) -> {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Version = ssl_test_lib:protocol_version(Config, atom), BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}], - ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []), - ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []), + ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config), + ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config), Label = <<"EXPERIMENTAL-otp">>, @@ -3894,8 +3894,8 @@ exporter_master_secret_consumed(Config) when is_list(Config) -> {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Version = ssl_test_lib:protocol_version(Config, atom), BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}], - ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []), - ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []), + ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config), + ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config), Label1 = <<"EXPERIMENTAL-otp1">>, Label2 = <<"EXPERIMENTAL-otp2">>, @@ -3927,14 +3927,14 @@ legacy_prf(Config) when is_list(Config) -> {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Version = ssl_test_lib:protocol_version(Config, atom), BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}], - ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []), - ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []), + ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config), + ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Version = ssl_test_lib:protocol_version(Config, atom), BaseOpts = [{active, true}, {versions, [Version]}, {protocol, tls_or_dtls(Version)}], - ServerOpts = BaseOpts ++ proplists:get_value(server_rsa_opts, Config, []), - ClientOpts = BaseOpts ++ proplists:get_value(client_rsa_opts, Config, []), + ServerOpts = BaseOpts ++ ssl_test_lib:ssl_options(server_rsa_opts, Config), + ClientOpts = BaseOpts ++ ssl_test_lib:ssl_options(client_rsa_opts, Config), Label = <<"EXPERIMENTAL-otp">>, @@ -4570,12 +4570,12 @@ test_config('dtlsv1.2', Config) -> ]; test_config(_, Config) -> RSAConf1 = ssl_test_lib:make_rsa_cert(Config), - SRSA1Opts = proplists:get_value(server_rsa_opts, RSAConf1), - CRSA1Opts = proplists:get_value(client_rsa_opts, RSAConf1), + SRSA1Opts = ssl_test_lib:ssl_options(server_rsa_opts, RSAConf1), + CRSA1Opts = ssl_test_lib:ssl_options(client_rsa_opts, RSAConf1), RSAConf2 = ssl_test_lib:make_rsa_1024_cert(Config), - SRSA2Opts = proplists:get_value(server_rsa_1024_opts, RSAConf2), - CRSA2Opts = proplists:get_value(client_rsa_1024_opts, RSAConf2), + SRSA2Opts = ssl_test_lib:ssl_options(server_rsa_1024_opts, RSAConf2), + CRSA2Opts = ssl_test_lib:ssl_options(client_rsa_1024_opts, RSAConf2), {SRSA1Cert, SRSA1Key, _SRSA1CACerts} = get_single_options(certfile, keyfile, cacertfile, SRSA1Opts), {CRSA1Cert, CRSA1Key, _CRSA1CACerts} = get_single_options(certfile, keyfile, cacertfile, CRSA1Opts), diff --git a/lib/ssl/test/ssl_cert_SUITE.erl b/lib/ssl/test/ssl_cert_SUITE.erl index 39f163f6f5b..9be561e5e75 100644 --- a/lib/ssl/test/ssl_cert_SUITE.erl +++ b/lib/ssl/test/ssl_cert_SUITE.erl @@ -295,15 +295,15 @@ do_init_per_group(Group, Config0) when Group == rsa; Group == rsa_1_3 -> Config1 = ssl_test_lib:make_rsa_cert(Config0), Config = ssl_test_lib:make_rsa_1024_cert(Config1), - COpts = proplists:get_value(client_rsa_verify_opts, Config), - SOpts = proplists:get_value(server_rsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), Version = proplists:get_value(version, Config), [{cert_key_alg, rsa}, {extra_client, ssl_test_lib:sig_algs(rsa, Version)}, {extra_server, ssl_test_lib:sig_algs(rsa, Version)} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae; @@ -322,8 +322,8 @@ do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae; {extra_client, ssl_test_lib:sig_algs(Alg, Version)}, {extra_server, ssl_test_lib:sig_algs(Alg, Version)} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; false -> @@ -343,8 +343,8 @@ do_init_per_group(Alg, Config) when Alg == rsa_pss_rsae_1_3; server_config := SOpts} = ssl_test_lib:make_rsa_pss_pem(rsa_alg(Alg), [], Config, ""), [{cert_key_alg, rsa_alg(Alg)} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; false -> @@ -357,12 +357,12 @@ do_init_per_group(Group, Config0) when Group == ecdsa; case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse lists:member(dh, PKAlg)) of true -> Config = ssl_test_lib:make_ecdsa_cert(Config0), - COpts = proplists:get_value(client_ecdsa_verify_opts, Config), - SOpts = proplists:get_value(server_ecdsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_ecdsa_verify_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config), [{cert_key_alg, ecdsa} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))] )]; @@ -386,8 +386,8 @@ do_init_per_group(eddsa_1_3, Config0) -> [{cert_key_alg, eddsa} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config0))] )]; @@ -400,8 +400,8 @@ do_init_per_group(dsa = Alg, Config0) -> case lists:member(dss, PKAlg) andalso lists:member(dh, PKAlg) of true -> Config = ssl_test_lib:make_dsa_cert(Config0), - COpts = proplists:get_value(client_dsa_opts, Config), - SOpts = proplists:get_value(server_dsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_dsa_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_dsa_opts, Config), ShaDSA = case Version of {3, 3} -> [{signature_algs, [{sha, dsa}]}]; @@ -414,8 +414,8 @@ do_init_per_group(dsa = Alg, Config0) -> {extra_server, ssl_test_lib:sig_algs(Alg, Version) ++ [{ciphers, ssl_test_lib:dsa_suites(Version)}] ++ ShaDSA} | lists:delete(cert_key_alg, - [{client_cert_opts, COpts}, - {server_cert_opts, SOpts} | + [{client_cert_opts, fun() -> COpts end}, + {server_cert_opts, fun() -> SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))])]; false -> @@ -447,12 +447,12 @@ init_ecdsa_opts(Config0, Curve) -> case lists:member(ecdsa, PKAlg) andalso (lists:member(ecdh, PKAlg) orelse lists:member(dh, PKAlg)) of true -> Config = ssl_test_lib:make_rsa_ecdsa_cert(Config0, Curve), - COpts = proplists:get_value(client_ecdsa_verify_opts, Config), - SOpts = proplists:get_value(server_ecdsa_opts, Config), + COpts = ssl_test_lib:ssl_options(client_ecdsa_verify_opts, Config), + SOpts = ssl_test_lib:ssl_options(server_ecdsa_opts, Config), [{cert_key_alg, ecdsa} | lists:delete(cert_key_alg, - [{client_cert_opts, ssl_test_lib:sig_algs(ecdsa, Version) ++ COpts}, - {server_cert_opts, ssl_test_lib:sig_algs(ecdsa, Version) ++ SOpts} | + [{client_cert_opts, fun() -> ssl_test_lib:sig_algs(ecdsa, Version) ++ COpts end}, + {server_cert_opts, fun() -> ssl_test_lib:sig_algs(ecdsa, Version) ++ SOpts end} | lists:delete(server_cert_opts, lists:delete(client_cert_opts, Config))] )]; diff --git a/lib/ssl/test/ssl_dist_bench_SUITE.erl b/lib/ssl/test/ssl_dist_bench_SUITE.erl index b516b6988ab..ef7eb6b9e5c 100644 --- a/lib/ssl/test/ssl_dist_bench_SUITE.erl +++ b/lib/ssl/test/ssl_dist_bench_SUITE.erl @@ -211,6 +211,8 @@ init_per_suite(Config) -> catch throw : {Skip, Reason} -> {skip, Reason}; + throw : {skipped, Reason} -> + {skip, Reason}; Class : Reason : Stacktrace -> {fail, {Class, Reason, Stacktrace}} end. diff --git a/lib/ssl/test/ssl_pem_cache_SUITE.erl b/lib/ssl/test/ssl_pem_cache_SUITE.erl index 4d2a370c31a..865ef7957be 100644 --- a/lib/ssl/test/ssl_pem_cache_SUITE.erl +++ b/lib/ssl/test/ssl_pem_cache_SUITE.erl @@ -243,8 +243,8 @@ invalid_insert() -> invalid_insert(Config) when is_list(Config) -> process_flag(trap_exit, true), [0, 0, 0, 0] = get_table_sizes(), %% Initialy all tables are empty - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), BadClientOpts = [{cacertfile, "tmp/does_not_exist.pem"} | proplists:delete(cacertfile, ClientOpts)], @@ -614,8 +614,8 @@ alternative_path_helper(Config, GetAlternative, %% Init - represents initial state %% ConnectedN - state after establishing Nth connection %% Disconnected - state after closing connections - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), - CACertFilePath0 = proplists:get_value(cacertfile, ClientOpts), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), + CACertFilePath0 = ssl_test_lib:ssl_options(cacertfile, ClientOpts), {ok, CACertFilename} = strip_path(CACertFilePath0), {ok, Cwd} = file:get_cwd(), @@ -705,8 +705,8 @@ create_initial_config(Config) -> ClientBase = filename:join(PrivDir, "client_test"), ServerBase = filename:join(PrivDir, "server_test"), PemConfig = x509_test:gen_pem_config_files(DerConfig, ClientBase, ServerBase), - ClientConf = proplists:get_value(client_config, PemConfig), - ServerConf = proplists:get_value(server_config, PemConfig), + ClientConf = ssl_test_lib:ssl_options(client_config, PemConfig), + ServerConf = ssl_test_lib:ssl_options(server_config, PemConfig), {proplists:get_value(cacertfile, ServerConf), ClientConf, ServerConf, ServerRootCert0, ClientBase, ServerBase}. @@ -752,7 +752,7 @@ pem_periodical_cleanup(Config, FileIds, ct:sleep(4 * ?SLEEP_AMOUNT), Init = get_table_sizes(), - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), {Server, Client} = basic_verify_test_no_close(Config), diff --git a/lib/ssl/test/ssl_session_cache_SUITE.erl b/lib/ssl/test/ssl_session_cache_SUITE.erl index e2559b156eb..bc0250318cc 100644 --- a/lib/ssl/test/ssl_session_cache_SUITE.erl +++ b/lib/ssl/test/ssl_session_cache_SUITE.erl @@ -360,8 +360,8 @@ max_table_size() -> [{doc,"Test max limit on session table"}]. max_table_size(Config) when is_list(Config) -> process_flag(trap_exit, true), - ClientOpts = proplists:get_value(client_rsa_verify_opts, Config), - ServerOpts = proplists:get_value(server_rsa_verify_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_verify_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_verify_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Server = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, diff --git a/lib/ssl/test/ssl_socket_SUITE.erl b/lib/ssl/test/ssl_socket_SUITE.erl index 6cfd111f358..5dd1e097897 100644 --- a/lib/ssl/test/ssl_socket_SUITE.erl +++ b/lib/ssl/test/ssl_socket_SUITE.erl @@ -151,8 +151,8 @@ getstat() -> [{doc,"Test API function getstat/2"}]. getstat(Config) when is_list(Config) -> - ClientOpts = ?config(client_rsa_opts, Config), - ServerOpts = ?config(server_rsa_opts, Config), + ClientOpts = ssl_test_lib:ssl_options(client_rsa_opts, Config), + ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Server1 = ssl_test_lib:start_server([{node, ServerNode}, {port, 0}, diff --git a/lib/ssl/test/ssl_test_lib.erl b/lib/ssl/test/ssl_test_lib.erl index 931fb1602e1..67970b537d1 100644 --- a/lib/ssl/test/ssl_test_lib.erl +++ b/lib/ssl/test/ssl_test_lib.erl @@ -730,7 +730,7 @@ connect(_, _, 0, AcceptSocket, _, _, _) -> connect(ListenSocket, Node, _N, _, Timeout, SslOpts, cancel) -> ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]), {ok, AcceptSocket} = ssl:transport_accept(ListenSocket), - ?CT_LOG("~nssl:handshake(~p,~p,~p)~n", [AcceptSocket, format_options(SslOpts),Timeout]), + ?CT_LOG("~nssl:handshake(~p,~0.p,~0.p)~n", [AcceptSocket, format_options(SslOpts),Timeout]), case ssl:handshake(AcceptSocket, SslOpts, Timeout) of {ok, Socket0, Ext} -> @@ -742,9 +742,9 @@ connect(ListenSocket, Node, _N, _, Timeout, SslOpts, cancel) -> Result end; connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) -> - ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]), + ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]), {ok, AcceptSocket} = ssl:transport_accept(ListenSocket), - ?CT_LOG("~nssl:handshake(~p,~p,~p)~n", [AcceptSocket, SslOpts,Timeout]), + ?CT_LOG("~nssl:handshake(~p,~0.p,~0.p)~n", [AcceptSocket, SslOpts,Timeout]), case ssl:handshake(AcceptSocket, SslOpts, Timeout) of {ok, Socket0, Ext} -> @@ -761,7 +761,7 @@ connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) -> _ -> ContOpts0 end, - ?CT_LOG("~nssl:handshake_continue(~p,~p,~p)~n", [Socket0, ContOpts,Timeout]), + ?CT_LOG("~nssl:handshake_continue(~p,~0.p,~0.p)~n", [Socket0, ContOpts,Timeout]), case ssl:handshake_continue(Socket0, ContOpts, Timeout) of {ok, Socket} -> connect(ListenSocket, Node, N-1, Socket, Timeout, SslOpts, ContOpts0); @@ -774,7 +774,7 @@ connect(ListenSocket, Node, N, _, Timeout, SslOpts, [_|_] =ContOpts0) -> Result end; connect(ListenSocket, Node, N, _, Timeout, [], ContOpts) -> - ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]), + ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]), {ok, AcceptSocket} = ssl:transport_accept(ListenSocket), ?CT_LOG("~nssl:handshake(~p, ~p)~n", [AcceptSocket, Timeout]), @@ -786,9 +786,9 @@ connect(ListenSocket, Node, N, _, Timeout, [], ContOpts) -> Result end; connect(ListenSocket, _Node, _, _, Timeout, Opts, _) -> - ?CT_LOG("ssl:transport_accept(~P)~n", [ListenSocket, ?PRINT_DEPTH]), - {ok, AcceptSocket} = ssl:transport_accept(ListenSocket), - ?CT_LOG("ssl:handshake(~p,~p, ~p)~n", [AcceptSocket, Opts, Timeout]), + ?CT_LOG("ssl:transport_accept(~0.P)~n", [ListenSocket, ?PRINT_DEPTH]), + {ok, AcceptSocket} = ssl:transport_accept(ListenSocket), + ?CT_LOG("ssl:handshake(~p,~0.p, ~0.p)~n", [AcceptSocket, Opts, Timeout]), ssl:handshake(AcceptSocket, Opts, Timeout), AcceptSocket. @@ -1891,12 +1891,11 @@ make_ecdsa_cert(Config) -> [{server_config, ServerConf}, {client_config, ClientConf}] = x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), - [{server_ecdsa_opts, [{reuseaddr, true} | ServerConf]}, - - {server_ecdsa_verify_opts, [{reuseaddr, true}, - {verify, verify_peer} | ServerConf]}, - {client_ecdsa_opts, [{verify, verify_none} | ClientConf]}, - {client_ecdsa_verify_opts, [{verify, verify_peer} | ClientConf]} + [{server_ecdsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end}, + {server_ecdsa_verify_opts, + fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end}, + {client_ecdsa_opts, fun() -> [{verify, verify_none} | ClientConf] end}, + {client_ecdsa_verify_opts, fun() -> [{verify, verify_peer} | ClientConf] end} | Config]; false -> Config @@ -1913,17 +1912,18 @@ make_rsa_cert(Config) -> GenCertData = public_key:pkix_test_data(CertChainConf), #{client_config := ClientDerConf, server_config := ServerDerConf} = GenCertData, - [{server_config, ServerConf}, - {client_config, ClientConf}] = - x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), - [{server_rsa_opts, [{reuseaddr, true} | ServerConf]}, - {server_rsa_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerConf]}, - {client_rsa_opts, [{verify, verify_none} | ClientConf]}, - {client_rsa_verify_opts, [{verify, verify_peer} | ClientConf]}, - {server_rsa_der_opts, [{reuseaddr, true}, {verify, verify_none} | ServerDerConf]}, - {server_rsa_der_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf]}, - {client_rsa_der_opts, [{verify, verify_none} | ClientDerConf]}, - {client_rsa_der_verify_opts, [{verify, verify_peer} |ClientDerConf]} + [{server_config, ServerConf}, + {client_config, ClientConf}] = + x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), + + [{server_rsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end}, + {server_rsa_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end}, + {client_rsa_opts, fun() -> [{verify, verify_none} | ClientConf] end}, + {client_rsa_verify_opts, fun() -> [{verify, verify_peer} | ClientConf] end}, + {server_rsa_der_opts, fun() -> [{reuseaddr, true}, {verify, verify_none} | ServerDerConf] end}, + {server_rsa_der_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf] end}, + {client_rsa_der_opts, fun() -> [{verify, verify_none} | ClientDerConf] end}, + {client_rsa_der_verify_opts, fun() -> [{verify, verify_peer} |ClientDerConf] end} | Config]; false -> Config @@ -1955,7 +1955,8 @@ make_rsa_cert_with_protected_keyfile(Config0, Password) -> "tls_password_client.pem"), der_to_pem(ProtectedClientKeyFile, [ProtectedPemEntry]), ProtectedClientOpts = [{keyfile,ProtectedClientKeyFile} | proplists:delete(keyfile, ClientOpts)], - [{client_protected_rsa_opts, ProtectedClientOpts} | Config1]. + [{client_protected_rsa_opts, fun() -> ProtectedClientOpts end} + | Config1]. make_rsa_1024_cert(Config) -> CryptoSupport = crypto:supports(), @@ -1971,14 +1972,14 @@ make_rsa_1024_cert(Config) -> [{server_config, ServerConf}, {client_config, ClientConf}] = x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), - [{server_rsa_1024_opts, [{ssl_imp, new},{reuseaddr, true} | ServerConf]}, - {server_rsa_1024_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerConf]}, - {client_rsa_1024_opts, [{verify, verify_none} | ClientConf]}, - {client_rsa_1024_verify_opts, [{verify, verify_peer} |ClientConf]}, - {server_rsa_1024_der_opts, [{reuseaddr, true} | ServerDerConf]}, - {server_rsa_1024_der_verify_opts, [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf]}, - {client_rsa_1024_der_opts, [{verify, verify_none} | ClientDerConf]}, - {client_rsa_1024_der_verify_opts, [{verify, verify_peer} |ClientDerConf]} + [{server_rsa_1024_opts, fun() -> [{ssl_imp, new},{reuseaddr, true} | ServerConf] end}, + {server_rsa_1024_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerConf] end}, + {client_rsa_1024_opts, fun() -> [{verify, verify_none} | ClientConf] end}, + {client_rsa_1024_verify_opts, fun() -> [{verify, verify_peer} |ClientConf] end}, + {server_rsa_1024_der_opts, fun() -> [{reuseaddr, true} | ServerDerConf] end}, + {server_rsa_1024_der_verify_opts, fun() -> [{reuseaddr, true}, {verify, verify_peer} | ServerDerConf] end}, + {client_rsa_1024_der_opts, fun() -> [{verify, verify_none} | ClientDerConf] end}, + {client_rsa_1024_der_verify_opts, fun() -> [{verify, verify_peer} |ClientDerConf] end} | Config]; false -> Config @@ -2016,13 +2017,10 @@ make_ecdh_rsa_cert(Config) -> {client_config, ClientConf}] = x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), - [{server_ecdh_rsa_opts, [{ssl_imp, new},{reuseaddr, true} | ServerConf]}, - - {server_ecdh_rsa_verify_opts, [{ssl_imp, new},{reuseaddr, true}, - {verify, verify_peer} | ServerConf]}, - - {client_ecdh_rsa_opts, ClientConf} - + [{server_ecdh_rsa_opts, fun() -> [{ssl_imp, new},{reuseaddr, true} | ServerConf] end}, + {server_ecdh_rsa_verify_opts, + fun() ->[{ssl_imp, new},{reuseaddr, true}, {verify, verify_peer} | ServerConf] end}, + {client_ecdh_rsa_opts, fun() -> ClientConf end} | Config]; _ -> Config @@ -2044,10 +2042,11 @@ make_rsa_ecdsa_cert(Config, Curve) -> {client_config, ClientConf}] = x509_test:gen_pem_config_files(GenCertData, ClientFileBase, ServerFileBase), - [{server_rsa_ecdsa_opts, [{reuseaddr, true} | ServerConf]}, - {server_rsa_ecdsa_verify_opts, [{ssl_imp, new},{reuseaddr, true}, - {verify, verify_peer} | ServerConf]}, - {client_rsa_ecdsa_opts, [{verify, verify_none} | ClientConf]} | Config]; + [{server_rsa_ecdsa_opts, fun() -> [{reuseaddr, true} | ServerConf] end}, + {server_rsa_ecdsa_verify_opts, + fun() -> [{ssl_imp, new},{reuseaddr, true},{verify, verify_peer} | ServerConf] end}, + {client_rsa_ecdsa_opts, fun() -> [{verify, verify_none} | ClientConf] end} + | Config]; _ -> Config end. @@ -2833,7 +2832,7 @@ is_dtls_version(_) -> openssl_tls_version_support(Version, Config0) -> Config = make_rsa_cert(Config0), - ServerOpts = proplists:get_value(server_rsa_opts, Config), + ServerOpts = ssl_options(server_rsa_opts, Config), Port = inet_port(node()), CaCertFile = proplists:get_value(cacertfile, ServerOpts), CertFile = proplists:get_value(certfile, ServerOpts), @@ -3667,16 +3666,27 @@ ubuntu_legacy_support() -> end. ssl_options(Extra, Option, Config) -> - ExtraOpts = proplists:get_value(Extra, Config, []), + ExtraOpts = case proplists:get_value(Extra, Config, []) of + Settings when is_list(Settings) -> Settings; + Fun when is_function(Fun, 0) -> Fun(); + Other -> Other + end, ExtraOpts ++ ssl_options(Option, Config). ssl_options(Option, Config) when is_atom(Option) -> ProtocolOpts = proplists:get_value(protocol_opts, Config, []), - Opts = proplists:get_value(Option, Config, []), + Opts = case proplists:get_value(Option, Config, []) of + Settings when is_list(Settings) -> Settings; + Fun when is_function(Fun, 0) -> Fun(); + Other -> Other + end, Opts ++ ProtocolOpts; -ssl_options(Options, Config) -> +ssl_options(Options, Config) when is_list(Options) -> + ProtocolOpts = proplists:get_value(protocol_opts, Config, []), + Options ++ ProtocolOpts; +ssl_options(OptionFun, Config) when is_function(OptionFun, 0) -> ProtocolOpts = proplists:get_value(protocol_opts, Config, []), - Options ++ ProtocolOpts. + OptionFun() ++ ProtocolOpts. protocol_version(Config) -> case proplists:get_value(version, Config, undefined) of diff --git a/lib/ssl/test/tls_api_SUITE.erl b/lib/ssl/test/tls_api_SUITE.erl index 79cb932f9da..af33c4d3f44 100644 --- a/lib/ssl/test/tls_api_SUITE.erl +++ b/lib/ssl/test/tls_api_SUITE.erl @@ -1259,7 +1259,7 @@ tls_password_correct() -> [{doc, "Test that connection is possible with a correct password"}]. tls_password_correct(Config) when is_list(Config) -> F = fun (P) -> - ProtectedClientOpts = ?config(client_protected_rsa_opts, Config), + ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), @@ -1289,7 +1289,7 @@ tls_password_incorrect() -> [{doc, "Test that connection is not possible with wrong password"}]. tls_password_incorrect(Config) when is_list(Config) -> F = fun (P) -> - ProtectedClientOpts = ?config(client_protected_rsa_opts, Config), + ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), @@ -1323,7 +1323,7 @@ tls_password_badarg() -> [{doc, "Test that connection is not possible with badarg password"}]. tls_password_badarg(Config) when is_list(Config) -> F = fun (P, ServerError, ClientError) -> - ProtectedClientOpts = ?config(client_protected_rsa_opts, Config), + ProtectedClientOpts = ssl_test_lib:ssl_options(client_protected_rsa_opts, Config), ServerOpts = ssl_test_lib:ssl_options(server_rsa_opts, Config), {ClientNode, ServerNode, Hostname} = ssl_test_lib:run_where(Config), Server = ssl_test_lib:start_server_error([{node, ServerNode}, {port, 0},