From 98bc2d6c2d373b5caddde799c220123decfe37b4 Mon Sep 17 00:00:00 2001
From: Nelson Vides <nelson.vides@erlang-solutions.com>
Date: Thu, 9 Jan 2025 13:43:31 +0100
Subject: [PATCH] Remove fast_tls from big_tests

---
 big_tests/tests/connect_SUITE.erl            | 11 ++---------
 big_tests/tests/mod_global_distrib_SUITE.erl |  2 +-
 big_tests/tests/sasl_external_SUITE.erl      | 18 ++----------------
 rel/fed1.vars-toml.config                    |  5 -----
 rel/files/mongooseim.toml                    |  6 +++---
 rel/mim1.vars-toml.config                    |  5 ++---
 rel/mim2.vars-toml.config                    |  5 -----
 rel/mim3.vars-toml.config                    |  6 ------
 rel/prod.vars-toml.config                    |  3 ---
 rel/reg1.vars-toml.config                    |  5 -----
 10 files changed, 10 insertions(+), 56 deletions(-)

diff --git a/big_tests/tests/connect_SUITE.erl b/big_tests/tests/connect_SUITE.erl
index 36658a3d6d..1bd38aa4bd 100644
--- a/big_tests/tests/connect_SUITE.erl
+++ b/big_tests/tests/connect_SUITE.erl
@@ -50,7 +50,6 @@ all() ->
         {group, incorrect_behaviors},
         {group, proxy_protocol},
         %% these groups must be last, as they really... complicate configuration
-        {group, fast_tls},
         {group, just_tls}
     ].
 
@@ -77,7 +76,6 @@ groups() ->
         {verify_peer, [], [verify_peer_disconnects_when_client_has_no_cert,
                            verify_peer_ignores_when_client_has_no_cert]},
         {just_tls, [{group, verify_peer} | tls_groups()]},
-        {fast_tls, tls_groups()},
         {session_replacement, [], [same_resource_replaces_session,
                                    clean_close_of_replaced_session,
                                    replaced_session_cannot_terminate,
@@ -119,7 +117,7 @@ cipher_test_cases() ->
         clients_can_connect_with_advertised_ciphers,
         % String cipher
         'clients_can_connect_with_ECDHE-RSA-AES256-GCM-SHA384',
-        %% MIM2 accepts ECDHE-RSA-AES256-GCM-SHA384 exclusively with fast_tls on alternative port
+        %% MIM2 accepts ECDHE-RSA-AES256-GCM-SHA384 exclusively on alternative port
         %% MIM3 accepts #{cipher => aes_256_gcm, key_exchange => ecdhe_rsa, mac => aead, prf => sha384}
         %%      exclusively with just_tls on alternative port
         'clients_can_connect_with_ECDHE-RSA-AES256-GCM-SHA384_only'
@@ -171,8 +169,6 @@ init_per_group(tls, Config) ->
     [{c2s_port, ct:get_config({hosts, mim, c2s_port})} | Config2];
 init_per_group(just_tls, Config)->
     [{tls_module, just_tls} | Config];
-init_per_group(fast_tls, Config)->
-    [{tls_module, fast_tls} | Config];
 init_per_group(proxy_protocol, Config) ->
     configure_c2s_listener(Config, #{proxy_protocol => true}),
     Config;
@@ -371,10 +367,7 @@ clients_can_connect_with_advertised_ciphers(Config) ->
                          ciphers_working_with_ssl_clients(Config))).
 
 'clients_can_connect_with_ECDHE-RSA-AES256-GCM-SHA384_only'(Config) ->
-    Port = case ?config(tls_module, Config) of
-               just_tls -> ct:get_config({hosts, mim3, c2s_tls_port});
-               fast_tls -> ct:get_config({hosts, mim2, c2s_tls_port})
-           end,
+    Port = ct:get_config({hosts, mim3, c2s_tls_port}),
     Config1 = [{c2s_port, Port} | Config],
     CiphersStr = os:cmd("openssl ciphers 'ECDHE-RSA-AES256-GCM-SHA384'"),
     ct:pal("Available cipher suites for : ~s", [CiphersStr]),
diff --git a/big_tests/tests/mod_global_distrib_SUITE.erl b/big_tests/tests/mod_global_distrib_SUITE.erl
index 0081a3b60c..ace92c1171 100644
--- a/big_tests/tests/mod_global_distrib_SUITE.erl
+++ b/big_tests/tests/mod_global_distrib_SUITE.erl
@@ -233,7 +233,7 @@ set_opts(defaults, Opts) ->
 set_opts(connections, #{connections := ConnExtra} = Opts) ->
     TLSOpts = config([modules, mod_global_distrib, connections, tls],
                      #{certfile => "priv/ssl/fake_server.pem",
-                       cacertfile => "priv/ssl/ca/cacert.pem"}),
+                       cacertfile => "priv/ssl/cacert.pem"}),
     Opts#{connections := config([modules, mod_global_distrib, connections],
                                 maps:merge(#{tls => TLSOpts}, ConnExtra))};
 set_opts(redis, #{redis := RedisExtra} = Opts) ->
diff --git a/big_tests/tests/sasl_external_SUITE.erl b/big_tests/tests/sasl_external_SUITE.erl
index 5665ccc1eb..c523540934 100644
--- a/big_tests/tests/sasl_external_SUITE.erl
+++ b/big_tests/tests/sasl_external_SUITE.erl
@@ -10,7 +10,6 @@
 
 all() ->
     [
-     {group, fast_tls},
      {group, just_tls}].
 
 groups() ->
@@ -25,7 +24,6 @@ groups() ->
      {self_signed_certs_not_allowed, [parallel], self_signed_certs_not_allowed_test_cases()},
      {ca_signed, [self_signed_certs_not_allowed_group() | base_groups()]},
      {self_signed, [self_signed_certs_allowed_group() | base_groups()]},
-     {fast_tls, [{group, ca_signed}]},
      {just_tls, all_groups()} ].
 
 all_groups() ->
@@ -101,10 +99,6 @@ end_per_suite(Config) ->
     ejabberd_node_utils:restart_application(mongooseim),
     escalus:end_per_suite(Config).
 
-init_per_group(just_tls, Config) ->
-    [{tls_module, just_tls} | Config];
-init_per_group(fast_tls, Config) ->
-    [{tls_module, fast_tls} | Config];
 init_per_group(ca_signed, Config) ->
     [{signed, ca},
      {ssl_options, "\n  tls.disconnect_on_failure = false"},
@@ -144,21 +138,13 @@ init_per_group(_, Config) ->
     Config.
 
 modify_config_and_restart(CyrsaslExternalConfig, Config) ->
-    TLSModule = atom_to_list(escalus_config:get_config(tls_module, Config, just_tls)),
     VerifyMode = escalus_config:get_config(verify_mode, Config, ""),
-    SSLOpts = case TLSModule of
-                  "just_tls" -> escalus_config:get_config(ssl_options, Config, "") ++ VerifyMode;
-                  "fast_tls" -> ""
-              end,
+    SSLOpts = escalus_config:get_config(ssl_options, Config, "") ++ VerifyMode,
     AuthMethods = escalus_config:get_config(auth_methods, Config,
                                             [{auth_method, "pki"}, {auth_method_opts, false}]),
     CACertFile = filename:join([path_helper:repo_dir(Config),
                                 "tools", "ssl", "ca-clients", "cacert.pem"]),
-    NewConfigValues = [{tls_config, "tls.module = \"" ++ TLSModule ++ "\"\n"
-                                    "  tls.certfile = \"priv/ssl/fake_server.pem\"\n"
-                                    "  tls.cacertfile = \"" ++ CACertFile ++ "\""
-                                    ++ SSLOpts},
-                       {s2s_tls_config, "tls.certfile = \"priv/ssl/fake_server.pem\"\n"
+    NewConfigValues = [{tls_config, "tls.certfile = \"priv/ssl/fake_server.pem\"\n"
                                     "  tls.cacertfile = \"" ++ CACertFile ++ "\""
                                     ++ SSLOpts},
                        {https_config, "tls.certfile = \"priv/ssl/fake_cert.pem\"\n"
diff --git a/rel/fed1.vars-toml.config b/rel/fed1.vars-toml.config
index 9bd318d32b..c90682fc67 100644
--- a/rel/fed1.vars-toml.config
+++ b/rel/fed1.vars-toml.config
@@ -48,11 +48,6 @@
   tls.mode = \"starttls\"
   tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\"
-  tls.mode = \"starttls\"
-  tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
-
 {instrumentation, "[instrumentation.exometer]
 
 [instrumentation.prometheus]
diff --git a/rel/files/mongooseim.toml b/rel/files/mongooseim.toml
index 207a19b7b8..f027ee129e 100644
--- a/rel/files/mongooseim.toml
+++ b/rel/files/mongooseim.toml
@@ -148,9 +148,9 @@
   port = {{{incoming_s2s_port}}}
   shaper = "s2s_shaper"
   max_stanza_size = 131072
-  {{#s2s_tls_config}}
-  {{{s2s_tls_config}}}
-  {{/s2s_tls_config}}
+  {{#tls_config}}
+  {{{tls_config}}}
+  {{/tls_config}}
   {{#s2s_dhfile}}
   tls.dhfile = {{{s2s_dhfile}}}
   {{/s2s_dhfile}}
diff --git a/rel/mim1.vars-toml.config b/rel/mim1.vars-toml.config
index ed88376ded..93c59ec4bf 100644
--- a/rel/mim1.vars-toml.config
+++ b/rel/mim1.vars-toml.config
@@ -63,9 +63,6 @@
 {tls_config, "tls.verify_mode = \"none\"
   tls.certfile = \"priv/ssl/fake_server.pem\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\""}.
-
 {secondary_c2s,
   "[[listen.c2s]]
   port = {{ c2s_tls_port }}
@@ -74,7 +71,9 @@
   max_stanza_size = 65536
   tls.certfile = \"priv/ssl/fake_server.pem\"
   tls.cacertfile = \"priv/ssl/cacert.pem\"
+  tls.verify_mode = \"none\"
   tls.mode = \"tls\""}.
+
 {listen_component,
   "[[listen.component]]
   port = {{ component_port }}
diff --git a/rel/mim2.vars-toml.config b/rel/mim2.vars-toml.config
index 9d0498d3b9..b419d83e66 100644
--- a/rel/mim2.vars-toml.config
+++ b/rel/mim2.vars-toml.config
@@ -30,11 +30,6 @@
   tls.mode = \"starttls\"
   tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\"
-  tls.mode = \"starttls\"
-  tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
-
 {secondary_c2s,
   "[[listen.c2s]]
   port = {{ c2s_tls_port }}
diff --git a/rel/mim3.vars-toml.config b/rel/mim3.vars-toml.config
index f805a8e167..8ec9b1fe19 100644
--- a/rel/mim3.vars-toml.config
+++ b/rel/mim3.vars-toml.config
@@ -35,11 +35,6 @@
   tls.mode = \"starttls\"
   tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\"
-  tls.mode = \"starttls\"
-  tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
-
 {instrumentation, "[instrumentation.exometer]
 
 [instrumentation.prometheus]
@@ -55,7 +50,6 @@
   tls.cacertfile = \"priv/ssl/cacert.pem\"
   tls.certfile = \"priv/ssl/fake_server.pem\"
   tls.mode = \"tls\"
-  tls.module = \"just_tls\"
   tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
 
 {c2s_dhfile, "\"priv/ssl/fake_dh_server.pem\""}.
diff --git a/rel/prod.vars-toml.config b/rel/prod.vars-toml.config
index cdb035b295..777f627b60 100644
--- a/rel/prod.vars-toml.config
+++ b/rel/prod.vars-toml.config
@@ -35,9 +35,6 @@
 {tls_config, "tls.verify_mode = \"none\"
   tls.certfile = \"priv/ssl/fake_server.pem\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\""}.
-
 {instrumentation, "[instrumentation.prometheus]
 
 [instrumentation.log]"}.
diff --git a/rel/reg1.vars-toml.config b/rel/reg1.vars-toml.config
index 7844f9501d..a1a411547c 100644
--- a/rel/reg1.vars-toml.config
+++ b/rel/reg1.vars-toml.config
@@ -45,11 +45,6 @@
   tls.mode = \"starttls\"
   tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
 
-{s2s_tls_config, "tls.verify_mode = \"none\"
-  tls.certfile = \"priv/ssl/fake_server.pem\"
-  tls.mode = \"starttls\"
-  tls.ciphers = \"ECDHE-RSA-AES256-GCM-SHA384\""}.
-
 {instrumentation, "[instrumentation.exometer]
 
 [instrumentation.prometheus]