umgeher/cowboy
0
Fork 0
mirror of https://github.com/ninenines/cowboy.git synced 2025-07-14 12:20:24 +00:00
Code Issues Wiki Activity

Fix TLS tests for OTP-26+

Browse source 
ct_helper now uses the test certificates generated by
public_key. A few adjustments had to be made as a result.
This commit is contained in:
Loïc Hoguin 2023-03-30 15:38:29 +02:00
parent 251e70b219
commit 12108ab668
No known key found for this signature in database
GPG key ID: 8A9DF795F6FED764
5 changed files with 70 additions and 60 deletions
Download patch file Download diff file Expand all files Collapse all files

6
test/cowboy_test.erl
View file

@ -112,10 +112,14 @@ gun_open(Config) ->
gun_open(Config, #{}). gun_open(Config, #{}).
gun_open(Config, Opts) -> gun_open(Config, Opts) ->
TlsOpts = case proplists:get_value(no_cert, Config, false) of
true -> [{verify, verify_none}];
false -> ct_helper:get_certs_from_ets()
end,
{ok, ConnPid} = gun:open("localhost", config(port, Config), Opts#{ {ok, ConnPid} = gun:open("localhost", config(port, Config), Opts#{
retry => 0, retry => 0,
transport => config(type, Config), transport => config(type, Config),
tls_opts => [{versions, ['tlsv1.2']}|proplists:get_value(tls_opts, Config, [])], tls_opts => TlsOpts,
protocols => [config(protocol, Config)] protocols => [config(protocol, Config)]
}), }),
ConnPid. ConnPid.

6
test/proxy_header_SUITE.erl
View file

@ -126,7 +126,8 @@ do_proxy_header_https(Config, ProxyInfo) ->
{ok, Socket0} = gen_tcp:connect("localhost", config(port, Config), {ok, Socket0} = gen_tcp:connect("localhost", config(port, Config),
[binary, {active, false}, {packet, raw}]), [binary, {active, false}, {packet, raw}]),
ok = gen_tcp:send(Socket0, ranch_proxy_header:header(ProxyInfo)), ok = gen_tcp:send(Socket0, ranch_proxy_header:header(ProxyInfo)),
{ok, Socket} = ssl:connect(Socket0, [{versions, ['tlsv1.2']}], 1000), TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect(Socket0, TlsOpts, 1000),
do_proxy_header_http_common({raw_client, Socket, ssl}, ProxyInfo). do_proxy_header_http_common({raw_client, Socket, ssl}, ProxyInfo).
do_proxy_header_http_common(Client, ProxyInfo) -> do_proxy_header_http_common(Client, ProxyInfo) ->
@ -151,8 +152,9 @@ do_proxy_header_h2(Config, ProxyInfo) ->
{ok, Socket0} = gen_tcp:connect("localhost", config(port, Config), {ok, Socket0} = gen_tcp:connect("localhost", config(port, Config),
[binary, {active, false}, {packet, raw}]), [binary, {active, false}, {packet, raw}]),
ok = gen_tcp:send(Socket0, ranch_proxy_header:header(ProxyInfo)), ok = gen_tcp:send(Socket0, ranch_proxy_header:header(ProxyInfo)),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect(Socket0, {ok, Socket} = ssl:connect(Socket0,
[{alpn_advertised_protocols, [<<"h2">>]}, {versions, ['tlsv1.2']}], 1000), [{alpn_advertised_protocols, [<<"h2">>]}|TlsOpts], 1000),
do_proxy_header_h2_common({raw_client, Socket, ssl}, ProxyInfo). do_proxy_header_h2_common({raw_client, Socket, ssl}, ProxyInfo).
do_proxy_header_h2c(Config, ProxyInfo) -> do_proxy_header_h2c(Config, ProxyInfo) ->

12
test/req_SUITE.erl
View file

@ -184,22 +184,16 @@ cert(Config) ->
ssl -> do_cert(Config) ssl -> do_cert(Config)
end. end.
do_cert(Config0) -> do_cert(Config) ->
doc("A client TLS certificate was provided."), doc("A client TLS certificate was provided."),
{CaCert, Cert, Key} = ct_helper:make_certs(),
Config = [{tls_opts, [
{cert, Cert},
{key, Key},
{cacerts, [CaCert]}
]}|Config0],
Cert = do_get_body("/cert", Config), Cert = do_get_body("/cert", Config),
Cert = do_get_body("/direct/cert", Config), Cert = do_get_body("/direct/cert", Config),
ok. ok.
cert_undefined(Config) -> cert_undefined(Config) ->
doc("No client TLS certificate was provided."), doc("No client TLS certificate was provided."),
<<"undefined">> = do_get_body("/cert", Config), <<"undefined">> = do_get_body("/cert", [{no_cert, true}|Config]),
<<"undefined">> = do_get_body("/direct/cert", Config), <<"undefined">> = do_get_body("/direct/cert", [{no_cert, true}|Config]),
ok. ok.
header(Config) -> header(Config) ->

33
test/rfc7540_SUITE.erl
View file

@ -589,18 +589,20 @@ http_upgrade_response_half_closed(Config) ->
alpn_ignore_h2c(Config) -> alpn_ignore_h2c(Config) ->
doc("An h2c ALPN protocol identifier must be ignored. (RFC7540 3.3)"), doc("An h2c ALPN protocol identifier must be ignored. (RFC7540 3.3)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2c">>, <<"http/1.1">>]}, [{alpn_advertised_protocols, [<<"h2c">>, <<"http/1.1">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"http/1.1">>} = ssl:negotiated_protocol(Socket), {ok, <<"http/1.1">>} = ssl:negotiated_protocol(Socket),
ok. ok.
alpn_server_preface(Config) -> alpn_server_preface(Config) ->
doc("The first frame must be a SETTINGS frame " doc("The first frame must be a SETTINGS frame "
"for the server connection preface. (RFC7540 3.3, RFC7540 3.5, RFC7540 6.5)"), "for the server connection preface. (RFC7540 3.3, RFC7540 3.5, RFC7540 6.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Receive the server preface. %% Receive the server preface.
{ok, << _:24, 4:8, 0:40 >>} = ssl:recv(Socket, 9, 1000), {ok, << _:24, 4:8, 0:40 >>} = ssl:recv(Socket, 9, 1000),
@ -609,9 +611,10 @@ alpn_server_preface(Config) ->
alpn_client_preface_timeout(Config) -> alpn_client_preface_timeout(Config) ->
doc("Clients negotiating HTTP/2 and not sending a preface in " doc("Clients negotiating HTTP/2 and not sending a preface in "
"a timely manner must be disconnected."), "a timely manner must be disconnected."),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Receive the server preface. %% Receive the server preface.
{ok, << Len:24 >>} = ssl:recv(Socket, 3, 1000), {ok, << Len:24 >>} = ssl:recv(Socket, 3, 1000),
@ -623,9 +626,10 @@ alpn_client_preface_timeout(Config) ->
alpn_reject_missing_client_preface(Config) -> alpn_reject_missing_client_preface(Config) ->
doc("Servers must treat an invalid connection preface as a " doc("Servers must treat an invalid connection preface as a "
"connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"), "connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a SETTINGS frame directly instead of the proper preface. %% Send a SETTINGS frame directly instead of the proper preface.
ok = ssl:send(Socket, cow_http2:settings(#{})), ok = ssl:send(Socket, cow_http2:settings(#{})),
@ -639,9 +643,10 @@ alpn_reject_missing_client_preface(Config) ->
alpn_reject_invalid_client_preface(Config) -> alpn_reject_invalid_client_preface(Config) ->
doc("Servers must treat an invalid connection preface as a " doc("Servers must treat an invalid connection preface as a "
"connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"), "connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a slightly incorrect preface. %% Send a slightly incorrect preface.
ok = ssl:send(Socket, "PRI * HTTP/2.0\r\n\r\nSM: Value\r\n\r\n"), ok = ssl:send(Socket, "PRI * HTTP/2.0\r\n\r\nSM: Value\r\n\r\n"),
@ -655,9 +660,10 @@ alpn_reject_invalid_client_preface(Config) ->
alpn_reject_missing_client_preface_settings(Config) -> alpn_reject_missing_client_preface_settings(Config) ->
doc("Servers must treat an invalid connection preface as a " doc("Servers must treat an invalid connection preface as a "
"connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"), "connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a valid preface sequence except followed by a PING instead of a SETTINGS frame. %% Send a valid preface sequence except followed by a PING instead of a SETTINGS frame.
ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:ping(0)]), ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:ping(0)]),
@ -671,9 +677,10 @@ alpn_reject_missing_client_preface_settings(Config) ->
alpn_reject_invalid_client_preface_settings(Config) -> alpn_reject_invalid_client_preface_settings(Config) ->
doc("Servers must treat an invalid connection preface as a " doc("Servers must treat an invalid connection preface as a "
"connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"), "connection error of type PROTOCOL_ERROR. (RFC7540 3.3, RFC7540 3.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a valid preface sequence except followed by a badly formed SETTINGS frame. %% Send a valid preface sequence except followed by a badly formed SETTINGS frame.
ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", << 0:24, 4:8, 0:9, 1:31 >>]), ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", << 0:24, 4:8, 0:9, 1:31 >>]),
@ -686,9 +693,10 @@ alpn_reject_invalid_client_preface_settings(Config) ->
alpn_accept_client_preface_empty_settings(Config) -> alpn_accept_client_preface_empty_settings(Config) ->
doc("The SETTINGS frame in the client preface may be empty. (RFC7540 3.3, RFC7540 3.5)"), doc("The SETTINGS frame in the client preface may be empty. (RFC7540 3.3, RFC7540 3.5)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a valid preface sequence except followed by an empty SETTINGS frame. %% Send a valid preface sequence except followed by an empty SETTINGS frame.
ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]), ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]),
@ -702,9 +710,10 @@ alpn_accept_client_preface_empty_settings(Config) ->
alpn_client_preface_settings_ack_timeout(Config) -> alpn_client_preface_settings_ack_timeout(Config) ->
doc("Failure to acknowledge the server's SETTINGS frame " doc("Failure to acknowledge the server's SETTINGS frame "
"results in a SETTINGS_TIMEOUT connection error. (RFC7540 3.5, RFC7540 6.5.3)"), "results in a SETTINGS_TIMEOUT connection error. (RFC7540 3.5, RFC7540 6.5.3)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a valid preface. %% Send a valid preface.
ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]), ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]),
@ -719,9 +728,10 @@ alpn_client_preface_settings_ack_timeout(Config) ->
alpn(Config) -> alpn(Config) ->
doc("Successful ALPN negotiation. (RFC7540 3.3)"), doc("Successful ALPN negotiation. (RFC7540 3.3)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[{alpn_advertised_protocols, [<<"h2">>]}, [{alpn_advertised_protocols, [<<"h2">>]},
binary, {active, false}, {versions, ['tlsv1.2']}]), binary, {active, false}|TlsOpts]),
{ok, <<"h2">>} = ssl:negotiated_protocol(Socket), {ok, <<"h2">>} = ssl:negotiated_protocol(Socket),
%% Send a valid preface. %% Send a valid preface.
%% @todo Use non-empty SETTINGS here. Just because. %% @todo Use non-empty SETTINGS here. Just because.
@ -745,8 +755,9 @@ alpn(Config) ->
prior_knowledge_reject_tls(Config) -> prior_knowledge_reject_tls(Config) ->
doc("Implementations that support HTTP/2 over TLS must use ALPN. (RFC7540 3.4)"), doc("Implementations that support HTTP/2 over TLS must use ALPN. (RFC7540 3.4)"),
TlsOpts = ct_helper:get_certs_from_ets(),
{ok, Socket} = ssl:connect("localhost", config(port, Config), {ok, Socket} = ssl:connect("localhost", config(port, Config),
[binary, {active, false}, {versions, ['tlsv1.2']}]), [binary, {active, false}|TlsOpts]),
%% Send a valid preface. %% Send a valid preface.
ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]), ok = ssl:send(Socket, ["PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n", cow_http2:settings(#{})]),
%% We expect the server to send an HTTP 400 error %% We expect the server to send an HTTP 400 error

73
test/sys_SUITE.erl
View file

@ -22,7 +22,6 @@
-import(ct_helper, [get_remote_pid_tcp/1]). -import(ct_helper, [get_remote_pid_tcp/1]).
-import(ct_helper, [get_remote_pid_tls/1]). -import(ct_helper, [get_remote_pid_tls/1]).
-import(ct_helper, [is_process_down/1]). -import(ct_helper, [is_process_down/1]).
-import(cowboy_test, [gun_open/1]).
all() -> all() ->
[{group, sys}]. [{group, sys}].
@ -109,8 +108,8 @@ bad_system_from_h1(Config) ->
bad_system_from_h2(Config) -> bad_system_from_h2(Config) ->
doc("h2: Sending a system message with a bad From value results in a process crash."), doc("h2: Sending a system message with a bad From value results in a process crash."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -177,8 +176,8 @@ bad_system_message_h1(Config) ->
bad_system_message_h2(Config) -> bad_system_message_h2(Config) ->
doc("h2: Sending a system message with a bad Request value results in an error."), doc("h2: Sending a system message with a bad Request value results in an error."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -254,8 +253,8 @@ good_system_message_h1(Config) ->
good_system_message_h2(Config) -> good_system_message_h2(Config) ->
doc("h2: System messages are handled properly."), doc("h2: System messages are handled properly."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -339,8 +338,8 @@ trap_exit_parent_exit_h2(Config) ->
doc("h2: A process trapping exits must stop when receiving " doc("h2: A process trapping exits must stop when receiving "
"an 'EXIT' message from its parent."), "an 'EXIT' message from its parent."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -412,8 +411,8 @@ trap_exit_other_exit_h2(Config) ->
doc("h2: A process trapping exits must ignore " doc("h2: A process trapping exits must ignore "
"'EXIT' messages from unknown processes."), "'EXIT' messages from unknown processes."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
Pid ! {'EXIT', self(), {shutdown, ?MODULE}}, Pid ! {'EXIT', self(), {shutdown, ?MODULE}},
@ -531,8 +530,8 @@ sys_change_code_h1(Config) ->
sys_change_code_h2(Config) -> sys_change_code_h2(Config) ->
doc("h2: The sys:change_code/4 function works as expected."), doc("h2: The sys:change_code/4 function works as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% Suspend the process and try to get a request in. The %% Suspend the process and try to get a request in. The
@ -615,8 +614,8 @@ sys_get_state_h1(Config) ->
sys_get_state_h2(Config) -> sys_get_state_h2(Config) ->
doc("h2: The sys:get_state/1 function works as expected."), doc("h2: The sys:get_state/1 function works as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -678,8 +677,8 @@ sys_get_status_h1(Config) ->
sys_get_status_h2(Config) -> sys_get_status_h2(Config) ->
doc("h2: The sys:get_status/1 function works as expected."), doc("h2: The sys:get_status/1 function works as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -740,8 +739,8 @@ sys_replace_state_h1(Config) ->
sys_replace_state_h2(Config) -> sys_replace_state_h2(Config) ->
doc("h2: The sys:replace_state/2 function works as expected."), doc("h2: The sys:replace_state/2 function works as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -810,8 +809,8 @@ sys_suspend_and_resume_h1(Config) ->
sys_suspend_and_resume_h2(Config) -> sys_suspend_and_resume_h2(Config) ->
doc("h2: The sys:suspend/1 and sys:resume/1 functions work as expected."), doc("h2: The sys:suspend/1 and sys:resume/1 functions work as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% Suspend the process and try to get a request in. The %% Suspend the process and try to get a request in. The
@ -890,8 +889,8 @@ sys_terminate_h1(Config) ->
sys_terminate_h2(Config) -> sys_terminate_h2(Config) ->
doc("h2: The sys:terminate/2,3 function works as expected."), doc("h2: The sys:terminate/2,3 function works as expected."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
%% Skip the SETTINGS frame. %% Skip the SETTINGS frame.
{ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000), {ok, <<_,_,_,4,_/bits>>} = ssl:recv(Socket, 0, 1000),
timer:sleep(100), timer:sleep(100),
@ -994,8 +993,8 @@ supervisor_count_children_h1(Config) ->
supervisor_count_children_h2(Config) -> supervisor_count_children_h2(Config) ->
doc("h2: The function supervisor:count_children/1 must work."), doc("h2: The function supervisor:count_children/1 must work."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% No request was sent so there's no children. %% No request was sent so there's no children.
@ -1067,8 +1066,8 @@ supervisor_delete_child_not_found_h1(Config) ->
supervisor_delete_child_not_found_h2(Config) -> supervisor_delete_child_not_found_h2(Config) ->
doc("h2: The function supervisor:delete_child/2 must return {error, not_found}."), doc("h2: The function supervisor:delete_child/2 must return {error, not_found}."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% When no children exist. %% When no children exist.
@ -1127,8 +1126,8 @@ supervisor_get_childspec_not_found_h1(Config) ->
supervisor_get_childspec_not_found_h2(Config) -> supervisor_get_childspec_not_found_h2(Config) ->
doc("h2: The function supervisor:get_childspec/2 must return {error, not_found}."), doc("h2: The function supervisor:get_childspec/2 must return {error, not_found}."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% When no children exist. %% When no children exist.
@ -1187,8 +1186,8 @@ supervisor_restart_child_not_found_h1(Config) ->
supervisor_restart_child_not_found_h2(Config) -> supervisor_restart_child_not_found_h2(Config) ->
doc("h2: The function supervisor:restart_child/2 must return {error, not_found}."), doc("h2: The function supervisor:restart_child/2 must return {error, not_found}."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% When no children exist. %% When no children exist.
@ -1242,8 +1241,8 @@ supervisor_start_child_not_found_h1(Config) ->
supervisor_start_child_not_found_h2(Config) -> supervisor_start_child_not_found_h2(Config) ->
doc("h2: The function supervisor:start_child/2 must return {error, start_child_disabled}."), doc("h2: The function supervisor:start_child/2 must return {error, start_child_disabled}."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
{error, start_child_disabled} = supervisor:start_child(Pid, #{ {error, start_child_disabled} = supervisor:start_child(Pid, #{
@ -1297,8 +1296,8 @@ supervisor_terminate_child_not_found_h1(Config) ->
supervisor_terminate_child_not_found_h2(Config) -> supervisor_terminate_child_not_found_h2(Config) ->
doc("h2: The function supervisor:terminate_child/2 must return {error, not_found}."), doc("h2: The function supervisor:terminate_child/2 must return {error, not_found}."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% When no children exist. %% When no children exist.
@ -1361,8 +1360,8 @@ supervisor_which_children_h1(Config) ->
supervisor_which_children_h2(Config) -> supervisor_which_children_h2(Config) ->
doc("h2: The function supervisor:which_children/1 must work."), doc("h2: The function supervisor:which_children/1 must work."),
{ok, Socket} = ssl:connect("localhost", config(tls_port, Config), {ok, Socket} = ssl:connect("localhost", config(tls_port, Config),
[{active, false}, binary, {versions, ['tlsv1.2']}, [{alpn_advertised_protocols, [<<"h2">>]},
{alpn_advertised_protocols, [<<"h2">>]}]), {active, false}, binary|config(tls_opts, Config)]),
do_http2_handshake(Socket), do_http2_handshake(Socket),
Pid = get_remote_pid_tls(Socket), Pid = get_remote_pid_tls(Socket),
%% No request was sent so there's no children. %% No request was sent so there's no children.