1-module(dhfile_SUITE). 2 3-include("testsuite.hrl"). 4-include_lib("kernel/include/file.hrl"). 5 6-compile(export_all). 7 8all() -> 9 [ 10 ssl_with_valid_dhfile, 11 ssl_with_invalid_dhfile 12 ]. 13 14groups() -> 15 [ 16 ]. 17 18%%==================================================================== 19init_per_suite(Config) -> 20 Id = "testsuite-server", 21 YConf = filename:join(?tempdir(?MODULE), "yaws.conf"), 22 application:load(yaws), 23 application:set_env(yaws, id, Id), 24 application:set_env(yaws, conf, YConf), 25 ok = yaws:start(), 26 [{yaws_id, Id}, {yaws_config, YConf} | Config]. 27 28end_per_suite(_Config) -> 29 ok = application:stop(yaws), 30 ok = application:unload(yaws), 31 ok. 32 33init_per_group(_Group, Config) -> 34 Config. 35 36end_per_group(_Group, _Config) -> 37 ok. 38 39init_per_testcase(_Test, Config) -> 40 Config. 41 42end_per_testcase(_Test, _Config) -> 43 ok. 44 45%%==================================================================== 46ssl_with_valid_dhfile(Config) -> 47 Port = testsuite:get_yaws_port(1, Config), 48 Url = testsuite:make_url(https, "127.0.0.1", Port, "/index.yaws"), 49 50 %% The server has its own Diffie-Hellman group. Try connecting with 51 %% ephemeral DH and see if it works. 52 SslOpts = [{ciphers, [C || {dhe_rsa, _, _}=C <- ssl:cipher_suites()]}], 53 54 ?assertMatch({ok, {{_,200,_}, _, _}}, testsuite:http_get(Url, [], [], SslOpts)), 55 ok. 56 57ssl_with_invalid_dhfile(Config) -> 58 Port = testsuite:get_yaws_port(2, Config), 59 Url = testsuite:make_url(https, "127.0.0.1", Port, "/index.yaws"), 60 61 %% ssl:listen/2 succeeds even when an invalid dhfile is given, and then 62 %% fails on ssl:ssl_accept/2. This sounds like a bug in ssl:listen/2 but 63 %% that's how it works anyway. 64 SslOpts = [{ciphers, [C || {dhe_rsa, _, _}=C <- ssl:cipher_suites()]}], 65 66 ?assertMatch({error, _}, testsuite:http_get(Url, [], [], SslOpts)), 67 ok. 68