yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test: password cert for SSL listener

This commit is contained in:
William Yang 2023-03-25 10:34:00 +01:00
parent cec77c2b65
commit ecc2cd1a94
1 changed files with 28 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
apps/emqx/test/emqx_listeners_SUITE.erl
View File

@ -35,6 +35,7 @@ init_per_suite(Config) ->
application:ensure_all_started(esockd), application:ensure_all_started(esockd),
application:ensure_all_started(quicer), application:ensure_all_started(quicer),
application:ensure_all_started(cowboy), application:ensure_all_started(cowboy),
generate_tls_certs(Config),
lists:foreach(fun set_app_env/1, NewConfig), lists:foreach(fun set_app_env/1, NewConfig),
Config. Config.
@ -183,26 +184,48 @@ t_wss_conn(_) ->
ok = ssl:close(Socket). ok = ssl:close(Socket).
t_quic_conn(Config) -> t_quic_conn(Config) ->
Port = 24568,
DataDir = ?config(data_dir, Config), DataDir = ?config(data_dir, Config),
generate_quic_tls_certs(Config),
SSLOpts = #{ SSLOpts = #{
password => ?SERVER_KEY_PASSWORD, password => ?SERVER_KEY_PASSWORD,
certfile => filename:join(DataDir, "server-password.pem"), certfile => filename:join(DataDir, "server-password.pem"),
cacertfile => filename:join(DataDir, "ca.pem"), cacertfile => filename:join(DataDir, "ca.pem"),
keyfile => filename:join(DataDir, "server-password.key") keyfile => filename:join(DataDir, "server-password.key")
}, },
emqx_common_test_helpers:ensure_quic_listener(?FUNCTION_NAME, 24568, #{ssl_options => SSLOpts}), emqx_common_test_helpers:ensure_quic_listener(?FUNCTION_NAME, Port, #{ssl_options => SSLOpts}),
ct:pal("~p", [emqx_listeners:list()]), ct:pal("~p", [emqx_listeners:list()]),
{ok, Conn} = quicer:connect( {ok, Conn} = quicer:connect(
{127, 0, 0, 1}, {127, 0, 0, 1},
24568, Port,
[ [
{verify, verify_none}, {verify, verify_none},
{alpn, ["mqtt"]} {alpn, ["mqtt"]}
], ],
1000 1000
), ),
ok = quicer:close_connection(Conn). ok = quicer:close_connection(Conn),
emqx_listeners:stop_listener(quic, ?FUNCTION_NAME, #{bind => Port}).
t_ssl_password_cert(Config) ->
Port = 24568,
DataDir = ?config(data_dir, Config),
SSLOptsPWD = #{
password => ?SERVER_KEY_PASSWORD,
certfile => filename:join(DataDir, "server-password.pem"),
cacertfile => filename:join(DataDir, "ca.pem"),
keyfile => filename:join(DataDir, "server-password.key")
},
LConf = #{
enabled => true,
bind => {{127, 0, 0, 1}, Port},
mountpoint => <<>>,
zone => default,
ssl_options => SSLOptsPWD
},
ok = emqx_listeners:start_listener(ssl, ?FUNCTION_NAME, LConf),
{ok, SSLSocket} = ssl:connect("127.0.0.1", Port, [{verify, verify_none}]),
ssl:close(SSLSocket),
emqx_listeners:stop_listener(ssl, ?FUNCTION_NAME, LConf).
t_format_bind(_) -> t_format_bind(_) ->
?assertEqual( ?assertEqual(
@ -289,7 +312,7 @@ remove_default_limiter(Listeners) ->
Listeners Listeners
). ).
generate_quic_tls_certs(Config) -> generate_tls_certs(Config) ->
DataDir = ?config(data_dir, Config), DataDir = ?config(data_dir, Config),
emqx_common_test_helpers:gen_ca(DataDir, "ca"), emqx_common_test_helpers:gen_ca(DataDir, "ca"),
emqx_common_test_helpers:gen_host_cert("server-password", "ca", DataDir, #{ emqx_common_test_helpers:gen_host_cert("server-password", "ca", DataDir, #{