From f6707d1dd09baa19d5b3439342c984c8ee28707c Mon Sep 17 00:00:00 2001
From: Thales Macedo Garitezi <thalesmg@gmail.com>
Date: Tue, 7 Mar 2023 10:17:33 -0300
Subject: [PATCH] test: fix how ocsp client is run in tests

For some yet unknown reason the old test version using `open_port`
does not work in OTP 25, but works fine in OTP 24.  There are no
messages at all received from The openssl client port program in OTP
25.
---
 apps/emqx/test/emqx_ocsp_cache_SUITE.erl | 115 ++++++++++-------------
 1 file changed, 49 insertions(+), 66 deletions(-)

diff --git a/apps/emqx/test/emqx_ocsp_cache_SUITE.erl b/apps/emqx/test/emqx_ocsp_cache_SUITE.erl
index 3b1c2adaf..890d2ecaa 100644
--- a/apps/emqx/test/emqx_ocsp_cache_SUITE.erl
+++ b/apps/emqx/test/emqx_ocsp_cache_SUITE.erl
@@ -263,7 +263,7 @@ assert_http_get(N, Timeout) when N > 0 ->
     end,
     assert_http_get(N - 1, Timeout).
 
-spawn_openssl_client(TLSVsn, RequestStatus, Config) ->
+openssl_client_command(TLSVsn, RequestStatus, Config) ->
     DataDir = ?config(data_dir, Config),
     ClientCert = filename:join([DataDir, "client.pem"]),
     ClientKey = filename:join([DataDir, "client.key"]),
@@ -274,25 +274,38 @@ spawn_openssl_client(TLSVsn, RequestStatus, Config) ->
             true -> ["-status"];
             false -> []
         end,
+    [
+        Openssl,
+        "s_client",
+        "-connect",
+        "localhost:8883",
+        %% needed to trigger `sni_fun'
+        "-servername",
+        "localhost",
+        TLSVsn,
+        "-CAfile",
+        Cacert,
+        "-cert",
+        ClientCert,
+        "-key",
+        ClientKey
+    ] ++ StatusOpt.
+
+run_openssl_client(TLSVsn, RequestStatus, Config) ->
+    Command0 = openssl_client_command(TLSVsn, RequestStatus, Config),
+    Command = lists:flatten(lists:join(" ", Command0)),
+    os:cmd(Command).
+
+%% fixme: for some reason, the port program doesn't return any output
+%% when running in OTP 25 using `open_port`, but the `os:cmd` version
+%% works fine.
+%% the `open_port' version works fine in OTP 24 for some reason.
+spawn_openssl_client(TLSVsn, RequestStatus, Config) ->
+    [Openssl | Args] = openssl_client_command(TLSVsn, RequestStatus, Config),
     open_port(
         {spawn_executable, Openssl},
         [
-            {args,
-                [
-                    "s_client",
-                    "-connect",
-                    "localhost:8883",
-                    %% needed to trigger `sni_fun'
-                    "-servername",
-                    "localhost",
-                    TLSVsn,
-                    "-CAfile",
-                    Cacert,
-                    "-cert",
-                    ClientCert,
-                    "-key",
-                    ClientKey
-                ] ++ StatusOpt},
+            {args, Args},
             binary,
             stderr_to_stdout
         ]
@@ -331,56 +344,26 @@ kill_pid(OSPid) ->
     os:cmd("kill -9 " ++ integer_to_list(OSPid)).
 
 test_ocsp_connection(TLSVsn, WithRequestStatus = true, Config) ->
-    ClientPort = spawn_openssl_client(TLSVsn, WithRequestStatus, Config),
-    {os_pid, ClientOSPid} = erlang:port_info(ClientPort, os_pid),
-    try
-        timer:sleep(timer:seconds(1)),
-        {messages, Messages} = process_info(self(), messages),
-        OCSPOutput0 = [
-            Output
-         || {_Port, {data, Output}} <- Messages,
-            re:run(Output, "OCSP response:") =/= nomatch
-        ],
-        ?assertMatch(
-            [_],
-            OCSPOutput0,
-            #{all_messages => Messages}
-        ),
-        [OCSPOutput] = OCSPOutput0,
-        ?assertMatch(
-            {match, _},
-            re:run(OCSPOutput, "OCSP Response Status: successful"),
-            #{all_messages => Messages}
-        ),
-        ?assertMatch(
-            {match, _},
-            re:run(OCSPOutput, "Cert Status: good"),
-            #{all_messages => Messages}
-        ),
-        ok
-    after
-        catch kill_pid(ClientOSPid)
-    end;
+    OCSPOutput = run_openssl_client(TLSVsn, WithRequestStatus, Config),
+    ?assertMatch(
+        {match, _},
+        re:run(OCSPOutput, "OCSP Response Status: successful"),
+        #{mailbox => process_info(self(), messages)}
+    ),
+    ?assertMatch(
+        {match, _},
+        re:run(OCSPOutput, "Cert Status: good"),
+        #{mailbox => process_info(self(), messages)}
+    ),
+    ok;
 test_ocsp_connection(TLSVsn, WithRequestStatus = false, Config) ->
-    ClientPort = spawn_openssl_client(TLSVsn, WithRequestStatus, Config),
-    {os_pid, ClientOSPid} = erlang:port_info(ClientPort, os_pid),
-    try
-        timer:sleep(timer:seconds(1)),
-        {messages, Messages} = process_info(self(), messages),
-        OCSPOutput = [
-            Output
-         || {_Port, {data, Output}} <- Messages,
-            re:run(Output, "OCSP response:") =/= nomatch
-        ],
-        ?assertEqual(
-            [],
-            OCSPOutput,
-            #{all_messages => Messages}
-        ),
-        ok
-    after
-        catch kill_pid(ClientOSPid)
-    end.
+    OCSPOutput = run_openssl_client(TLSVsn, WithRequestStatus, Config),
+    ?assertMatch(
+        nomatch,
+        re:run(OCSPOutput, "Cert Status: good", [{capture, none}]),
+        #{mailbox => process_info(self(), messages)}
+    ),
+    ok.
 
 ensure_port_open(Port) ->
     do_ensure_port_open(Port, 10).