Merge branch 'ia/ssl/modern-timetrap'

* ia/ssl/modern-timetrap:
  ssl: Make init functions fail if make_certs:all fails
  ssl: Avoid sleep
  ssl: modernize timetrap handling

lib/ssl/test/ssl_ECC_SUITE.erl

@@ -71,10 +71,8 @@ init_per_suite(Config0) ->
     try crypto:start() of
 	ok ->
 	    %% make rsa certs using oppenssl
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config0),
-				      ?config(priv_dir, Config0))),
-	    ct:log("Make certs  ~p~n", [Result]),
+	    {ok, _} = make_certs:all(?config(data_dir, Config0),
+				     ?config(priv_dir, Config0)),
 	    Config1 = ssl_test_lib:make_ecdsa_cert(Config0),
 	    Config2 = ssl_test_lib:make_ecdh_rsa_cert(Config1),
 	    ssl_test_lib:cert_options(Config2)
@@ -145,6 +143,7 @@ init_per_testcase(TestCase, Config) ->
     ct:log("Ciphers: ~p~n ", [ ssl:cipher_suites()]),
     end_per_testcase(TestCase, Config),
     ssl:start(),	
+    ct:timetrap({seconds, 5}),
     Config.
 
 end_per_testcase(_TestCase, Config) ->     
@@ -246,7 +245,6 @@ start_server(openssl, CA, OwnCa, Cert, Key, Config) ->
 	" -verify 2 -cert " ++ Cert ++ " -CAfile " ++ NewCA
 	++ " -key " ++ Key ++ " -msg -debug",
     OpenSslPort =  open_port({spawn, Cmd}, [stderr_to_stdout]),
-    ssl_test_lib:wait_for_openssl_server(),
     true = port_command(OpenSslPort, "Hello world"),
     {OpenSslPort, Port};
 

lib/ssl/test/ssl_alpn_handshake_SUITE.erl

@@ -72,10 +72,8 @@ init_per_suite(Config) ->
     try crypto:start() of
 	ok ->
 	    ssl:start(),
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config),
-				      ?config(priv_dir, Config))),
-	    ct:log("Make certs  ~p~n", [Result]),
+	    {ok, _} = make_certs:all(?config(data_dir, Config),
+				     ?config(priv_dir, Config)),
 	    ssl_test_lib:cert_options(Config)
     catch _:_ ->
 	    {skip, "Crypto did not start"}
@@ -105,6 +103,14 @@ init_per_group(GroupName, Config) ->
 end_per_group(_GroupName, Config) ->
     Config.
 
+init_per_testcase(_TestCase, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 10}),
+    Config.
+
+end_per_testcase(_TestCase, Config) ->     
+    Config.
+
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------

lib/ssl/test/ssl_basic_SUITE.erl

@@ -36,8 +36,7 @@
 -include("tls_handshake.hrl").
 
 -define('24H_in_sec', 86400).  
--define(TIMEOUT, 60000).
--define(LONG_TIMEOUT, 600000).
+-define(TIMEOUT, 20000).
 -define(EXPIRE, 10).
 -define(SLEEP, 500).
 -define(RENEGOTIATION_DISABLE_TIME, 12000).
@@ -207,22 +206,17 @@ rizzo_tests() ->
 
 %%--------------------------------------------------------------------
 init_per_suite(Config0) ->
-    Dog = ct:timetrap(?LONG_TIMEOUT *2),
     catch crypto:stop(),
     try crypto:start() of
 	ok ->
 	    ssl:start(),
 	    %% make rsa certs using oppenssl
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config0),
-				      ?config(priv_dir, Config0))),
-	    ct:log("Make certs  ~p~n", [Result]),
-
+	    {ok, _} = make_certs:all(?config(data_dir, Config0),
+				     ?config(priv_dir, Config0)),
 	    Config1 = ssl_test_lib:make_dsa_cert(Config0),
 	    Config2 = ssl_test_lib:make_ecdsa_cert(Config1),
-	    Config3 = ssl_test_lib:make_ecdh_rsa_cert(Config2),
-	    Config = ssl_test_lib:cert_options(Config3),
-	    [{watchdog, Dog} | Config]
+	    Config = ssl_test_lib:make_ecdh_rsa_cert(Config2),
+	    ssl_test_lib:cert_options(Config)
     catch _:_ ->
 	    {skip, "Crypto did not start"}
     end.
@@ -255,6 +249,7 @@ init_per_testcase(Case, Config) when Case ==  unordered_protocol_versions_client
 				     Case == unordered_protocol_versions_server->
     case proplists:get_value(supported, ssl:versions()) of
 	['tlsv1.2' | _] ->
+	    ct:timetrap({seconds, 5}),
 	    Config;
 	_ ->
 	    {skip, "TLS 1.2 need but not supported on this platform"}
@@ -266,10 +261,11 @@ init_per_testcase(protocol_versions, Config)  ->
     %% For backwards compatibility sslv2 should be filtered out.
     application:set_env(ssl, protocol_version, [sslv2, sslv3, tlsv1]),
     ssl:start(),
+    ct:timetrap({seconds, 5}),
     Config;
 
-init_per_testcase(reuse_session_expired, Config0) ->
-    Config = lists:keydelete(watchdog, 1, Config0),
+init_per_testcase(reuse_session_expired, Config)  ->
+    ct:timetrap({seconds, 30}),
     ssl:stop(),
     application:load(ssl),
     application:set_env(ssl, session_lifetime, ?EXPIRE),
@@ -282,24 +278,44 @@ init_per_testcase(empty_protocol_versions, Config)  ->
     application:load(ssl),
     application:set_env(ssl, protocol_version, []),
     ssl:start(),
+    ct:timetrap({seconds, 5}),
     Config;
 
 init_per_testcase(fallback, Config)  ->
     case tls_record:highest_protocol_version([]) of
 	{3, N} when N > 1 ->
+	    ct:timetrap({seconds, 5}),
 	    Config;
 	_ ->
 	    {skip, "Not relevant if highest supported version is less than 3.2"}
     end;
 
-%% init_per_testcase(different_ca_peer_sign, Config0) ->
-%%     ssl_test_lib:make_mix_cert(Config0);
+init_per_testcase(TestCase, Config) when TestCase == client_renegotiate;
+					 TestCase == server_renegotiate;
+					 TestCase == client_secure_renegotiate;
+					 TestCase == client_renegotiate_reused_session;
+					 TestCase == server_renegotiate_reused_session;
+					 TestCase == client_no_wrap_sequence_number;
+					 TestCase == server_no_wrap_sequence_number;
+					 TestCase == renegotiate_dos_mitigate_active;
+					 TestCase == renegotiate_dos_mitigate_passive;
+					 TestCase == renegotiate_dos_mitigate_absolute ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 30}),
+    Config;
+init_per_testcase(ssl_accept_timeout, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 15}),
+    Config;
+init_per_testcase(clear_pem_cache, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 20}),
+    Config;
 
-init_per_testcase(_TestCase, Config0) ->
+init_per_testcase(_TestCase, Config) ->
     ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
-    Config = lists:keydelete(watchdog, 1, Config0),
-    Dog = ct:timetrap(?TIMEOUT),
-   [{watchdog, Dog} | Config].
+    ct:timetrap({seconds, 5}),
+    Config.
 
 end_per_testcase(reuse_session_expired, Config) ->
     application:unset_env(ssl, session_lifetime),

lib/ssl/test/ssl_certificate_verify_SUITE.erl

@@ -78,20 +78,15 @@ error_handling_tests()->
      no_authority_key_identifier].
 
 init_per_suite(Config0) ->
-    Dog = ct:timetrap(?LONG_TIMEOUT *2),
     catch crypto:stop(),
     try crypto:start() of
 	ok ->
 	    ssl:start(),
 	    %% make rsa certs using oppenssl
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config0),
-				      ?config(priv_dir, Config0))),
-	    ct:log("Make certs  ~p~n", [Result]),
-
-	    Config1 = ssl_test_lib:make_dsa_cert(Config0),
-	    Config = ssl_test_lib:cert_options(Config1),
-	    [{watchdog, Dog} | Config]
+	    {ok, _} = make_certs:all(?config(data_dir, Config0),
+				     ?config(priv_dir, Config0)),
+	    Config = ssl_test_lib:make_dsa_cert(Config0),
+	    ssl_test_lib:cert_options(Config)
     catch _:_ ->
 	    {skip, "Crypto did not start"}
     end.
@@ -112,6 +107,14 @@ init_per_group(_, Config) ->
 end_per_group(_GroupName, Config) ->
     Config.
 
+init_per_testcase(_TestCase, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 5}),
+    Config.
+
+end_per_testcase(_TestCase, Config) ->     
+    Config.
+
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------

lib/ssl/test/ssl_cipher_SUITE.erl

@@ -30,8 +30,6 @@
 -include("ssl_cipher.hrl").
 -include("ssl_alert.hrl").
 
--define(TIMEOUT, 600000).
-
 %%--------------------------------------------------------------------
 %% Common Test interface functions -----------------------------------
 %%--------------------------------------------------------------------
@@ -59,10 +57,9 @@ init_per_group(_GroupName, Config) ->
 end_per_group(_GroupName, Config) ->
     Config.
 
-init_per_testcase(_TestCase, Config0) ->
-    Config = lists:keydelete(watchdog, 1, Config0),
-    Dog = ct:timetrap(?TIMEOUT),
-    [{watchdog, Dog} | Config].
+init_per_testcase(_TestCase, Config) ->
+    ct:timetrap({seconds, 5}),
+    Config.
 
 end_per_testcase(_TestCase, Config) ->
     Config.
@@ -106,7 +103,7 @@ padding_test(Config) when is_list(Config)  ->
 % Internal functions  --------------------------------------------------------
 %%--------------------------------------------------------------------
 decipher_check_good(HashSz, CipherState, Version) ->
-    {Content, NextIV, Mac} = content_nextiv_mac(Version),
+    {Content, _NextIV, Mac} = content_nextiv_mac(Version),
     {Content, Mac, _} = 
 	ssl_cipher:decipher(?AES_CBC, HashSz, CipherState, aes_fragment(Version), Version, true).
 

lib/ssl/test/ssl_crl_SUITE.erl

@@ -27,8 +27,6 @@
 -include_lib("common_test/include/ct.hrl").
 -include_lib("public_key/include/public_key.hrl").
 
--define(LONG_TIMEOUT, 600000).
-
 %%--------------------------------------------------------------------
 %% Common Test interface functions -----------------------------------
 %%--------------------------------------------------------------------
@@ -58,8 +56,7 @@ basic_tests() ->
     [crl_verify_valid, crl_verify_revoked].
 
 
-init_per_suite(Config0) ->
-    Dog = ct:timetrap(?LONG_TIMEOUT *2),
+init_per_suite(Config) ->
     case os:find_executable("openssl") of
 	false ->
 	    {skip, "Openssl not found"};
@@ -78,7 +75,7 @@ init_per_suite(Config0) ->
 				    true -> inet6;
 				    false -> inet
 				end,
-			    [{ipfamily,IPfamily}, {watchdog, Dog}, {openssl_version,OpenSSL_version} | Config0]
+			    [{ipfamily,IPfamily}, {openssl_version,OpenSSL_version} | Config]
 		    catch _:_ ->
 			    {skip, "Crypto did not start"}
 		    end
@@ -103,8 +100,8 @@ init_per_group(Group, Config0) ->
 	    DataDir = ?config(data_dir, Config0), 
 	    CertDir = filename:join(?config(priv_dir, Config0), Group),
 	    {CertOpts, Config} = init_certs(CertDir, Group, Config0),
-	    Result =  make_certs:all(DataDir, CertDir, CertOpts),
-	    [{make_cert_result, Result}, {cert_dir, CertDir}, {idp_crl, false} | Config]
+	    {ok, _} =  make_certs:all(DataDir, CertDir, CertOpts),
+	    [{cert_dir, CertDir}, {idp_crl, false} | Config]
     end.
 
 end_per_group(_GroupName, Config) ->
@@ -130,8 +127,9 @@ init_per_testcase(Case, Config0) ->
 	    DataDir = ?config(data_dir, Config), 
 	    CertDir = filename:join(?config(priv_dir, Config0), idp_crl),
 	    {CertOpts, Config} = init_certs(CertDir, idp_crl, Config),
-	    Result =  make_certs:all(DataDir, CertDir, CertOpts),
-	    [{make_cert_result, Result}, {cert_dir, CertDir} | Config];
+	    {ok, _} =  make_certs:all(DataDir, CertDir, CertOpts),
+	    ct:timetrap({seconds, 6}),
+	    [{cert_dir, CertDir} | Config];
 	false ->
 	    end_per_testcase(Case, Config0),
 	    ssl:start(),

lib/ssl/test/ssl_dist_SUITE.erl

@@ -87,17 +87,15 @@ init_per_testcase(Case, Config) when is_list(Config) ->
     common_init(Case, Config).
 
 common_init(Case, Config) ->
-    Dog = ?t:timetrap(?t:seconds(?DEFAULT_TIMETRAP_SECS)),
-    [{watchdog, Dog},{testcase, Case}|Config].
+    ct:timetrap({seconds, ?DEFAULT_TIMETRAP_SECS}),
+    [{testcase, Case}|Config].
 
 end_per_testcase(Case, Config) when is_list(Config) ->
     Flags = proplists:get_value(old_flags, Config),
     catch os:putenv("ERL_FLAGS", Flags),
     common_end(Case, Config).
 
-common_end(_, Config) ->
-    Dog = ?config(watchdog, Config),
-    ?t:timetrap_cancel(Dog),
+common_end(_, _Config) ->
     ok.
 
 %%--------------------------------------------------------------------
@@ -614,7 +612,7 @@ setup_certs(Config) ->
     ok = file:make_dir(NodeDir),
     ok = file:make_dir(RGenDir),
     make_randfile(RGenDir),
-    make_certs:all(RGenDir, NodeDir),
+    {ok, _} = make_certs:all(RGenDir, NodeDir),
     SDir = filename:join([NodeDir, "server"]),
     SC = filename:join([SDir, "cert.pem"]),
     SK = filename:join([SDir, "key.pem"]),

lib/ssl/test/ssl_handshake_SUITE.erl

@@ -62,11 +62,11 @@ init_per_testcase(ignore_hassign_extension_pre_tls_1_2, Config0) ->
 		true ->
 		    ssl:start(),
 		    %% make rsa certs using oppenssl
-		    Result =
-			(catch make_certs:all(?config(data_dir, Config0),
-					      ?config(priv_dir, Config0))),
-		    ct:log("Make certs  ~p~n", [Result]),
-		    ssl_test_lib:cert_options(Config0);
+		    {ok, _} = make_certs:all(?config(data_dir, Config0),
+					     ?config(priv_dir, Config0)),
+		    Config = ssl_test_lib:cert_options(Config0),
+		    ct:timetrap({seconds, 5}),
+		    Config;
 		false ->
 		    {skip, "Crypto did not support sha512"}  
 	    end

lib/ssl/test/ssl_npn_handshake_SUITE.erl

@@ -69,10 +69,8 @@ init_per_suite(Config) ->
     try crypto:start() of
 	ok ->
 	    ssl:start(),
-	    Result =
-		(catch make_certs:all(?config(data_dir, Config),
-				      ?config(priv_dir, Config))),
-	    ct:log("Make certs  ~p~n", [Result]),
+	    {ok, _} = make_certs:all(?config(data_dir, Config),
+				      ?config(priv_dir, Config)),
 	    ssl_test_lib:cert_options(Config)
     catch _:_ ->
 	    {skip, "Crypto did not start"}
@@ -101,6 +99,15 @@ init_per_group(GroupName, Config) ->
 end_per_group(_GroupName, Config) ->
     Config.
 
+init_per_testcase(_TestCase, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:log("Ciphers: ~p~n ", [ ssl:cipher_suites()]),
+    ct:timetrap({seconds, 10}),
+    Config.
+
+end_per_testcase(_TestCase, Config) ->     
+    Config.
+
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------

lib/ssl/test/ssl_npn_hello_SUITE.erl

@@ -41,6 +41,14 @@ all() ->
      create_server_hello_with_advertised_protocols_test,
      create_server_hello_with_no_advertised_protocols_test].
 
+init_per_testcase(_TestCase, Config) ->
+    ct:log("TLS/SSL version ~p~n ", [tls_record:supported_protocol_versions()]),
+    ct:timetrap({seconds, 5}),
+    Config.
+
+end_per_testcase(_TestCase, Config) ->     
+    Config.
+
 %%--------------------------------------------------------------------
 %% Test Cases --------------------------------------------------------
 %%--------------------------------------------------------------------