Use ct_helper to generate SSL certificates for testing

Makefile

@@ -2,6 +2,11 @@
 
 PROJECT = ranch
 
+# Dependencies.
+
+TEST_DEPS = ct_helper
+dep_ct_helper = https://github.com/extend/ct_helper.git master
+
 # Options.
 
 COMPILE_FIRST = ranch_transport

erlang.mk

@@ -34,6 +34,7 @@ DEPS_DIR ?= $(CURDIR)/deps
 export DEPS_DIR
 
 ALL_DEPS_DIRS = $(addprefix $(DEPS_DIR)/,$(DEPS))
+ALL_TEST_DEPS_DIRS = $(addprefix $(DEPS_DIR)/,$(TEST_DEPS))
 
 # Application.
 
@@ -56,7 +57,7 @@ app: ebin/$(PROJECT).app
 
 ebin/$(PROJECT).app: src/*.erl
 	@mkdir -p ebin/
-	$(erlc_verbose) erlc -v $(ERLC_OPTS) -o ebin/ -pa ebin/ \
+	$(erlc_verbose) ERL_LIBS=deps erlc -v $(ERLC_OPTS) -o ebin/ -pa ebin/ \
 		$(COMPILE_FIRST_PATHS) $?
 
 clean:
@@ -94,7 +95,12 @@ clean-docs:
 
 # Tests.
 
-build-tests:
+$(foreach dep,$(TEST_DEPS),$(eval $(call dep_target,$(dep))))
+
+build-test-deps: $(ALL_TEST_DEPS_DIRS)
+	@for dep in $(ALL_TEST_DEPS_DIRS) ; do $(MAKE) -C $$dep; done
+
+build-tests: build-test-deps
 	$(gen_verbose) erlc -v $(ERLC_OPTS) -o test/ \
 		$(wildcard test/*.erl test/*/*.erl) -pa ebin/
 
@@ -123,7 +129,7 @@ DIALYZER_OPTS ?= -Werror_handling -Wrace_conditions \
 
 build-plt: deps app
 	@dialyzer --build_plt --output_plt .$(PROJECT).plt \
-		--apps erts kernel stdlib $(PLT_APPS) $(ALL_DEPS_DIR)
+		--apps erts kernel stdlib $(PLT_APPS) $(ALL_DEPS_DIRS)
 
 dialyze:
 	@dialyzer --src src --plt .$(PROJECT).plt --no_native $(DIALYZER_OPTS)

test/acceptor_SUITE.erl

@@ -30,7 +30,6 @@
 %% ssl.
 -export([ssl_accept_error/1]).
 -export([ssl_accept_socket/1]).
--export([ssl_accept_socket_nofile/1]).
 -export([ssl_active_echo/1]).
 -export([ssl_echo/1]).
 
@@ -71,7 +70,6 @@ groups() ->
 	]}, {ssl, [
 		ssl_accept_error,
 		ssl_accept_socket,
-		ssl_accept_socket_nofile,
 		ssl_active_echo,
 		ssl_echo
 	]}, {misc, [
@@ -118,11 +116,11 @@ misc_bad_transport(_) ->
 
 %% ssl.
 
-ssl_accept_error(Config) ->
+ssl_accept_error(_) ->
 	Name = ssl_accept_error,
+	{_, Cert, Key} = ct_helper:make_certs(),
 	{ok, ListenerSup} = ranch:start_listener(Name, 1,
-		ranch_ssl, [{port, 0},
-			{certfile, ?config(data_dir, Config) ++ "cert.pem"}],
+		ranch_ssl, [{port, 0}, {cert, Cert}, {key, Key}],
 		echo_protocol, []),
 	Port = ranch:get_port(Name),
 	ListenerSupChildren = supervisor:which_children(ListenerSup),
@@ -138,23 +136,20 @@ ssl_accept_error(Config) ->
 	true = is_process_alive(AcceptorPid),
 	ranch:stop_listener(Name).
 
-ssl_accept_socket_nofile(Config) ->
+ssl_accept_socket(_) ->
 	%%% XXX we can't do the spawn to test the controlling process change
 	%%% because of the bug in ssl
-	{ok, Pem} = file:read_file(filename:join(?config(data_dir, Config),
-											 "cert.pem")),
-	[{KeyType, Key, not_encrypted},
-	 {_CertType, Cert, not_encrypted}] = public_key:pem_decode(Pem),
 	Name = ssl_accept_socket,
+	{_, Cert, Key} = ct_helper:make_certs(),
 	{ok, S} = ssl:listen(0,
-		[{cert, Cert}, {key, {KeyType, Key}}, binary,
+		[{cert, Cert}, {key, Key}, binary,
 			{active, false}, {packet, raw}, {reuseaddr, true}]),
 	{ok, _} = ranch:start_listener(Name, 1,
 		ranch_ssl, [{socket, S}], echo_protocol, []),
 	Port = ranch:get_port(Name),
 	{ok, Socket} = ssl:connect("localhost", Port,
 		[binary, {active, false}, {packet, raw},
-		{certfile, ?config(data_dir, Config) ++ "cert.pem"}]),
+		{cert, Cert}, {key, Key}]),
 	ok = ssl:send(Socket, <<"TCP Ranch is working!">>),
 	{ok, <<"TCP Ranch is working!">>} = ssl:recv(Socket, 21, 1000),
 	ok = ranch:stop_listener(Name),
@@ -163,37 +158,16 @@ ssl_accept_socket_nofile(Config) ->
 	{'EXIT', _} = begin catch ranch:get_port(Name) end,
 	ok.
 
-ssl_accept_socket(Config) ->
-	%%% XXX we can't do the spawn to test the controlling process change
-	%%% because of the bug in ssl
-	Name = ssl_accept_socket,
-	{ok, S} = ssl:listen(0,
-		[{certfile, ?config(data_dir, Config) ++ "cert.pem"}, binary,
-			{active, false}, {packet, raw}, {reuseaddr, true}]),
-	{ok, _} = ranch:start_listener(Name, 1,
-		ranch_ssl, [{socket, S}], echo_protocol, []),
-	Port = ranch:get_port(Name),
-	{ok, Socket} = ssl:connect("localhost", Port,
-		[binary, {active, false}, {packet, raw},
-		{certfile, ?config(data_dir, Config) ++ "cert.pem"}]),
-	ok = ssl:send(Socket, <<"TCP Ranch is working!">>),
-	{ok, <<"TCP Ranch is working!">>} = ssl:recv(Socket, 21, 1000),
-	ok = ranch:stop_listener(Name),
-	{error, closed} = ssl:recv(Socket, 0, 1000),
-	%% Make sure the listener stopped.
-	{'EXIT', _} = begin catch ranch:get_port(Name) end,
-	ok.
-
-ssl_active_echo(Config) ->
+ssl_active_echo(_) ->
 	Name = ssl_active_echo,
+	{_, Cert, Key} = ct_helper:make_certs(),
 	{ok, _} = ranch:start_listener(Name, 1,
-		ranch_ssl, [{port, 0},
-			{certfile, ?config(data_dir, Config) ++ "cert.pem"}],
+		ranch_ssl, [{port, 0}, {cert, Cert}, {key, Key}],
 		active_echo_protocol, []),
 	Port = ranch:get_port(Name),
 	{ok, Socket} = ssl:connect("localhost", Port,
 		[binary, {active, false}, {packet, raw},
-		{certfile, ?config(data_dir, Config) ++ "cert.pem"}]),
+		{cert, Cert}, {key, Key}]),
 	ok = ssl:send(Socket, <<"SSL Ranch is working!">>),
 	{ok, <<"SSL Ranch is working!">>} = ssl:recv(Socket, 21, 1000),
 	ok = ranch:stop_listener(Name),
@@ -202,16 +176,16 @@ ssl_active_echo(Config) ->
 	{'EXIT', _} = begin catch ranch:get_port(Name) end,
 	ok.
 
-ssl_echo(Config) ->
+ssl_echo(_) ->
 	Name = ssl_echo,
+	{_, Cert, Key} = ct_helper:make_certs(),
 	{ok, _} = ranch:start_listener(Name, 1,
-		ranch_ssl, [{port, 0},
-			{certfile, ?config(data_dir, Config) ++ "cert.pem"}],
+		ranch_ssl, [{port, 0}, {cert, Cert}, {key, Key}],
 		echo_protocol, []),
 	Port = ranch:get_port(Name),
 	{ok, Socket} = ssl:connect("localhost", Port,
 		[binary, {active, false}, {packet, raw},
-		{certfile, ?config(data_dir, Config) ++ "cert.pem"}]),
+		{cert, Cert}, {key, Key}]),
 	ok = ssl:send(Socket, <<"SSL Ranch is working!">>),
 	{ok, <<"SSL Ranch is working!">>} = ssl:recv(Socket, 21, 1000),
 	ok = ranch:stop_listener(Name),

test/acceptor_SUITE_data/cert.pem

@@ -1,32 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBANcQOH8U6JHnmXtf
-20T5Ue7HSfxql75a56tr1ofrHM4P2P7ek/eP04+W2pFrQ3wLGEcnIVHY1xuUeBr+
-GUIBxNzsB2fKGJHDD4RwYCplzxNGVt1F7VXe3fOCdzsNTUYO9YXHF+lsY3afQ6e1
-yb+OR2MFoVX7JCbYvFoJ4XtqCleRAgMBAAECgYANVT0ba9FrUj9qraurYAWbVxGY
-K4eSzpH0R7A6JvJXOBZM3sGvpGQKT+DnCQ5a/1kW+C8Rou7bD95OVhh8xh1NM9ZV
-Ho6McI80iA9FtSVxIecDyteDQOlz2YISgFsnuhnWm6bMVr+S2s9pOIyyQmQNEbV9
-WbYv6URnp7E7YoIinQJBAPdusE4jQlnPR3bBeRVeQ+gwtp0yTznE49rOi5d5Kbk8
-0NWd4KCozPZQnLWZpX/Hh3UcF3AWBII7jScySg2ocFcCQQDegpqSGEeXZReIJ8/Y
-t3yuGK/F0iTMfwXD5Cn7rau5XSzQ4EvdUFSzlLf1i3mSGlLKQ2XIxNEny2gBD6cT
-UuZXAkEA45HWbcdYGyndXIgNSW3tnvxOuL2wyD0iI/ibwrEZgtlAaXhPRPR7rn/t
-4chywtdM6pTvqZNWikEjTc2e9njY+QJABq9j13nVRM4ru9J+YyN4In7pYQckReSX
-FsCXJlGcdDBBdXEXtmmAcfjI4h6zo1kZHayStUp8gjaRRF7lBSabdwJBALZiddQ7
-HX03nFOvEFe0kygtTGDQywmRA0ZLtGwKpruRCSfkd0GGHR28L4RYGOs/MLMS9na+
-RJfoCyHrn4Tp9Fs=
------END PRIVATE KEY-----
------BEGIN CERTIFICATE-----
-MIICgDCCAemgAwIBAgIJALu4ZVz5MZO5MA0GCSqGSIb3DQEBBQUAMFkxCzAJBgNV
-BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
-aWRnaXRzIFB0eSBMdGQxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMjA2MTEwNTM5
-MDNaFw0zOTEwMjgwNTM5MDNaMFkxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21l
-LVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQxEjAQBgNV
-BAMMCWxvY2FsaG9zdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1xA4fxTo
-keeZe1/bRPlR7sdJ/GqXvlrnq2vWh+sczg/Y/t6T94/Tj5bakWtDfAsYRychUdjX
-G5R4Gv4ZQgHE3OwHZ8oYkcMPhHBgKmXPE0ZW3UXtVd7d84J3Ow1NRg71hccX6Wxj
-dp9Dp7XJv45HYwWhVfskJti8Wgnhe2oKV5ECAwEAAaNQME4wHQYDVR0OBBYEFFXs
-nTn66qjp1VqeF816Jg4OJd3yMB8GA1UdIwQYMBaAFFXsnTn66qjp1VqeF816Jg4O
-Jd3yMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAHwfPJWK5UsWns79S
-jZvdzZ3UPVz0UYj/9Nv/bhxN8HaD1Osj4lFHUiqnTXm7r3hD962lcqRA0dUvVUTv
-Ftz5BEqsjUPkLvN4E4ZG0O5mh8mAEm2M3Ok9eDyZW/8c1kX7r82YnF+8TzI+IIu5
-uZ/oqqAeTL/F3oTcTKSbA3WBrpg=
------END CERTIFICATE-----