Silence certs related ssl warnings in test suites

ninenines · Sep 12, 2022 · 9e6d0f6 · 9e6d0f6
1 parent 9afe027
commit 9e6d0f6
Show file tree

Hide file tree

Showing 10 changed files with 105 additions and 26 deletions.
diff --git a/test/event_SUITE.erl b/test/event_SUITE.erl
@@ -213,7 +213,8 @@ tls_handshake_end_error(Config) ->
 	Opts = #{
 		event_handler => {?MODULE, self()},
 		protocols => [config(name, config(tc_group_properties, Config))],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	},
 	{ok, Pid} = gun:open("localhost", OriginPort, Opts),
 	#{
@@ -254,7 +255,8 @@ tls_handshake_start_tcp_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -287,7 +289,8 @@ tls_handshake_end_error_tcp_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -320,7 +323,8 @@ tls_handshake_end_ok_tcp_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -346,7 +350,8 @@ tls_handshake_start_tls_connect_tls(Config) ->
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		event_handler => {?MODULE, self()},
 		protocols => [Protocol],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, Protocol} = gun:await_up(ConnPid),
 	tunnel_SUITE:do_handshake_completed(Protocol, ProxyPid),
@@ -355,7 +360,8 @@ tls_handshake_start_tls_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -381,7 +387,8 @@ tls_handshake_end_error_tls_connect_tls(Config) ->
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		event_handler => {?MODULE, self()},
 		protocols => [Protocol],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, Protocol} = gun:await_up(ConnPid),
 	tunnel_SUITE:do_handshake_completed(Protocol, ProxyPid),
@@ -390,7 +397,8 @@ tls_handshake_end_error_tls_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -416,7 +424,8 @@ tls_handshake_end_ok_tls_connect_tls(Config) ->
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		event_handler => {?MODULE, self()},
 		protocols => [Protocol],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, Protocol} = gun:await_up(ConnPid),
 	tunnel_SUITE:do_handshake_completed(Protocol, ProxyPid),
@@ -425,7 +434,8 @@ tls_handshake_end_ok_tls_connect_tls(Config) ->
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	ReplyTo = self(),
 	#{
@@ -1782,14 +1792,16 @@ do_protocol_changed_tls_connect(Config, OriginProtocol) ->
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		event_handler => {?MODULE, self()},
 		protocols => [ProxyProtocol],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, ProxyProtocol} = gun:await_up(ConnPid),
 	tunnel_SUITE:do_handshake_completed(ProxyProtocol, ProxyPid),
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
 		transport => tls,
+		tls_opts => [{verify, verify_none}],
 		protocols => [OriginProtocol]
 	}),
 	#{
@@ -2018,7 +2030,8 @@ do_gun_open_tls(Config) ->
 		event_handler => {?MODULE, self()},
 		http2_opts => #{notify_settings_changed => true},
 		protocols => [config(name, config(tc_group_properties, Config))],
-		transport => tls
+		transport => tls,
+		tls_opts => [{verify, verify_none}]
 	},
 	{ok, Pid} = gun:open("localhost", OriginPort, Opts),
 	{ok, Pid, OriginPort}.

diff --git a/test/gun_SUITE.erl b/test/gun_SUITE.erl
@@ -460,12 +460,16 @@ retry_timeout(_) ->
 server_name_indication_custom(_) ->
 	doc("Ensure a custom server_name_indication is accepted."),
 	do_server_name_indication("localhost", net_adm:localhost(), #{
-		tls_opts => [{server_name_indication, net_adm:localhost()}]
+		tls_opts => [
+			{verify, verify_none},
+			{server_name_indication, net_adm:localhost()}]
 	}).
 
 server_name_indication_default(_) ->
 	doc("Ensure a default server_name_indication is accepted."),
-	do_server_name_indication(net_adm:localhost(), net_adm:localhost(), #{}).
+	do_server_name_indication(net_adm:localhost(), net_adm:localhost(), #{
+		tls_opts => [{verify, verify_none}]
+	}).
 
 do_server_name_indication(Host, Expected, GunOpts) ->
 	Self = self(),

diff --git a/test/raw_SUITE.erl b/test/raw_SUITE.erl
@@ -40,6 +40,7 @@ do_direct_raw(OriginTransport) ->
 	{ok, OriginPid, OriginPort} = init_origin(OriginTransport, raw, fun do_echo/3),
 	{ok, ConnPid} = gun:open("localhost", OriginPort, #{
 		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [raw]
 	}),
 	{ok, raw} = gun:await_up(ConnPid),
@@ -78,10 +79,12 @@ do_socks5_raw(OriginTransport, ProxyTransport) ->
 	{ok, ProxyPid, ProxyPort} = socks_SUITE:do_proxy_start(ProxyTransport, none),
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		transport => ProxyTransport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [{socks, #{
 			host => "localhost",
 			port => OriginPort,
 			transport => OriginTransport,
+			tls_opts => [{verify, verify_none}],
 			protocols => [raw]
 		}}]
 	}),
@@ -130,12 +133,16 @@ do_connect_raw(OriginTransport, ProxyTransport) ->
 	{ok, OriginPid, OriginPort} = init_origin(OriginTransport, raw, fun do_echo/3),
 	{ok, ProxyPid, ProxyPort} = rfc7231_SUITE:do_proxy_start(ProxyTransport),
 	Authority = iolist_to_binary(["localhost:", integer_to_binary(OriginPort)]),
-	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{transport => ProxyTransport}),
+	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
+		transport => ProxyTransport,
+		tls_opts => [{verify, verify_none}]
+	}),
 	{ok, http} = gun:await_up(ConnPid),
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
 		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [raw]
 	}),
 	{request, <<"CONNECT">>, Authority, 'HTTP/1.1', _} = receive_from(ProxyPid),
@@ -208,7 +215,8 @@ do_http11_upgrade_raw(OriginTransport) ->
 			do_echo(Parent, ClientSocket, ClientTransport)
 		end),
 	{ok, ConnPid} = gun:open("localhost", OriginPort, #{
-		transport => OriginTransport
+		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, http} = gun:await_up(ConnPid),
 	handshake_completed = receive_from(OriginPid),
@@ -280,6 +288,7 @@ do_http2_connect_raw(OriginTransport, ProxyScheme, ProxyTransport) ->
 	Authority = iolist_to_binary(["localhost:", integer_to_binary(OriginPort)]),
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		transport => ProxyTransport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [http2]
 	}),
 	{ok, http2} = gun:await_up(ConnPid),

diff --git a/test/rfc6265bis_SUITE.erl b/test/rfc6265bis_SUITE.erl
@@ -94,6 +94,7 @@ do_informational_set_cookie(Config, Boolean) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [{Protocol, #{cookie_ignore_informational => Boolean}}],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -127,6 +128,7 @@ set_cookie_connect_tcp(Config) ->
 		host => "localhost",
 		port => config(port, Config),
 		transport => Transport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol]
 	}),
 	{response, fin, 200, _} = gun:await(ConnPid, StreamRef1),
@@ -150,6 +152,7 @@ set_cookie_connect_tls(Config) ->
 	{ok, ProxyPid, ProxyPort} = event_SUITE:do_proxy_start(Protocol, tls),
 	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
 		transport => tls,
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -159,6 +162,7 @@ set_cookie_connect_tls(Config) ->
 		host => "localhost",
 		port => config(port, Config),
 		transport => Transport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol]
 	}),
 	{response, fin, 200, _} = gun:await(ConnPid, StreamRef1),
@@ -445,6 +449,7 @@ do_wpt_domain_test(Config, TestCase) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -515,6 +520,7 @@ wpt_path_default(Config) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -561,6 +567,7 @@ wpt_path_match(Config) ->
 		ct:log("Positive test: ~s", [P]),
 		{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 			transport => config(transport, Config),
+			tls_opts => [{verify, verify_none}],
 			protocols => [Protocol],
 			cookie_store => gun_cookies_list:init()
 		}),
@@ -580,6 +587,7 @@ wpt_path_match(Config) ->
 		ct:log("Negative test: ~s", [P]),
 		{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 			transport => config(transport, Config),
+			tls_opts => [{verify, verify_none}],
 			protocols => [Protocol],
 			cookie_store => gun_cookies_list:init()
 		}),
@@ -672,6 +680,7 @@ do_wpt_prefix_common(Config, TestCase, Expected, Name) ->
 	ct:log("Test case: ~s~nCookie must be set? ~s", [TestCase, Expected]),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -724,6 +733,7 @@ do_wpt_secure_common(Config, TestCase) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -760,6 +770,7 @@ do_wpt_secure_ws_common(Config) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid1} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),
@@ -772,6 +783,7 @@ do_wpt_secure_ws_common(Config) ->
 	gun:close(ConnPid1),
 	{ok, ConnPid2} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => CookieStore
 	}),
@@ -900,6 +912,7 @@ do_wpt_set_test(TestPath, Name, Cookie, Expected, DefaultPath, Config) ->
 	Protocol = config(protocol, Config),
 	{ok, ConnPid} = gun:open("localhost", config(port, Config), #{
 		transport => config(transport, Config),
+		tls_opts => [{verify, verify_none}],
 		protocols => [Protocol],
 		cookie_store => gun_cookies_list:init()
 	}),

diff --git a/test/rfc7230_SUITE.erl b/test/rfc7230_SUITE.erl
@@ -57,7 +57,10 @@ host_other_port_https(_) ->
 
 do_host_port(Transport, DefaultPort, HostHeaderPort) ->
 	{ok, OriginPid, OriginPort} = init_origin(Transport, http),
-	{ok, ConnPid} = gun:open("localhost", OriginPort, #{transport => Transport}),
+	{ok, ConnPid} = gun:open("localhost", OriginPort, #{
+		transport => Transport,
+		tls_opts => [{verify, verify_none}]
+	}),
 	{ok, http} = gun:await_up(ConnPid),
 	%% Change the origin's port in the state to trigger the default port behavior.
 	_ = sys:replace_state(ConnPid, fun({StateName, StateData}) ->

diff --git a/test/rfc7231_SUITE.erl b/test/rfc7231_SUITE.erl
@@ -146,12 +146,16 @@ do_connect_http(OriginScheme, OriginTransport, ProxyTransport) ->
 	{ok, OriginPid, OriginPort} = init_origin(OriginTransport, http),
 	{ok, ProxyPid, ProxyPort} = do_proxy_start(ProxyTransport),
 	Authority = iolist_to_binary(["localhost:", integer_to_binary(OriginPort)]),
-	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{transport => ProxyTransport}),
+	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
+		transport => ProxyTransport,
+		tls_opts => [{verify, verify_none}]
+	}),
 	{ok, http} = gun:await_up(ConnPid),
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => OriginTransport
+		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{request, <<"CONNECT">>, Authority, 'HTTP/1.1', _} = receive_from(ProxyPid),
 	{response, fin, 200, _} = gun:await(ConnPid, StreamRef),
@@ -201,12 +205,16 @@ do_connect_h2(OriginScheme, OriginTransport, ProxyTransport) ->
 	{ok, OriginPid, OriginPort} = init_origin(OriginTransport, http2),
 	{ok, ProxyPid, ProxyPort} = do_proxy_start(ProxyTransport),
 	Authority = iolist_to_binary(["localhost:", integer_to_binary(OriginPort)]),
-	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{transport => ProxyTransport}),
+	{ok, ConnPid} = gun:open("localhost", ProxyPort, #{
+		transport => ProxyTransport,
+		tls_opts => [{verify, verify_none}]
+	}),
 	{ok, http} = gun:await_up(ConnPid),
 	StreamRef = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
 		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}],
 		protocols => [http2]
 	}),
 	{request, <<"CONNECT">>, Authority, 'HTTP/1.1', _} = receive_from(ProxyPid),
@@ -247,14 +255,16 @@ do_connect_through_multiple_proxies(OriginScheme, OriginTransport, ProxiesTransp
 	{ok, Proxy1Pid, Proxy1Port} = do_proxy_start(ProxiesTransport),
 	{ok, Proxy2Pid, Proxy2Port} = do_proxy_start(ProxiesTransport),
 	{ok, ConnPid} = gun:open("localhost", Proxy1Port, #{
-		transport => ProxiesTransport
+		transport => ProxiesTransport,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{ok, http} = gun:await_up(ConnPid),
 	Authority1 = iolist_to_binary(["localhost:", integer_to_binary(Proxy2Port)]),
 	StreamRef1 = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => Proxy2Port,
-		transport => ProxiesTransport
+		transport => ProxiesTransport,
+		tls_opts => [{verify, verify_none}]
 	}),
 	{request, <<"CONNECT">>, Authority1, 'HTTP/1.1', _} = receive_from(Proxy1Pid),
 	{response, fin, 200, _} = gun:await(ConnPid, StreamRef1),
@@ -263,7 +273,8 @@ do_connect_through_multiple_proxies(OriginScheme, OriginTransport, ProxiesTransp
 	StreamRef2 = gun:connect(ConnPid, #{
 		host => "localhost",
 		port => OriginPort,
-		transport => OriginTransport
+		transport => OriginTransport,
+		tls_opts => [{verify, verify_none}]
 	}, [], #{tunnel => StreamRef1}),
 	{request, <<"CONNECT">>, Authority2, 'HTTP/1.1', _} = receive_from(Proxy2Pid),
 	{response, fin, 200, _} = gun:await(ConnPid, StreamRef2),