Mercurial > hg > nginx-tests
annotate stream_ssl_preread.t @ 1415:01d806268a12
Tests: removed TODOs for gRPC fixes merged in 1.14.2.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 11 Dec 2018 18:59:31 +0300 |
parents | 8c764fd93b5e |
children | 4e48bf51714f |
rev | line source |
---|---|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for stream_ssl_preread module. |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
19 use Test::Nginx::Stream qw/ stream /; |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/) |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
27 ->has(qw/stream_ssl stream_return/)->has_daemon('openssl') |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 ->write_file_expand('nginx.conf', <<'EOF'); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 %%TEST_GLOBALS%% |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 daemon off; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 events { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 stream { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 log_format status $status; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 map $ssl_preread_server_name $name { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 "" 127.0.0.1:8093; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 default $ssl_preread_server_name; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 upstream foo { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 server 127.0.0.1:8091; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 upstream bar { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 server 127.0.0.1:8092; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
53 upstream next { |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
54 server 127.0.0.1:8094; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
55 server 127.0.0.1:8080; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
56 } |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
57 |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 ssl_preread on; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 server { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 listen 127.0.0.1:8080; |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
62 return $name; |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 server { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 listen 127.0.0.1:8081; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 proxy_pass $name; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 server { |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
71 listen 127.0.0.1:8082; |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 proxy_pass $name; |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
73 ssl_preread off; |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 server { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 listen 127.0.0.1:8083; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 proxy_pass $name; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 preread_timeout 2s; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 preread_buffer_size 42; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 access_log %%TESTDIR%%/status.log status; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 } |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
85 |
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
86 server { |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
87 listen 127.0.0.1:8084; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
88 proxy_pass next; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
89 |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
90 proxy_connect_timeout 2s; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
91 preread_buffer_size 8; |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
92 } |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
93 |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 ssl_certificate_key localhost.key; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 ssl_certificate localhost.crt; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 server { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 listen 127.0.0.1:8091 ssl; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 listen 127.0.0.1:8092 ssl; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 listen 127.0.0.1:8093 ssl; |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
101 ssl_preread off; |
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
102 return $server_port; |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 EOF |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 eval { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 if (IO::Socket::SSL->can('can_client_sni')) { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 IO::Socket::SSL->can_client_sni() or die; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 }; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 eval { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 my $ctx = Net::SSLeay::CTX_new() or die; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 my $ssl = Net::SSLeay::new($ctx) or die; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 }; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 |
1314
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
125 $t->plan(13); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 $t->write_file('openssl.conf', <<EOF); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 [ req ] |
1116
8ef51dbb5d69
Tests: reduced OpenSSL default key length to 1024.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1099
diff
changeset
|
129 default_bits = 1024 |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 encrypt_key = no |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 distinguished_name = req_distinguished_name |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 [ req_distinguished_name ] |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 EOF |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
135 my $d = $t->testdir(); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 foreach my $name ('localhost') { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 system('openssl req -x509 -new ' |
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1219
diff
changeset
|
139 . "-config $d/openssl.conf -subj /CN=$name/ " |
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1219
diff
changeset
|
140 . "-out $d/$name.crt -keyout $d/$name.key " |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 . ">>$d/openssl.out 2>&1") == 0 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 or die "Can't create certificate for $name: $!\n"; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 $t->run(); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 ############################################################################### |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 |
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
149 my ($p1, $p2, $p3, $p4) = (port(8091), port(8092), port(8093), port(8084)); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
151 is(get_ssl('foo', 8081), $p1, 'sni'); |
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
152 is(get_ssl('foo', 8081), $p1, 'sni again'); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
154 is(get_ssl('bar', 8081), $p2, 'sni 2'); |
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
155 is(get_ssl('bar', 8081), $p2, 'sni 2 again'); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
156 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
157 # fallback to an empty value for some reason |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
158 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
159 is(get_ssl('', 8081), $p3, 'no sni'); |
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
160 is(get_ssl('foo', 8082), $p3, 'preread off'); |
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
161 is(get_ssl('foo', 8083), undef, 'preread buffer full'); |
1235
3fc6817cd84a
Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1232
diff
changeset
|
162 is(stream('127.0.0.1:' . port(8080))->io('x' x 1000), "127.0.0.1:$p3", |
3fc6817cd84a
Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1232
diff
changeset
|
163 'not a handshake'); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
164 |
1232
a4a040b4e4dd
Tests: removed TODOs for fixes merged in 1.12.2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
165 # ticket #1317 |
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
166 |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
167 is(stream("127.0.0.1:$p4")->io('x' x 16), "127.0.0.1:$p3", |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
168 'pending buffers on next upstream'); |
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
169 |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
170 # no junk in variable due to short ClientHello length value |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
171 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
172 is(get_short(), "127.0.0.1:$p3", 'short client hello'); |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
173 |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
174 # allow record with older SSL version, such as 3.0 |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
175 |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
176 is(get_oldver(), 'foo', 'older version in ssl record'); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
177 |
1314
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
178 # SNI "foo|f" fragmented across TLS records |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
179 |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
180 is(get_frag(), 'foof', 'handshake fragment split on SNI'); |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
181 |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
182 $t->stop(); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
183 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
184 is($t->read_file('status.log'), "400\n", 'preread buffer full - log'); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
185 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
186 ############################################################################### |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
187 |
1314
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
188 sub get_frag { |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
189 my $r = pack("N*", 0x16030100, 0x3b010000, 0x380303ac, |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
190 0x8c8678a0, 0xaa1e7eed, 0x3644eed6, 0xc3bd2c69, |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
191 0x7bc7deda, 0x249db0e3, 0x0c339eba, 0xa80b7600, |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
192 0x00020000, 0x0100000d, 0x00000009, 0x00070000, |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
193 0x04666f6f, 0x16030100); |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
194 $r .= pack("n", 0x0166); |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
195 |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
196 http($r); |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
197 } |
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
198 |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
199 sub get_short { |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
200 my $r = pack("N*", 0x16030100, 0x38010000, 0x330303eb); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
201 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
202 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
203 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
204 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
205 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
206 http($r); |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
207 } |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
208 |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
209 sub get_oldver { |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
210 my $r = pack("N*", 0x16030000, 0x38010000, 0x340303eb); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
211 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
212 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
213 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
214 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f); |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
215 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
216 http($r); |
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
217 } |
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
218 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
219 sub get_ssl { |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
220 my ($host, $port) = @_; |
1202
cbda704b3093
Tests: fixed stream_ssl_preread.t when run in parallel.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1199
diff
changeset
|
221 my $s = stream('127.0.0.1:' . port($port)); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
222 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
223 eval { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
224 local $SIG{ALRM} = sub { die "timeout\n" }; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
225 local $SIG{PIPE} = sub { die "sigpipe\n" }; |
1407
8c764fd93b5e
Tests: adjusted client connect timeout in various tests with SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1314
diff
changeset
|
226 alarm(5); |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
227 IO::Socket::SSL->start_SSL($s->{_socket}, |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
228 SSL_hostname => $host, |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
229 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
230 SSL_error_trap => sub { die $_[1] } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
231 ); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
232 alarm(0); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
233 }; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
234 alarm(0); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
235 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
236 if ($@) { |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
237 log_in("died: $@"); |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
238 return undef; |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
239 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
240 |
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
241 return $s->read(); |
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
242 } |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
243 |
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
244 ############################################################################### |