Mercurial > hg > nginx-tests

annotate stream_ssl.t @ 1826:1f125771f1a1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: adapted session reuse tests to work with TLSv1.3. In TLSv1.3, session tickets are sent after the handshake, and saving session right after the handshake is not going to work. To properly test session resumption, sessions are now saved after some data exchange.
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 21 Mar 2023 02:58:02 +0300
parents fd440d324700
children fd9d077fee02
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for stream ssl module.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 use POSIX qw/ mkfifo /;
1621
fd440d324700 Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1609
diff changeset
16 use Socket qw/ $CRLF /;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18 BEGIN { use FindBin; chdir($FindBin::Bin); }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 use lib 'lib';
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 use Test::Nginx;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 select STDERR; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 select STDOUT; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28 eval {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29 require Net::SSLeay;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30 Net::SSLeay::load_error_strings();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31 Net::SSLeay::SSLeay_add_ssl_algorithms();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 Net::SSLeay::randomize();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33 };
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 plan(skip_all => 'Net::SSLeay not installed') if $@;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35
1204
ba3279915da5 Tests: skip stream_ssl.t on win32 due to mkfifo.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1141
diff changeset
36 plan(skip_all => 'win32') if $^O eq 'MSWin32';
ba3279915da5 Tests: skip stream_ssl.t on win32 due to mkfifo.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1141
diff changeset
37
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
40 $t->plan(7)->write_file_expand('nginx.conf', <<'EOF');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 %%TEST_GLOBALS%%
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 daemon off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 events {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49 stream {
1609
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
50 %%TEST_GLOBALS_STREAM%%
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
51
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 ssl_certificate_key localhost.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 ssl_certificate localhost.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54 ssl_session_tickets off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 # inherited by server "inherits"
1141
d4e779356d8d Tests: typo.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1140
diff changeset
57 ssl_password_file password_stream;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
60 listen 127.0.0.1:8080 ssl;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
61 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 ssl_session_cache builtin;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 ssl_password_file password;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
68 listen 127.0.0.1:8082 ssl;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
69 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 ssl_session_cache off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 ssl_password_file password_many;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
76 listen 127.0.0.1:8083 ssl;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
77 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
79 ssl_session_cache builtin:1000;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 ssl_password_file password_fifo;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
84 listen 127.0.0.1:8084 ssl;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
85 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
87 ssl_session_cache shared:SSL:1m;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 ssl_certificate_key inherits.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 ssl_certificate inherits.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
93 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 $t->write_file('openssl.conf', <<EOF);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
97 default_bits = 2048
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98 encrypt_key = no
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99 distinguished_name = req_distinguished_name
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100 [ req_distinguished_name ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
102
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
103 my $d = $t->testdir();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
104 mkfifo("$d/password_fifo", 0700);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 foreach my $name ('localhost', 'inherits') {
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
107 system("openssl genrsa -out $d/$name.key -passout pass:$name "
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
108 . "-aes128 2048 >>$d/openssl.out 2>&1") == 0
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109 or die "Can't create private key: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
111 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
112 . "-out $d/$name.crt "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
113 . "-key $d/$name.key -passin pass:$name"
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114 . ">>$d/openssl.out 2>&1") == 0
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 or die "Can't create certificate for $name: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!");
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121 $t->write_file('password', 'localhost');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 $t->write_file('password_many', "wrong$CRLF" . "localhost$CRLF");
1141
d4e779356d8d Tests: typo.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1140
diff changeset
123 $t->write_file('password_stream', 'inherits');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124
1087
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
125 my $p = fork();
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
126 exec("echo localhost > $d/password_fifo") if $p == 0;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128 $t->run_daemon(\&http_daemon);
1087
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
129
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
130 eval {
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
131 open OLDERR, ">&", \*STDERR; close STDERR;
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
132 $t->run();
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
133 open STDERR, ">&", \*OLDERR;
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
134 };
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
135 kill 'INT', $p if $@;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
137 $t->waitforsocket('127.0.0.1:' . port(8081));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
140
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
141 my ($s, $ssl, $ses);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
142
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
143 ($s, $ssl) = get_ssl_socket(port(8080));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
144 Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
145 like(Net::SSLeay::read($ssl), qr/200 OK/, 'ssl');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 # ssl_session_cache
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
149 ($s, $ssl) = get_ssl_socket(port(8080));
1826
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
150 Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
151 Net::SSLeay::read($ssl);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152 $ses = Net::SSLeay::get_session($ssl);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
154 ($s, $ssl) = get_ssl_socket(port(8080), $ses);
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
155 is(Net::SSLeay::session_reused($ssl), 1, 'builtin session reused');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
157 ($s, $ssl) = get_ssl_socket(port(8082));
1826
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
158 Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
159 Net::SSLeay::read($ssl);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160 $ses = Net::SSLeay::get_session($ssl);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
162 ($s, $ssl) = get_ssl_socket(port(8082), $ses);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
163 isnt(Net::SSLeay::session_reused($ssl), 1, 'session not reused');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
164
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
165 ($s, $ssl) = get_ssl_socket(port(8083));
1826
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
166 Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
167 Net::SSLeay::read($ssl);
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
168 $ses = Net::SSLeay::get_session($ssl);
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
169
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
170 ($s, $ssl) = get_ssl_socket(port(8083), $ses);
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
171 is(Net::SSLeay::session_reused($ssl), 1, 'builtin size session reused');
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
172
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
173 ($s, $ssl) = get_ssl_socket(port(8084));
1826
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
174 Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
1f125771f1a1 Tests: adapted session reuse tests to work with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1621
diff changeset
175 Net::SSLeay::read($ssl);
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
176 $ses = Net::SSLeay::get_session($ssl);
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
177
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
178 ($s, $ssl) = get_ssl_socket(port(8084), $ses);
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
179 is(Net::SSLeay::session_reused($ssl), 1, 'shared session reused');
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
180
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
181 # ssl_certificate inheritance
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
182
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
183 ($s, $ssl) = get_ssl_socket(port(8080));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
184 like(Net::SSLeay::dump_peer_certificate($ssl), qr/CN=localhost/, 'CN');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
185
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
186 ($s, $ssl) = get_ssl_socket(port(8084));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
187 like(Net::SSLeay::dump_peer_certificate($ssl), qr/CN=inherits/, 'CN inner');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
188
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
189 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
190
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
191 sub get_ssl_socket {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
192 my ($port, $ses) = @_;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
193
1621
fd440d324700 Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1609
diff changeset
194 my $s = IO::Socket::INET->new('127.0.0.1:' . $port);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
195 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
196 Net::SSLeay::set_session($ssl, $ses) if defined $ses;
1102
89d7d4d1be40 Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1087
diff changeset
197 Net::SSLeay::set_fd($ssl, fileno($s));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
198 Net::SSLeay::connect($ssl) or die("ssl connect");
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
199 return ($s, $ssl);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
200 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
201
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
202 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
203
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
204 sub http_daemon {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
205 my $server = IO::Socket::INET->new(
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
206 Proto => 'tcp',
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
207 LocalHost => '127.0.0.1:' . port(8081),
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
208 Listen => 5,
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
209 Reuse => 1
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
210 )
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
211 or die "Can't create listening socket: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
212
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
213 local $SIG{PIPE} = 'IGNORE';
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
214
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
215 while (my $client = $server->accept()) {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
216 $client->autoflush(1);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
217
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
218 while (<$client>) {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
219 last if (/^\x0d?\x0a?$/);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
220 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
221
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
222 print $client <<EOF;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
223 HTTP/1.1 200 OK
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
224 Connection: close
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
225
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
226 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
227
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
228 close $client;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
229 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
230 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
231
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
232 ###############################################################################