nginx-tests: ssl_certificate

annotate ssl_certificate_perl.t @ 1542:451e787aad76

Tests: reworked libgd version detection. The "libgd-config" binary is deprecated in recent versions and may not exist or have unexpected output. More, it may not present within older versions, as well, if installed separately, which previously broke test assumptions. The fix is change the fallback to skip tests. In addition, recent Perl GD module (2.57) started to export libgd version, which is now also consulted.

author	Sergey Kandaurov <pluknet@nginx.com>
date	Mon, 13 Jan 2020 18:15:35 +0300
parents	144c6ce732e4
children	fd440d324700

rev	line source
1457 80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	1 #!/usr/bin/perl
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	2
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	3 # (C) Sergey Kandaurov
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	4 # (C) Nginx, Inc.
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	5
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	6 # Tests for http ssl module, loading certificates from memory with perl module.
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	7
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	8 ###############################################################################
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	9
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	10 use warnings;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	11 use strict;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	12
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	13 use Test::More;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	14
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	15 use Socket;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	16
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	17 BEGIN { use FindBin; chdir($FindBin::Bin); }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	18
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	19 use lib 'lib';
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	20 use Test::Nginx;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	21
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	22 ###############################################################################
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	23
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	24 select STDERR; $\| = 1;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	25 select STDOUT; $\| = 1;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	26
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	27 eval {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	28 require Net::SSLeay;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	29 Net::SSLeay::load_error_strings();
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	30 Net::SSLeay::SSLeay_add_ssl_algorithms();
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	31 Net::SSLeay::randomize();
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	32 };
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	33 plan(skip_all => 'Net::SSLeay not installed') if $@;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	34
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	35 eval {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	36 my $ctx = Net::SSLeay::CTX_new() or die;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	37 my $ssl = Net::SSLeay::new($ctx) or die;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	38 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	39 };
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	40 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	41
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	42 my $t = Test::Nginx->new()->has(qw/http http_ssl perl/)->has_daemon('openssl');
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	43
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	44 $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	45 plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	46
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	47 $t->write_file_expand('nginx.conf', <<'EOF');
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	48
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	49 %%TEST_GLOBALS%%
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	50
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	51 daemon off;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	52
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	53 events {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	54 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	55
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	56 http {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	57 %%TEST_GLOBALS_HTTP%%
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	58
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	59 perl_set $pem '
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	60 sub {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	61 my $r = shift;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	62 local $/;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	63 my $sni = $r->variable("ssl_server_name");
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	64 open my $fh, "<", "%%TESTDIR%%/$sni.crt";
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	65 my $content = <$fh>;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	66 close $fh;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	67 return $content;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	68 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	69 ';
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	70
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	71 server {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	72 listen 127.0.0.1:8080 ssl;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	73 server_name localhost;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	74
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	75 ssl_certificate data:$pem;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	76 ssl_certificate_key data:$pem;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	77 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	78 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	79
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	80 EOF
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	81
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	82 $t->write_file('openssl.conf', <<EOF);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	83 [ req ]
1488 dbce8fb5f5f8 Tests: align with OpenSSL security level 2. Sergey Kandaurov <pluknet@nginx.com> parents: 1457 diff changeset	84 default_bits = 2048
1457 80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	85 encrypt_key = no
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	86 distinguished_name = req_distinguished_name
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	87 [ req_distinguished_name ]
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	88 EOF
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	89
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	90 my $d = $t->testdir();
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	91
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	92 foreach my $name ('one', 'two') {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	93 system('openssl req -x509 -new '
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	94 . "-config $d/openssl.conf -subj /CN=$name/ "
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	95 . "-out $d/$name.crt -keyout $d/$name.crt "
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	96 . ">>$d/openssl.out 2>&1") == 0
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	97 or die "Can't create certificate for $name: $!\n";
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	98 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	99
1535 144c6ce732e4 Tests: removed TODO and try_run() checks for legacy versions. Sergey Kandaurov <pluknet@nginx.com> parents: 1488 diff changeset	100 $t->run()->plan(2);
1457 80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	101
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	102 ###############################################################################
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	103
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	104 like(cert('one', 8080), qr/CN=one/, 'certificate');
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	105 like(cert('two', 8080), qr/CN=two/, 'certificate 2');
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	106
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	107 ###############################################################################
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	108
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	109 sub cert {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	110 my ($host, $port) = @_;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	111 my ($s, $ssl) = get_ssl_socket($host, $port) or return;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	112 Net::SSLeay::dump_peer_certificate($ssl);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	113 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	114
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	115 sub get_ssl_socket {
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	116 my ($host, $port) = @_;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	117 my $s;
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	118
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	119 my $dest_ip = inet_aton('127.0.0.1');
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	120 $port = port($port);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	121 my $dest_serv_params = sockaddr_in($port, $dest_ip);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	122
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	123 socket($s, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	124 connect($s, $dest_serv_params) or die "connect: $!";
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	125
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	126 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!");
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	127 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	128 Net::SSLeay::set_tlsext_host_name($ssl, $host);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	129 Net::SSLeay::set_fd($ssl, fileno($s));
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	130 Net::SSLeay::connect($ssl) or die("ssl connect");
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	131 return ($s, $ssl);
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	132 }
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	133
80911c4fe023 Tests: loading "data:..." certificates with perl module. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	134 ###############################################################################

Mercurial > hg > nginx-tests

annotate ssl_certificate_perl.t @ 1542:451e787aad76