Mercurial > hg > nginx-tests

annotate proxy_ssl.t @ 540:481d705b8610

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: SSL support in mail backends. Socket is now embedded into every mail module. Socket methods are wrapped where appropriate. The new "SSL" extra flag specifies to accept connection over SSL.
author Sergey Kandaurov <pluknet@nginx.com>
date Fri, 03 Apr 2015 00:11:38 +0300
parents 8b4a6b8691eb
children 984bfe661cce
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
311
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Nginx, Inc.
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5 # Tests for proxy to ssl backend.
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9 use warnings;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use strict;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12 use Test::More;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14 BEGIN { use FindBin; chdir($FindBin::Bin); }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16 use lib 'lib';
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 use Test::Nginx;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 select STDERR; $| = 1;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22 select STDOUT; $| = 1;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl')
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 ->plan(4)->write_file_expand('nginx.conf', <<'EOF');
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27 %%TEST_GLOBALS%%
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29 daemon off;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31 events {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 http {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35 %%TEST_GLOBALS_HTTP%%
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 server {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 listen 127.0.0.1:8081 ssl;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 ssl_certificate_key localhost.key;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41 ssl_certificate localhost.crt;
437
8b4a6b8691eb Tests: set ssl_session_cache.
Sergey Kandaurov <pluknet@nginx.com>
parents: 435
diff changeset
42 ssl_session_cache builtin;
435
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
43
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
44 location / {
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
45 add_header X-Session $ssl_session_reused;
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
46 }
311
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49 server {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 listen 127.0.0.1:8080;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51 server_name localhost;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 location /ssl_reuse {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54 proxy_pass https://127.0.0.1:8081/;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55 proxy_ssl_session_reuse on;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58 location /ssl {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 proxy_pass https://127.0.0.1:8081/;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60 proxy_ssl_session_reuse off;
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
61 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 EOF
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 $t->write_file('openssl.conf', <<EOF);
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68 [ req ]
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69 default_bits = 2048
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 encrypt_key = no
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 distinguished_name = req_distinguished_name
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 [ req_distinguished_name ]
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 EOF
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 $t->write_file('index.html', '');
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77 my $d = $t->testdir();
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79 foreach my $name ('localhost') {
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 system('openssl req -x509 -new '
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 . "-config '$d/openssl.conf' -subj '/CN=$name/' "
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82 . "-out '$d/$name.crt' -keyout '$d/$name.key' "
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 . ">>$d/openssl.out 2>&1") == 0
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84 or die "Can't create certificate for $name: $!\n";
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 }
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 $t->run();
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90
435
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
91 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl');
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
92 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl 2');
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
93 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: \./s, 'ssl reuse session');
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 311
diff changeset
94 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: r/s, 'ssl reuse session 2');
311
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95
ad164c14058a Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96 ###############################################################################