Mercurial > hg > nginx-tests
annotate mail_imap_ssl.t @ 1248:70192b1baf01
Tests: added exception test to stream_js.t using 'require'.
The stream js tests introduced in edf5a3c9e36a fail on njs 0.1.14. It doesn't
currently provide an easy way to check its version, whilst we are obligated to
gracefully handle such cases somehow. With such an addition of 'require', now
the tests are skipped instead on the previous versions.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Tue, 21 Nov 2017 13:16:39 +0300 |
| parents | 0af58b78df35 |
| children | dbce8fb5f5f8 |
| rev | line source |
|---|---|
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Maxim Dounin |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Sergey Kandaurov |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 # (C) Nginx, Inc. |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 # Tests for nginx mail imap module with ssl. |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 ############################################################################### |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use warnings; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 use strict; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 use Test::More; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 use MIME::Base64; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 use lib 'lib'; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 use Test::Nginx; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 use Test::Nginx::IMAP; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 ############################################################################### |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 select STDERR; $| = 1; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 select STDOUT; $| = 1; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 eval { require IO::Socket::SSL; }; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 plan(skip_all => 'IO::Socket::SSL not installed') if $@; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 plan(skip_all => 'IO::Socket::SSL too old') if $@; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 local $SIG{PIPE} = 'IGNORE'; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
|
976
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
36 my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap http rewrite/) |
|
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
37 ->has_daemon('openssl')->plan(12) |
|
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
38 ->write_file_expand('nginx.conf', <<'EOF'); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 %%TEST_GLOBALS%% |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 daemon off; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 events { |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 mail { |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 proxy_pass_error_message on; |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
49 auth_http http://127.0.0.1:8080/mail/auth; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 auth_http_pass_client_cert on; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 ssl_certificate_key 1.example.com.key; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 ssl_certificate 1.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
56 listen 127.0.0.1:8142; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 protocol imap; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
61 listen 127.0.0.1:8143 ssl; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 protocol imap; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 ssl_verify_client on; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 ssl_client_certificate 2.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
69 listen 127.0.0.1:8145 ssl; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 protocol imap; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 ssl_verify_client optional; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 ssl_client_certificate 2.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
77 listen 127.0.0.1:8146 ssl; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 protocol imap; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 ssl_verify_client optional; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 ssl_client_certificate 2.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 ssl_trusted_certificate 3.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
86 listen 127.0.0.1:8147 ssl; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 protocol imap; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 ssl_verify_client optional_no_ca; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 ssl_client_certificate 2.example.com.crt; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 http { |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 %%TEST_GLOBALS_HTTP%% |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 log_format test '$http_auth_ssl:$http_auth_ssl_verify:' |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 '$http_auth_ssl_subject:$http_auth_ssl_issuer:' |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 '$http_auth_ssl_serial:$http_auth_ssl_fingerprint:' |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
100 '$http_auth_ssl_cert:$http_auth_pass'; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 server { |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
103 listen 127.0.0.1:8080; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 server_name localhost; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 location = /mail/auth { |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 access_log auth.log test; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 add_header Auth-Status OK; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 add_header Auth-Server 127.0.0.1; |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
111 add_header Auth-Port %%PORT_8144%%; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 add_header Auth-Wait 1; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 return 204; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 EOF |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 $t->write_file('openssl.conf', <<EOF); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 [ req ] |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 default_bits = 1024 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 encrypt_key = no |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 distinguished_name = req_distinguished_name |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 [ req_distinguished_name ] |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 EOF |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 my $d = $t->testdir(); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 foreach my $name ('1.example.com', '2.example.com', '3.example.com') { |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1085
diff
changeset
|
132 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1085
diff
changeset
|
133 . "-out $d/$name.crt -keyout $d/$name.key " |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 . ">>$d/openssl.out 2>&1") == 0 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
135 or die "Can't create certificate for $name: $!\n"; |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 } |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 |
|
976
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
138 $t->run_daemon(\&Test::Nginx::IMAP::imap_test_daemon); |
|
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
139 $t->run()->waitforsocket('127.0.0.1:' . port(8144)); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 ############################################################################### |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
143 my $cred = sub { encode_base64("\0test\@example.com\0$_[0]", '') }; |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 my %ssl = ( |
|
753
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
145 SSL => 1, |
|
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
146 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
|
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
147 SSL_error_trap => sub { die $_[1] }, |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 ); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 # no ssl connection |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
151 |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
152 my $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8142)); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 $s->ok('plain connection'); |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
154 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s1")); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
155 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
156 # no cert |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
157 |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
158 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8143), %ssl); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
159 $s->check(qr/BYE No required SSL certificate/, 'no cert'); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
160 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
161 # no cert with ssl_verify_client optional |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
162 |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
163 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8145), %ssl); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
164 $s->ok('no optional cert'); |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
165 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s2")); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
166 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
167 # wrong cert with ssl_verify_client optional |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
168 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
169 $s = Test::Nginx::IMAP->new( |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
170 PeerAddr => '127.0.0.1:' . port(8145), |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
171 SSL_cert_file => "$d/1.example.com.crt", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
172 SSL_key_file => "$d/1.example.com.key", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
173 %ssl, |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
174 ); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
175 $s->check(qr/BYE SSL certificate error/, 'bad optional cert'); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
176 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
177 # wrong cert with ssl_verify_client optional_no_ca |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
178 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
179 $s = Test::Nginx::IMAP->new( |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
180 PeerAddr => '127.0.0.1:' . port(8147), |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
181 SSL_cert_file => "$d/1.example.com.crt", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
182 SSL_key_file => "$d/1.example.com.key", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
183 %ssl, |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
184 ); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
185 $s->ok('bad optional_no_ca cert'); |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
186 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s3")); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
187 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
188 # matching cert with ssl_verify_client optional |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
189 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
190 $s = Test::Nginx::IMAP->new( |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
191 PeerAddr => '127.0.0.1:' . port(8145), |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
192 SSL_cert_file => "$d/2.example.com.crt", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
193 SSL_key_file => "$d/2.example.com.key", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
194 %ssl, |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
195 ); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
196 $s->ok('good cert'); |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
197 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s4")); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
198 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
199 # trusted cert with ssl_verify_client optional |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
200 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
201 $s = Test::Nginx::IMAP->new( |
|
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
202 PeerAddr => '127.0.0.1:' . port(8146), |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
203 SSL_cert_file => "$d/3.example.com.crt", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
204 SSL_key_file => "$d/3.example.com.key", |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
205 %ssl, |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
206 ); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
207 $s->ok('trusted cert'); |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
208 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s5")); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
209 $s->read(); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
210 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
211 # test auth_http request header fields with access_log |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
212 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
213 $t->stop(); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
214 |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
215 my $f = $t->read_file('auth.log'); |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
216 |
|
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
217 like($f, qr/^-:-:-:-:-:-:-\x0d?\x0a?:s1$/m, 'log - plain connection'); |
|
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
218 like($f, qr/^on:NONE:-:-:-:-:-\x0d?\x0a?:s2$/m, 'log - no cert'); |
|
1085
30a6fbab4e33
Tests: allow new $ssl_verify syntax.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1069
diff
changeset
|
219 like($f, qr!^on:FAILED(?:.*):(/?CN=1.example.com):\1:\w+:\w+:[^:]+:s3$!m, |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
220 'log - bad cert'); |
|
1069
1b11a12be179
Tests: pass both issuer/subject variable formats where appropriate.
Sergey Kandaurov <pluknet@nginx.com>
parents:
976
diff
changeset
|
221 like($f, qr!^on:SUCCESS:(/?CN=2.example.com):\1:\w+:\w+:[^:]+:s4$!m, |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
222 'log - good cert'); |
|
1069
1b11a12be179
Tests: pass both issuer/subject variable formats where appropriate.
Sergey Kandaurov <pluknet@nginx.com>
parents:
976
diff
changeset
|
223 like($f, qr!^on:SUCCESS:(/?CN=3.example.com):\1:\w+:\w+:[^:]+:s5$!m, |
|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
224 'log - trusted cert'); |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
225 |
|
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
226 ############################################################################### |