Mercurial > hg > nginx-tests

annotate stream_ssl_variables.t @ 1251:766bcbb632ee

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: removed TODO and try_run() checks for legacy versions.
author Sergey Kandaurov <pluknet@nginx.com>
date Fri, 24 Nov 2017 19:58:40 +0300
parents 3fc6817cd84a
children e1c64ee44212
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for stream ssl module with variables.
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 use Socket;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 BEGIN { use FindBin; chdir($FindBin::Bin); }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19 use lib 'lib';
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 use Test::Nginx;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 use Test::Nginx::Stream qw/ stream /;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 ###############################################################################
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 select STDERR; $| = 1;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 select STDOUT; $| = 1;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28 eval {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29 require Net::SSLeay;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30 Net::SSLeay::load_error_strings();
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31 Net::SSLeay::SSLeay_add_ssl_algorithms();
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 Net::SSLeay::randomize();
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33 };
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 plan(skip_all => 'Net::SSLeay not installed') if $@;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 eval {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 my $ctx = Net::SSLeay::CTX_new() or die;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 my $ssl = Net::SSLeay::new($ctx) or die;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 };
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42
1032
43eedbfea090 Tests: add missing sni prerequisites.
Sergey Kandaurov <pluknet@nginx.com>
parents: 974
diff changeset
43 my $t = Test::Nginx->new()->has(qw/stream stream_ssl sni stream_return/)
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 ->has_daemon('openssl');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 $t->write_file_expand('nginx.conf', <<'EOF');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 %%TEST_GLOBALS%%
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 daemon off;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 events {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55 stream {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 ssl_certificate_key localhost.key;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 ssl_certificate localhost.crt;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
60 listen 127.0.0.1:8080;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
61 listen 127.0.0.1:8081 ssl;
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 return $ssl_session_reused:$ssl_session_id:$ssl_cipher:$ssl_protocol;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 ssl_session_cache builtin;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
68 listen 127.0.0.1:8082 ssl;
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69 return $ssl_server_name;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 EOF
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 $t->write_file('openssl.conf', <<EOF);
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 [ req ]
1116
8ef51dbb5d69 Tests: reduced OpenSSL default key length to 1024.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1032
diff changeset
77 default_bits = 1024
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 encrypt_key = no
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79 distinguished_name = req_distinguished_name
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 [ req_distinguished_name ]
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 EOF
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 my $d = $t->testdir();
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 foreach my $name ('localhost') {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
87 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
88 . "-out $d/$name.crt -keyout $d/$name.key "
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 . ">>$d/openssl.out 2>&1") == 0
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90 or die "Can't create certificate for $name: $!\n";
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92
1251
766bcbb632ee Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1235
diff changeset
93 $t->run()->plan(5);
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 ###############################################################################
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 my ($s, $ssl);
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98
1235
3fc6817cd84a Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1220
diff changeset
99 is(stream('127.0.0.1:' . port(8080))->read(), ':::', 'no ssl');
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
101 ($s, $ssl) = get_ssl_socket(port(8081));
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
102 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/,
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
103 'ssl variables');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
104
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 my $ses = Net::SSLeay::get_session($ssl);
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
106 ($s, $ssl) = get_ssl_socket(port(8081), $ses);
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107 like(Net::SSLeay::read($ssl), qr/^r:\w{64}:[\w-]+:(TLS|SSL)v(\d|\.)+$/,
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108 'ssl variables - session reused');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
110 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com');
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 is(Net::SSLeay::ssl_read_all($ssl), 'example.com', 'ssl server name');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 967
diff changeset
113 ($s, $ssl) = get_ssl_socket(port(8082));
967
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114 is(Net::SSLeay::ssl_read_all($ssl), '', 'ssl server name empty');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116 ###############################################################################
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118 sub get_ssl_socket {
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119 my ($port, $ses, $name) = @_;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120 my $s;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 my $dest_ip = inet_aton('127.0.0.1');
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123 my $dest_serv_params = sockaddr_in($port, $dest_ip);
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 socket($s, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126 connect($s, $dest_serv_params) or die "connect: $!";
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!");
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 Net::SSLeay::set_tlsext_host_name($ssl, $name) if defined $name;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
131 Net::SSLeay::set_session($ssl, $ses) if defined $ses;
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132 Net::SSLeay::set_fd($ssl, fileno($s));
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133 Net::SSLeay::connect($ssl) or die("ssl connect");
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134 return ($s, $ssl);
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
135 }
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136
eb111c5f7556 Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137 ###############################################################################