nginx-tests: ssl_session_ticket

annotate ssl_session_ticket_key.t @ 1971:ab45ee8011df

Tests: guarded session ticket tests for old OpenSSL versions. Much like SNI support, TLS session tickets are available starting with OpenSSL 0.9.8f if TLS extensions support is explicitly configured, and enabled by default since 0.9.8j. As such, SNI availability is checked to ensure TLS extensions support is compiled in. Additionally, the ssl_session_ticket_key.t tests for automatic ticket key rotation, which uses session ticket key callback, as introduced in OpenSSL 0.9.8h.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Mon, 06 May 2024 00:03:16 +0300
parents	c924ae8d7104
children

rev	line source
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	1 #!/usr/bin/perl
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	2
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	3 # (C) Sergey Kandaurov
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	4 # (C) Nginx, Inc.
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	5
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	6 # Tests for rotation of SSL session ticket keys.
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	7
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	8 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	9
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	10 use warnings;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	11 use strict;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	12
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	13 use Test::More;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	14
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	15 BEGIN { use FindBin; chdir($FindBin::Bin); }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	16
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	17 use lib 'lib';
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	18 use Test::Nginx qw/ :DEFAULT http_end /;
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	19
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	20 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	21
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	22 select STDERR; $\| = 1;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	23 select STDOUT; $\| = 1;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	24
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	25 eval { require Net::SSLeay; die if $Net::SSLeay::VERSION < 1.86; };
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	26 plan(skip_all => 'Net::SSLeay version => 1.86 required') if $@;
1869 5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	27 eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 2.030; };
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	28 plan(skip_all => 'IO::Socket::SSL version => 2.030 required') if $@;
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	29
1971 ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions. Maxim Dounin <mdounin@mdounin.ru> parents: 1966 diff changeset	30 my $t = Test::Nginx->new()->has(qw/http http_ssl tickets socket_ssl/)
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	31 ->has_daemon('openssl')->plan(2)
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	32 ->write_file_expand('nginx.conf', <<'EOF');
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	33
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	34 %%TEST_GLOBALS%%
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	35
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	36 daemon off;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	37 worker_processes 2;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	38
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	39 events {
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	40 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	41
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	42 http {
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	43 %%TEST_GLOBALS_HTTP%%
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	44
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	45 ssl_certificate_key localhost.key;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	46 ssl_certificate localhost.crt;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	47
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	48 add_header X-SSL-Protocol $ssl_protocol;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	49
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	50 server {
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	51 listen 127.0.0.1:8443 ssl;
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	52 server_name localhost;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	53
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	54 ssl_session_cache shared:SSL:1m;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	55 ssl_session_timeout 2;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	56 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	57 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	58
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	59 EOF
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	60
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	61 $t->write_file('openssl.conf', <<EOF);
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	62 [ req ]
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	63 default_bits = 2048
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	64 encrypt_key = no
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	65 distinguished_name = req_distinguished_name
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	66 [ req_distinguished_name ]
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	67 EOF
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	68
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	69 my $d = $t->testdir();
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	70
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	71 foreach my $name ('localhost') {
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	72 system('openssl req -x509 -new '
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	73 . "-config $d/openssl.conf -subj /CN=$name/ "
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	74 . "-out $d/$name.crt -keyout $d/$name.key "
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	75 . ">>$d/openssl.out 2>&1") == 0
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	76 or die "Can't create certificate for $name: $!\n";
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	77 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	78
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	79 $t->write_file('index.html', '');
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	80
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	81 $t->run();
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	82
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	83 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	84
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	85 # the test uses multiple worker processes to check shared tickey key rotation
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	86 #
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	87 # before 1.23.2, any test can fail depending on which worker served connection:
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	88 # the 1st test fails if served by another worker, because keys aren't shared
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	89 # the 2nd test fails if served by the same worker due to the lack of rotation
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	90 #
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	91 # with a single worker process it is only the 2nd test that fails
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	92
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	93 local $TODO = 'not yet' unless $t->has_version('1.23.2');
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	94
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	95 my $key = get_ticket_key_name();
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	96
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	97 select undef, undef, undef, 0.5;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	98 is(get_ticket_key_name(), $key, 'ticket key match');
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	99
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	100 select undef, undef, undef, 2.5;
1840 0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	101
1971 ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions. Maxim Dounin <mdounin@mdounin.ru> parents: 1966 diff changeset	102 local $TODO = 'no ticket key callback'
ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions. Maxim Dounin <mdounin@mdounin.ru> parents: 1966 diff changeset	103 if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8h');
1869 5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	104 local $TODO = 'no TLSv1.3 sessions, old Net::SSLeay'
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	105 if $Net::SSLeay::VERSION < 1.88 && test_tls13();
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	106 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1865 diff changeset	107 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
1840 0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	108 local $TODO = 'no TLSv1.3 sessions in LibreSSL'
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	109 if $t->has_module('LibreSSL') && test_tls13();
1966 c924ae8d7104 Tests: session reuse handling with Net::SSLeay with LibreSSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1869 diff changeset	110 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)'
c924ae8d7104 Tests: session reuse handling with Net::SSLeay with LibreSSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1869 diff changeset	111 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13();
1840 0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	112
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	113 cmp_ok(get_ticket_key_name(), 'ne', $key, 'ticket key next');
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	114
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	115 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	116
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	117 sub get_ticket_key_name {
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	118 my $asn = get_ssl_session();
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	119 my $any = qr/[\x00-\xff]/;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	120 next:
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	121 # tag(10) \| len{2} \| OCTETSTRING(4) \| len{2} \| ticket(key_name\|..)
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	122 $asn =~ /\xaa\x81($any)\x04\x81($any)($any{16})/g;
1840 0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	123 return '' if !defined $3;
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	124 goto next if unpack("C", $1) - unpack("C", $2) != 3;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	125 my $key = unpack "H*", $3;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	126 Test::Nginx::log_core('\|\|', "ticket key: $key");
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	127 return $key;
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	128 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	129
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	130 sub get_ssl_session {
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	131 my $cache = IO::Socket::SSL::Session_Cache->new(100);
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	132
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	133 my $s = http_get(
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	134 '/', start => 1,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	135 SSL => 1,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	136 SSL_session_cache => $cache,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	137 SSL_session_key => 1
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	138 );
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	139
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	140 return unless $s;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	141 http_end($s);
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	142
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	143 my $sess = $cache->get_session(1);
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	144 return '' unless defined $sess;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	145 return Net::SSLeay::i2d_SSL_SESSION($sess);
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	146 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	147
1840 0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1816 diff changeset	148 sub test_tls13 {
1865 0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1840 diff changeset	149 return http_get('/', SSL => 1) =~ /TLSv1.3/;
1816 5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	150 }
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	151
5817625792bd Tests: ssl session ticket key rotation tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	152 ###############################################################################

Mercurial > hg > nginx-tests

annotate ssl_session_ticket_key.t @ 1971:ab45ee8011df