annotate ssl_reject_handshake.t @ 1752:ba6e24e38f03

Tests: improved stop_daemons() to send signal again. As was observed, it's possible that a signal to complete a uwsgi daemon can be ignored while it is starting up, which results in tests hang due to eternal waiting on child processes termination. Notably, it is seen when running tests with a high number of prove jobs on a low-profile VM against nginx with broken modules and/or configuration. To reproduce: $ TEST_NGINX_GLOBALS=ERROR prove -j16 uwsgi*.t Inspecting uwsgi under ktrace on FreeBSD confirms that a SIGTERM signal is ignored at the very beginning of uwsgi startup. It is then replaced with a default action after listen(), thus waiting until uwsgi is ready to accept new TCP connections doesn't completely solve the hang window. The fix is to retry sending a signal some time after waitpid(WNOHANG) continuously demonstrated no progress with reaping a signaled process. It is modelled after f13ead27f89c that improved stop() for nginx.
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 29 Dec 2021 22:29:23 +0300
parents 5ac6efbe5552
children 2a7fc70900a5
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1601
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for http ssl module, ssl_reject_handshake.
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 use lib 'lib';
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18 use Test::Nginx;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 ###############################################################################
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22 select STDERR; $| = 1;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 select STDOUT; $| = 1;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 eval { require IO::Socket::SSL; };
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 plan(skip_all => 'IO::Socket::SSL not installed') if $@;
1602
d35db22947ab Tests: fixed ssl_reject_handshake.t with too old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1601
diff changeset
27 eval { IO::Socket::SSL->can_client_sni() or die; };
d35db22947ab Tests: fixed ssl_reject_handshake.t with too old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1601
diff changeset
28 plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
1601
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29
1602
d35db22947ab Tests: fixed ssl_reject_handshake.t with too old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1601
diff changeset
30 my $t = Test::Nginx->new()->has(qw/http http_ssl sni/)->has_daemon('openssl');
1601
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 $t->write_file_expand('nginx.conf', <<'EOF');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 %%TEST_GLOBALS%%
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 daemon off;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 events {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41 http {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 %%TEST_GLOBALS_HTTP%%
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 add_header X-Name $ssl_server_name;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47 listen 127.0.0.1:8080 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 server_name localhost;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 ssl_reject_handshake on;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54 listen 127.0.0.1:8081;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55 server_name ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 ssl on;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58 ssl_reject_handshake on;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
61 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 listen 127.0.0.1:8080 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 listen 127.0.0.1:8081 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 server_name virtual;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66 ssl_certificate localhost.crt;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 ssl_certificate_key localhost.key;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 listen 127.0.0.1:8082 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 server_name localhost;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74 ssl_certificate localhost.crt;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 ssl_certificate_key localhost.key;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79 listen 127.0.0.1:8082 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 server_name virtual1;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 server {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84 listen 127.0.0.1:8082 ssl;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 server_name virtual2;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 ssl_reject_handshake on;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91 EOF
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
93 $t->write_file('openssl.conf', <<EOF);
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94 [ req ]
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 default_bits = 2048
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96 encrypt_key = no
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 distinguished_name = req_distinguished_name
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98 [ req_distinguished_name ]
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99 EOF
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 my $d = $t->testdir();
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
102
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
103 foreach my $name ('localhost') {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
104 system('openssl req -x509 -new '
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 . "-config $d/openssl.conf -subj /CN=$name/ "
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 . "-out $d/$name.crt -keyout $d/$name.key "
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107 . ">>$d/openssl.out 2>&1") == 0
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108 or die "Can't create certificate for $name: $!\n";
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 $t->write_file('index.html', '');
1693
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
112
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
113 # suppress deprecation warning
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
114
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
115 open OLDERR, ">&", \*STDERR; close STDERR;
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
116 $t->run()->plan(9);
5ac6efbe5552 Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1602
diff changeset
117 open STDERR, ">&", \*OLDERR;
1601
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119 ###############################################################################
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121 # default virtual server rejected
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123 like(get('default', 8080), qr/unrecognized name/, 'default rejected');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 like(get(undef, 8080), qr/unrecognized name/, 'absent sni rejected');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 like(get('virtual', 8080), qr/virtual/, 'virtual accepted');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127 # default virtual server rejected - ssl on
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129 like(get('default', 8081), qr/unrecognized name/, 'default rejected - ssl on');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 like(get('virtual', 8081), qr/virtual/, 'virtual accepted - ssl on');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
131
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132 # non-default server "virtual2" rejected
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134 like(get('default', 8082), qr/default/, 'default accepted');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
135 like(get(undef, 8082), qr/200 OK(?!.*X-Name)/is, 'absent sni accepted');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136 like(get('virtual1', 8082), qr/virtual1/, 'virtual 1 accepted');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137 like(get('virtual2', 8082), qr/unrecognized name/, 'virtual 2 rejected');
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139 ###############################################################################
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
140
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
141 sub get {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
142 my ($host, $port) = @_;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
143 my $s = get_ssl_socket($host, $port) or return $@;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
144 $host = 'localhost' if !defined $host;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
145 my $r = http(<<EOF, socket => $s);
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146 GET / HTTP/1.0
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 Host: $host
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
149 EOF
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
150
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
151 $s->close();
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152 return $r;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
154
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155 sub get_ssl_socket {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156 my ($host, $port) = @_;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
157 my $s;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
158
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
159 eval {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160 local $SIG{ALRM} = sub { die "timeout\n" };
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161 local $SIG{PIPE} = sub { die "sigpipe\n" };
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
162 alarm(8);
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
163 $s = IO::Socket::SSL->new(
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
164 Proto => 'tcp',
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
165 PeerAddr => '127.0.0.1',
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166 PeerPort => port($port),
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
167 SSL_hostname => $host,
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
168 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
169 SSL_error_trap => sub { die $_[1] },
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
170 );
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
171 alarm(0);
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
172 };
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
173 alarm(0);
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
174
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
175 if ($@) {
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
176 log_in("died: $@");
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
177 return undef;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
178 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
179
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
180 return $s;
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
181 }
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
182
376cbc2c2b20 Tests: ssl_reject_handshake tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
183 ###############################################################################