Mercurial > hg > nginx-tests

annotate ssl_sni_reneg.t @ 1585:bff287fbf347

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added proxy_cookie_domain/path tests with "off" parameter.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 23 Jul 2020 12:17:39 +0300
parents 144c6ce732e4
children fd440d324700
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for http ssl module with SNI and renegotiation.
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 use Socket qw/ :DEFAULT CRLF /;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 BEGIN { use FindBin; chdir($FindBin::Bin); }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19 use lib 'lib';
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 use Test::Nginx;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22 ###############################################################################
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 select STDERR; $| = 1;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25 select STDOUT; $| = 1;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27 eval {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28 require Net::SSLeay;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29 Net::SSLeay::load_error_strings();
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30 Net::SSLeay::SSLeay_add_ssl_algorithms();
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31 Net::SSLeay::randomize();
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 };
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33 plan(skip_all => 'Net::SSLeay not installed') if $@;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35 eval {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 my $ctx = Net::SSLeay::CTX_new() or die;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 my $ssl = Net::SSLeay::new($ctx) or die;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39 };
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41
1387
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
42 my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl');
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 $t->write_file_expand('nginx.conf', <<'EOF');
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 %%TEST_GLOBALS%%
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 daemon off;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 events {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 http {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54 %%TEST_GLOBALS_HTTP%%
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 ssl_certificate_key localhost.key;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 ssl_certificate localhost.crt;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
60 listen 127.0.0.1:8080 ssl;
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
61 listen 127.0.0.1:8081 ssl;
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 server_name localhost;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 location / { }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 }
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
66
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
67 server {
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
68 listen 127.0.0.1:8081 ssl;
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
69 server_name localhost2;
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
70
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
71 location / { }
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
72 }
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 EOF
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77 $t->write_file('openssl.conf', <<EOF);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1421
diff changeset
79 default_bits = 2048
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 encrypt_key = no
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 distinguished_name = req_distinguished_name
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82 [ req_distinguished_name ]
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 EOF
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 my $d = $t->testdir();
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 foreach my $name ('localhost') {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1173
diff changeset
89 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1173
diff changeset
90 . "-out $d/$name.crt -keyout $d/$name.key "
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91 . ">>$d/openssl.out 2>&1") == 0
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92 or die "Can't create certificate for $name: $!\n";
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
93 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 $t->run();
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96
1387
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
97 {
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
98 my (undef, $ssl) = get_ssl_socket(8080);
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
99 plan(skip_all => "TLS 1.3 forbids renegotiation")
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
100 if Net::SSLeay::version($ssl) > 0x0303;
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
101 }
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
102
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
103 $t->plan(8);
ad3cb6f451a5 Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1380
diff changeset
104
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 ###############################################################################
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
107 my ($s, $ssl) = get_ssl_socket(8080);
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108 ok($s, 'connection');
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110 SKIP: {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 skip 'connection failed', 3 unless $s;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112
1173
1a54d45d5587 Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
113 local $SIG{PIPE} = 'IGNORE';
1a54d45d5587 Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1116
diff changeset
114
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 Net::SSLeay::write($ssl, 'GET / HTTP/1.0' . CRLF);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation');
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI');
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121
1377
09c2291b2bab Tests: relaxed test for no response on SSL renegotiation attempt.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
122 ok(!Net::SSLeay::read($ssl), 'response');
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
126 # virtual servers
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
127
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
128 ($s, $ssl) = get_ssl_socket(8081);
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
129 ok($s, 'connection 2');
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
130
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
131 SKIP: {
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
132 skip 'connection failed', 3 unless $s;
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
133
1409
0bc5bd58d9de Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1407
diff changeset
134 local $SIG{PIPE} = 'IGNORE';
0bc5bd58d9de Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1407
diff changeset
135
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
136 Net::SSLeay::write($ssl, 'GET / HTTP/1.0' . CRLF);
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
137
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
138 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation');
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
139 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI');
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
140
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
141 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF);
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
142
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
143 ok(!Net::SSLeay::read($ssl), 'virtual servers');
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
144
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
145 }
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
146
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 ###############################################################################
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
149 sub get_ssl_socket {
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
150 my ($port) = @_;
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
151 my $s;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153 my $dest_ip = inet_aton('127.0.0.1');
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
154 my $dest_serv_params = sockaddr_in(port($port), $dest_ip);
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156 eval {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
157 local $SIG{ALRM} = sub { die "timeout\n" };
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
158 local $SIG{PIPE} = sub { die "sigpipe\n" };
1421
4e48bf51714f Tests: aligned various generic read timeouts to http_end().
Sergey Kandaurov <pluknet@nginx.com>
parents: 1411
diff changeset
159 alarm(8);
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160 socket($s, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161 connect($s, $dest_serv_params) or die "connect: $!";
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
162 alarm(0);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
163 };
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
164 alarm(0);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
165
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166 if ($@) {
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
167 log_in("died: $@");
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
168 return undef;
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
169 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
170
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
171 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!");
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
172 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
1102
89d7d4d1be40 Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1020
diff changeset
173 Net::SSLeay::set_fd($ssl, fileno($s));
1380
f50c7d90f5c9 Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents: 1377
diff changeset
174 Net::SSLeay::set_tlsext_host_name($ssl, 'localhost');
807
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
175 Net::SSLeay::connect($ssl) or die("ssl connect");
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
176
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
177 return ($s, $ssl);
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
178 }
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
179
5540ee8a12ce Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
180 ###############################################################################