Mercurial > hg > nginx-tests
annotate mail_imap_ssl.t @ 1817:c045fbb98e9a
Tests: revised tests for listen port ranges.
Renumbered testing ports to get more chance to execute when run in parallel.
Relaxed condition to skip tests only when the port range is out of sequence.
Adjacent port numbers out of a specified range aren't crucial to skip tests:
if not in sequence, statistically this will be caught in subsequent runs.
Unsafe tests that use wildcard addresses are moved to a separate file.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Fri, 23 Dec 2022 19:20:50 +0400 |
parents | 1522ab9d37b4 |
children | cdcd75657e52 |
rev | line source |
---|---|
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Maxim Dounin |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Sergey Kandaurov |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 # (C) Nginx, Inc. |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 # Tests for nginx mail imap module with ssl. |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 ############################################################################### |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use warnings; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 use strict; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 use Test::More; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 use MIME::Base64; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 BEGIN { use FindBin; chdir($FindBin::Bin); } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 use lib 'lib'; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 use Test::Nginx; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 use Test::Nginx::IMAP; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 ############################################################################### |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 select STDERR; $| = 1; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 select STDOUT; $| = 1; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 eval { require IO::Socket::SSL; }; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 plan(skip_all => 'IO::Socket::SSL not installed') if $@; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 plan(skip_all => 'IO::Socket::SSL too old') if $@; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 local $SIG{PIPE} = 'IGNORE'; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
976
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
36 my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap http rewrite/) |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
37 ->has_daemon('openssl')->plan(13) |
976
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
38 ->write_file_expand('nginx.conf', <<'EOF'); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 %%TEST_GLOBALS%% |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 daemon off; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 events { |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 mail { |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 proxy_pass_error_message on; |
1679
74986ebee2fd
Tests: added proxy_timeout in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1488
diff
changeset
|
49 proxy_timeout 15s; |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
50 auth_http http://127.0.0.1:8080/mail/auth; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 auth_http_pass_client_cert on; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 ssl_certificate_key 1.example.com.key; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 ssl_certificate 1.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
57 listen 127.0.0.1:8142; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 protocol imap; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
62 listen 127.0.0.1:8143 ssl; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 protocol imap; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 ssl_verify_client on; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 ssl_client_certificate 2.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
70 listen 127.0.0.1:8145 ssl; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 protocol imap; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 ssl_verify_client optional; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 ssl_client_certificate 2.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
78 listen 127.0.0.1:8146 ssl; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 protocol imap; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 ssl_verify_client optional; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 ssl_client_certificate 2.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 ssl_trusted_certificate 3.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
87 listen 127.0.0.1:8147 ssl; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 protocol imap; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 ssl_verify_client optional_no_ca; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 ssl_client_certificate 2.example.com.crt; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 http { |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 %%TEST_GLOBALS_HTTP%% |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 log_format test '$http_auth_ssl:$http_auth_ssl_verify:' |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 '$http_auth_ssl_subject:$http_auth_ssl_issuer:' |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 '$http_auth_ssl_serial:$http_auth_ssl_fingerprint:' |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
101 '$http_auth_ssl_cert:$http_auth_pass'; |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
102 log_format test2 '$http_auth_ssl_cipher:$http_auth_ssl_protocol'; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 server { |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
105 listen 127.0.0.1:8080; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 server_name localhost; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 location = /mail/auth { |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 access_log auth.log test; |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
110 access_log auth2.log test2; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 add_header Auth-Status OK; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 add_header Auth-Server 127.0.0.1; |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
114 add_header Auth-Port %%PORT_8144%%; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 add_header Auth-Wait 1; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 return 204; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 EOF |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 $t->write_file('openssl.conf', <<EOF); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 [ req ] |
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
125 default_bits = 2048 |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 encrypt_key = no |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 distinguished_name = req_distinguished_name |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 [ req_distinguished_name ] |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 EOF |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 my $d = $t->testdir(); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 foreach my $name ('1.example.com', '2.example.com', '3.example.com') { |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 system('openssl req -x509 -new ' |
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1085
diff
changeset
|
135 . "-config $d/openssl.conf -subj /CN=$name/ " |
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1085
diff
changeset
|
136 . "-out $d/$name.crt -keyout $d/$name.key " |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 . ">>$d/openssl.out 2>&1") == 0 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 or die "Can't create certificate for $name: $!\n"; |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
139 } |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 |
976
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
141 $t->run_daemon(\&Test::Nginx::IMAP::imap_test_daemon); |
a8b8dd6e8ae1
Tests: changed startup order in mail tests for consistency.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
970
diff
changeset
|
142 $t->run()->waitforsocket('127.0.0.1:' . port(8144)); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 ############################################################################### |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
146 my $cred = sub { encode_base64("\0test\@example.com\0$_[0]", '') }; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 my %ssl = ( |
753
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
148 SSL => 1, |
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
149 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
63d1b7cb974a
Tests: fixed IO::Socket::SSL options in mail_imap_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
623
diff
changeset
|
150 SSL_error_trap => sub { die $_[1] }, |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
151 ); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
152 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 # no ssl connection |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
154 |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
155 my $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8142)); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
156 $s->ok('plain connection'); |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
157 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s1")); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
158 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
159 # no cert |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
160 |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
161 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8143), %ssl); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
162 $s->check(qr/BYE No required SSL certificate/, 'no cert'); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
163 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
164 # no cert with ssl_verify_client optional |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
165 |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
166 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8145), %ssl); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
167 $s->ok('no optional cert'); |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
168 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s2")); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
169 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
170 # wrong cert with ssl_verify_client optional |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
171 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
172 $s = Test::Nginx::IMAP->new( |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
173 PeerAddr => '127.0.0.1:' . port(8145), |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
174 SSL_cert_file => "$d/1.example.com.crt", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
175 SSL_key_file => "$d/1.example.com.key", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
176 %ssl, |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
177 ); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
178 $s->check(qr/BYE SSL certificate error/, 'bad optional cert'); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
179 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
180 # wrong cert with ssl_verify_client optional_no_ca |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
181 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
182 $s = Test::Nginx::IMAP->new( |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
183 PeerAddr => '127.0.0.1:' . port(8147), |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
184 SSL_cert_file => "$d/1.example.com.crt", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
185 SSL_key_file => "$d/1.example.com.key", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
186 %ssl, |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
187 ); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
188 $s->ok('bad optional_no_ca cert'); |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
189 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s3")); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
190 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
191 # matching cert with ssl_verify_client optional |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
192 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
193 $s = Test::Nginx::IMAP->new( |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
194 PeerAddr => '127.0.0.1:' . port(8145), |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
195 SSL_cert_file => "$d/2.example.com.crt", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
196 SSL_key_file => "$d/2.example.com.key", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
197 %ssl, |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
198 ); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
199 $s->ok('good cert'); |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
200 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s4")); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
201 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
202 # trusted cert with ssl_verify_client optional |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
203 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
204 $s = Test::Nginx::IMAP->new( |
970
c227348453db
Tests: simplified parallel modifications in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
952
diff
changeset
|
205 PeerAddr => '127.0.0.1:' . port(8146), |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
206 SSL_cert_file => "$d/3.example.com.crt", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
207 SSL_key_file => "$d/3.example.com.key", |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
208 %ssl, |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
209 ); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
210 $s->ok('trusted cert'); |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
211 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s5")); |
1702
f0a02a429a59
Tests: fixed spurious mail_imap_ssl.t failures after 408fe0dd3fed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1701
diff
changeset
|
212 $s->read(); |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
213 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
214 # Auth-SSL-Protocol and Auth-SSL-Cipher headers |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
215 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
216 my ($cipher, $sslversion); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
217 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
218 if ($IO::Socket::SSL::VERSION >= 1.964) { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
219 $s = get_ssl_socket(8143); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
220 $cipher = $s->get_cipher(); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
221 $sslversion = $s->get_sslversion(); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
222 $sslversion =~ s/_/./; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
223 } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
224 |
1701
408fe0dd3fed
Tests: fixed mail_imap_ssl.t too long shutdown.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1679
diff
changeset
|
225 undef $s; |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
226 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
227 # test auth_http request header fields with access_log |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
228 |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
229 $t->stop(); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
230 |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
231 my $f = $t->read_file('auth.log'); |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
232 |
872
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
233 like($f, qr/^-:-:-:-:-:-:-\x0d?\x0a?:s1$/m, 'log - plain connection'); |
a07734ecb988
Tests: fixed mail_imap_ssl.t, notably on Solaris.
Sergey Kandaurov <pluknet@nginx.com>
parents:
797
diff
changeset
|
234 like($f, qr/^on:NONE:-:-:-:-:-\x0d?\x0a?:s2$/m, 'log - no cert'); |
1085
30a6fbab4e33
Tests: allow new $ssl_verify syntax.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1069
diff
changeset
|
235 like($f, qr!^on:FAILED(?:.*):(/?CN=1.example.com):\1:\w+:\w+:[^:]+:s3$!m, |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
236 'log - bad cert'); |
1069
1b11a12be179
Tests: pass both issuer/subject variable formats where appropriate.
Sergey Kandaurov <pluknet@nginx.com>
parents:
976
diff
changeset
|
237 like($f, qr!^on:SUCCESS:(/?CN=2.example.com):\1:\w+:\w+:[^:]+:s4$!m, |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
238 'log - good cert'); |
1069
1b11a12be179
Tests: pass both issuer/subject variable formats where appropriate.
Sergey Kandaurov <pluknet@nginx.com>
parents:
976
diff
changeset
|
239 like($f, qr!^on:SUCCESS:(/?CN=3.example.com):\1:\w+:\w+:[^:]+:s5$!m, |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
240 'log - trusted cert'); |
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
241 |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
242 SKIP: { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
243 skip 'IO::Socket::SSL version >= 1.964 required', 1 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
244 if $IO::Socket::SSL::VERSION < 1.964; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
245 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
246 TODO: { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
247 local $TODO = 'not yet' unless $t->has_version('1.21.2'); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
248 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
249 $f = $t->read_file('auth2.log'); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
250 like($f, qr|^$cipher:$sslversion$|m, 'log - cipher sslversion'); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
251 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
252 } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
253 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
254 } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
255 |
541
53d0d963eb40
Tests: basic imap ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
256 ############################################################################### |
1724
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
257 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
258 sub get_ssl_socket { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
259 my ($port) = @_; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
260 my $s; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
261 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
262 eval { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
263 local $SIG{ALRM} = sub { die "timeout\n" }; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
264 local $SIG{PIPE} = sub { die "sigpipe\n" }; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
265 alarm(8); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
266 $s = IO::Socket::SSL->new( |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
267 Proto => 'tcp', |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
268 PeerAddr => '127.0.0.1:' . port($port), |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
269 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
270 SSL_error_trap => sub { die $_[1] } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
271 ); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
272 alarm(0); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
273 }; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
274 alarm(0); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
275 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
276 if ($@) { |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
277 log_in("died: $@"); |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
278 return undef; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
279 } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
280 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
281 return $s; |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
282 } |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
283 |
1522ab9d37b4
Tests: Auth-SSL-Protocol and Auth-SSL-Cipher tests (ticket #2134).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1702
diff
changeset
|
284 ############################################################################### |