Mercurial > hg > nginx-tests
annotate ssl_sni_reneg.t @ 1857:da3889ba0b96
Tests: removed unneeded require from proxy_ssl_keepalive.t.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 18 May 2023 18:07:01 +0300 |
parents | 36a4563f7f00 |
children | 0e1865aa9b33 |
rev | line source |
---|---|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http ssl module with SNI and renegotiation. |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
1621
fd440d324700
Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1535
diff
changeset
|
15 use Socket qw/ CRLF /; |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 use Test::Nginx; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 eval { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 require Net::SSLeay; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 Net::SSLeay::load_error_strings(); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 Net::SSLeay::SSLeay_add_ssl_algorithms(); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 Net::SSLeay::randomize(); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 }; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 plan(skip_all => 'Net::SSLeay not installed') if $@; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 eval { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 my $ctx = Net::SSLeay::CTX_new() or die; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 my $ssl = Net::SSLeay::new($ctx) or die; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 }; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
1387
ad3cb6f451a5
Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1380
diff
changeset
|
42 my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl'); |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 $t->write_file_expand('nginx.conf', <<'EOF'); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 %%TEST_GLOBALS%% |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 daemon off; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 events { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 http { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 %%TEST_GLOBALS_HTTP%% |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 ssl_certificate_key localhost.key; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 ssl_certificate localhost.crt; |
1853
36a4563f7f00
Tests: stick ssl_sni_reneg.t with TLSv1.2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1621
diff
changeset
|
58 ssl_protocols TLSv1.2; |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 server { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
61 listen 127.0.0.1:8080 ssl; |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
62 listen 127.0.0.1:8081 ssl; |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 server_name localhost; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 location / { } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 } |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
67 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
68 server { |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
69 listen 127.0.0.1:8081 ssl; |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
70 server_name localhost2; |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
71 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
72 location / { } |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
73 } |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 EOF |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 $t->write_file('openssl.conf', <<EOF); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 [ req ] |
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
80 default_bits = 2048 |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 encrypt_key = no |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 distinguished_name = req_distinguished_name |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 [ req_distinguished_name ] |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 EOF |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 my $d = $t->testdir(); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 foreach my $name ('localhost') { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 system('openssl req -x509 -new ' |
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1173
diff
changeset
|
90 . "-config $d/openssl.conf -subj /CN=$name/ " |
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1173
diff
changeset
|
91 . "-out $d/$name.crt -keyout $d/$name.key " |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 . ">>$d/openssl.out 2>&1") == 0 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 or die "Can't create certificate for $name: $!\n"; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 $t->run(); |
1387
ad3cb6f451a5
Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1380
diff
changeset
|
97 $t->plan(8); |
ad3cb6f451a5
Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1380
diff
changeset
|
98 |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 ############################################################################### |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
101 my ($s, $ssl) = get_ssl_socket(8080); |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 ok($s, 'connection'); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 SKIP: { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 skip 'connection failed', 3 unless $s; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 |
1173
1a54d45d5587
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
107 local $SIG{PIPE} = 'IGNORE'; |
1a54d45d5587
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
108 |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 Net::SSLeay::write($ssl, 'GET / HTTP/1.0' . CRLF); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 |
1377
09c2291b2bab
Tests: relaxed test for no response on SSL renegotiation attempt.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
116 ok(!Net::SSLeay::read($ssl), 'response'); |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
120 # virtual servers |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
121 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
122 ($s, $ssl) = get_ssl_socket(8081); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
123 ok($s, 'connection 2'); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
124 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
125 SKIP: { |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
126 skip 'connection failed', 3 unless $s; |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
127 |
1409
0bc5bd58d9de
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1407
diff
changeset
|
128 local $SIG{PIPE} = 'IGNORE'; |
0bc5bd58d9de
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1407
diff
changeset
|
129 |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
130 Net::SSLeay::write($ssl, 'GET / HTTP/1.0' . CRLF); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
131 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
132 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
133 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
134 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
135 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
136 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
137 ok(!Net::SSLeay::read($ssl), 'virtual servers'); |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
138 |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
139 } |
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
140 |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 ############################################################################### |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 sub get_ssl_socket { |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
144 my ($port) = @_; |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 my $s; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 eval { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 local $SIG{ALRM} = sub { die "timeout\n" }; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 local $SIG{PIPE} = sub { die "sigpipe\n" }; |
1421
4e48bf51714f
Tests: aligned various generic read timeouts to http_end().
Sergey Kandaurov <pluknet@nginx.com>
parents:
1411
diff
changeset
|
150 alarm(8); |
1621
fd440d324700
Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1535
diff
changeset
|
151 $s = IO::Socket::INET->new('127.0.0.1:' . port($port)); |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
152 alarm(0); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
153 }; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
154 alarm(0); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
155 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
156 if ($@) { |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
157 log_in("died: $@"); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
158 return undef; |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
159 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
160 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
161 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
162 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!"); |
1102
89d7d4d1be40
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1020
diff
changeset
|
163 Net::SSLeay::set_fd($ssl, fileno($s)); |
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
164 Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'); |
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
165 Net::SSLeay::connect($ssl) or die("ssl connect"); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
166 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
167 return ($s, $ssl); |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
168 } |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
169 |
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
170 ############################################################################### |