nginx-tests: ssl_verify_depth.t annotate

annotate ssl_verify_depth.t @ 1427:eb1d883305ea

Tests: avoid edge cases in upstream random two test. Unavailable servers contribute to the number of attempts, if selected, before the balancer would fall back to the default round-robin method. This means that it's quite possible to get server with more connections. To facilitate with selecting two alive servers, down server was removed from the upstream configuration at the cost of slightly worse coverage.

author	Sergey Kandaurov <pluknet@nginx.com>
date	Thu, 10 Jan 2019 17:42:34 +0300
parents	4e48bf51714f
children	dbce8fb5f5f8

rev	line source
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	1 #!/usr/bin/perl
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	2
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	3 # (C) Sergey Kandaurov
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	4 # (C) Nginx, Inc.
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	5
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	6 # Tests for http ssl module, ssl_verify_depth.
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	7
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	8 ###############################################################################
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	9
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	10 use warnings;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	11 use strict;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	12
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	13 use Test::More;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	14
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	15 BEGIN { use FindBin; chdir($FindBin::Bin); }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	16
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	17 use lib 'lib';
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	18 use Test::Nginx;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	19
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	20 ###############################################################################
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	21
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	22 select STDERR; $\| = 1;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	23 select STDOUT; $\| = 1;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	24
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	25 eval { require IO::Socket::SSL; };
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	26 plan(skip_all => 'IO::Socket::SSL not installed') if $@;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	27 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	28 plan(skip_all => 'IO::Socket::SSL too old') if $@;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	29
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	30 my $t = Test::Nginx->new()->has(qw/http http_ssl/)
1117 3e2af4dedd9c Tests: ssl_verify_depth.t cleanup. Sergey Kandaurov <pluknet@nginx.com> parents: 1115 diff changeset	31 ->has_daemon('openssl')->plan(2);
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	32
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	33 $t->write_file_expand('nginx.conf', <<'EOF');
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	34
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	35 %%TEST_GLOBALS%%
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	36
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	37 daemon off;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	38
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	39 events {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	40 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	41
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	42 http {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	43 %%TEST_GLOBALS_HTTP%%
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	44
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	45 ssl_certificate_key localhost.key;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	46 ssl_certificate localhost.crt;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	47
1117 3e2af4dedd9c Tests: ssl_verify_depth.t cleanup. Sergey Kandaurov <pluknet@nginx.com> parents: 1115 diff changeset	48 ssl_verify_client on;
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	49 ssl_client_certificate int-root.crt;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	50
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	51 add_header X-Verify $ssl_client_verify;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	52
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	53 server {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	54 listen 127.0.0.1:8080 ssl;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	55 server_name localhost;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	56 ssl_verify_depth 0;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	57 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	58 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	59
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	60 EOF
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	61
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	62 my $d = $t->testdir();
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	63
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	64 $t->write_file('openssl.conf', <<EOF);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	65 [ req ]
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	66 default_bits = 1024
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	67 encrypt_key = no
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	68 distinguished_name = req_distinguished_name
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	69 [ req_distinguished_name ]
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	70 EOF
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	71
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	72 $t->write_file('ca.conf', <<EOF);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	73 [ ca ]
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	74 default_ca = myca
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	75
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	76 [ myca ]
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	77 new_certs_dir = $d
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	78 database = $d/certindex
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	79 default_md = sha1
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	80 policy = myca_policy
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	81 serial = $d/certserial
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	82 default_days = 1
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	83
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	84 [ myca_policy ]
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	85 commonName = supplied
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	86 EOF
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	87
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	88 foreach my $name ('root', 'localhost') {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	89 system('openssl req -x509 -new '
1220 0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	90 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	91 . "-out $d/$name.crt -keyout $d/$name.key "
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	92 . ">>$d/openssl.out 2>&1") == 0
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	93 or die "Can't create certificate for $name: $!\n";
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	94 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	95
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	96 foreach my $name ('int', 'end') {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	97 system("openssl req -new "
1220 0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	98 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	99 . "-out $d/$name.csr -keyout $d/$name.key "
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	100 . ">>$d/openssl.out 2>&1") == 0
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	101 or die "Can't create certificate for $name: $!\n";
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	102 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	103
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	104 $t->write_file('certserial', '1000');
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	105 $t->write_file('certindex', '');
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	106
1220 0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	107 system("openssl ca -batch -config $d/ca.conf "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	108 . "-keyfile $d/root.key -cert $d/root.crt "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	109 . "-subj /CN=int/ -in $d/int.csr -out $d/int.crt "
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	110 . ">>$d/openssl.out 2>&1") == 0
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	111 or die "Can't sign certificate for int: $!\n";
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	112
1220 0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	113 system("openssl ca -batch -config $d/ca.conf "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	114 . "-keyfile $d/int.key -cert $d/int.crt "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1124 diff changeset	115 . "-subj /CN=end/ -in $d/end.csr -out $d/end.crt "
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	116 . ">>$d/openssl.out 2>&1") == 0
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	117 or die "Can't sign certificate for end: $!\n";
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	118
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	119 $t->write_file('int-root.crt',
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	120 $t->read_file('int.crt') . $t->read_file('root.crt'));
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	121
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	122 $t->write_file('t', '');
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	123 $t->run();
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	124
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	125 ###############################################################################
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	126
1117 3e2af4dedd9c Tests: ssl_verify_depth.t cleanup. Sergey Kandaurov <pluknet@nginx.com> parents: 1115 diff changeset	127 like(get(8080, 'root'), qr/SUCCESS/, 'verify depth');
3e2af4dedd9c Tests: ssl_verify_depth.t cleanup. Sergey Kandaurov <pluknet@nginx.com> parents: 1115 diff changeset	128 like(get(8080, 'end'), qr/400 Bad Request/, 'verify depth limited');
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	129
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	130 ###############################################################################
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	131
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	132 sub get {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	133 my ($port, $cert) = @_;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	134 my $s = get_ssl_socket($port, $cert) or return;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	135 http_get('/t', socket => $s);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	136 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	137
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	138 sub get_ssl_socket {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	139 my ($port, $cert) = @_;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	140 my ($s);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	141
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	142 eval {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	143 local $SIG{ALRM} = sub { die "timeout\n" };
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	144 local $SIG{PIPE} = sub { die "sigpipe\n" };
1421 4e48bf51714f Tests: aligned various generic read timeouts to http_end(). Sergey Kandaurov <pluknet@nginx.com> parents: 1407 diff changeset	145 alarm(8);
1115 54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	146 $s = IO::Socket::SSL->new(
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	147 Proto => 'tcp',
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	148 PeerAddr => '127.0.0.1',
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	149 PeerPort => port($port),
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	150 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	151 SSL_cert_file => "$d/$cert.crt",
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	152 SSL_key_file => "$d/$cert.key",
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	153 SSL_error_trap => sub { die $_[1] }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	154 );
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	155 alarm(0);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	156 };
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	157 alarm(0);
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	158
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	159 if ($@) {
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	160 log_in("died: $@");
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	161 return undef;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	162 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	163
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	164 return $s;
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	165 }
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	166
54e07593713a Tests: ssl_verify_depth tests. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	167 ###############################################################################

Mercurial > hg > nginx-tests

annotate ssl_verify_depth.t @ 1427:eb1d883305ea