Mercurial > hg > nginx-tests
annotate proxy_ssl.t @ 1021:ebdf239722b9
Tests: relaxed proxy_cache_lock.t nolock tests to fix on Solaris.
Assumed that the order of responses being arrived in nolock case may be ignored.
An important part of such case is that the only last response should be cached.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Fri, 02 Sep 2016 12:17:35 +0300 |
| parents | 882267679006 |
| children | cbc8641a204e |
| rev | line source |
|---|---|
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Nginx, Inc. |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 # Tests for proxy to ssl backend. |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 ############################################################################### |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 use warnings; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use strict; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 use Test::More; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 use lib 'lib'; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use Test::Nginx; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 ############################################################################### |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 select STDERR; $| = 1; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 select STDOUT; $| = 1; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') |
|
732
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
25 ->plan(5)->write_file_expand('nginx.conf', <<'EOF'); |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 %%TEST_GLOBALS%% |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 daemon off; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 events { |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 http { |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 %%TEST_GLOBALS_HTTP%% |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
38 listen 127.0.0.1:8081 ssl; |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 ssl_certificate_key localhost.key; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 ssl_certificate localhost.crt; |
|
437
8b4a6b8691eb
Tests: set ssl_session_cache.
Sergey Kandaurov <pluknet@nginx.com>
parents:
435
diff
changeset
|
42 ssl_session_cache builtin; |
|
435
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
43 |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
44 location / { |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
45 add_header X-Session $ssl_session_reused; |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
46 } |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
50 listen 127.0.0.1:8080; |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 server_name localhost; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 location /ssl_reuse { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
54 proxy_pass https://127.0.0.1:8081/; |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 proxy_ssl_session_reuse on; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 location /ssl { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
59 proxy_pass https://127.0.0.1:8081/; |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 proxy_ssl_session_reuse off; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 } |
|
732
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
62 |
|
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
63 location /timeout { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
64 proxy_pass https://127.0.0.1:8081/; |
|
795
122cd3a82367
Tests: fixed 'proxy connect timeout' test timeouts on slow hosts.
Sergey Kandaurov <pluknet@nginx.com>
parents:
732
diff
changeset
|
65 proxy_connect_timeout 2s; |
|
732
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
66 } |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 EOF |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 $t->write_file('openssl.conf', <<EOF); |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 [ req ] |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 default_bits = 2048 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 encrypt_key = no |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 distinguished_name = req_distinguished_name |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 [ req_distinguished_name ] |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 EOF |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 $t->write_file('index.html', ''); |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 my $d = $t->testdir(); |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 foreach my $name ('localhost') { |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 system('openssl req -x509 -new ' |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 . "-config '$d/openssl.conf' -subj '/CN=$name/' " |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 . "-out '$d/$name.crt' -keyout '$d/$name.key' " |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 . ">>$d/openssl.out 2>&1") == 0 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 or die "Can't create certificate for $name: $!\n"; |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 } |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 $t->run(); |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 ############################################################################### |
|
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 |
|
435
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
96 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl'); |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
97 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl 2'); |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
98 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: \./s, 'ssl reuse session'); |
|
a7d04159e52b
Tests: completed proxy_ssl_session_reuse tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
311
diff
changeset
|
99 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: r/s, 'ssl reuse session 2'); |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
|
732
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
101 my $s = http('', start => 1); |
|
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
102 |
|
795
122cd3a82367
Tests: fixed 'proxy connect timeout' test timeouts on slow hosts.
Sergey Kandaurov <pluknet@nginx.com>
parents:
732
diff
changeset
|
103 sleep 3; |
|
732
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
104 |
|
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
105 like(http_get('/timeout', socket => $s), qr/200 OK/, 'proxy connect timeout'); |
|
984bfe661cce
Tests: stream and http proxy_connect_timeout tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
437
diff
changeset
|
106 |
|
311
ad164c14058a
Tests: basic proxy tests to ssl backend.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 ############################################################################### |