nginx-tests: proxy_ssl.t annotate

annotate proxy_ssl.t @ 1974:b5036a0f9ae0 default tip

Tests: improved compatibility when using recent "openssl" app. Starting with OpenSSL 3.0, "openssl genrsa" generates encrypted keys in PKCS#8 format instead of previously used PKCS#1 format. Further, since OpenSSL 1.1.0 such keys are using PBKDF2 hmacWithSHA256. Such keys are not supported by old SSL libraries, notably by OpenSSL before 1.0.0 (OpenSSL 0.9.8 only supports hmacWithSHA1) and by BoringSSL before May 21, 2019 (support for hmacWithSHA256 was added in 302a4dee6c), and trying to load such keys into nginx compiled with an old SSL library results in "unsupported prf" errors. To facilitate testing with old SSL libraries, keys are now generated with "openssl genrsa -traditional" if the flag is available.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Mon, 06 May 2024 00:04:26 +0300
parents	cdcd75657e52
children

rev	line source
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	1 #!/usr/bin/perl
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	2
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	3 # (C) Nginx, Inc.
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	4
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	5 # Tests for proxy to ssl backend.
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	6
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	7 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	8
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	9 use warnings;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	10 use strict;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	11
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	12 use Test::More;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	13
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	14 BEGIN { use FindBin; chdir($FindBin::Bin); }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	15
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	16 use lib 'lib';
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	17 use Test::Nginx;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	18
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	19 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	20
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	21 select STDERR; $\| = 1;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	22 select STDOUT; $\| = 1;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	23
1858 cdcd75657e52 Tests: added has_feature() tests for IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1839 diff changeset	24 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/)
cdcd75657e52 Tests: added has_feature() tests for IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1839 diff changeset	25 ->has_daemon('openssl')->plan(8)
cdcd75657e52 Tests: added has_feature() tests for IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1839 diff changeset	26 ->write_file_expand('nginx.conf', <<'EOF');
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	27
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	28 %%TEST_GLOBALS%%
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	29
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	30 daemon off;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	31
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	32 events {
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	33 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	34
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	35 http {
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	36 %%TEST_GLOBALS_HTTP%%
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	37
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	38 server {
974 882267679006 Tests: simplified parallel modifications in tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 952 diff changeset	39 listen 127.0.0.1:8081 ssl;
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	40
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	41 ssl_certificate_key localhost.key;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	42 ssl_certificate localhost.crt;
437 8b4a6b8691eb Tests: set ssl_session_cache. Sergey Kandaurov <pluknet@nginx.com> parents: 435 diff changeset	43 ssl_session_cache builtin;
435 a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	44
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	45 location / {
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	46 add_header X-Session $ssl_session_reused;
1839 ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	47 add_header X-Protocol $ssl_protocol;
435 a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	48 }
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	49 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	50
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	51 server {
974 882267679006 Tests: simplified parallel modifications in tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 952 diff changeset	52 listen 127.0.0.1:8080;
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	53 server_name localhost;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	54
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	55 location /ssl_reuse {
974 882267679006 Tests: simplified parallel modifications in tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 952 diff changeset	56 proxy_pass https://127.0.0.1:8081/;
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	57 proxy_ssl_session_reuse on;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	58 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	59
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	60 location /ssl {
974 882267679006 Tests: simplified parallel modifications in tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 952 diff changeset	61 proxy_pass https://127.0.0.1:8081/;
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	62 proxy_ssl_session_reuse off;
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	63 }
732 984bfe661cce Tests: stream and http proxy_connect_timeout tests. Sergey Kandaurov <pluknet@nginx.com> parents: 437 diff changeset	64
984bfe661cce Tests: stream and http proxy_connect_timeout tests. Sergey Kandaurov <pluknet@nginx.com> parents: 437 diff changeset	65 location /timeout {
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	66 proxy_pass https://127.0.0.1:8082;
1264 eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	67 proxy_connect_timeout 3s;
732 984bfe661cce Tests: stream and http proxy_connect_timeout tests. Sergey Kandaurov <pluknet@nginx.com> parents: 437 diff changeset	68 }
1080 cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	69
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	70 location /timeout_h {
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	71 proxy_pass https://127.0.0.1:8083;
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	72 proxy_connect_timeout 1s;
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	73 }
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	74 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	75 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	76
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	77 EOF
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	78
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	79 $t->write_file('openssl.conf', <<EOF);
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	80 [ req ]
1488 dbce8fb5f5f8 Tests: align with OpenSSL security level 2. Sergey Kandaurov <pluknet@nginx.com> parents: 1264 diff changeset	81 default_bits = 2048
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	82 encrypt_key = no
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	83 distinguished_name = req_distinguished_name
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	84 [ req_distinguished_name ]
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	85 EOF
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	86
1523 5a55da6aed13 Tests: extended proxy_ssl.t for more ngx_ssl_recv_chain() cases. Sergey Kandaurov <pluknet@nginx.com> parents: 1488 diff changeset	87 $t->write_file('big.html', 'xxxxxxxxxx' x 72000);
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	88 $t->write_file('index.html', '');
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	89
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	90 my $d = $t->testdir();
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	91
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	92 foreach my $name ('localhost') {
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	93 system('openssl req -x509 -new '
1220 0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1197 diff changeset	94 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls. Sergey Kandaurov <pluknet@nginx.com> parents: 1197 diff changeset	95 . "-out $d/$name.crt -keyout $d/$name.key "
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	96 . ">>$d/openssl.out 2>&1") == 0
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	97 or die "Can't create certificate for $name: $!\n";
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	98 }
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	99
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	100 $t->run_daemon(\&http_daemon, port(8082));
1080 cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	101 $t->run_daemon(\&http_daemon, port(8083));
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	102 $t->run();
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	103 $t->waitforsocket('127.0.0.1:' . port(8082));
1080 cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	104 $t->waitforsocket('127.0.0.1:' . port(8083));
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	105
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	106 ###############################################################################
ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	107
435 a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	108 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl');
a7d04159e52b Tests: completed proxy_ssl_session_reuse tests. Sergey Kandaurov <pluknet@nginx.com> parents: 311 diff changeset	109 like(http_get('/ssl'), qr/200 OK.*X-Session: \./s, 'ssl 2');
1196 68c8f2778c50 Tests: consistent proxy ssl test names. Sergey Kandaurov <pluknet@nginx.com> parents: 1116 diff changeset	110 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: \./s, 'ssl session new');
1839 ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	111
ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	112 TODO: {
ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	113 local $TODO = 'no TLS 1.3 sessions in LibreSSL'
ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	114 if $t->has_module('LibreSSL') && http_get('/ssl') =~ /TLSv1.3/;
ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	115
1196 68c8f2778c50 Tests: consistent proxy ssl test names. Sergey Kandaurov <pluknet@nginx.com> parents: 1116 diff changeset	116 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: r/s, 'ssl session reused');
1197 155573499f20 Tests: more ssl session tests. Sergey Kandaurov <pluknet@nginx.com> parents: 1196 diff changeset	117 like(http_get('/ssl_reuse'), qr/200 OK.*X-Session: r/s, 'ssl session reused 2');
1264 eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	118
1839 ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	119 }
ebc6e5afe597 Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3. Maxim Dounin <mdounin@mdounin.ru> parents: 1523 diff changeset	120
1264 eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	121 SKIP: {
eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	122 skip 'long test', 1 unless $ENV{TEST_NGINX_UNSAFE};
eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	123
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	124 like(http_get('/timeout'), qr/200 OK/, 'proxy connect timeout');
1264 eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	125
eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	126 }
eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	127
1080 cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	128 like(http_get('/timeout_h'), qr/504 Gateway/, 'proxy handshake timeout');
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	129
1523 5a55da6aed13 Tests: extended proxy_ssl.t for more ngx_ssl_recv_chain() cases. Sergey Kandaurov <pluknet@nginx.com> parents: 1488 diff changeset	130 is(length(Test::Nginx::http_content(http_get('/ssl/big.html'))), 720000,
5a55da6aed13 Tests: extended proxy_ssl.t for more ngx_ssl_recv_chain() cases. Sergey Kandaurov <pluknet@nginx.com> parents: 1488 diff changeset	131 'big length');
5a55da6aed13 Tests: extended proxy_ssl.t for more ngx_ssl_recv_chain() cases. Sergey Kandaurov <pluknet@nginx.com> parents: 1488 diff changeset	132
311 ad164c14058a Tests: basic proxy tests to ssl backend. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	133 ###############################################################################
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	134
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	135 sub http_daemon {
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	136 my ($port) = @_;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	137 my $server = IO::Socket::INET->new(
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	138 Proto => 'tcp',
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	139 LocalHost => '127.0.0.1:' . $port,
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	140 Listen => 5,
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	141 Reuse => 1
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	142 )
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	143 or die "Can't create listening socket: $!\n";
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	144
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	145 local $SIG{PIPE} = 'IGNORE';
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	146
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	147 while (my $client = $server->accept()) {
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	148 $client->autoflush(1);
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	149
1080 cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	150 if ($port == port(8083)) {
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	151 sleep 3;
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	152
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	153 close $client;
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	154 next;
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	155 }
cd4395a68fc6 Tests: proxy ssl test with handshake timeout (ticket #1126). Andrey Zelenkov <zelenkov@nginx.com> parents: 1079 diff changeset	156
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	157 my $headers = '';
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	158 my $uri = '';
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	159
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	160 # would fail on waitforsocket
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	161
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	162 eval {
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	163 IO::Socket::SSL->start_SSL($client,
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	164 SSL_server => 1,
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	165 SSL_cert_file => "$d/localhost.crt",
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	166 SSL_key_file => "$d/localhost.key",
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	167 SSL_error_trap => sub { die $_[1] }
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	168 );
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	169 };
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	170 next if $@;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	171
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	172 while (<$client>) {
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	173 $headers .= $_;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	174 last if (/^\x0d?\x0a?$/);
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	175 }
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	176
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	177 $uri = $1 if $headers =~ /^\S+\s+([^ ]+)\s+HTTP/i;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	178 next if $uri eq '';
1084 ce3d15edbf05 Tests: whitespace fix. Sergey Kandaurov <pluknet@nginx.com> parents: 1080 diff changeset	179
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	180 if ($uri eq '/timeout') {
1264 eb727c5ccef6 Tests: adjust proxy_ssl.t connect timeout test and mark it unsafe. Sergey Kandaurov <pluknet@nginx.com> parents: 1251 diff changeset	181 sleep 4;
1079 cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	182
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	183 print $client <<EOF;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	184 HTTP/1.1 200 OK
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	185 Connection: close
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	186
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	187 EOF
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	188 }
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	189
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	190 close $client;
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	191 }
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	192 }
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	193
cbc8641a204e Tests: fixed "proxy connect timeout" http tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 974 diff changeset	194 ###############################################################################

Mercurial > hg > nginx-tests

annotate proxy_ssl.t @ 1974:b5036a0f9ae0 default tip