Mercurial > hg > nginx-tests
annotate proxy_ssl_certificate_empty.t @ 1976:4e79bd25642f default tip
Tests: added test for headers without a colon.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Sat, 11 May 2024 18:56:23 +0300 |
| parents | 2a0a6035a1af |
| children |
| rev | line source |
|---|---|
|
1799
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http proxy module with proxy certificate to ssl backend. |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 # The proxy_ssl_certificate directive empty value cancels inheritance. |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 ############################################################################### |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use warnings; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 use strict; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 use Test::More; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use lib 'lib'; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use Test::Nginx; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 my $t = Test::Nginx->new()->has(qw/http http_ssl proxy/) |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 ->has_daemon('openssl'); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 daemon off; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 events { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 http { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 %%TEST_GLOBALS_HTTP%% |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 server { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 listen 127.0.0.1:8080; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 server_name localhost; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 proxy_ssl_session_reuse off; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 proxy_ssl_certificate 1.example.com.crt; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 proxy_ssl_certificate_key 1.example.com.key; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 location /verify { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 proxy_pass https://127.0.0.1:8081/; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 location /cancel { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 proxy_pass https://127.0.0.1:8081/; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 proxy_ssl_certificate ""; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 proxy_ssl_certificate_key ""; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 server { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 listen 127.0.0.1:8081 ssl; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 server_name localhost; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 ssl_certificate 2.example.com.crt; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 ssl_certificate_key 2.example.com.key; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 ssl_verify_client optional; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 ssl_client_certificate 1.example.com.crt; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 location / { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 add_header X-Verify $ssl_client_verify; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 EOF |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 $t->write_file('openssl.conf', <<EOF); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 [ req ] |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 default_bits = 2048 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 encrypt_key = no |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 distinguished_name = req_distinguished_name |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 [ req_distinguished_name ] |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 EOF |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 my $d = $t->testdir(); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 foreach my $name ('1.example.com', '2.example.com') { |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 system('openssl req -x509 -new ' |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 . "-out $d/$name.crt -keyout $d/$name.key " |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 . ">>$d/openssl.out 2>&1") == 0 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 or die "Can't create certificate for $name: $!\n"; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 } |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 sleep 1 if $^O eq 'MSWin32'; |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 $t->write_file('index.html', ''); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
|
1937
2a0a6035a1af
Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1799
diff
changeset
|
101 $t->run()->plan(2); |
|
1799
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 ############################################################################### |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 like(http_get('/verify'), qr/X-Verify: SUCCESS/ms, 'verify certificate'); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 like(http_get('/cancel'), qr/X-Verify: NONE/ms, 'cancel certificate'); |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
|
29f4d48b5b31
Tests: proxy_ssl_certificate inheritance test with empty value.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 ############################################################################### |