Mercurial > hg > nginx-tests

annotate ssl_session_ticket_key.t @ 1976:4e79bd25642f default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added test for headers without a colon.
author Maxim Dounin <mdounin@mdounin.ru>
date Sat, 11 May 2024 18:56:23 +0300
parents ab45ee8011df
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for rotation of SSL session ticket keys.
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 use lib 'lib';
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
18 use Test::Nginx qw/ :DEFAULT http_end /;
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22 select STDERR; $| = 1;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 select STDOUT; $| = 1;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
25 eval { require Net::SSLeay; die if $Net::SSLeay::VERSION < 1.86; };
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 plan(skip_all => 'Net::SSLeay version => 1.86 required') if $@;
1869
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
27 eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 2.030; };
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
28 plan(skip_all => 'IO::Socket::SSL version => 2.030 required') if $@;
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29
1971
ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1966
diff changeset
30 my $t = Test::Nginx->new()->has(qw/http http_ssl tickets socket_ssl/)
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
31 ->has_daemon('openssl')->plan(2)
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
32 ->write_file_expand('nginx.conf', <<'EOF');
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 %%TEST_GLOBALS%%
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 daemon off;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 worker_processes 2;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39 events {
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 http {
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43 %%TEST_GLOBALS_HTTP%%
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45 ssl_certificate_key localhost.key;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 ssl_certificate localhost.crt;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
48 add_header X-SSL-Protocol $ssl_protocol;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
49
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 server {
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
51 listen 127.0.0.1:8443 ssl;
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 server_name localhost;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54 ssl_session_cache shared:SSL:1m;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55 ssl_session_timeout 2;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 EOF
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
61 $t->write_file('openssl.conf', <<EOF);
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 [ req ]
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 default_bits = 2048
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 encrypt_key = no
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 distinguished_name = req_distinguished_name
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66 [ req_distinguished_name ]
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 EOF
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69 my $d = $t->testdir();
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 foreach my $name ('localhost') {
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 system('openssl req -x509 -new '
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 . "-config $d/openssl.conf -subj /CN=$name/ "
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74 . "-out $d/$name.crt -keyout $d/$name.key "
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75 . ">>$d/openssl.out 2>&1") == 0
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 or die "Can't create certificate for $name: $!\n";
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
79 $t->write_file('index.html', '');
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
80
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 $t->run();
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 # the test uses multiple worker processes to check shared tickey key rotation
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86 #
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 # before 1.23.2, any test can fail depending on which worker served connection:
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 # the 1st test fails if served by another worker, because keys aren't shared
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 # the 2nd test fails if served by the same worker due to the lack of rotation
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90 #
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91 # with a single worker process it is only the 2nd test that fails
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
93 local $TODO = 'not yet' unless $t->has_version('1.23.2');
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
94
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 my $key = get_ticket_key_name();
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 select undef, undef, undef, 0.5;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98 is(get_ticket_key_name(), $key, 'ticket key match');
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100 select undef, undef, undef, 2.5;
1840
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
101
1971
ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1966
diff changeset
102 local $TODO = 'no ticket key callback'
ab45ee8011df Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1966
diff changeset
103 if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8h');
1869
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
104 local $TODO = 'no TLSv1.3 sessions, old Net::SSLeay'
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
105 if $Net::SSLeay::VERSION < 1.88 && test_tls13();
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
106 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
5c50786e5da9 Tests: unbreak ssl_session_ticket_key.t with old IO::Socket::SSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1865
diff changeset
107 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
1840
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
108 local $TODO = 'no TLSv1.3 sessions in LibreSSL'
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
109 if $t->has_module('LibreSSL') && test_tls13();
1966
c924ae8d7104 Tests: session reuse handling with Net::SSLeay with LibreSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1869
diff changeset
110 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)'
c924ae8d7104 Tests: session reuse handling with Net::SSLeay with LibreSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1869
diff changeset
111 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13();
1840
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
112
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
113 cmp_ok(get_ticket_key_name(), 'ne', $key, 'ticket key next');
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 ###############################################################################
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117 sub get_ticket_key_name {
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
118 my $asn = get_ssl_session();
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119 my $any = qr/[\x00-\xff]/;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120 next:
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121 # tag(10) | len{2} | OCTETSTRING(4) | len{2} | ticket(key_name|..)
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 $asn =~ /\xaa\x81($any)\x04\x81($any)($any{16})/g;
1840
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
123 return '' if !defined $3;
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 goto next if unpack("C", $1) - unpack("C", $2) != 3;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 my $key = unpack "H*", $3;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126 Test::Nginx::log_core('||', "ticket key: $key");
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127 return $key;
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 sub get_ssl_session {
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
131 my $cache = IO::Socket::SSL::Session_Cache->new(100);
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
133 my $s = http_get(
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
134 '/', start => 1,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
135 SSL => 1,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
136 SSL_session_cache => $cache,
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
137 SSL_session_key => 1
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
138 );
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
140 return unless $s;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
141 http_end($s);
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
142
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
143 my $sess = $cache->get_session(1);
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
144 return '' unless defined $sess;
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
145 return Net::SSLeay::i2d_SSL_SESSION($sess);
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147
1840
0381a0a212e1 Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1816
diff changeset
148 sub test_tls13 {
1865
0e1865aa9b33 Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1840
diff changeset
149 return http_get('/', SSL => 1) =~ /TLSv1.3/;
1816
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
150 }
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
151
5817625792bd Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152 ###############################################################################