Mercurial > hg > nginx-tests

annotate stream_proxy_ssl_verify.t @ 1982:fb25cbe9d4ec default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: explicit Valgrind support. Valgrind logging is done to a separate file, as it is not able to follow stderr redirection within nginx or append to a file without corrupting it. Further, Valgrind logging seems to interfere with error suppression in tests, and catches various startup errors and warnings, so the log is additionally filtered. Since startup under Valgrind can be really slow, timeout in waitforfile() was changed to 10 seconds. Prodded by Robert Mueller.
author Maxim Dounin <mdounin@mdounin.ru>
date Fri, 31 May 2024 06:23:00 +0300
parents f3ba4c74de31
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Stream tests for proxy to ssl backend, backend certificate verification.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 use lib 'lib';
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18 use Test::Nginx;
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
19 use Test::Nginx::Stream qw/ stream /;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 select STDERR; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 select STDOUT; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
26 my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/)
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
27 ->has_daemon('openssl')->plan(6);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
29 $t->write_file_expand('nginx.conf', <<'EOF');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31 %%TEST_GLOBALS%%
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33 daemon off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35 events {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 stream {
1609
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
39 %%TEST_GLOBALS_STREAM%%
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
40
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41 proxy_ssl on;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 proxy_ssl_verify on;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
45 listen 127.0.0.1:8080;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
46 proxy_pass 127.0.0.1:8086;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 proxy_ssl_name example.com;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49 proxy_ssl_trusted_certificate 1.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
53 listen 127.0.0.1:8081;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
54 proxy_pass 127.0.0.1:8086;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 proxy_ssl_name foo.example.com;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 proxy_ssl_trusted_certificate 1.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
61 listen 127.0.0.1:8082;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
62 proxy_pass 127.0.0.1:8086;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 proxy_ssl_name no.match.example.com;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 proxy_ssl_trusted_certificate 1.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
69 listen 127.0.0.1:8083;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
70 proxy_pass 127.0.0.1:8087;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 proxy_ssl_name 2.example.com;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 proxy_ssl_trusted_certificate 2.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
75
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
77 listen 127.0.0.1:8084;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
78 proxy_pass 127.0.0.1:8087;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 proxy_ssl_name bad.example.com;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81 proxy_ssl_trusted_certificate 2.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
85 listen 127.0.0.1:8085;
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
86 proxy_pass 127.0.0.1:8087;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 proxy_ssl_trusted_certificate 1.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 proxy_ssl_session_reuse off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
93 listen 127.0.0.1:8086 ssl;
610
936deb3c4727 Tests: combined multiple stream blocks being invalid since 1.9.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 598
diff changeset
94 proxy_ssl off;
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
95 return OK;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 ssl_certificate 1.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98 ssl_certificate_key 1.example.com.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 server {
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
102 listen 127.0.0.1:8087 ssl;
610
936deb3c4727 Tests: combined multiple stream blocks being invalid since 1.9.3.
Sergey Kandaurov <pluknet@nginx.com>
parents: 598
diff changeset
103 proxy_ssl off;
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
104 return OK;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 ssl_certificate 2.example.com.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107 ssl_certificate_key 2.example.com.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
113 $t->write_file('openssl.1.example.com.conf', <<EOF);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114 [ req ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 prompt = no
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1453
diff changeset
116 default_bits = 2048
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117 encrypt_key = no
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118 distinguished_name = req_distinguished_name
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119 x509_extensions = v3_req
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121 [ req_distinguished_name ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 commonName=no.match.example.com
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 [ v3_req ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 subjectAltName = DNS:example.com,DNS:*.example.com
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128 $t->write_file('openssl.2.example.com.conf', <<EOF);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129 [ req ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 prompt = no
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1453
diff changeset
131 default_bits = 2048
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132 encrypt_key = no
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133 distinguished_name = req_distinguished_name
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
135 [ req_distinguished_name ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136 commonName=2.example.com
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139 my $d = $t->testdir();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
140
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
141 foreach my $name ('1.example.com', '2.example.com') {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
142 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 974
diff changeset
143 . "-config $d/openssl.$name.conf "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 974
diff changeset
144 . "-out $d/$name.crt -keyout $d/$name.key "
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
145 . ">>$d/openssl.out 2>&1") == 0
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146 or die "Can't create certificate for $name: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148
1260
eadd24ccfda1 Tests: postponed startup in certain ssl certificate tests on win32.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
149 sleep 1 if $^O eq 'MSWin32';
eadd24ccfda1 Tests: postponed startup in certain ssl certificate tests on win32.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
150
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
151 $t->run();
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
154
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155 # subjectAltName
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
157 is(get(8080), 'OK', 'verify');
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
158 is(get(8081), 'OK', 'verify wildcard');
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
159 isnt(get(8082), 'OK', 'verify fail');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161 # commonName
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
162
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
163 is(get(8083), 'OK', 'verify cn');
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
164 isnt(get(8084), 'OK', 'verify cn fail');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
165
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166 # untrusted
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
167
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
168 isnt(get(8085), 'OK', 'untrusted');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
169
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
170 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
171
892
0c64f87aa689 Tests: guard stream_proxy_ssl_verify.t tests against undef.
Sergey Kandaurov <pluknet@nginx.com>
parents: 891
diff changeset
172 sub get {
1453
6f53ec0cf591 Tests: simplified stream_proxy_ssl_verify.t using return directive.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1260
diff changeset
173 stream('127.0.0.1:' . port(shift))->read();
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
174 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
175
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
176 ###############################################################################