Mercurial > hg > nginx-tests
annotate stream_ssl_preread.t @ 1961:fe6f22da53ec default tip
Tests: tests for usage of discarded body.
The client_max_body_size limit should be ignored when the request body
is already discarded. In HTTP/1.x, this is done by checking the
r->discard_body flag when the body is being discarded, and because
r->headers_in.content_length_n is 0 when it's already discarded. This,
however, does not happen with HTTP/2 and HTTP/3, and therefore
"error_page 413" does not work without relaxing the limit.
Further, with proxy_pass, r->headers_in.content_length_n is used to determine
length of the request body, and therefore is not correct if discarding of
the request body isn't yet complete. While discarding the request body,
r->headers_in.content_length_n contains the rest of the body to discard
(or, in case of chunked request body, the rest of the current chunk to
discard).
Similarly, the $content_length variable uses r->headers_in.content_length
if available, and also incorrect. The $content_length variable is used
when proxying with fastcgi_pass, grpc_pass, and uwsgi_pass (scgi_pass uses
the value calculated based on the actual request body buffers, and therefore
works correctly).
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Sat, 27 Apr 2024 18:55:50 +0300 |
| parents | 46351d990aee |
| children |
| rev | line source |
|---|---|
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for stream_ssl_preread module. |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
19 use Test::Nginx::Stream qw/ stream /; |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/) |
|
1858
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
27 ->has(qw/stream_ssl stream_return socket_ssl_sni/) |
|
cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1609
diff
changeset
|
28 ->has_daemon('openssl')->plan(13) |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 ->write_file_expand('nginx.conf', <<'EOF'); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 daemon off; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 events { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 stream { |
|
1609
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
39 %%TEST_GLOBALS_STREAM%% |
|
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1488
diff
changeset
|
40 |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 log_format status $status; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 map $ssl_preread_server_name $name { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 "" 127.0.0.1:8093; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 default $ssl_preread_server_name; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 upstream foo { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 server 127.0.0.1:8091; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 upstream bar { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 server 127.0.0.1:8092; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
|
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
56 upstream next { |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
57 server 127.0.0.1:8094; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
58 server 127.0.0.1:8080; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
59 } |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
60 |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 ssl_preread on; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 server { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 listen 127.0.0.1:8080; |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
65 return $name; |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 server { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 listen 127.0.0.1:8081; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 proxy_pass $name; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 server { |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
74 listen 127.0.0.1:8082; |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 proxy_pass $name; |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
76 ssl_preread off; |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 server { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 listen 127.0.0.1:8083; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 proxy_pass $name; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 preread_timeout 2s; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 preread_buffer_size 42; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 access_log %%TESTDIR%%/status.log status; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 } |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
88 |
|
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
89 server { |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
90 listen 127.0.0.1:8084; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
91 proxy_pass next; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
92 |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
93 proxy_connect_timeout 2s; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
94 preread_buffer_size 8; |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
95 } |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
96 |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 ssl_certificate_key localhost.key; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 ssl_certificate localhost.crt; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 server { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 listen 127.0.0.1:8091 ssl; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 listen 127.0.0.1:8092 ssl; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 listen 127.0.0.1:8093 ssl; |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
104 ssl_preread off; |
|
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
105 return $server_port; |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 EOF |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 $t->write_file('openssl.conf', <<EOF); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
113 default_bits = 2048 |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 encrypt_key = no |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 distinguished_name = req_distinguished_name |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 [ req_distinguished_name ] |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 EOF |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 my $d = $t->testdir(); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 foreach my $name ('localhost') { |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1219
diff
changeset
|
123 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1219
diff
changeset
|
124 . "-out $d/$name.crt -keyout $d/$name.key " |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 . ">>$d/openssl.out 2>&1") == 0 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 or die "Can't create certificate for $name: $!\n"; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 $t->run(); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 ############################################################################### |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 |
|
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
133 my ($p1, $p2, $p3, $p4) = (port(8091), port(8092), port(8093), port(8084)); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
135 is(get_ssl('foo', 8081), $p1, 'sni'); |
|
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
136 is(get_ssl('foo', 8081), $p1, 'sni again'); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
138 is(get_ssl('bar', 8081), $p2, 'sni 2'); |
|
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
139 is(get_ssl('bar', 8081), $p2, 'sni 2 again'); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 # fallback to an empty value for some reason |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
143 is(get_ssl('', 8081), $p3, 'no sni'); |
|
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
144 is(get_ssl('foo', 8082), $p3, 'preread off'); |
|
1864
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
145 is(get_ssl('foo', 8083), '', 'preread buffer full'); |
|
1235
3fc6817cd84a
Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1232
diff
changeset
|
146 is(stream('127.0.0.1:' . port(8080))->io('x' x 1000), "127.0.0.1:$p3", |
|
3fc6817cd84a
Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1232
diff
changeset
|
147 'not a handshake'); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 |
|
1232
a4a040b4e4dd
Tests: removed TODOs for fixes merged in 1.12.2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
149 # ticket #1317 |
|
1199
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
150 |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
151 is(stream("127.0.0.1:$p4")->io('x' x 16), "127.0.0.1:$p3", |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
152 'pending buffers on next upstream'); |
|
08f6eacf1cfe
Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1198
diff
changeset
|
153 |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
154 # no junk in variable due to short ClientHello length value |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
155 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
156 is(get_short(), "127.0.0.1:$p3", 'short client hello'); |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
157 |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
158 # allow record with older SSL version, such as 3.0 |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
159 |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
160 is(get_oldver(), 'foo', 'older version in ssl record'); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
161 |
|
1314
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
162 # SNI "foo|f" fragmented across TLS records |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
163 |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
164 is(get_frag(), 'foof', 'handshake fragment split on SNI'); |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
165 |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
166 $t->stop(); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
167 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
168 is($t->read_file('status.log'), "400\n", 'preread buffer full - log'); |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
169 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
170 ############################################################################### |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
171 |
|
1314
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
172 sub get_frag { |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
173 my $r = pack("N*", 0x16030100, 0x3b010000, 0x380303ac, |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
174 0x8c8678a0, 0xaa1e7eed, 0x3644eed6, 0xc3bd2c69, |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
175 0x7bc7deda, 0x249db0e3, 0x0c339eba, 0xa80b7600, |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
176 0x00020000, 0x0100000d, 0x00000009, 0x00070000, |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
177 0x04666f6f, 0x16030100); |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
178 $r .= pack("n", 0x0166); |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
179 |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
180 http($r); |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
181 } |
|
b6d941ff65f4
Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
182 |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
183 sub get_short { |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
184 my $r = pack("N*", 0x16030100, 0x38010000, 0x330303eb); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
185 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
186 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
187 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
188 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
189 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
190 http($r); |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
191 } |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
192 |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
193 sub get_oldver { |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
194 my $r = pack("N*", 0x16030000, 0x38010000, 0x340303eb); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
195 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
196 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
197 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
198 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f); |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
199 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
200 http($r); |
|
1099
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
201 } |
|
dd3031bbc705
Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1034
diff
changeset
|
202 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
203 sub get_ssl { |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
204 my ($host, $port) = @_; |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
205 |
|
1864
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
206 my $s = stream( |
|
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
207 PeerAddr => '127.0.0.1:' . port($port), |
|
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
208 SSL => 1, |
|
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
209 SSL_hostname => $host |
|
46351d990aee
Tests: simplified stream SSL tests with IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1858
diff
changeset
|
210 ); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
211 |
|
1198
cd153f1bbaad
Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1118
diff
changeset
|
212 return $s->read(); |
|
1034
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
213 } |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
214 |
|
679cefd5896b
Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
215 ############################################################################### |