Mercurial > hg > nginx-tests

comparison ssl_verify_depth.t @ 1117:3e2af4dedd9c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: ssl_verify_depth.t cleanup. Run only basic tests that don't depend on OpenSSL error codes or version.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 23 Jan 2017 17:29:35 +0300
parents 54e07593713a
children 5b22e2014f76
comparison
equal deleted inserted replaced
1116:8ef51dbb5d69 1117:3e2af4dedd9c
26 plan(skip_all => 'IO::Socket::SSL not installed') if $@; 26 plan(skip_all => 'IO::Socket::SSL not installed') if $@;
27 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; 27 eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
28 plan(skip_all => 'IO::Socket::SSL too old') if $@; 28 plan(skip_all => 'IO::Socket::SSL too old') if $@;
29 29
30 my $t = Test::Nginx->new()->has(qw/http http_ssl/) 30 my $t = Test::Nginx->new()->has(qw/http http_ssl/)
31 ->has_daemon('openssl')->plan(7); 31 ->has_daemon('openssl')->plan(2);
32 32
33 $t->write_file_expand('nginx.conf', <<'EOF'); 33 $t->write_file_expand('nginx.conf', <<'EOF');
34 34
35 %%TEST_GLOBALS%% 35 %%TEST_GLOBALS%%
36 36
43 %%TEST_GLOBALS_HTTP%% 43 %%TEST_GLOBALS_HTTP%%
44 44
45 ssl_certificate_key localhost.key; 45 ssl_certificate_key localhost.key;
46 ssl_certificate localhost.crt; 46 ssl_certificate localhost.crt;
47 47
48 ssl_verify_client optional_no_ca; 48 ssl_verify_client on;
49 ssl_client_certificate int-root.crt; 49 ssl_client_certificate int-root.crt;
50 50
51 add_header X-Verify $ssl_client_verify; 51 add_header X-Verify $ssl_client_verify;
52 52
53 server { 53 server {
54 listen 127.0.0.1:8080 ssl; 54 listen 127.0.0.1:8080 ssl;
55 server_name localhost; 55 server_name localhost;
56 ssl_verify_depth 0; 56 ssl_verify_depth 0;
57 }
58
59 server {
60 listen 127.0.0.1:8081 ssl;
61 server_name localhost;
62 ssl_verify_depth 1;
63 }
64
65 server {
66 listen 127.0.0.1:8082 ssl;
67 server_name localhost;
68 ssl_verify_depth 2;
69 } 57 }
70 } 58 }
71 59
72 EOF 60 EOF
73 61
138 $t->write_file('t', ''); 126 $t->write_file('t', '');
139 $t->run(); 127 $t->run();
140 128
141 ############################################################################### 129 ###############################################################################
142 130
143 like(get(8080, 'end'), qr/FAILED/, 'verify depth 2 max 0'); 131 like(get(8080, 'root'), qr/SUCCESS/, 'verify depth');
144 132 like(get(8080, 'end'), qr/400 Bad Request/, 'verify depth limited');
145 TODO: {
146 local $TODO = 'not yet';
147
148 like(get(8081, 'end'), qr/FAILED/, 'verify depth 2 max 1');
149
150 }
151
152 like(get(8082, 'end'), qr/SUCCESS/, 'verify depth 2 max 2');
153
154 like(get(8080, 'int'), qr/FAILED/, 'verify depth 1 max 0');
155 like(get(8081, 'int'), qr/SUCCESS/, 'verify depth 1 max 1');
156 like(get(8082, 'int'), qr/SUCCESS/, 'verify depth 1 max 2');
157
158 like(get(8080, 'root'), qr/SUCCESS/, 'verify depth 0 max 0');
159 133
160 ############################################################################### 134 ###############################################################################
161 135
162 sub get { 136 sub get {
163 my ($port, $cert) = @_; 137 my ($port, $cert) = @_;