Mercurial > hg > nginx-tests
comparison ssl_engine_keys.t @ 1446:44973a23b031
Tests: loading "engine:..." keys with certificate variable.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 28 Feb 2019 17:02:24 +0300 |
| parents | a682c219af45 |
| children | dbce8fb5f5f8 |
comparison
equal
deleted
inserted
replaced
| 1445:889283abadf8 | 1446:44973a23b031 |
|---|---|
| 26 | 26 |
| 27 plan(skip_all => 'may not work, leaves coredump') | 27 plan(skip_all => 'may not work, leaves coredump') |
| 28 unless $ENV{TEST_NGINX_UNSAFE}; | 28 unless $ENV{TEST_NGINX_UNSAFE}; |
| 29 | 29 |
| 30 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') | 30 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') |
| 31 ->has_daemon('softhsm')->has_daemon('pkcs11-tool')->plan(1); | 31 ->has_daemon('softhsm')->has_daemon('pkcs11-tool'); |
| 32 | 32 |
| 33 $t->write_file_expand('nginx.conf', <<'EOF'); | 33 $t->write_file_expand('nginx.conf', <<'EOF'); |
| 34 | 34 |
| 35 %%TEST_GLOBALS%% | 35 %%TEST_GLOBALS%% |
| 36 | 36 |
| 51 ssl_certificate_key engine:pkcs11:slot_0-id_00; | 51 ssl_certificate_key engine:pkcs11:slot_0-id_00; |
| 52 | 52 |
| 53 location / { | 53 location / { |
| 54 # index index.html by default | 54 # index index.html by default |
| 55 } | 55 } |
| 56 | |
| 56 location /proxy { | 57 location /proxy { |
| 57 proxy_pass https://127.0.0.1:8081/; | 58 proxy_pass https://127.0.0.1:8081/; |
| 59 } | |
| 60 | |
| 61 location /var { | |
| 62 proxy_pass https://127.0.0.1:8082/; | |
| 63 proxy_ssl_name localhost; | |
| 64 proxy_ssl_server_name on; | |
| 65 } | |
| 66 } | |
| 67 | |
| 68 server { | |
| 69 listen 127.0.0.1:8082 ssl; | |
| 70 server_name localhost; | |
| 71 | |
| 72 ssl_certificate $ssl_server_name.crt; | |
| 73 ssl_certificate_key engine:pkcs11:slot_0-id_00; | |
| 74 | |
| 75 location / { | |
| 76 # index index.html by default | |
| 58 } | 77 } |
| 59 } | 78 } |
| 60 } | 79 } |
| 61 | 80 |
| 62 EOF | 81 EOF |
| 116 . "-out $d/$name.crt -keyform engine -text -key id_00 " | 135 . "-out $d/$name.crt -keyform engine -text -key id_00 " |
| 117 . ">>$d/openssl.out 2>&1") == 0 | 136 . ">>$d/openssl.out 2>&1") == 0 |
| 118 or die "Can't create certificate for $name: $!\n"; | 137 or die "Can't create certificate for $name: $!\n"; |
| 119 } | 138 } |
| 120 | 139 |
| 121 $t->run(); | 140 $t->try_run('no ssl_certificate variables')->plan(2); |
| 122 | 141 |
| 123 $t->write_file('index.html', ''); | 142 $t->write_file('index.html', ''); |
| 124 | 143 |
| 125 ############################################################################### | 144 ############################################################################### |
| 126 | 145 |
| 127 like(http_get('/proxy'), qr/200 OK/, 'ssl engine keys'); | 146 like(http_get('/proxy'), qr/200 OK/, 'ssl engine keys'); |
| 147 like(http_get('/var'), qr/200 OK/, 'ssl_certificate with variable'); | |
| 128 | 148 |
| 129 ############################################################################### | 149 ############################################################################### |