Mercurial > hg > nginx-tests
comparison stream_ssl_variables.t @ 1845:65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:23 +0300 |
parents | 3f155fe97521 |
children | dbb7561a9441 |
comparison
equal
deleted
inserted
replaced
1844:6705a3760f48 | 1845:65b1dd07c0e4 |
---|---|
99 | 99 |
100 ($s, $ssl) = get_ssl_socket(port(8081)); | 100 ($s, $ssl) = get_ssl_socket(port(8081)); |
101 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, | 101 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
102 'ssl variables'); | 102 'ssl variables'); |
103 | 103 |
104 TODO: { | |
105 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
106 if $t->has_module('LibreSSL') && test_tls13(); | |
107 | |
104 my $ses = Net::SSLeay::get_session($ssl); | 108 my $ses = Net::SSLeay::get_session($ssl); |
105 ($s, $ssl) = get_ssl_socket(port(8081), $ses); | 109 ($s, $ssl) = get_ssl_socket(port(8081), $ses); |
106 like(Net::SSLeay::read($ssl), qr/^r:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, | 110 like(Net::SSLeay::read($ssl), qr/^r:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
107 'ssl variables - session reused'); | 111 'ssl variables - session reused'); |
112 | |
113 } | |
108 | 114 |
109 SKIP: { | 115 SKIP: { |
110 skip 'no sni', 3 unless $t->has_module('sni'); | 116 skip 'no sni', 3 unless $t->has_module('sni'); |
111 | 117 |
112 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com'); | 118 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com'); |
121 | 127 |
122 } | 128 } |
123 | 129 |
124 ############################################################################### | 130 ############################################################################### |
125 | 131 |
132 sub test_tls13 { | |
133 ($s, $ssl) = get_ssl_socket(port(8081)); | |
134 Net::SSLeay::read($ssl) =~ /TLSv1.3/; | |
135 } | |
136 | |
126 sub get_ssl_socket { | 137 sub get_ssl_socket { |
127 my ($port, $ses, $name) = @_; | 138 my ($port, $ses, $name) = @_; |
128 | 139 |
129 my $s = IO::Socket::INET->new('127.0.0.1:' . $port); | 140 my $s = IO::Socket::INET->new('127.0.0.1:' . $port); |
130 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); | 141 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |