Mercurial > hg > nginx-tests
comparison stream_ssl_variables.t @ 1845:65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 23 Mar 2023 19:50:23 +0300 |
| parents | 3f155fe97521 |
| children | dbb7561a9441 |
comparison
equal
deleted
inserted
replaced
| 1844:6705a3760f48 | 1845:65b1dd07c0e4 |
|---|---|
| 99 | 99 |
| 100 ($s, $ssl) = get_ssl_socket(port(8081)); | 100 ($s, $ssl) = get_ssl_socket(port(8081)); |
| 101 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, | 101 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
| 102 'ssl variables'); | 102 'ssl variables'); |
| 103 | 103 |
| 104 TODO: { | |
| 105 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
| 106 if $t->has_module('LibreSSL') && test_tls13(); | |
| 107 | |
| 104 my $ses = Net::SSLeay::get_session($ssl); | 108 my $ses = Net::SSLeay::get_session($ssl); |
| 105 ($s, $ssl) = get_ssl_socket(port(8081), $ses); | 109 ($s, $ssl) = get_ssl_socket(port(8081), $ses); |
| 106 like(Net::SSLeay::read($ssl), qr/^r:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, | 110 like(Net::SSLeay::read($ssl), qr/^r:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
| 107 'ssl variables - session reused'); | 111 'ssl variables - session reused'); |
| 112 | |
| 113 } | |
| 108 | 114 |
| 109 SKIP: { | 115 SKIP: { |
| 110 skip 'no sni', 3 unless $t->has_module('sni'); | 116 skip 'no sni', 3 unless $t->has_module('sni'); |
| 111 | 117 |
| 112 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com'); | 118 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com'); |
| 121 | 127 |
| 122 } | 128 } |
| 123 | 129 |
| 124 ############################################################################### | 130 ############################################################################### |
| 125 | 131 |
| 132 sub test_tls13 { | |
| 133 ($s, $ssl) = get_ssl_socket(port(8081)); | |
| 134 Net::SSLeay::read($ssl) =~ /TLSv1.3/; | |
| 135 } | |
| 136 | |
| 126 sub get_ssl_socket { | 137 sub get_ssl_socket { |
| 127 my ($port, $ses, $name) = @_; | 138 my ($port, $ses, $name) = @_; |
| 128 | 139 |
| 129 my $s = IO::Socket::INET->new('127.0.0.1:' . $port); | 140 my $s = IO::Socket::INET->new('127.0.0.1:' . $port); |
| 130 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); | 141 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |