Mercurial > hg > nginx-tests
comparison stream_upstream_zone_ssl.t @ 1849:72d206b37df1
Tests: fixed upstream zone ssl tests with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:30 +0300 |
parents | f3ba4c74de31 |
children |
comparison
equal
deleted
inserted
replaced
1848:727741cdff74 | 1849:72d206b37df1 |
---|---|
80 | 80 |
81 ssl_certificate_key localhost.key; | 81 ssl_certificate_key localhost.key; |
82 ssl_certificate localhost.crt; | 82 ssl_certificate localhost.crt; |
83 ssl_session_cache builtin; | 83 ssl_session_cache builtin; |
84 } | 84 } |
85 | |
86 server { | |
87 listen 127.0.0.1:8085; | |
88 proxy_pass 127.0.0.1:8086; | |
89 } | |
90 | |
91 server { | |
92 listen 127.0.0.1:8086 ssl; | |
93 return $ssl_protocol; | |
94 | |
95 ssl_certificate_key localhost.key; | |
96 ssl_certificate localhost.crt; | |
97 } | |
85 } | 98 } |
86 | 99 |
87 EOF | 100 EOF |
88 | 101 |
89 $t->write_file('openssl.conf', <<EOF); | 102 $t->write_file('openssl.conf', <<EOF); |
110 | 123 |
111 is(stream('127.0.0.1:' . port(8080))->read(), '.', 'ssl'); | 124 is(stream('127.0.0.1:' . port(8080))->read(), '.', 'ssl'); |
112 is(stream('127.0.0.1:' . port(8080))->read(), '.', 'ssl 2'); | 125 is(stream('127.0.0.1:' . port(8080))->read(), '.', 'ssl 2'); |
113 | 126 |
114 is(stream('127.0.0.1:' . port(8081))->read(), '.', 'ssl session new'); | 127 is(stream('127.0.0.1:' . port(8081))->read(), '.', 'ssl session new'); |
128 | |
129 TODO: { | |
130 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
131 if $t->has_module('LibreSSL') and test_tls13(); | |
132 | |
115 is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused'); | 133 is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused'); |
116 is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused 2'); | 134 is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused 2'); |
135 | |
136 } | |
117 | 137 |
118 is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl'); | 138 is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl'); |
119 is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl 2'); | 139 is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl 2'); |
120 | 140 |
121 is(stream('127.0.0.1:' . port(8083))->read(), '.', 'backup ssl session new'); | 141 is(stream('127.0.0.1:' . port(8083))->read(), '.', 'backup ssl session new'); |
142 | |
143 TODO: { | |
144 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
145 if $t->has_module('LibreSSL') and test_tls13(); | |
146 | |
122 is(stream('127.0.0.1:' . port(8083))->read(), 'r', 'backup ssl session reused'); | 147 is(stream('127.0.0.1:' . port(8083))->read(), 'r', 'backup ssl session reused'); |
123 | 148 |
149 } | |
150 | |
124 ############################################################################### | 151 ############################################################################### |
152 | |
153 sub test_tls13 { | |
154 stream('127.0.0.1:' . port(8085))->read() =~ /TLSv1.3/; | |
155 } | |
156 | |
157 ############################################################################### |