Mercurial > hg > nginx-tests
comparison stream_proxy_ssl_verify.t @ 974:882267679006
Tests: simplified parallel modifications in tests.
Mail tests were simplified in c227348453db.
author | Andrey Zelenkov <zelenkov@nginx.com> |
---|---|
date | Tue, 12 Jul 2016 17:39:03 +0300 |
parents | e9064d691790 |
children | 0af58b78df35 |
comparison
equal
deleted
inserted
replaced
973:7d7aef8b9f3a | 974:882267679006 |
---|---|
36 stream { | 36 stream { |
37 proxy_ssl on; | 37 proxy_ssl on; |
38 proxy_ssl_verify on; | 38 proxy_ssl_verify on; |
39 | 39 |
40 server { | 40 server { |
41 listen 127.0.0.1:%%PORT_0%%; | 41 listen 127.0.0.1:8080; |
42 proxy_pass 127.0.0.1:%%PORT_6%%; | 42 proxy_pass 127.0.0.1:8086; |
43 | 43 |
44 proxy_ssl_name example.com; | 44 proxy_ssl_name example.com; |
45 proxy_ssl_trusted_certificate 1.example.com.crt; | 45 proxy_ssl_trusted_certificate 1.example.com.crt; |
46 } | 46 } |
47 | 47 |
48 server { | 48 server { |
49 listen 127.0.0.1:%%PORT_1%%; | 49 listen 127.0.0.1:8081; |
50 proxy_pass 127.0.0.1:%%PORT_6%%; | 50 proxy_pass 127.0.0.1:8086; |
51 | 51 |
52 proxy_ssl_name foo.example.com; | 52 proxy_ssl_name foo.example.com; |
53 proxy_ssl_trusted_certificate 1.example.com.crt; | 53 proxy_ssl_trusted_certificate 1.example.com.crt; |
54 } | 54 } |
55 | 55 |
56 server { | 56 server { |
57 listen 127.0.0.1:%%PORT_2%%; | 57 listen 127.0.0.1:8082; |
58 proxy_pass 127.0.0.1:%%PORT_6%%; | 58 proxy_pass 127.0.0.1:8086; |
59 | 59 |
60 proxy_ssl_name no.match.example.com; | 60 proxy_ssl_name no.match.example.com; |
61 proxy_ssl_trusted_certificate 1.example.com.crt; | 61 proxy_ssl_trusted_certificate 1.example.com.crt; |
62 } | 62 } |
63 | 63 |
64 server { | 64 server { |
65 listen 127.0.0.1:%%PORT_3%%; | 65 listen 127.0.0.1:8083; |
66 proxy_pass 127.0.0.1:%%PORT_7%%; | 66 proxy_pass 127.0.0.1:8087; |
67 | 67 |
68 proxy_ssl_name 2.example.com; | 68 proxy_ssl_name 2.example.com; |
69 proxy_ssl_trusted_certificate 2.example.com.crt; | 69 proxy_ssl_trusted_certificate 2.example.com.crt; |
70 } | 70 } |
71 | 71 |
72 server { | 72 server { |
73 listen 127.0.0.1:%%PORT_4%%; | 73 listen 127.0.0.1:8084; |
74 proxy_pass 127.0.0.1:%%PORT_7%%; | 74 proxy_pass 127.0.0.1:8087; |
75 | 75 |
76 proxy_ssl_name bad.example.com; | 76 proxy_ssl_name bad.example.com; |
77 proxy_ssl_trusted_certificate 2.example.com.crt; | 77 proxy_ssl_trusted_certificate 2.example.com.crt; |
78 } | 78 } |
79 | 79 |
80 server { | 80 server { |
81 listen 127.0.0.1:%%PORT_5%%; | 81 listen 127.0.0.1:8085; |
82 proxy_pass 127.0.0.1:%%PORT_7%%; | 82 proxy_pass 127.0.0.1:8087; |
83 | 83 |
84 proxy_ssl_trusted_certificate 1.example.com.crt; | 84 proxy_ssl_trusted_certificate 1.example.com.crt; |
85 proxy_ssl_session_reuse off; | 85 proxy_ssl_session_reuse off; |
86 } | 86 } |
87 | 87 |
88 server { | 88 server { |
89 listen 127.0.0.1:%%PORT_6%% ssl; | 89 listen 127.0.0.1:8086 ssl; |
90 proxy_pass 127.0.0.1:%%PORT_8%%; | 90 proxy_pass 127.0.0.1:8088; |
91 proxy_ssl off; | 91 proxy_ssl off; |
92 | 92 |
93 ssl_certificate 1.example.com.crt; | 93 ssl_certificate 1.example.com.crt; |
94 ssl_certificate_key 1.example.com.key; | 94 ssl_certificate_key 1.example.com.key; |
95 } | 95 } |
96 | 96 |
97 server { | 97 server { |
98 listen 127.0.0.1:%%PORT_7%% ssl; | 98 listen 127.0.0.1:8087 ssl; |
99 proxy_pass 127.0.0.1:%%PORT_8%%; | 99 proxy_pass 127.0.0.1:8088; |
100 proxy_ssl off; | 100 proxy_ssl off; |
101 | 101 |
102 ssl_certificate 2.example.com.crt; | 102 ssl_certificate 2.example.com.crt; |
103 ssl_certificate_key 2.example.com.key; | 103 ssl_certificate_key 2.example.com.key; |
104 } | 104 } |
145 $t->write_file('index.html', ''); | 145 $t->write_file('index.html', ''); |
146 | 146 |
147 $t->run_daemon(\&http_daemon); | 147 $t->run_daemon(\&http_daemon); |
148 $t->run(); | 148 $t->run(); |
149 | 149 |
150 $t->waitforsocket('127.0.0.1:' . port(8)); | 150 $t->waitforsocket('127.0.0.1:' . port(8088)); |
151 | 151 |
152 ############################################################################### | 152 ############################################################################### |
153 | 153 |
154 # subjectAltName | 154 # subjectAltName |
155 | 155 |
156 like(get('/', '127.0.0.1:' . port(0)), qr/200 OK/, 'verify'); | 156 like(get('/', '127.0.0.1:' . port(8080)), qr/200 OK/, 'verify'); |
157 like(get('/', '127.0.0.1:' . port(1)), qr/200 OK/, 'verify wildcard'); | 157 like(get('/', '127.0.0.1:' . port(8081)), qr/200 OK/, 'verify wildcard'); |
158 unlike(get('/', '127.0.0.1:' . port(2)), qr/200 OK/, 'verify fail'); | 158 unlike(get('/', '127.0.0.1:' . port(8082)), qr/200 OK/, 'verify fail'); |
159 | 159 |
160 # commonName | 160 # commonName |
161 | 161 |
162 like(get('/', '127.0.0.1:' . port(3)), qr/200 OK/, 'verify cn'); | 162 like(get('/', '127.0.0.1:' . port(8083)), qr/200 OK/, 'verify cn'); |
163 unlike(get('/', '127.0.0.1:' . port(4)), qr/200 OK/, 'verify cn fail'); | 163 unlike(get('/', '127.0.0.1:' . port(8084)), qr/200 OK/, 'verify cn fail'); |
164 | 164 |
165 # untrusted | 165 # untrusted |
166 | 166 |
167 unlike(get('/', '127.0.0.1:' . port(5)), qr/200 OK/, 'untrusted'); | 167 unlike(get('/', '127.0.0.1:' . port(8085)), qr/200 OK/, 'untrusted'); |
168 | 168 |
169 ############################################################################### | 169 ############################################################################### |
170 | 170 |
171 sub get { | 171 sub get { |
172 my ($uri, $peer) = @_; | 172 my ($uri, $peer) = @_; |
184 ############################################################################### | 184 ############################################################################### |
185 | 185 |
186 sub http_daemon { | 186 sub http_daemon { |
187 my $server = IO::Socket::INET->new( | 187 my $server = IO::Socket::INET->new( |
188 Proto => 'tcp', | 188 Proto => 'tcp', |
189 LocalHost => '127.0.0.1:' . port(8), | 189 LocalHost => '127.0.0.1:' . port(8088), |
190 Listen => 5, | 190 Listen => 5, |
191 Reuse => 1 | 191 Reuse => 1 |
192 ) | 192 ) |
193 or die "Can't create listening socket: $!\n"; | 193 or die "Can't create listening socket: $!\n"; |
194 | 194 |