Mercurial > hg > nginx-tests

comparison stream_proxy_ssl_verify.t @ 974:882267679006

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: simplified parallel modifications in tests. Mail tests were simplified in c227348453db.
author Andrey Zelenkov <zelenkov@nginx.com>
date Tue, 12 Jul 2016 17:39:03 +0300
parents e9064d691790
children 0af58b78df35
comparison
equal deleted inserted replaced
973:7d7aef8b9f3a 974:882267679006
36 stream { 36 stream {
37 proxy_ssl on; 37 proxy_ssl on;
38 proxy_ssl_verify on; 38 proxy_ssl_verify on;
39 39
40 server { 40 server {
41 listen 127.0.0.1:%%PORT_0%%; 41 listen 127.0.0.1:8080;
42 proxy_pass 127.0.0.1:%%PORT_6%%; 42 proxy_pass 127.0.0.1:8086;
43 43
44 proxy_ssl_name example.com; 44 proxy_ssl_name example.com;
45 proxy_ssl_trusted_certificate 1.example.com.crt; 45 proxy_ssl_trusted_certificate 1.example.com.crt;
46 } 46 }
47 47
48 server { 48 server {
49 listen 127.0.0.1:%%PORT_1%%; 49 listen 127.0.0.1:8081;
50 proxy_pass 127.0.0.1:%%PORT_6%%; 50 proxy_pass 127.0.0.1:8086;
51 51
52 proxy_ssl_name foo.example.com; 52 proxy_ssl_name foo.example.com;
53 proxy_ssl_trusted_certificate 1.example.com.crt; 53 proxy_ssl_trusted_certificate 1.example.com.crt;
54 } 54 }
55 55
56 server { 56 server {
57 listen 127.0.0.1:%%PORT_2%%; 57 listen 127.0.0.1:8082;
58 proxy_pass 127.0.0.1:%%PORT_6%%; 58 proxy_pass 127.0.0.1:8086;
59 59
60 proxy_ssl_name no.match.example.com; 60 proxy_ssl_name no.match.example.com;
61 proxy_ssl_trusted_certificate 1.example.com.crt; 61 proxy_ssl_trusted_certificate 1.example.com.crt;
62 } 62 }
63 63
64 server { 64 server {
65 listen 127.0.0.1:%%PORT_3%%; 65 listen 127.0.0.1:8083;
66 proxy_pass 127.0.0.1:%%PORT_7%%; 66 proxy_pass 127.0.0.1:8087;
67 67
68 proxy_ssl_name 2.example.com; 68 proxy_ssl_name 2.example.com;
69 proxy_ssl_trusted_certificate 2.example.com.crt; 69 proxy_ssl_trusted_certificate 2.example.com.crt;
70 } 70 }
71 71
72 server { 72 server {
73 listen 127.0.0.1:%%PORT_4%%; 73 listen 127.0.0.1:8084;
74 proxy_pass 127.0.0.1:%%PORT_7%%; 74 proxy_pass 127.0.0.1:8087;
75 75
76 proxy_ssl_name bad.example.com; 76 proxy_ssl_name bad.example.com;
77 proxy_ssl_trusted_certificate 2.example.com.crt; 77 proxy_ssl_trusted_certificate 2.example.com.crt;
78 } 78 }
79 79
80 server { 80 server {
81 listen 127.0.0.1:%%PORT_5%%; 81 listen 127.0.0.1:8085;
82 proxy_pass 127.0.0.1:%%PORT_7%%; 82 proxy_pass 127.0.0.1:8087;
83 83
84 proxy_ssl_trusted_certificate 1.example.com.crt; 84 proxy_ssl_trusted_certificate 1.example.com.crt;
85 proxy_ssl_session_reuse off; 85 proxy_ssl_session_reuse off;
86 } 86 }
87 87
88 server { 88 server {
89 listen 127.0.0.1:%%PORT_6%% ssl; 89 listen 127.0.0.1:8086 ssl;
90 proxy_pass 127.0.0.1:%%PORT_8%%; 90 proxy_pass 127.0.0.1:8088;
91 proxy_ssl off; 91 proxy_ssl off;
92 92
93 ssl_certificate 1.example.com.crt; 93 ssl_certificate 1.example.com.crt;
94 ssl_certificate_key 1.example.com.key; 94 ssl_certificate_key 1.example.com.key;
95 } 95 }
96 96
97 server { 97 server {
98 listen 127.0.0.1:%%PORT_7%% ssl; 98 listen 127.0.0.1:8087 ssl;
99 proxy_pass 127.0.0.1:%%PORT_8%%; 99 proxy_pass 127.0.0.1:8088;
100 proxy_ssl off; 100 proxy_ssl off;
101 101
102 ssl_certificate 2.example.com.crt; 102 ssl_certificate 2.example.com.crt;
103 ssl_certificate_key 2.example.com.key; 103 ssl_certificate_key 2.example.com.key;
104 } 104 }
145 $t->write_file('index.html', ''); 145 $t->write_file('index.html', '');
146 146
147 $t->run_daemon(\&http_daemon); 147 $t->run_daemon(\&http_daemon);
148 $t->run(); 148 $t->run();
149 149
150 $t->waitforsocket('127.0.0.1:' . port(8)); 150 $t->waitforsocket('127.0.0.1:' . port(8088));
151 151
152 ############################################################################### 152 ###############################################################################
153 153
154 # subjectAltName 154 # subjectAltName
155 155
156 like(get('/', '127.0.0.1:' . port(0)), qr/200 OK/, 'verify'); 156 like(get('/', '127.0.0.1:' . port(8080)), qr/200 OK/, 'verify');
157 like(get('/', '127.0.0.1:' . port(1)), qr/200 OK/, 'verify wildcard'); 157 like(get('/', '127.0.0.1:' . port(8081)), qr/200 OK/, 'verify wildcard');
158 unlike(get('/', '127.0.0.1:' . port(2)), qr/200 OK/, 'verify fail'); 158 unlike(get('/', '127.0.0.1:' . port(8082)), qr/200 OK/, 'verify fail');
159 159
160 # commonName 160 # commonName
161 161
162 like(get('/', '127.0.0.1:' . port(3)), qr/200 OK/, 'verify cn'); 162 like(get('/', '127.0.0.1:' . port(8083)), qr/200 OK/, 'verify cn');
163 unlike(get('/', '127.0.0.1:' . port(4)), qr/200 OK/, 'verify cn fail'); 163 unlike(get('/', '127.0.0.1:' . port(8084)), qr/200 OK/, 'verify cn fail');
164 164
165 # untrusted 165 # untrusted
166 166
167 unlike(get('/', '127.0.0.1:' . port(5)), qr/200 OK/, 'untrusted'); 167 unlike(get('/', '127.0.0.1:' . port(8085)), qr/200 OK/, 'untrusted');
168 168
169 ############################################################################### 169 ###############################################################################
170 170
171 sub get { 171 sub get {
172 my ($uri, $peer) = @_; 172 my ($uri, $peer) = @_;
184 ############################################################################### 184 ###############################################################################
185 185
186 sub http_daemon { 186 sub http_daemon {
187 my $server = IO::Socket::INET->new( 187 my $server = IO::Socket::INET->new(
188 Proto => 'tcp', 188 Proto => 'tcp',
189 LocalHost => '127.0.0.1:' . port(8), 189 LocalHost => '127.0.0.1:' . port(8088),
190 Listen => 5, 190 Listen => 5,
191 Reuse => 1 191 Reuse => 1
192 ) 192 )
193 or die "Can't create listening socket: $!\n"; 193 or die "Can't create listening socket: $!\n";
194 194