Mercurial > hg > nginx-tests

comparison stream_proxy_ssl.t @ 559:9208d8243926

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: stream ssl and proxy ssl tests.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 23 Apr 2015 14:01:21 +0300
parents
children 984bfe661cce
comparison
equal deleted inserted replaced
558:27740a2dd781 559:9208d8243926
1 #!/usr/bin/perl
2
3 # (C) Sergey Kandaurov
4 # (C) Nginx, Inc.
5
6 # Stream tests for proxy to ssl backend.
7
8 ###############################################################################
9
10 use warnings;
11 use strict;
12
13 use Test::More;
14
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
16
17 use lib 'lib';
18 use Test::Nginx;
19
20 ###############################################################################
21
22 select STDERR; $| = 1;
23 select STDOUT; $| = 1;
24
25 my $t = Test::Nginx->new()->has(qw/stream stream_ssl http http_ssl/)
26 ->has_daemon('openssl')->plan(4);
27
28 $t->write_file_expand('nginx.conf', <<'EOF');
29
30 %%TEST_GLOBALS%%
31
32 daemon off;
33
34 events {
35 }
36
37 stream {
38 proxy_ssl on;
39 proxy_ssl_session_reuse on;
40
41 server {
42 listen 127.0.0.1:8080;
43 proxy_pass 127.0.0.1:8087;
44 proxy_ssl_session_reuse off;
45 }
46
47 server {
48 listen 127.0.0.1:8081;
49 proxy_pass 127.0.0.1:8087;
50 }
51 }
52
53 http {
54 %%TEST_GLOBALS_HTTP%%
55
56 server {
57 listen 127.0.0.1:8087 ssl;
58 server_name localhost;
59
60 ssl_certificate_key localhost.key;
61 ssl_certificate localhost.crt;
62 ssl_session_cache builtin;
63
64 location / {
65 add_header X-Session $ssl_session_reused;
66 }
67 }
68 }
69
70 EOF
71
72 $t->write_file('openssl.conf', <<EOF);
73 [ req ]
74 default_bits = 2048
75 encrypt_key = no
76 distinguished_name = req_distinguished_name
77 [ req_distinguished_name ]
78 EOF
79
80 $t->write_file('index.html', '');
81
82 my $d = $t->testdir();
83
84 foreach my $name ('localhost') {
85 system('openssl req -x509 -new '
86 . "-config '$d/openssl.conf' -subj '/CN=$name/' "
87 . "-out '$d/$name.crt' -keyout '$d/$name.key' "
88 . ">>$d/openssl.out 2>&1") == 0
89 or die "Can't create certificate for $name: $!\n";
90 }
91
92 $t->run();
93
94 ###############################################################################
95
96 like(http_get('/', socket => getconn('127.0.0.1:8080')),
97 qr/200 OK.*X-Session: \./s, 'ssl');
98 like(http_get('/', socket => getconn('127.0.0.1:8081')),
99 qr/200 OK.*X-Session: \./s, 'ssl 2');
100
101 like(http_get('/', socket => getconn('127.0.0.1:8080')),
102 qr/200 OK.*X-Session: \./s, 'ssl reuse session');
103 like(http_get('/', socket => getconn('127.0.0.1:8081')),
104 qr/200 OK.*X-Session: r/s, 'ssl reuse session 2');
105
106 ###############################################################################
107
108 sub getconn {
109 my $peer = shift;
110 my $s = IO::Socket::INET->new(
111 Proto => 'tcp',
112 PeerAddr => $peer || '127.0.0.1:8080'
113 )
114 or die "Can't connect to nginx: $!\n";
115
116 return $s;
117 }
118
119 ###############################################################################