Mercurial > hg > nginx-tests
comparison ssl_session_reuse.t @ 1866:a797d7428fa5
Tests: simplified http SSL tests with IO::Socket::SSL.
The http SSL tests which previously used IO::Socket::SSL were converted
to use improved IO::Socket::SSL infrastructure in Test::Nginx.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 18 May 2023 18:07:19 +0300 |
parents | cdcd75657e52 |
children | c924ae8d7104 |
comparison
equal
deleted
inserted
replaced
1865:0e1865aa9b33 | 1866:a797d7428fa5 |
---|---|
14 use Test::More; | 14 use Test::More; |
15 | 15 |
16 BEGIN { use FindBin; chdir($FindBin::Bin); } | 16 BEGIN { use FindBin; chdir($FindBin::Bin); } |
17 | 17 |
18 use lib 'lib'; | 18 use lib 'lib'; |
19 use Test::Nginx; | 19 use Test::Nginx qw/ :DEFAULT http_end /; |
20 | 20 |
21 ############################################################################### | 21 ############################################################################### |
22 | 22 |
23 select STDERR; $| = 1; | 23 select STDERR; $| = 1; |
24 select STDOUT; $| = 1; | 24 select STDOUT; $| = 1; |
190 like(`grep -F '[crit]' ${\($t->testdir())}/error.log`, qr/^$/s, 'no crit'); | 190 like(`grep -F '[crit]' ${\($t->testdir())}/error.log`, qr/^$/s, 'no crit'); |
191 | 191 |
192 ############################################################################### | 192 ############################################################################### |
193 | 193 |
194 sub test_tls13 { | 194 sub test_tls13 { |
195 return get('/protocol', 8443) =~ /TLSv1.3/; | 195 return http_get('/protocol', SSL => 1) =~ /TLSv1.3/; |
196 } | 196 } |
197 | 197 |
198 sub test_reuse { | 198 sub test_reuse { |
199 my ($port) = @_; | 199 my ($port) = @_; |
200 my $ctx = get_ssl_context(); | 200 |
201 get('/', $port, $ctx); | 201 my $s = http_get( |
202 return (get('/', $port, $ctx) =~ qr/^body r$/m) ? 1 : 0; | 202 '/', PeerAddr => '127.0.0.1:' . port($port), start => 1, |
203 } | 203 SSL => 1, |
204 | |
205 sub get { | |
206 my ($uri, $port, $ctx) = @_; | |
207 my $s = get_ssl_socket($port, $ctx) or return; | |
208 my $r = http_get($uri, socket => $s); | |
209 $s->close(); | |
210 return $r; | |
211 } | |
212 | |
213 sub get_ssl_context { | |
214 return IO::Socket::SSL::SSL_Context->new( | |
215 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), | |
216 SSL_session_cache_size => 100 | 204 SSL_session_cache_size => 100 |
217 ); | 205 ); |
218 } | 206 http_end($s); |
219 | 207 |
220 sub get_ssl_socket { | 208 my $r = http_get( |
221 my ($port, $ctx, %extra) = @_; | 209 '/', PeerAddr => '127.0.0.1:' . port($port), |
222 my $s; | 210 SSL => 1, |
223 | 211 SSL_reuse_ctx => $s |
224 eval { | 212 ); |
225 local $SIG{ALRM} = sub { die "timeout\n" }; | 213 |
226 local $SIG{PIPE} = sub { die "sigpipe\n" }; | 214 return ($r =~ qr/^body r$/m) ? 1 : 0; |
227 alarm(8); | 215 } |
228 $s = IO::Socket::SSL->new( | 216 |
229 Proto => 'tcp', | 217 ############################################################################### |
230 PeerAddr => '127.0.0.1', | |
231 PeerPort => port($port), | |
232 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), | |
233 SSL_reuse_ctx => $ctx, | |
234 SSL_error_trap => sub { die $_[1] }, | |
235 %extra | |
236 ); | |
237 alarm(0); | |
238 }; | |
239 alarm(0); | |
240 | |
241 if ($@) { | |
242 log_in("died: $@"); | |
243 return undef; | |
244 } | |
245 | |
246 return $s; | |
247 } | |
248 | |
249 ############################################################################### |