Mercurial > hg > nginx-tests
comparison ssl_sni_reneg.t @ 1411:a8243ed8adcb
Tests: expect ssl_sni_reneg.t failures on stable in certain cases.
Notably, if built with OpenSSL 1.1.1 on Linux, SSL renegotiation could be
handled too late if client manages to keep recv buffer filled on server.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 05 Dec 2018 17:10:01 +0300 |
parents | 0bc5bd58d9de |
children | 4e48bf51714f |
comparison
equal
deleted
inserted
replaced
1410:a1a3164faec8 | 1411:a8243ed8adcb |
---|---|
102 | 102 |
103 $t->plan(8); | 103 $t->plan(8); |
104 | 104 |
105 ############################################################################### | 105 ############################################################################### |
106 | 106 |
107 my ($ossl) = $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; | |
108 | |
107 my ($s, $ssl) = get_ssl_socket(8080); | 109 my ($s, $ssl) = get_ssl_socket(8080); |
108 ok($s, 'connection'); | 110 ok($s, 'connection'); |
109 | 111 |
110 SKIP: { | 112 SKIP: { |
111 skip 'connection failed', 3 unless $s; | 113 skip 'connection failed', 3 unless $s; |
117 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); | 119 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
118 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); | 120 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
119 | 121 |
120 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); | 122 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); |
121 | 123 |
124 TODO: { | |
125 local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux' | |
126 and !$t->has_version('1.15.2'); | |
127 | |
122 ok(!Net::SSLeay::read($ssl), 'response'); | 128 ok(!Net::SSLeay::read($ssl), 'response'); |
129 | |
130 } | |
123 | 131 |
124 } | 132 } |
125 | 133 |
126 # virtual servers | 134 # virtual servers |
127 # in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback | 135 # in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback |
139 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); | 147 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
140 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); | 148 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
141 | 149 |
142 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); | 150 Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); |
143 | 151 |
152 TODO: { | |
153 local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux' | |
154 and !$t->has_version('1.15.2'); | |
155 | |
144 ok(!Net::SSLeay::read($ssl), 'virtual servers'); | 156 ok(!Net::SSLeay::read($ssl), 'virtual servers'); |
157 | |
158 } | |
145 | 159 |
146 } | 160 } |
147 | 161 |
148 ############################################################################### | 162 ############################################################################### |
149 | 163 |