Mercurial > hg > nginx-tests
comparison h2_http2.t @ 1902:c560f5da581e
Tests: http2 directive tests.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Wed, 31 May 2023 13:29:34 +0400 |
| parents | |
| children | 034c9121b9d1 |
comparison
equal
deleted
inserted
replaced
| 1901:f9bb84e4c8e2 | 1902:c560f5da581e |
|---|---|
| 1 #!/usr/bin/perl | |
| 2 | |
| 3 # (C) Sergey Kandaurov | |
| 4 # (C) Nginx, Inc. | |
| 5 | |
| 6 # Tests for HTTP/2 protocol, http2 directive. | |
| 7 | |
| 8 ############################################################################### | |
| 9 | |
| 10 use warnings; | |
| 11 use strict; | |
| 12 | |
| 13 use Test::More; | |
| 14 | |
| 15 BEGIN { use FindBin; chdir($FindBin::Bin); } | |
| 16 | |
| 17 use lib 'lib'; | |
| 18 use Test::Nginx; | |
| 19 use Test::Nginx::HTTP2; | |
| 20 | |
| 21 ############################################################################### | |
| 22 | |
| 23 select STDERR; $| = 1; | |
| 24 select STDOUT; $| = 1; | |
| 25 | |
| 26 my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 socket_ssl_alpn/) | |
| 27 ->has_daemon('openssl'); | |
| 28 | |
| 29 $t->write_file_expand('nginx.conf', <<'EOF'); | |
| 30 | |
| 31 %%TEST_GLOBALS%% | |
| 32 | |
| 33 daemon off; | |
| 34 | |
| 35 events { | |
| 36 } | |
| 37 | |
| 38 http { | |
| 39 %%TEST_GLOBALS_HTTP%% | |
| 40 | |
| 41 ssl_certificate_key localhost.key; | |
| 42 ssl_certificate localhost.crt; | |
| 43 | |
| 44 server { | |
| 45 listen 127.0.0.1:8443 ssl; | |
| 46 server_name default; | |
| 47 | |
| 48 http2 on; | |
| 49 } | |
| 50 | |
| 51 server { | |
| 52 listen 127.0.0.1:8443; | |
| 53 server_name http2; | |
| 54 | |
| 55 http2 on; | |
| 56 } | |
| 57 | |
| 58 server { | |
| 59 listen 127.0.0.1:8443; | |
| 60 server_name disabled; | |
| 61 | |
| 62 http2 off; | |
| 63 } | |
| 64 | |
| 65 server { | |
| 66 listen 127.0.0.1:8444 ssl; | |
| 67 server_name default; | |
| 68 } | |
| 69 | |
| 70 server { | |
| 71 listen 127.0.0.1:8444; | |
| 72 server_name http2; | |
| 73 | |
| 74 http2 on; | |
| 75 } | |
| 76 | |
| 77 server { | |
| 78 listen 127.0.0.1:8080; | |
| 79 server_name localhost; | |
| 80 | |
| 81 http2 on; | |
| 82 } | |
| 83 | |
| 84 server { | |
| 85 listen 127.0.0.1:8081 http2; | |
| 86 server_name localhost; | |
| 87 } | |
| 88 } | |
| 89 | |
| 90 EOF | |
| 91 | |
| 92 $t->write_file('openssl.conf', <<EOF); | |
| 93 [ req ] | |
| 94 default_bits = 2048 | |
| 95 encrypt_key = no | |
| 96 distinguished_name = req_distinguished_name | |
| 97 [ req_distinguished_name ] | |
| 98 EOF | |
| 99 | |
| 100 my $d = $t->testdir(); | |
| 101 | |
| 102 foreach my $name ('localhost') { | |
| 103 system('openssl req -x509 -new ' | |
| 104 . "-config $d/openssl.conf -subj /CN=$name/ " | |
| 105 . "-out $d/$name.crt -keyout $d/$name.key " | |
| 106 . ">>$d/openssl.out 2>&1") == 0 | |
| 107 or die "Can't create certificate for $name: $!\n"; | |
| 108 } | |
| 109 | |
| 110 $t->write_file('index.html', ''); | |
| 111 $t->try_run('no http2')->plan(11); | |
| 112 | |
| 113 ############################################################################### | |
| 114 | |
| 115 # make sure HTTP/2 can be disabled selectively on virtual servers | |
| 116 | |
| 117 ok(get_ssl_socket(8443), 'default to enabled'); | |
| 118 ok(!get_ssl_socket(8443, 'disabled'), 'sni to disabled'); | |
| 119 | |
| 120 is(get_https(8443, 'http2'), 200, 'host to enabled'); | |
| 121 is(get_https(8443, 'disabled', 'http2'), 421, 'host to disabled'); | |
| 122 | |
| 123 # make sure HTTP/2 can be enabled selectively on virtual servers | |
| 124 | |
| 125 ok(!get_ssl_socket(8444), 'default to disabled'); | |
| 126 is(get_https(8444, 'http2'), 200, 'sni to enabled'); | |
| 127 | |
| 128 # http2 detection on plain tcp socket by connection preface | |
| 129 | |
| 130 like(http_get('/'), qr/200 OK/, 'non-ssl http'); | |
| 131 is(get_http(8080), 200, 'non-ssl http2'); | |
| 132 | |
| 133 like(http_get('/', socket => IO::Socket::INET->new('127.0.0.1:' . port(8081))), | |
| 134 qr/200 OK/, 'non-ssl http deprecated'); | |
| 135 is(get_http(8081), 200, 'non-ssl http2 deprecated'); | |
| 136 | |
| 137 my $sock = http("PRI * HTTP/2.0\r\n\r\n", start => 1); | |
| 138 select undef, undef, undef, 0.2; | |
| 139 is(get_http(8080, 'localhost', $sock, "SM\r\n\r\n"), 200, | |
| 140 'preface with multiple packets'); | |
| 141 | |
| 142 ############################################################################### | |
| 143 | |
| 144 sub get_http { | |
| 145 my ($port, $host, $sock, $preface) = @_; | |
| 146 my $s = Test::Nginx::HTTP2->new(port($port), | |
| 147 socket => $sock, preface => $preface); | |
| 148 my $sid = $s->new_stream({ host => $host }); | |
| 149 my $frames = $s->read(all => [{ sid => $sid, fin => 1 }]); | |
| 150 my ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; | |
| 151 return $frame->{headers}->{':status'}; | |
| 152 } | |
| 153 | |
| 154 sub get_https { | |
| 155 my ($port, $host, $sni, $alpn) = @_; | |
| 156 my $sock = get_ssl_socket($port, $sni || $host, $alpn); | |
| 157 return get_http($port, $host, $sock); | |
| 158 } | |
| 159 | |
| 160 sub get_ssl_socket { | |
| 161 my ($port, $sni, $alpn) = @_; | |
| 162 return http('', PeerAddr => '127.0.0.1:' . port($port), start => 1, | |
| 163 SSL => 1, | |
| 164 SSL_hostname => $sni, | |
| 165 SSL_alpn_protocols => $alpn || ['h2']); | |
| 166 } | |
| 167 | |
| 168 ############################################################################### |