Mercurial > hg > nginx-tests
comparison stream_proxy_ssl_verify.t @ 952:e9064d691790
Tests: converted tests to run in parallel.
| author | Andrey Zelenkov <zelenkov@nginx.com> |
|---|---|
| date | Tue, 21 Jun 2016 16:39:13 +0300 |
| parents | 0c64f87aa689 |
| children | 882267679006 |
comparison
equal
deleted
inserted
replaced
| 951:9361c7eddfc1 | 952:e9064d691790 |
|---|---|
| 36 stream { | 36 stream { |
| 37 proxy_ssl on; | 37 proxy_ssl on; |
| 38 proxy_ssl_verify on; | 38 proxy_ssl_verify on; |
| 39 | 39 |
| 40 server { | 40 server { |
| 41 listen 127.0.0.1:8080; | 41 listen 127.0.0.1:%%PORT_0%%; |
| 42 proxy_pass 127.0.0.1:8087; | 42 proxy_pass 127.0.0.1:%%PORT_6%%; |
| 43 | 43 |
| 44 proxy_ssl_name example.com; | 44 proxy_ssl_name example.com; |
| 45 proxy_ssl_trusted_certificate 1.example.com.crt; | 45 proxy_ssl_trusted_certificate 1.example.com.crt; |
| 46 } | 46 } |
| 47 | 47 |
| 48 server { | 48 server { |
| 49 listen 127.0.0.1:8081; | 49 listen 127.0.0.1:%%PORT_1%%; |
| 50 proxy_pass 127.0.0.1:8087; | 50 proxy_pass 127.0.0.1:%%PORT_6%%; |
| 51 | 51 |
| 52 proxy_ssl_name foo.example.com; | 52 proxy_ssl_name foo.example.com; |
| 53 proxy_ssl_trusted_certificate 1.example.com.crt; | 53 proxy_ssl_trusted_certificate 1.example.com.crt; |
| 54 } | 54 } |
| 55 | 55 |
| 56 server { | 56 server { |
| 57 listen 127.0.0.1:8082; | 57 listen 127.0.0.1:%%PORT_2%%; |
| 58 proxy_pass 127.0.0.1:8087; | 58 proxy_pass 127.0.0.1:%%PORT_6%%; |
| 59 | 59 |
| 60 proxy_ssl_name no.match.example.com; | 60 proxy_ssl_name no.match.example.com; |
| 61 proxy_ssl_trusted_certificate 1.example.com.crt; | 61 proxy_ssl_trusted_certificate 1.example.com.crt; |
| 62 } | 62 } |
| 63 | 63 |
| 64 server { | 64 server { |
| 65 listen 127.0.0.1:8083; | 65 listen 127.0.0.1:%%PORT_3%%; |
| 66 proxy_pass 127.0.0.1:8088; | 66 proxy_pass 127.0.0.1:%%PORT_7%%; |
| 67 | 67 |
| 68 proxy_ssl_name 2.example.com; | 68 proxy_ssl_name 2.example.com; |
| 69 proxy_ssl_trusted_certificate 2.example.com.crt; | 69 proxy_ssl_trusted_certificate 2.example.com.crt; |
| 70 } | 70 } |
| 71 | 71 |
| 72 server { | 72 server { |
| 73 listen 127.0.0.1:8084; | 73 listen 127.0.0.1:%%PORT_4%%; |
| 74 proxy_pass 127.0.0.1:8088; | 74 proxy_pass 127.0.0.1:%%PORT_7%%; |
| 75 | 75 |
| 76 proxy_ssl_name bad.example.com; | 76 proxy_ssl_name bad.example.com; |
| 77 proxy_ssl_trusted_certificate 2.example.com.crt; | 77 proxy_ssl_trusted_certificate 2.example.com.crt; |
| 78 } | 78 } |
| 79 | 79 |
| 80 server { | 80 server { |
| 81 listen 127.0.0.1:8085; | 81 listen 127.0.0.1:%%PORT_5%%; |
| 82 proxy_pass 127.0.0.1:8088; | 82 proxy_pass 127.0.0.1:%%PORT_7%%; |
| 83 | 83 |
| 84 proxy_ssl_trusted_certificate 1.example.com.crt; | 84 proxy_ssl_trusted_certificate 1.example.com.crt; |
| 85 proxy_ssl_session_reuse off; | 85 proxy_ssl_session_reuse off; |
| 86 } | 86 } |
| 87 | 87 |
| 88 server { | 88 server { |
| 89 listen 127.0.0.1:8087 ssl; | 89 listen 127.0.0.1:%%PORT_6%% ssl; |
| 90 proxy_pass 127.0.0.1:8089; | 90 proxy_pass 127.0.0.1:%%PORT_8%%; |
| 91 proxy_ssl off; | 91 proxy_ssl off; |
| 92 | 92 |
| 93 ssl_certificate 1.example.com.crt; | 93 ssl_certificate 1.example.com.crt; |
| 94 ssl_certificate_key 1.example.com.key; | 94 ssl_certificate_key 1.example.com.key; |
| 95 } | 95 } |
| 96 | 96 |
| 97 server { | 97 server { |
| 98 listen 127.0.0.1:8088 ssl; | 98 listen 127.0.0.1:%%PORT_7%% ssl; |
| 99 proxy_pass 127.0.0.1:8089; | 99 proxy_pass 127.0.0.1:%%PORT_8%%; |
| 100 proxy_ssl off; | 100 proxy_ssl off; |
| 101 | 101 |
| 102 ssl_certificate 2.example.com.crt; | 102 ssl_certificate 2.example.com.crt; |
| 103 ssl_certificate_key 2.example.com.key; | 103 ssl_certificate_key 2.example.com.key; |
| 104 } | 104 } |
| 145 $t->write_file('index.html', ''); | 145 $t->write_file('index.html', ''); |
| 146 | 146 |
| 147 $t->run_daemon(\&http_daemon); | 147 $t->run_daemon(\&http_daemon); |
| 148 $t->run(); | 148 $t->run(); |
| 149 | 149 |
| 150 $t->waitforsocket('127.0.0.1:8089'); | 150 $t->waitforsocket('127.0.0.1:' . port(8)); |
| 151 | 151 |
| 152 ############################################################################### | 152 ############################################################################### |
| 153 | 153 |
| 154 # subjectAltName | 154 # subjectAltName |
| 155 | 155 |
| 156 like(get('/', '127.0.0.1:8080'), qr/200 OK/, 'verify'); | 156 like(get('/', '127.0.0.1:' . port(0)), qr/200 OK/, 'verify'); |
| 157 like(get('/', '127.0.0.1:8081'), qr/200 OK/, 'verify wildcard'); | 157 like(get('/', '127.0.0.1:' . port(1)), qr/200 OK/, 'verify wildcard'); |
| 158 unlike(get('/', '127.0.0.1:8082'), qr/200 OK/, 'verify fail'); | 158 unlike(get('/', '127.0.0.1:' . port(2)), qr/200 OK/, 'verify fail'); |
| 159 | 159 |
| 160 # commonName | 160 # commonName |
| 161 | 161 |
| 162 like(get('/', '127.0.0.1:8083'), qr/200 OK/, 'verify cn'); | 162 like(get('/', '127.0.0.1:' . port(3)), qr/200 OK/, 'verify cn'); |
| 163 unlike(get('/', '127.0.0.1:8084'), qr/200 OK/, 'verify cn fail'); | 163 unlike(get('/', '127.0.0.1:' . port(4)), qr/200 OK/, 'verify cn fail'); |
| 164 | 164 |
| 165 # untrusted | 165 # untrusted |
| 166 | 166 |
| 167 unlike(get('/', '127.0.0.1:8085'), qr/200 OK/, 'untrusted'); | 167 unlike(get('/', '127.0.0.1:' . port(5)), qr/200 OK/, 'untrusted'); |
| 168 | 168 |
| 169 ############################################################################### | 169 ############################################################################### |
| 170 | 170 |
| 171 sub get { | 171 sub get { |
| 172 my ($uri, $peer) = @_; | 172 my ($uri, $peer) = @_; |
| 184 ############################################################################### | 184 ############################################################################### |
| 185 | 185 |
| 186 sub http_daemon { | 186 sub http_daemon { |
| 187 my $server = IO::Socket::INET->new( | 187 my $server = IO::Socket::INET->new( |
| 188 Proto => 'tcp', | 188 Proto => 'tcp', |
| 189 LocalHost => '127.0.0.1:8089', | 189 LocalHost => '127.0.0.1:' . port(8), |
| 190 Listen => 5, | 190 Listen => 5, |
| 191 Reuse => 1 | 191 Reuse => 1 |
| 192 ) | 192 ) |
| 193 or die "Can't create listening socket: $!\n"; | 193 or die "Can't create listening socket: $!\n"; |
| 194 | 194 |