Mercurial > hg > nginx-tests

comparison stream_upstream_zone_ssl.t @ 560:f3434de79a7f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: upstream zone tests with ssl backend.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 23 Apr 2015 14:01:22 +0300
parents
children ca74dc9abd1a
comparison
equal deleted inserted replaced
559:9208d8243926 560:f3434de79a7f
1 #!/usr/bin/perl
2
3 # (C) Sergey Kandaurov
4 # (C) Nginx, Inc.
5
6 # Stream tests for upstream zone with ssl backend.
7
8 ###############################################################################
9
10 use warnings;
11 use strict;
12
13 use Test::More;
14
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
16
17 use lib 'lib';
18 use Test::Nginx;
19
20 ###############################################################################
21
22 select STDERR; $| = 1;
23 select STDOUT; $| = 1;
24
25 my $t = Test::Nginx->new()->has(qw/stream stream_ssl http http_ssl/)
26 ->has(qw/stream_upstream_zone/)->has_daemon('openssl')->plan(8);
27
28 $t->write_file_expand('nginx.conf', <<'EOF');
29
30 %%TEST_GLOBALS%%
31
32 daemon off;
33
34 events {
35 }
36
37 stream {
38 proxy_ssl on;
39 proxy_ssl_session_reuse on;
40
41 upstream u {
42 zone u 32k;
43 server 127.0.0.1:8087;
44 }
45
46 upstream u2 {
47 zone u;
48 server 127.0.0.1:8087 backup;
49 server 127.0.0.1:8088 down;
50 }
51
52 server {
53 listen 127.0.0.1:8080;
54 proxy_pass u;
55 proxy_ssl_session_reuse off;
56 }
57
58 server {
59 listen 127.0.0.1:8081;
60 proxy_pass u;
61 }
62
63 server {
64 listen 127.0.0.1:8082;
65 proxy_pass u2;
66 proxy_ssl_session_reuse off;
67 }
68
69 server {
70 listen 127.0.0.1:8083;
71 proxy_pass u2;
72 }
73 }
74
75 http {
76 %%TEST_GLOBALS_HTTP%%
77
78 server {
79 listen 127.0.0.1:8087 ssl;
80
81 ssl_certificate_key localhost.key;
82 ssl_certificate localhost.crt;
83 ssl_session_cache builtin;
84
85 location / {
86 add_header X-Session $ssl_session_reused;
87 }
88 }
89 }
90
91 EOF
92
93 $t->write_file('openssl.conf', <<EOF);
94 [ req ]
95 default_bits = 2048
96 encrypt_key = no
97 distinguished_name = req_distinguished_name
98 [ req_distinguished_name ]
99 EOF
100
101 $t->write_file('index.html', '');
102
103 my $d = $t->testdir();
104
105 foreach my $name ('localhost') {
106 system('openssl req -x509 -new '
107 . "-config '$d/openssl.conf' -subj '/CN=$name/' "
108 . "-out '$d/$name.crt' -keyout '$d/$name.key' "
109 . ">>$d/openssl.out 2>&1") == 0
110 or die "Can't create certificate for $name: $!\n";
111 }
112
113 $t->run();
114
115 ###############################################################################
116
117 like(http_get('/', socket => getconn('127.0.0.1:8080')),
118 qr/200 OK.*X-Session: \./s, 'ssl');
119 like(http_get('/', socket => getconn('127.0.0.1:8081')),
120 qr/200 OK.*X-Session: \./s, 'ssl 2');
121
122 like(http_get('/', socket => getconn('127.0.0.1:8080')),
123 qr/200 OK.*X-Session: \./s, 'ssl reuse session');
124 like(http_get('/', socket => getconn('127.0.0.1:8081')),
125 qr/200 OK.*X-Session: r/s, 'ssl reuse session 2');
126
127 like(http_get('/', socket => getconn('127.0.0.1:8082')),
128 qr/200 OK.*X-Session: \./s, 'ssl backup');
129 like(http_get('/', socket => getconn('127.0.0.1:8083')),
130 qr/200 OK.*X-Session: \./s, 'ssl backup 2');
131
132 like(http_get('/', socket => getconn('127.0.0.1:8082')),
133 qr/200 OK.*X-Session: \./s, 'ssl reuse session backup');
134 like(http_get('/', socket => getconn('127.0.0.1:8083')),
135 qr/200 OK.*X-Session: r/s, 'ssl reuse session backup 2');
136
137 ###############################################################################
138
139 sub getconn {
140 my $peer = shift;
141 my $s = IO::Socket::INET->new(
142 Proto => 'tcp',
143 PeerAddr => $peer || '127.0.0.1:8080'
144 )
145 or die "Can't connect to nginx: $!\n";
146
147 return $s;
148 }
149
150 ###############################################################################