Mercurial > hg > nginx-tests

comparison ssl_sni_sessions.t @ 1478:f9718a0773b9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: skip TLS 1.3 session reuse tests with older Perl modules. SSL_reuse_ctx client support for TLS 1.3 (when negotiated) is only available in IO::Socket::SSL version 2.061 or later, Net::SSLeay version 1.88 or later.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 20 May 2019 20:25:05 +0300
parents 4e48bf51714f
children dbce8fb5f5f8
comparison
equal deleted inserted replaced
1477:8b122b35703b 1478:f9718a0773b9
44 44
45 ssl_session_tickets off; 45 ssl_session_tickets off;
46 ssl_session_cache shared:cache1:1m; 46 ssl_session_cache shared:cache1:1m;
47 47
48 location / { 48 location / {
49 return 200 $ssl_server_name:$ssl_session_reused; 49 return 200 $ssl_server_name:$ssl_session_reused:$ssl_protocol;
50 } 50 }
51 } 51 }
52 52
53 server { 53 server {
54 listen 127.0.0.1:8080; 54 listen 127.0.0.1:8080;
101 my $ctx = Net::SSLeay::CTX_new() or die; 101 my $ctx = Net::SSLeay::CTX_new() or die;
102 my $ssl = Net::SSLeay::new($ctx) or die; 102 my $ssl = Net::SSLeay::new($ctx) or die;
103 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; 103 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
104 }; 104 };
105 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; 105 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
106
107 $t->plan(6);
108 106
109 $t->write_file('openssl.conf', <<EOF); 107 $t->write_file('openssl.conf', <<EOF);
110 [ req ] 108 [ req ]
111 default_bits = 1024 109 default_bits = 1024
112 encrypt_key = no 110 encrypt_key = no
126 124
127 $t->write_file('ticket1.key', '1' x 48); 125 $t->write_file('ticket1.key', '1' x 48);
128 $t->write_file('ticket2.key', '2' x 48); 126 $t->write_file('ticket2.key', '2' x 48);
129 127
130 $t->run(); 128 $t->run();
129
130 plan(skip_all => 'no TLS 1.3 sessions')
131 if get('default', port(8080), get_ssl_context()) =~ /TLSv1.3/
132 && ($Net::SSLeay::VERSION < 1.88 || $IO::Socket::SSL::VERSION < 2.061);
133
134 $t->plan(6);
131 135
132 ############################################################################### 136 ###############################################################################
133 137
134 # check that everything works fine with default server 138 # check that everything works fine with default server
135 139