Mercurial > hg > nginx-tests
comparison ssl_sni_sessions.t @ 1478:f9718a0773b9
Tests: skip TLS 1.3 session reuse tests with older Perl modules.
SSL_reuse_ctx client support for TLS 1.3 (when negotiated) is only available
in IO::Socket::SSL version 2.061 or later, Net::SSLeay version 1.88 or later.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 20 May 2019 20:25:05 +0300 |
parents | 4e48bf51714f |
children | dbce8fb5f5f8 |
comparison
equal
deleted
inserted
replaced
1477:8b122b35703b | 1478:f9718a0773b9 |
---|---|
44 | 44 |
45 ssl_session_tickets off; | 45 ssl_session_tickets off; |
46 ssl_session_cache shared:cache1:1m; | 46 ssl_session_cache shared:cache1:1m; |
47 | 47 |
48 location / { | 48 location / { |
49 return 200 $ssl_server_name:$ssl_session_reused; | 49 return 200 $ssl_server_name:$ssl_session_reused:$ssl_protocol; |
50 } | 50 } |
51 } | 51 } |
52 | 52 |
53 server { | 53 server { |
54 listen 127.0.0.1:8080; | 54 listen 127.0.0.1:8080; |
101 my $ctx = Net::SSLeay::CTX_new() or die; | 101 my $ctx = Net::SSLeay::CTX_new() or die; |
102 my $ssl = Net::SSLeay::new($ctx) or die; | 102 my $ssl = Net::SSLeay::new($ctx) or die; |
103 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; | 103 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; |
104 }; | 104 }; |
105 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; | 105 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; |
106 | |
107 $t->plan(6); | |
108 | 106 |
109 $t->write_file('openssl.conf', <<EOF); | 107 $t->write_file('openssl.conf', <<EOF); |
110 [ req ] | 108 [ req ] |
111 default_bits = 1024 | 109 default_bits = 1024 |
112 encrypt_key = no | 110 encrypt_key = no |
126 | 124 |
127 $t->write_file('ticket1.key', '1' x 48); | 125 $t->write_file('ticket1.key', '1' x 48); |
128 $t->write_file('ticket2.key', '2' x 48); | 126 $t->write_file('ticket2.key', '2' x 48); |
129 | 127 |
130 $t->run(); | 128 $t->run(); |
129 | |
130 plan(skip_all => 'no TLS 1.3 sessions') | |
131 if get('default', port(8080), get_ssl_context()) =~ /TLSv1.3/ | |
132 && ($Net::SSLeay::VERSION < 1.88 || $IO::Socket::SSL::VERSION < 2.061); | |
133 | |
134 $t->plan(6); | |
131 | 135 |
132 ############################################################################### | 136 ############################################################################### |
133 | 137 |
134 # check that everything works fine with default server | 138 # check that everything works fine with default server |
135 | 139 |