Mercurial > hg > nginx-tests
diff stream_upstream_zone_ssl.t @ 1849:72d206b37df1
Tests: fixed upstream zone ssl tests with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:30 +0300 |
parents | f3ba4c74de31 |
children |
line wrap: on
line diff
--- a/stream_upstream_zone_ssl.t +++ b/stream_upstream_zone_ssl.t @@ -82,6 +82,19 @@ stream { ssl_certificate localhost.crt; ssl_session_cache builtin; } + + server { + listen 127.0.0.1:8085; + proxy_pass 127.0.0.1:8086; + } + + server { + listen 127.0.0.1:8086 ssl; + return $ssl_protocol; + + ssl_certificate_key localhost.key; + ssl_certificate localhost.crt; + } } EOF @@ -112,13 +125,33 @@ is(stream('127.0.0.1:' . port(8080))->re is(stream('127.0.0.1:' . port(8080))->read(), '.', 'ssl 2'); is(stream('127.0.0.1:' . port(8081))->read(), '.', 'ssl session new'); + +TODO: { +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') and test_tls13(); + is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused'); is(stream('127.0.0.1:' . port(8081))->read(), 'r', 'ssl session reused 2'); +} + is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl'); is(stream('127.0.0.1:' . port(8082))->read(), '.', 'backup ssl 2'); is(stream('127.0.0.1:' . port(8083))->read(), '.', 'backup ssl session new'); + +TODO: { +local $TODO = 'no TLSv1.3 sessions in LibreSSL' + if $t->has_module('LibreSSL') and test_tls13(); + is(stream('127.0.0.1:' . port(8083))->read(), 'r', 'backup ssl session reused'); +} + ############################################################################### + +sub test_tls13 { + stream('127.0.0.1:' . port(8085))->read() =~ /TLSv1.3/; +} + +###############################################################################