Mercurial > hg > nginx-tests

diff ssl.t @ 1866:a797d7428fa5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: simplified http SSL tests with IO::Socket::SSL. The http SSL tests which previously used IO::Socket::SSL were converted to use improved IO::Socket::SSL infrastructure in Test::Nginx.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 18 May 2023 18:07:19 +0300
parents cdcd75657e52
children 0b5ec15c62ed
line wrap: on
line diff
--- a/ssl.t
+++ b/ssl.t
@@ -14,6 +14,7 @@ use strict;
 use Test::More;
 
 use Socket qw/ CRLF /;
+use IO::Select;
 
 BEGIN { use FindBin; chdir($FindBin::Bin); }
 
@@ -278,11 +279,9 @@ sub test_tls13 {
 }
 
 sub get {
-	my ($uri, $port, $ctx) = @_;
-	my $s = get_ssl_socket($port, $ctx) or return;
-	my $r = http_get($uri, socket => $s);
-	$s->close();
-	return $r;
+	my ($uri, $port, $ctx, %extra) = @_;
+	my $s = get_ssl_socket($port, $ctx, %extra) or return;
+	return http_get($uri, socket => $s);
 }
 
 sub get_body {
@@ -297,16 +296,16 @@ sub get_body {
 	http($chs . CRLF . $body x $len . CRLF, socket => $s, start => 1)
 		for 1 .. $n;
 	my $r = http("0" . CRLF . CRLF, socket => $s);
-	$s->close();
 	return $r;
 }
 
 sub cert {
 	my ($uri, $port) = @_;
-	my $s = get_ssl_socket($port, undef,
+	return get(
+		$uri, $port, undef,
 		SSL_cert_file => "$d/subject.crt",
-		SSL_key_file => "$d/subject.key") or return;
-	http_get($uri, socket => $s);
+		SSL_key_file => "$d/subject.key"
+	);
 }
 
 sub get_ssl_context {
@@ -318,45 +317,32 @@ sub get_ssl_context {
 
 sub get_ssl_socket {
 	my ($port, $ctx, %extra) = @_;
-	my $s;
-
-	eval {
-		local $SIG{ALRM} = sub { die "timeout\n" };
-		local $SIG{PIPE} = sub { die "sigpipe\n" };
-		alarm(8);
-		$s = IO::Socket::SSL->new(
-			Proto => 'tcp',
-			PeerAddr => '127.0.0.1',
-			PeerPort => port($port),
-			SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
-			SSL_reuse_ctx => $ctx,
-			SSL_error_trap => sub { die $_[1] },
-			%extra
-		);
-		alarm(0);
-	};
-	alarm(0);
-
-	if ($@) {
-		log_in("died: $@");
-		return undef;
-	}
-
-	return $s;
+	return http(
+		'', PeerAddr => '127.0.0.1:' . port($port), start => 1,
+		SSL => 1,
+		SSL_reuse_ctx => $ctx,
+		%extra
+	);
 }
 
 sub get_ssl_shutdown {
 	my ($port) = @_;
 
-	my $s = IO::Socket::INET->new('127.0.0.1:' . port($port));
-	my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!");
-	my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
-	Net::SSLeay::set_fd($ssl, fileno($s));
-	Net::SSLeay::connect($ssl) or die("ssl connect");
-	Net::SSLeay::write($ssl, 'GET /' . CRLF . 'extra');
-	Net::SSLeay::read($ssl);
-	Net::SSLeay::set_shutdown($ssl, 1);
-	Net::SSLeay::shutdown($ssl);
+	my $s = http(
+		'GET /' . CRLF . 'extra',
+		PeerAddr => '127.0.0.1:' . port($port), start => 1,
+		SSL => 1
+	);
+
+	$s->blocking(0);
+	while (IO::Select->new($s)->can_read(8)) {
+                my $n = $s->sysread(my $buf, 16384);
+                next if !defined $n && $!{EWOULDBLOCK};
+                last;
+	}
+	$s->blocking(1);
+
+	return $s->stop_SSL();
 }
 
 ###############################################################################