Mercurial > hg > nginx-tests

diff lib/Test/Nginx/Stream.pm @ 1863:dbb7561a9441

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: reworked stream SSL tests to use IO::Socket::SSL. Relevant infrastructure is provided in Test::Nginx::Stream. This also ensures that SSL handshake and various read operations are guarded with timeouts. The stream_ssl_verify_client.t test uses IO::Socket::SSL::_get_ssl_object() to access the Net::SSLeay object directly, as it seems to be the only way to obtain CA list with IO::Socket::SSL. While not exactly correct, this seems to be good enough for tests.
author Maxim Dounin <mdounin@mdounin.ru>
date Thu, 18 May 2023 18:07:12 +0300
parents 1197c152215b
children 6d3a8f4eb9b2
line wrap: on
line diff
--- a/lib/Test/Nginx/Stream.pm
+++ b/lib/Test/Nginx/Stream.pm
@@ -38,17 +38,38 @@ sub new {
 
 	unshift(@_, "PeerAddr") if @_ == 1;
 
-	$self->{_socket} = IO::Socket::INET->new(
-		Proto => "tcp",
-		PeerAddr => '127.0.0.1',
-		@_
-	)
-		or die "Can't connect to nginx: $!\n";
+	eval {
+		local $SIG{ALRM} = sub { die "timeout\n" };
+		local $SIG{PIPE} = sub { die "sigpipe\n" };
+		alarm(8);
+
+		$self->{_socket} = IO::Socket::INET->new(
+			Proto => "tcp",
+			PeerAddr => '127.0.0.1',
+			@_
+		)
+			or die "Can't connect to nginx: $!\n";
 
-	if ({@_}->{'SSL'}) {
-		require IO::Socket::SSL;
-		IO::Socket::SSL->start_SSL($self->{_socket}, @_)
-			or die $IO::Socket::SSL::SSL_ERROR . "\n";
+		if ({@_}->{'SSL'}) {
+			require IO::Socket::SSL;
+			IO::Socket::SSL->start_SSL(
+				$self->{_socket},
+				SSL_verify_mode =>
+					IO::Socket::SSL::SSL_VERIFY_NONE(),
+				@_
+			)
+				or die $IO::Socket::SSL::SSL_ERROR . "\n";
+
+			my $s = $self->{_socket};
+			log_in("ssl cipher: " . $s->get_cipher());
+			log_in("ssl cert: " . $s->peer_certificate('issuer'));
+		}
+
+		alarm(0);
+	};
+	alarm(0);
+	if ($@) {
+		log_in("died: $@");
 	}
 
 	$self->{_socket}->autoflush(1);
@@ -56,6 +77,11 @@ sub new {
 	return $self;
 }
 
+sub DESTROY {
+	my $self = shift;
+	$self->{_socket}->close();
+}
+
 sub write {
 	my ($self, $message, %extra) = @_;
 	my $s = $self->{_socket};
@@ -135,6 +161,11 @@ sub sockport {
 	return $self->{_socket}->sockport();
 }
 
+sub socket {
+	my ($self) = @_;
+	$self->{_socket};
+}
+
 ###############################################################################
 
 1;