Mercurial > hg > nginx-tests

diff ssl.t @ 1447:e1c64ee44212

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added $ssl_server_name tests with SSL session reuse.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 04 Mar 2019 13:02:36 +0300
parents 4e48bf51714f
children eeababfd8726
line wrap: on
line diff
--- a/ssl.t
+++ b/ssl.t
@@ -31,7 +31,7 @@ eval { IO::Socket::SSL::SSL_VERIFY_NONE(
 plan(skip_all => 'IO::Socket::SSL too old') if $@;
 
 my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy/)
-	->has_daemon('openssl')->plan(23);
+	->has_daemon('openssl')->plan(25);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -62,6 +62,9 @@ http {
         location /reuse {
             return 200 "body $ssl_session_reused";
         }
+        location /sni {
+            return 200 "body $ssl_session_reused:$ssl_server_name";
+        }
         location /id {
             return 200 "body $ssl_session_id";
         }
@@ -224,6 +227,27 @@ like(get('/', 8083), qr/^body \.$/m, 'se
 like(get('/', 8084), qr/^body \.$/m, 'reused off initial session');
 like(get('/', 8084), qr/^body \.$/m, 'session not reused 2');
 
+# ssl_server_name
+
+SKIP: {
+skip 'no sni', 2 unless $t->has_module('sni');
+
+$ctx = new IO::Socket::SSL::SSL_Context(
+	SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
+	SSL_session_cache_size => 100);
+
+like(get('/sni', 8085), qr/^body \.:localhost$/m, 'ssl server name');
+
+TODO: {
+local $TODO = 'not yet' if $t->has_module('OpenSSL (1.1.1|3)')
+	&& !$t->has_version('1.15.10');
+
+like(get('/sni', 8085), qr/^body r:localhost$/m, 'ssl server name - reused');
+
+}
+
+}
+
 # ssl certificate inheritance
 
 my $s = get_ssl_socket($ctx, port(8081));
@@ -307,6 +331,7 @@ sub get_ssl_socket {
 			PeerPort => $port,
 			SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
 			SSL_reuse_ctx => $ctx,
+			SSL_hostname => 'localhost',
 			SSL_error_trap => sub { die $_[1] },
 			%extra
 		);