Mercurial > hg > nginx-tests
view proxy_cache.t @ 1974:b5036a0f9ae0
Tests: improved compatibility when using recent "openssl" app.
Starting with OpenSSL 3.0, "openssl genrsa" generates encrypted keys
in PKCS#8 format instead of previously used PKCS#1 format. Further,
since OpenSSL 1.1.0 such keys are using PBKDF2 hmacWithSHA256.
Such keys are not supported by old SSL libraries, notably by OpenSSL
before 1.0.0 (OpenSSL 0.9.8 only supports hmacWithSHA1) and by BoringSSL
before May 21, 2019 (support for hmacWithSHA256 was added in 302a4dee6c),
and trying to load such keys into nginx compiled with an old SSL library
results in "unsupported prf" errors.
To facilitate testing with old SSL libraries, keys are now generated
with "openssl genrsa -traditional" if the flag is available.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 May 2024 00:04:26 +0300 |
parents | 196d33c2bb45 |
children |
line wrap: on
line source
#!/usr/bin/perl # (C) Maxim Dounin # Tests for http proxy cache. ############################################################################### use warnings; use strict; use Test::More; BEGIN { use FindBin; chdir($FindBin::Bin); } use lib 'lib'; use Test::Nginx qw/ :DEFAULT :gzip /; ############################################################################### select STDERR; $| = 1; select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/http proxy cache gzip/)->plan(15) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% daemon off; events { } http { %%TEST_GLOBALS_HTTP%% proxy_cache_path %%TESTDIR%%/cache levels=1:2 keys_zone=NAME:1m; server { listen 127.0.0.1:8080; server_name localhost; gzip on; gzip_min_length 0; location / { proxy_pass http://127.0.0.1:8081; proxy_cache NAME; proxy_cache_valid 200 302 2s; proxy_cache_valid 301 1d; proxy_cache_valid any 1m; proxy_cache_min_uses 1; proxy_cache_use_stale error timeout invalid_header http_500 http_404; proxy_no_cache $arg_e; add_header X-Cache-Status $upstream_cache_status; } } server { listen 127.0.0.1:8081; server_name localhost; location / { limit_rate 512; } } } EOF $t->write_file('t.html', 'SEE-THIS'); $t->write_file('t2.html', 'SEE-THIS'); $t->write_file('empty.html', ''); $t->write_file('big.html', 'x' x 1024); $t->run(); ############################################################################### like(http_get('/t.html'), qr/SEE-THIS/, 'proxy request'); $t->write_file('t.html', 'NOOP'); like(http_get('/t.html'), qr/SEE-THIS/, 'proxy request cached'); unlike(http_head('/t2.html'), qr/SEE-THIS/, 'head request'); like(http_get('/t2.html'), qr/SEE-THIS/, 'get after head'); unlike(http_head('/t2.html'), qr/SEE-THIS/, 'head after get'); like(http_head('/empty.html?head'), qr/MISS/, 'empty head first'); like(http_head('/empty.html?head'), qr/HIT/, 'empty head second'); like(http_get_range('/t.html', 'Range: bytes=4-'), qr/^THIS/m, 'cached range'); like(http_get_range('/t.html', 'Range: bytes=0-2,4-'), qr/^SEE.*^THIS/ms, 'cached multipart range'); like(http_get('/empty.html'), qr/MISS/, 'empty get first'); like(http_get('/empty.html'), qr/HIT/, 'empty get second'); select(undef, undef, undef, 3.1); unlink $t->testdir() . '/t.html'; like(http_gzip_request('/t.html'), qr/HTTP.*STALE.*1c\x0d\x0a.{28}\x0d\x0a0\x0d\x0a\x0d\x0a\z/s, 'non-empty get stale'); unlink $t->testdir() . '/empty.html'; like(http_gzip_request('/empty.html'), qr/HTTP.*STALE.*14\x0d\x0a.{20}\x0d\x0a0\x0d\x0a\x0d\x0a\z/s, 'empty get stale'); # no client connection close with response on non-cacheable HEAD requests # see 545b5e4d83b2 in nginx for detailed explanation my $s = http(<<EOF, start => 1); HEAD /big.html?e=1 HTTP/1.1 Host: localhost EOF my $r = http_get('/t.html', socket => $s); like($r, qr/Connection: keep-alive/, 'non-cacheable head - keepalive'); like($r, qr/SEE-THIS/, 'non-cacheable head - second'); ############################################################################### sub http_get_range { my ($url, $extra) = @_; return http(<<EOF); GET $url HTTP/1.1 Host: localhost Connection: close $extra EOF } ###############################################################################