Mercurial > hg > nginx-tests

changeset 1277:1d7c87dba788

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added test for SSL session remove (ticket #1464).
author Sergey Kandaurov <pluknet@nginx.com>
date Wed, 31 Jan 2018 14:05:58 +0300
parents 490691c45b3f
children 6d065c9a3b1f
files ssl_verify_client.t
diffstat 1 files changed, 28 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/ssl_verify_client.t
+++ b/ssl_verify_client.t
@@ -40,7 +40,7 @@ eval {
 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
 
 my $t = Test::Nginx->new()->has(qw/http http_ssl sni/)
-	->has_daemon('openssl')->plan(10);
+	->has_daemon('openssl')->plan(11);
 
 $t->write_file_expand('nginx.conf', <<'EOF');
 
@@ -56,13 +56,13 @@ http {
 
     add_header X-Verify x$ssl_client_verify:${ssl_client_cert}x;
 
-    ssl_certificate_key 1.example.com.key;
-    ssl_certificate 1.example.com.crt;
-
     server {
         listen       127.0.0.1:8080;
         server_name  localhost;
 
+        ssl_certificate_key 1.example.com.key;
+        ssl_certificate 1.example.com.crt;
+
         ssl_verify_client on;
         ssl_client_certificate 2.example.com.crt;
     }
@@ -71,6 +71,9 @@ http {
         listen       127.0.0.1:8081 ssl;
         server_name  on;
 
+        ssl_certificate_key 1.example.com.key;
+        ssl_certificate 1.example.com.crt;
+
         ssl_verify_client on;
         ssl_client_certificate 2.example.com.crt;
     }
@@ -79,6 +82,9 @@ http {
         listen       127.0.0.1:8081 ssl;
         server_name  optional;
 
+        ssl_certificate_key 1.example.com.key;
+        ssl_certificate 1.example.com.crt;
+
         ssl_verify_client optional;
         ssl_client_certificate 2.example.com.crt;
         ssl_trusted_certificate 3.example.com.crt;
@@ -88,9 +94,19 @@ http {
         listen       127.0.0.1:8081 ssl;
         server_name  optional_no_ca;
 
+        ssl_certificate_key 1.example.com.key;
+        ssl_certificate 1.example.com.crt;
+
         ssl_verify_client optional_no_ca;
         ssl_client_certificate 2.example.com.crt;
     }
+
+    server {
+        listen       127.0.0.1:8081;
+        server_name  no_context;
+
+        ssl_verify_client on;
+    }
 }
 
 EOF
@@ -123,6 +139,14 @@ sleep 1 if $^O eq 'MSWin32';
 
 like(http_get('/t'), qr/x:x/, 'plain connection');
 like(get('on'), qr/400 Bad Request/, 'no cert');
+
+TODO: {
+todo_skip 'leaves coredump', unless $t->has_version('1.13.9');
+
+like(get('no_context'), qr/400 Bad Request/, 'no server cert');
+
+}
+
 like(get('optional'), qr/NONE:x/, 'no optional cert');
 like(get('optional', '1.example.com'), qr/400 Bad/, 'bad optional cert');
 like(get('optional_no_ca', '1.example.com'), qr/FAILED.*BEGIN/,