Mercurial > hg > nginx-tests
changeset 1033:45c80276d691
Tests: unbreak for nginx built with OpenSSL without NPN/ALPN.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Wed, 14 Sep 2016 19:38:13 +0300 |
| parents | 43eedbfea090 |
| children | 679cefd5896b |
| files | h2_ssl.t h2_ssl_proxy_cache.t h2_ssl_variables.t h2_ssl_verify_client.t |
| diffstat | 4 files changed, 53 insertions(+), 37 deletions(-) [+] |
line wrap: on
line diff
--- a/h2_ssl.t +++ b/h2_ssl.t @@ -27,7 +27,9 @@ eval { require IO::Socket::SSL; }; plan(skip_all => 'IO::Socket::SSL not installed') if $@; my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2/) - ->has_daemon('openssl')->plan(1); + ->has_daemon('openssl'); + +$t->todo_alerts() unless $t->has_version('1.11.3'); $t->write_file_expand('nginx.conf', <<'EOF'); @@ -79,20 +81,18 @@ open OLDERR, ">&", \*STDERR; close STDER $t->run(); open STDERR, ">&", \*OLDERR; +plan(skip_all => 'no ALPN/NPN negotiation') unless defined getconn(port(0)); +$t->plan(1); + ############################################################################### # client cancels 2nd stream after HEADERS has been created # while some unsent data was left in the SSL buffer # HEADERS frame may stuck in SSL buffer and won't be sent producing alert -SKIP: { my $s = getconn(port(0)); -skip 'OpenSSL ALPN/NPN support required', 1 unless defined $s; - ok($s, 'ssl connection'); -$t->todo_alerts() unless $t->has_version('1.11.3'); - my $sid = $s->new_stream({ path => '/tbig.html' }); select undef, undef, undef, 0.2; @@ -105,8 +105,6 @@ select undef, undef, undef, 0.2; $t->stop(); -} - ############################################################################### sub getconn { @@ -114,15 +112,19 @@ sub getconn { my $s; eval { - IO::Socket::SSL->can_alpn() or die; - $s = Test::Nginx::HTTP2->new($port, SSL => 1, alpn => 'h2'); + my $sock = Test::Nginx::HTTP2::new_socket($port, SSL => 1, + alpn => 'h2'); + $s = Test::Nginx::HTTP2->new($port, socket => $sock) + if $sock->alpn_selected(); }; return $s if defined $s; eval { - IO::Socket::SSL->can_npn() or die; - $s = Test::Nginx::HTTP2->new($port, SSL => 1, npn => 'h2'); + my $sock = Test::Nginx::HTTP2::new_socket($port, SSL => 1, + npn => 'h2'); + $s = Test::Nginx::HTTP2->new($port, socket => $sock) + if $sock->next_proto_negotiated(); }; return $s;
--- a/h2_ssl_proxy_cache.t +++ b/h2_ssl_proxy_cache.t @@ -131,15 +131,19 @@ sub getconn { my $s; eval { - IO::Socket::SSL->can_alpn() or die; - $s = Test::Nginx::HTTP2->new($port, SSL => 1, alpn => 'h2'); + my $sock = Test::Nginx::HTTP2::new_socket($port, SSL => 1, + alpn => 'h2'); + $s = Test::Nginx::HTTP2->new($port, socket => $sock) + if $sock->alpn_selected(); }; return $s if defined $s; eval { - IO::Socket::SSL->can_npn() or die; - $s = Test::Nginx::HTTP2->new($port, SSL => 1, npn => 'h2'); + my $sock = Test::Nginx::HTTP2::new_socket($port, SSL => 1, + npn => 'h2'); + $s = Test::Nginx::HTTP2->new($port, socket => $sock) + if $sock->next_proto_negotiated(); }; return $s;
--- a/h2_ssl_variables.t +++ b/h2_ssl_variables.t @@ -93,11 +93,15 @@ open STDERR, ">&", \*OLDERR; my ($s, $sid, $frames, $frame); +my $has_npn = eval { Test::Nginx::HTTP2::new_socket(port(8080), SSL => 1, + npn => 'h2')->next_proto_negotiated() }; +my $has_alpn = eval { Test::Nginx::HTTP2::new_socket(port(8080), SSL => 1, + alpn => 'h2')->alpn_selected() }; + # SSL/TLS connection, NPN SKIP: { -eval { IO::Socket::SSL->can_npn() or die; }; -skip 'OpenSSL NPN support required', 1 if $@; +skip 'OpenSSL NPN support required', 1 unless $has_npn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, npn => 'h2'); $sid = $s->new_stream({ path => '/h2' }); @@ -111,8 +115,7 @@ is($frame->{data}, 'h2', 'http variable # SSL/TLS connection, ALPN SKIP: { -eval { IO::Socket::SSL->can_alpn() or die; }; -skip 'OpenSSL ALPN support required', 1 if $@; +skip 'OpenSSL ALPN support required', 1 unless $has_alpn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, alpn => 'h2'); $sid = $s->new_stream({ path => '/h2' }); @@ -126,8 +129,7 @@ is($frame->{data}, 'h2', 'http variable # $server_protocol - SSL/TLS connection, NPN SKIP: { -eval { IO::Socket::SSL->can_npn() or die; }; -skip 'OpenSSL NPN support required', 1 if $@; +skip 'OpenSSL NPN support required', 1 unless $has_npn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, npn => 'h2'); $sid = $s->new_stream({ path => '/sp' }); @@ -141,8 +143,7 @@ is($frame->{data}, 'HTTP/2.0', 'server_p # $server_protocol - SSL/TLS connection, ALPN SKIP: { -eval { IO::Socket::SSL->can_alpn() or die; }; -skip 'OpenSSL ALPN support required', 1 if $@; +skip 'OpenSSL ALPN support required', 1 unless $has_alpn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, alpn => 'h2'); $sid = $s->new_stream({ path => '/sp' }); @@ -156,8 +157,7 @@ is($frame->{data}, 'HTTP/2.0', 'server_p # $scheme - SSL/TLS connection, NPN SKIP: { -eval { IO::Socket::SSL->can_npn() or die; }; -skip 'OpenSSL NPN support required', 1 if $@; +skip 'OpenSSL NPN support required', 1 unless $has_npn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, npn => 'h2'); $sid = $s->new_stream({ path => '/scheme' }); @@ -171,8 +171,7 @@ is($frame->{data}, 'https', 'scheme vari # $scheme - SSL/TLS connection, ALPN SKIP: { -eval { IO::Socket::SSL->can_alpn() or die; }; -skip 'OpenSSL ALPN support required', 1 if $@; +skip 'OpenSSL ALPN support required', 1 unless $has_alpn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, alpn => 'h2'); $sid = $s->new_stream({ path => '/scheme' }); @@ -186,8 +185,7 @@ is($frame->{data}, 'https', 'scheme vari # $https - SSL/TLS connection, NPN SKIP: { -eval { IO::Socket::SSL->can_npn() or die; }; -skip 'OpenSSL NPN support required', 1 if $@; +skip 'OpenSSL NPN support required', 1 unless $has_npn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, npn => 'h2'); $sid = $s->new_stream({ path => '/https' }); @@ -201,8 +199,7 @@ is($frame->{data}, 'on', 'https variable # $https - SSL/TLS connection, ALPN SKIP: { -eval { IO::Socket::SSL->can_alpn() or die; }; -skip 'OpenSSL ALPN support required', 1 if $@; +skip 'OpenSSL ALPN support required', 1 unless $has_alpn; $s = Test::Nginx::HTTP2->new(port(8080), SSL => 1, alpn => 'h2'); $sid = $s->new_stream({ path => '/https' });
--- a/h2_ssl_verify_client.t +++ b/h2_ssl_verify_client.t @@ -31,7 +31,7 @@ eval { IO::Socket::SSL->can_alpn() or di plan(skip_all => 'OpenSSL ALPN support required') if $@; my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2/) - ->has_daemon('openssl')->plan(3); + ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); @@ -91,7 +91,13 @@ foreach my $name ('localhost', 'client') $t->write_file('t', 'SEE-THIS'); +open OLDERR, ">&", \*STDERR; close STDERR; $t->run(); +open STDERR, ">&", \*OLDERR; + +my $s = get_ssl_socket(); +plan(skip_all => 'no alpn') unless $s->alpn_selected(); +$t->plan(3); ############################################################################### @@ -109,12 +115,10 @@ is(get('localhost', 'example.com')->{':s ############################################################################### -sub get { - my ($sni, $host) = @_; +sub get_ssl_socket { + my ($sni) = @_; my $s; - $host = $sni if !defined $host; - eval { local $SIG{ALRM} = sub { die "timeout\n" }; local $SIG{PIPE} = sub { die "sigpipe\n" }; @@ -139,6 +143,15 @@ sub get { return undef; } + return $s; +} + +sub get { + my ($sni, $host) = @_; + + $host = $sni if !defined $host; + + my $s = get_ssl_socket($sni); my $sess = Test::Nginx::HTTP2->new(port(8080), socket => $s); my $sid = $sess->new_stream({ headers => [ { name => ':method', value => 'GET', mode => 0 },