Mercurial > hg > nginx-tests
changeset 752:80e17d44088c
Tests: avoid using SSL_session_key.
The SSL_session_key parameter is only available in IO::Socket::SSL
version 1.965 or later. Recreate SSL contexts instead.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Fri, 23 Oct 2015 23:25:03 +0300 |
parents | f17f83b3d8c9 |
children | 63d1b7cb974a |
files | ssl_sni_sessions.t |
diffstat | 1 files changed, 13 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/ssl_sni_sessions.t +++ b/ssl_sni_sessions.t @@ -131,12 +131,9 @@ foreach my $name ('localhost') { ############################################################################### -my $ctx = IO::Socket::SSL::SSL_Context->new( - SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), - SSL_session_cache_size => 100 -); +# check that everything works fine with default server -# check that everything works fine with default server +my $ctx = get_ssl_context(); like(get('default', 8443, $ctx), qr!default:\.!, 'default server'); like(get('default', 8443, $ctx), qr!default:r!, 'default server reused'); @@ -154,12 +151,16 @@ local $TODO = 'not yet' unless $t->has_v # creating new sessions, uses callbacks from the default server context, but # provides access to the SNI-selected server context only (ticket #235) +$ctx = get_ssl_context(); + like(get('nocache', 8443, $ctx), qr!nocache:\.!, 'without cache'); like(get('nocache', 8443, $ctx), qr!nocache:r!, 'without cache reused'); # make sure tickets can be used if an SNI-based virtual server # uses a different set of session ticket keys explicitly set +$ctx = get_ssl_context(); + like(get('tickets', 8444, $ctx), qr!tickets:\.!, 'tickets'); like(get('tickets', 8444, $ctx), qr!tickets:r!, 'tickets reused'); @@ -167,6 +168,13 @@ like(get('tickets', 8444, $ctx), qr!tick ############################################################################### +sub get_ssl_context { + return IO::Socket::SSL::SSL_Context->new( + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), + SSL_session_cache_size => 100 + ); +} + sub get_ssl_socket { my ($host, $port, $ctx) = @_; my $s; @@ -180,7 +188,6 @@ sub get_ssl_socket { PeerAddr => '127.0.0.1', PeerPort => $port, SSL_hostname => $host, - SSL_session_key => "$host:$port", SSL_reuse_ctx => $ctx, SSL_error_trap => sub { die $_[1] } );