Mercurial > hg > nginx-tests
annotate ssl_sni_reneg.t @ 1907:034c9121b9d1
Tests: added h2_http2.t TODOs for LibreSSL and older OpenSSL.
Those libraries provide an older callback order, where ALPN callback
is invoked before SNI callback.
Additionally, OpenSSL 1.0.2 doesn't send alert on ALPN mismatch.
| author | Sergey Kandaurov <pluknet@nginx.com> |
|---|---|
| date | Thu, 08 Jun 2023 16:41:11 +0400 |
| parents | 0e1865aa9b33 |
| children | 97ffd1cf5e21 |
| rev | line source |
|---|---|
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http ssl module with SNI and renegotiation. |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
|
1621
fd440d324700
Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1535
diff
changeset
|
15 use Socket qw/ CRLF /; |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use lib 'lib'; |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
20 use Test::Nginx qw/ :DEFAULT http_end /; |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl_sni/) |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
28 ->has_daemon('openssl')->plan(8); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 %%TEST_GLOBALS%% |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 daemon off; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 events { |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 http { |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 %%TEST_GLOBALS_HTTP%% |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 ssl_certificate_key localhost.key; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 ssl_certificate localhost.crt; |
|
1853
36a4563f7f00
Tests: stick ssl_sni_reneg.t with TLSv1.2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1621
diff
changeset
|
44 ssl_protocols TLSv1.2; |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 server { |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
47 listen 127.0.0.1:8443 ssl; |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
48 listen 127.0.0.1:8444 ssl; |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 server_name localhost; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 location / { } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 } |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
53 |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
54 server { |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
55 listen 127.0.0.1:8444 ssl; |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
56 server_name localhost2; |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
57 |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
58 location / { } |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
59 } |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 EOF |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 $t->write_file('openssl.conf', <<EOF); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1421
diff
changeset
|
66 default_bits = 2048 |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 encrypt_key = no |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 distinguished_name = req_distinguished_name |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 [ req_distinguished_name ] |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 EOF |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 my $d = $t->testdir(); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 foreach my $name ('localhost') { |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1173
diff
changeset
|
76 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1173
diff
changeset
|
77 . "-out $d/$name.crt -keyout $d/$name.key " |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 . ">>$d/openssl.out 2>&1") == 0 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 or die "Can't create certificate for $name: $!\n"; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 $t->run(); |
|
1387
ad3cb6f451a5
Tests: skip ssl_sni_reneg.t with TLS 1.3.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1380
diff
changeset
|
83 |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 ############################################################################### |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
86 my ($s, $ssl); |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
87 |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
88 $s = http('', start => 1, SSL => 1); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 ok($s, 'connection'); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 SKIP: { |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 skip 'connection failed', 3 unless $s; |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 |
|
1173
1a54d45d5587
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
94 local $SIG{PIPE} = 'IGNORE'; |
|
1a54d45d5587
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
95 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
96 $s->print('GET / HTTP/1.0' . CRLF); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
98 # Note: this uses IO::Socket::SSL::_get_ssl_object() internal method. |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
99 # While not exactly correct, it looks like there is no other way to |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
100 # trigger renegotiation with IO::Socket::SSL, and this seems to be |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
101 # good enough for tests. |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
102 |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
103 $ssl = $s->_get_ssl_object(); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
107 $s->print('Host: localhost' . CRLF . CRLF); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
109 ok(!http_end($s), 'response'); |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 } |
|
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
113 # virtual servers |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
114 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
115 $s = http('', start => 1, PeerAddr => '127.0.0.1:' . port(8444), SSL => 1); |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
116 ok($s, 'connection 2'); |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
117 |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
118 SKIP: { |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
119 skip 'connection failed', 3 unless $s; |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
120 |
|
1409
0bc5bd58d9de
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1407
diff
changeset
|
121 local $SIG{PIPE} = 'IGNORE'; |
|
0bc5bd58d9de
Tests: handled SIGPIPE in ssl_sni_reneg.t.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1407
diff
changeset
|
122 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
123 $s->print('GET / HTTP/1.0' . CRLF); |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
124 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
125 # Note: this uses IO::Socket::SSL::_get_ssl_object() internal method. |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
126 # While not exactly correct, it looks like there is no other way to |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
127 # trigger renegotiation with IO::Socket::SSL, and this seems to be |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
128 # good enough for tests. |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
129 |
|
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
130 $ssl = $s->_get_ssl_object(); |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
131 ok(Net::SSLeay::renegotiate($ssl), 'renegotiation'); |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
132 ok(Net::SSLeay::set_tlsext_host_name($ssl, 'localhost'), 'SNI'); |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
133 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
134 $s->print('Host: localhost' . CRLF . CRLF); |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
135 |
|
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1853
diff
changeset
|
136 ok(!http_end($s), 'virtual servers'); |
|
1380
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
137 |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
138 } |
|
f50c7d90f5c9
Tests: more https sni tests with renegotiation (ticket #1646).
Sergey Kandaurov <pluknet@nginx.com>
parents:
1377
diff
changeset
|
139 |
|
807
5540ee8a12ce
Tests: https sni tests with renegotiation (ticket #845).
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
140 ############################################################################### |