Mercurial > hg > nginx-tests
annotate mail_ssl_session_reuse.t @ 1832:2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 23 Mar 2023 19:49:53 +0300 |
| parents | f6d1f82f314b |
| children | ce4a06d72256 |
| rev | line source |
|---|---|
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
2 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
3 # (C) Andrey Zelenkov |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
4 # (C) Maxim Dounin |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
5 # (C) Nginx, Inc. |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
6 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
7 # Tests for mail ssl module, session reuse. |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
8 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
9 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
10 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
11 use warnings; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
12 use strict; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
13 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
14 use Test::More; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
15 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
16 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
17 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
18 use lib 'lib'; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
19 use Test::Nginx; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
20 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
22 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
25 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
26 eval { |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
27 require Net::SSLeay; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
28 Net::SSLeay::load_error_strings(); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
29 Net::SSLeay::SSLeay_add_ssl_algorithms(); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
30 Net::SSLeay::randomize(); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
31 }; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
32 plan(skip_all => 'Net::SSLeay not installed') if $@; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
33 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
34 my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap/) |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
35 ->has_daemon('openssl')->plan(7); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
36 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
37 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
38 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
39 %%TEST_GLOBALS%% |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
40 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
41 daemon off; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
42 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
43 events { |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
44 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
45 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
46 mail { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
47 auth_http http://127.0.0.1:8080; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
48 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
49 ssl_certificate localhost.crt; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
50 ssl_certificate_key localhost.key; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
51 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
52 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
53 listen 127.0.0.1:8993 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
54 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
55 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
56 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
57 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
58 listen 127.0.0.1:8994 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
59 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
60 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
61 ssl_session_cache shared:SSL:1m; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
62 ssl_session_tickets on; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
63 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
64 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
65 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
66 listen 127.0.0.1:8995 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
67 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
68 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
69 ssl_session_cache shared:SSL:1m; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
70 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
71 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
72 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
73 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
74 listen 127.0.0.1:8996 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
75 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
76 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
77 ssl_session_cache builtin; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
78 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
79 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
80 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
81 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
82 listen 127.0.0.1:8997 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
83 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
84 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
85 ssl_session_cache builtin:1000; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
86 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
87 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
88 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
89 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
90 listen 127.0.0.1:8998 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
91 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
92 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
93 ssl_session_cache none; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
94 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
95 } |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
96 |
|
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
97 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
98 listen 127.0.0.1:8999 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
99 protocol imap; |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
100 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
101 ssl_session_cache off; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
102 ssl_session_tickets off; |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
103 } |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
104 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
105 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
106 EOF |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
107 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
108 $t->write_file('openssl.conf', <<EOF); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
109 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1324
diff
changeset
|
110 default_bits = 2048 |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
111 encrypt_key = no |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
112 distinguished_name = req_distinguished_name |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
113 [ req_distinguished_name ] |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
114 EOF |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
115 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
116 my $d = $t->testdir(); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
117 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
118 foreach my $name ('localhost') { |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
119 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1148
diff
changeset
|
120 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
121 . "-out $d/$name.crt -keyout $d/$name.key " |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
122 . ">>$d/openssl.out 2>&1") == 0 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
123 or die "Can't create certificate for $name: $!\n"; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
124 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
125 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
126 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |
|
1324
918bf90466e0
Tests: hide startup warnings about deprecated ssl.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1220
diff
changeset
|
127 |
|
1145
f193664e06d8
Tests: remove unused http block in mail_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1142
diff
changeset
|
128 $t->run(); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
129 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
130 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
131 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
132 # session reuse: |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
133 # |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
134 # - only tickets, the default |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
135 # - tickets and shared cache, should work always |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
136 # - only shared cache |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
137 # - only builtin cache |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
138 # - only builtin cache with explicitly configured size |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
139 # - only cache none |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
140 # - only cache off |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
141 |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
142 TODO: { |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
143 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
144 if $t->has_module('LibreSSL') && test_tls13(); |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
145 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
146 is(test_reuse(8993), 1, 'tickets reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
147 is(test_reuse(8994), 1, 'tickets and cache reused'); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
148 |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
149 TODO: { |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
150 local $TODO = 'no TLSv1.3 session cache in BoringSSL' |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
151 if $t->has_module('BoringSSL') && test_tls13(); |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
152 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
153 is(test_reuse(8995), 1, 'cache shared reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
154 is(test_reuse(8996), 1, 'cache builtin reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
155 is(test_reuse(8997), 1, 'cache builtin size reused'); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
156 |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
157 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
158 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
159 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
160 is(test_reuse(8998), 0, 'cache none not reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
161 is(test_reuse(8999), 0, 'cache off not reused'); |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
162 |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
163 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
164 |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
165 sub test_tls13 { |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
166 my ($s, $ssl) = get_ssl_socket(8993); |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
167 return (Net::SSLeay::version($ssl) > 0x303); |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
168 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
169 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
170 sub test_reuse { |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
171 my ($port) = @_; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
172 my ($s, $ssl) = get_ssl_socket($port); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
173 Net::SSLeay::read($ssl); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
174 my $ses = Net::SSLeay::get_session($ssl); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
175 ($s, $ssl) = get_ssl_socket($port, $ses); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
176 return Net::SSLeay::session_reused($ssl); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
177 } |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
178 |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
179 sub get_ssl_socket { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
180 my ($port, $ses) = @_; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
181 |
|
1621
fd440d324700
Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1488
diff
changeset
|
182 my $s = IO::Socket::INET->new('127.0.0.1:' . port($port)); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
183 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!"); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
184 Net::SSLeay::set_session($ssl, $ses) if defined $ses; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
185 Net::SSLeay::set_fd($ssl, fileno($s)); |
|
1742
7bfa47410cc0
Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1621
diff
changeset
|
186 Net::SSLeay::connect($ssl) == 1 or return; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
187 return ($s, $ssl); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
188 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
189 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
190 ############################################################################### |