Mercurial > hg > nginx-tests
annotate ssl_session_ticket_key.t @ 1836:74cffa9d4c43
Tests: enabled session reuse via TLS session tickets.
This fixes tests with TLSv1.3 enabled when using BoringSSL, since
for TLSv1.3 it only supports session reuse via TLS session tickets,
and not server-side session cache.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:02 +0300 |
parents | 5817625792bd |
children | 0381a0a212e1 |
rev | line source |
---|---|
1816
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for rotation of SSL session ticket keys. |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 ############################################################################### |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 select STDERR; $| = 1; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDOUT; $| = 1; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 eval { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 require Net::SSLeay; die if $Net::SSLeay::VERSION < 1.86; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 Net::SSLeay::load_error_strings(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 Net::SSLeay::SSLeay_add_ssl_algorithms(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 Net::SSLeay::randomize(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 }; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 plan(skip_all => 'Net::SSLeay version => 1.86 required') if $@; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl') |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 ->plan(2)->write_file_expand('nginx.conf', <<'EOF'); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 %%TEST_GLOBALS%% |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 daemon off; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 worker_processes 2; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 events { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 http { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 %%TEST_GLOBALS_HTTP%% |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 ssl_certificate_key localhost.key; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 ssl_certificate localhost.crt; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 server { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 listen 127.0.0.1:8080 ssl; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 server_name localhost; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 ssl_session_cache shared:SSL:1m; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 ssl_session_timeout 2; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 EOF |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 $t->write_file('openssl.conf', <<EOF); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 [ req ] |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 default_bits = 2048 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 encrypt_key = no |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 distinguished_name = req_distinguished_name |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 [ req_distinguished_name ] |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 EOF |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 my $d = $t->testdir(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 foreach my $name ('localhost') { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 system('openssl req -x509 -new ' |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 . "-config $d/openssl.conf -subj /CN=$name/ " |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 . "-out $d/$name.crt -keyout $d/$name.key " |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 . ">>$d/openssl.out 2>&1") == 0 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 or die "Can't create certificate for $name: $!\n"; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 $t->run(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 ############################################################################### |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 # the test uses multiple worker processes to check shared tickey key rotation |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 # |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 # before 1.23.2, any test can fail depending on which worker served connection: |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 # the 1st test fails if served by another worker, because keys aren't shared |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 # the 2nd test fails if served by the same worker due to the lack of rotation |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 # |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 # with a single worker process it is only the 2nd test that fails |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 local $TODO = 'not yet' unless $t->has_version('1.23.2'); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 my $key = get_ticket_key_name(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 select undef, undef, undef, 0.5; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 is(get_ticket_key_name(), $key, 'ticket key match'); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 select undef, undef, undef, 2.5; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 cmp_ok(get_ticket_key_name(), 'ne', $key, 'ticket key next'); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 ############################################################################### |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 sub get_ticket_key_name { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 my $ses = get_ssl_session(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 my $asn = Net::SSLeay::i2d_SSL_SESSION($ses); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 my $any = qr/[\x00-\xff]/; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 next: |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 # tag(10) | len{2} | OCTETSTRING(4) | len{2} | ticket(key_name|..) |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 $asn =~ /\xaa\x81($any)\x04\x81($any)($any{16})/g; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 return if !defined $3; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 goto next if unpack("C", $1) - unpack("C", $2) != 3; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 my $key = unpack "H*", $3; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 Test::Nginx::log_core('||', "ticket key: $key"); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 return $key; |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 sub get_ssl_session { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 my ($s, $ssl) = get_ssl_socket(); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 Net::SSLeay::write($ssl, <<EOF); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 GET / HTTP/1.0 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 Host: localhost |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 EOF |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 Net::SSLeay::read($ssl); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 Net::SSLeay::get_session($ssl); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 sub get_ssl_socket { |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 my $s = IO::Socket::INET->new('127.0.0.1:' . port(8080)); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!"); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 Net::SSLeay::set_fd($ssl, fileno($s)); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
134 Net::SSLeay::connect($ssl) or die("ssl connect"); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
135 return ($s, $ssl); |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 } |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 |
5817625792bd
Tests: ssl session ticket key rotation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 ############################################################################### |