Mercurial > hg > nginx-tests
annotate uwsgi_ssl.t @ 1836:74cffa9d4c43
Tests: enabled session reuse via TLS session tickets.
This fixes tests with TLSv1.3 enabled when using BoringSSL, since
for TLSv1.3 it only supports session reuse via TLS session tickets,
and not server-side session cache.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:50:02 +0300 |
parents | 5ac6efbe5552 |
children | 1b9f21836f57 |
rev | line source |
---|---|
1575 | 1 #!/usr/bin/perl |
2 | |
3 # (C) Maxim Dounin | |
4 # (C) Nginx, Inc. | |
5 | |
6 # Test for uwsgi backend with SSL. | |
7 | |
8 ############################################################################### | |
9 | |
10 use warnings; | |
11 use strict; | |
12 | |
13 use Test::More; | |
14 use Socket qw/ CRLF /; | |
15 | |
16 BEGIN { use FindBin; chdir($FindBin::Bin); } | |
17 | |
18 use lib 'lib'; | |
19 use Test::Nginx; | |
20 | |
21 ############################################################################### | |
22 | |
23 select STDERR; $| = 1; | |
24 select STDOUT; $| = 1; | |
25 | |
26 my $t = Test::Nginx->new()->has(qw/http uwsgi http_ssl/) | |
27 ->has_daemon('uwsgi')->has_daemon('openssl')->plan(7) | |
28 ->write_file_expand('nginx.conf', <<'EOF'); | |
29 | |
30 %%TEST_GLOBALS%% | |
31 | |
32 daemon off; | |
33 | |
34 events { | |
35 } | |
36 | |
37 http { | |
38 %%TEST_GLOBALS_HTTP%% | |
39 | |
40 upstream u { | |
41 server 127.0.0.1:8081; | |
42 } | |
43 | |
44 server { | |
45 listen 127.0.0.1:8080; | |
46 server_name localhost; | |
47 | |
48 location / { | |
49 uwsgi_pass suwsgi://127.0.0.1:8081; | |
50 uwsgi_param SERVER_PROTOCOL $server_protocol; | |
51 uwsgi_param HTTP_X_BLAH "blah"; | |
52 uwsgi_pass_request_body off; | |
53 } | |
54 | |
55 location /var { | |
56 uwsgi_pass suwsgi://$arg_b; | |
57 uwsgi_param SERVER_PROTOCOL $server_protocol; | |
58 } | |
59 } | |
60 } | |
61 | |
62 EOF | |
63 | |
64 $t->write_file('openssl.conf', <<EOF); | |
65 [ req ] | |
66 default_bits = 2048 | |
67 encrypt_key = no | |
68 distinguished_name = req_distinguished_name | |
69 [ req_distinguished_name ] | |
70 EOF | |
71 | |
72 my $d = $t->testdir(); | |
73 my $crt = "$d/uwsgi.crt"; | |
74 my $key = "$d/uwsgi.key"; | |
75 | |
76 foreach my $name ('uwsgi') { | |
77 system('openssl req -x509 -new ' | |
78 . "-config $d/openssl.conf -subj /CN=$name/ " | |
79 . "-out $d/$name.crt -keyout $d/$name.key " | |
80 . ">>$d/openssl.out 2>&1") == 0 | |
81 or die "Can't create certificate for $name: $!\n"; | |
82 } | |
83 | |
84 $t->write_file('uwsgi_test_app.py', <<END); | |
85 | |
86 def application(env, start_response): | |
87 start_response('200 OK', [('Content-Type','text/plain')]) | |
88 return b"SEE-THIS" | |
89 | |
90 END | |
91 | |
92 my $uwsgihelp = `uwsgi -h`; | |
93 my @uwsgiopts = (); | |
94 | |
95 if ($uwsgihelp !~ /--wsgi-file/) { | |
96 # uwsgi has no python support, maybe plugin load is necessary | |
97 push @uwsgiopts, '--plugin', 'python'; | |
1598
f069dd7ba5a7
Tests: compatibility with uwsgi python package on Fedora Linux.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1575
diff
changeset
|
98 push @uwsgiopts, '--plugin', 'python3'; |
1575 | 99 } |
100 | |
1598
f069dd7ba5a7
Tests: compatibility with uwsgi python package on Fedora Linux.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1575
diff
changeset
|
101 open OLDERR, ">&", \*STDERR; close STDERR; |
1575 | 102 $t->run_daemon('uwsgi', @uwsgiopts, |
103 '--ssl-socket', '127.0.0.1:' . port(8081) . ",$crt,$key", | |
104 '--wsgi-file', $d . '/uwsgi_test_app.py', | |
105 '--logto', $d . '/uwsgi_log'); | |
1598
f069dd7ba5a7
Tests: compatibility with uwsgi python package on Fedora Linux.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1575
diff
changeset
|
106 open STDERR, ">&", \*OLDERR; |
1575 | 107 |
108 $t->run(); | |
109 | |
110 $t->waitforsocket('127.0.0.1:' . port(8081)) | |
111 or die "Can't start uwsgi"; | |
112 | |
113 ############################################################################### | |
114 | |
115 like(http_get('/'), qr/SEE-THIS/, 'uwsgi request'); | |
116 like(http_head('/head'), qr/200 OK(?!.*SEE-THIS)/s, 'no data in HEAD'); | |
117 | |
118 like(http_get_headers('/headers'), qr/SEE-THIS/, | |
119 'uwsgi request with many ignored headers'); | |
120 | |
121 like(http_get('/var?b=127.0.0.1:' . port(8081)), qr/SEE-THIS/, | |
122 'uwsgi with variables'); | |
123 like(http_get('/var?b=u'), qr/SEE-THIS/, 'uwsgi with variables to upstream'); | |
124 | |
125 like(http_post('/'), qr/SEE-THIS/, 'uwsgi post'); | |
126 like(http_post_big('/'), qr/SEE-THIS/, 'uwsgi big post'); | |
127 | |
128 ############################################################################### | |
129 | |
130 sub http_get_headers { | |
131 my ($url, %extra) = @_; | |
132 return http(<<EOF, %extra); | |
133 GET $url HTTP/1.0 | |
134 Host: localhost | |
135 X-Blah: ignored header | |
136 X-Blah: ignored header | |
137 X-Blah: ignored header | |
138 X-Blah: ignored header | |
139 X-Blah: ignored header | |
140 X-Blah: ignored header | |
141 X-Blah: ignored header | |
142 X-Blah: ignored header | |
143 X-Blah: ignored header | |
144 X-Blah: ignored header | |
145 X-Blah: ignored header | |
146 X-Blah: ignored header | |
147 X-Blah: ignored header | |
148 X-Blah: ignored header | |
149 X-Blah: ignored header | |
150 X-Blah: ignored header | |
151 X-Blah: ignored header | |
152 X-Blah: ignored header | |
153 X-Blah: ignored header | |
154 | |
155 EOF | |
156 } | |
157 | |
158 sub http_post { | |
159 my ($url, %extra) = @_; | |
160 | |
161 my $p = "POST $url HTTP/1.0" . CRLF . | |
162 "Host: localhost" . CRLF . | |
163 "Content-Length: 10" . CRLF . | |
164 CRLF . | |
165 "1234567890"; | |
166 | |
167 return http($p, %extra); | |
168 } | |
169 | |
170 sub http_post_big { | |
171 my ($url, %extra) = @_; | |
172 | |
173 my $p = "POST $url HTTP/1.0" . CRLF . | |
174 "Host: localhost" . CRLF . | |
175 "Content-Length: 10240" . CRLF . | |
176 CRLF . | |
177 ("1234567890" x 1024); | |
178 | |
179 return http($p, %extra); | |
180 } | |
181 | |
182 ############################################################################### |