Mercurial > hg > nginx-tests

annotate mail_ssl.t @ 1933:9bafe7cddd3c

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: improved QUIC key update tests with old keys. On unsuccessful protection removal, it is now retried with old keys. Otherwise, old keys are removed to ensure they're no longer in use.
author Sergey Kandaurov <pluknet@nginx.com>
date Mon, 21 Aug 2023 17:26:47 +0400
parents c04134b0290b
children 2a0a6035a1af
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
2
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
3 # (C) Andrey Zelenkov
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
5
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
6 # Tests for mail ssl module.
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
7
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
8 ###############################################################################
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
9
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
10 use warnings;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
11 use strict;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
12
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
13 use Test::More;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
14
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
16
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
17 use lib 'lib';
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
18 use Test::Nginx;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
19 use Test::Nginx::IMAP;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
20 use Test::Nginx::POP3;
1148
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
21 use Test::Nginx::SMTP;
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
22
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
23 ###############################################################################
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
24
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
25 select STDERR; $| = 1;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
26 select STDOUT; $| = 1;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
27
1856
ce4a06d72256 Tests: SIGPIPE handling in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1831
diff changeset
28 local $SIG{PIPE} = 'IGNORE';
ce4a06d72256 Tests: SIGPIPE handling in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1831
diff changeset
29
1861
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
30 my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap pop3 smtp socket_ssl/)
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
31 ->has_daemon('openssl')->plan(19);
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
32
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
33 $t->write_file_expand('nginx.conf', <<'EOF');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
34
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
35 %%TEST_GLOBALS%%
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
36
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
37 daemon off;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
38
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
39 events {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
40 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
41
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
42 mail {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
43 ssl_certificate_key localhost.key;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
44 ssl_certificate localhost.crt;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
45
1147
796ed08cb215 Tests: simplified ssl_password_file tests in mail_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1145
diff changeset
46 ssl_password_file password;
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
47
1145
f193664e06d8 Tests: remove unused http block in mail_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1142
diff changeset
48 auth_http http://127.0.0.1:8080; # unused
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
49
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
50 server {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
51 listen 127.0.0.1:8143;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
52 listen 127.0.0.1:8145 ssl;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
53 protocol imap;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
54 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
55
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
56 server {
1904
c04134b0290b Tests: removed deprecated "ssl" directive tests.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1872
diff changeset
57 listen 127.0.0.1:8148 ssl;
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
58 protocol imap;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
59
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
60 ssl_certificate_key inherits.key;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
61 ssl_certificate inherits.crt;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
62 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
63
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
64 server {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
65 listen 127.0.0.1:8149;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
66 protocol imap;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
67
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
68 starttls on;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
69 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
70
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
71 server {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
72 listen 127.0.0.1:8150;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
73 protocol imap;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
74
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
75 starttls only;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
76 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
77
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
78 server {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
79 listen 127.0.0.1:8151;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
80 protocol pop3;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
81
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
82 starttls on;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
83 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
84
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
85 server {
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
86 listen 127.0.0.1:8152;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
87 protocol pop3;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
88
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
89 starttls only;
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
90 }
1148
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
91
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
92 server {
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
93 listen 127.0.0.1:8153;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
94 protocol smtp;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
95
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
96 starttls on;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
97 }
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
98
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
99 server {
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
100 listen 127.0.0.1:8154;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
101 protocol smtp;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
102
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
103 starttls only;
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
104 }
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
105 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
106
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
107 EOF
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
108
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
109 $t->write_file('openssl.conf', <<EOF);
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
110 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1324
diff changeset
111 default_bits = 2048
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
112 encrypt_key = no
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
113 distinguished_name = req_distinguished_name
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
114 [ req_distinguished_name ]
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
115 EOF
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
116
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
117 my $d = $t->testdir();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
118
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
119 foreach my $name ('localhost', 'inherits') {
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1148
diff changeset
120 system("openssl genrsa -out $d/$name.key -passout pass:localhost "
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1324
diff changeset
121 . "-aes128 2048 >>$d/openssl.out 2>&1") == 0
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
122 or die "Can't create private key: $!\n";
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
123 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1148
diff changeset
124 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1148
diff changeset
125 . "-out $d/$name.crt "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1148
diff changeset
126 . "-key $d/$name.key -passin pass:localhost"
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
127 . ">>$d/openssl.out 2>&1") == 0
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
128 or die "Can't create certificate for $name: $!\n";
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
129 }
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
130
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
131 $t->write_file('password', 'localhost');
1145
f193664e06d8 Tests: remove unused http block in mail_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1142
diff changeset
132 $t->run();
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
133
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
134 ###############################################################################
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
135
1831
f6d1f82f314b Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
136 my ($s, $ssl);
f6d1f82f314b Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
137
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
138 # simple tests to ensure that nothing broke with ssl_password_file directive
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
139
1831
f6d1f82f314b Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
140 $s = Test::Nginx::IMAP->new();
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
141 $s->ok('greeting');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
143 $s->send('1 AUTHENTICATE LOGIN');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
144 $s->check(qr/\+ VXNlcm5hbWU6/, 'login');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
145
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
146 # ssl_certificate inheritance
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
147
1861
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
148 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8145), SSL => 1);
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
149 $s->ok('greeting ssl');
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
150
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
151 like($s->socket()->dump_peer_certificate(), qr/CN=localhost/, 'CN');
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
152
1861
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
153 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8148), SSL => 1);
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
154 $s->read();
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
155
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
156 like($s->socket()->dump_peer_certificate(), qr/CN=inherits/, 'CN inner');
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
157
1742
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
158 # alpn
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
159
1872
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
160 SKIP: {
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
161 skip 'LibreSSL too old', 2
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
162 if $t->has_module('LibreSSL')
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
163 and not $t->has_feature('libressl:3.4.0');
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
164 skip 'OpenSSL too old', 2
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
165 if $t->has_module('OpenSSL')
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
166 and not $t->has_feature('openssl:1.1.0');
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
167 skip 'no ALPN support in IO::Socket::SSL', 2
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
168 unless $t->has_feature('socket_ssl_alpn');
7a27a4e4fdae Tests: extended check for ALPN in mail_ssl.t.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1861
diff changeset
169
1861
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
170 $s = Test::Nginx::IMAP->new(
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
171 PeerAddr => '127.0.0.1:' . port(8148),
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
172 SSL => 1,
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
173 SSL_alpn_protocols => [ 'imap' ]
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
174 );
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
175 $s->ok('alpn');
1742
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
176
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
177 TODO: {
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
178 local $TODO = 'not yet' unless $t->has_version('1.21.4');
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
179
1861
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
180 $s = Test::Nginx::IMAP->new(
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
181 PeerAddr => '127.0.0.1:' . port(8148),
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
182 SSL => 1,
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
183 SSL_alpn_protocols => [ 'unknown' ]
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
184 );
7b7b64569f55 Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1860
diff changeset
185 ok(!$s->read(), 'alpn rejected');
1742
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
186
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
187 }
7bfa47410cc0 Tests: basic ALPN tests in the mail module.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1621
diff changeset
188
1743
2318ed01ce53 Tests: skip ALPN rejection tests with too old LibreSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1742
diff changeset
189 }
2318ed01ce53 Tests: skip ALPN rejection tests with too old LibreSSL.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1742
diff changeset
190
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
191 # starttls imap
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
192
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
193 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8149));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
194 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
195
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
196 $s->send('1 AUTHENTICATE LOGIN');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
197 $s->check(qr/\+ VXNlcm5hbWU6/, 'imap auth before startls on');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
198
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
199 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8149));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
200 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
201
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
202 $s->send('1 STARTTLS');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
203 $s->ok('imap starttls on');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
204
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
205 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8150));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
206 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
207
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
208 $s->send('1 AUTHENTICATE LOGIN');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
209 $s->check(qr/^\S+ BAD/, 'imap auth before startls only');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
210
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
211 $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8150));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
212 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
213
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
214 $s->send('1 STARTTLS');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
215 $s->ok('imap starttls only');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
216
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
217 # starttls pop3
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
218
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
219 $s = Test::Nginx::POP3->new(PeerAddr => '127.0.0.1:' . port(8151));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
220 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
221
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
222 $s->send('AUTH LOGIN');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
223 $s->check(qr/\+ VXNlcm5hbWU6/, 'pop3 auth before startls on');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
224
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
225 $s = Test::Nginx::POP3->new(PeerAddr => '127.0.0.1:' . port(8151));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
226 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
227
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
228 $s->send('STLS');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
229 $s->ok('pop3 starttls on');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
230
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
231 $s = Test::Nginx::POP3->new(PeerAddr => '127.0.0.1:' . port(8152));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
232 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
233
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
234 $s->send('AUTH LOGIN');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
235 $s->check(qr/^-ERR/, 'pop3 auth before startls only');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
236
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
237 $s = Test::Nginx::POP3->new(PeerAddr => '127.0.0.1:' . port(8152));
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
238 $s->read();
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
239
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
240 $s->send('STLS');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
241 $s->ok('pop3 starttls only');
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
242
1148
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
243 # starttls smtp
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
244
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
245 $s = Test::Nginx::SMTP->new(PeerAddr => '127.0.0.1:' . port(8153));
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
246 $s->read();
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
247
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
248 $s->send('AUTH LOGIN');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
249 $s->check(qr/^334 VXNlcm5hbWU6/, 'smtp auth before startls on');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
250
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
251 $s = Test::Nginx::SMTP->new(PeerAddr => '127.0.0.1:' . port(8153));
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
252 $s->read();
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
253
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
254 $s->send('STARTTLS');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
255 $s->ok('smtp starttls on');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
256
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
257 $s = Test::Nginx::SMTP->new(PeerAddr => '127.0.0.1:' . port(8154));
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
258 $s->read();
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
259
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
260 $s->send('AUTH LOGIN');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
261 $s->check(qr/^5.. /, 'smtp auth before startls only');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
262
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
263 $s = Test::Nginx::SMTP->new(PeerAddr => '127.0.0.1:' . port(8154));
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
264 $s->read();
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
265
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
266 $s->send('STARTTLS');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
267 $s->ok('smtp starttls only');
44620036fedf Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1147
diff changeset
268
1142
baeebac35a2e Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff changeset
269 ###############################################################################