Mercurial > hg > nginx-tests
annotate stream_ssl_variables.t @ 1847:a9704b9ed7a2
Tests: removed multiple server certificates from ssl_ocsp.t.
Multiple server certificates are not needed to test OCSP verification of
client certificates (in contrast to OCSP stapling, where server certificates
are verified, and different staples should be correctly returned with
different server certificates). And using multiple server certificates
causes issues when testing with LibreSSL due to broken sigalgs-based
server certificate selection in LibreSSL with TLSv1.3.
Accordingly, the test is simplified to do not use multiple server
certificates.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Thu, 23 Mar 2023 19:50:26 +0300 |
| parents | 65b1dd07c0e4 |
| children | dbb7561a9441 |
| rev | line source |
|---|---|
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for stream ssl module with variables. |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use Test::Nginx::Stream qw/ stream /; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 eval { |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 require Net::SSLeay; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 Net::SSLeay::load_error_strings(); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 Net::SSLeay::SSLeay_add_ssl_algorithms(); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 Net::SSLeay::randomize(); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 }; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 plan(skip_all => 'Net::SSLeay not installed') if $@; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 eval { |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 my $ctx = Net::SSLeay::CTX_new() or die; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 my $ssl = Net::SSLeay::new($ctx) or die; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 }; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
41 my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/) |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 ->has_daemon('openssl'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 %%TEST_GLOBALS%% |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 daemon off; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 events { |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 stream { |
|
1609
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1535
diff
changeset
|
54 %%TEST_GLOBALS_STREAM%% |
|
f3ba4c74de31
Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents:
1535
diff
changeset
|
55 |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 ssl_certificate_key localhost.key; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 ssl_certificate localhost.crt; |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
58 ssl_session_cache builtin; |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
61 listen 127.0.0.1:8080; |
|
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
62 listen 127.0.0.1:8081 ssl; |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 return $ssl_session_reused:$ssl_session_id:$ssl_cipher:$ssl_protocol; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 server { |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
67 listen 127.0.0.1:8082 ssl; |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 return $ssl_server_name; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 EOF |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 $t->write_file('openssl.conf', <<EOF); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1448
diff
changeset
|
76 default_bits = 2048 |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 encrypt_key = no |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 distinguished_name = req_distinguished_name |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 [ req_distinguished_name ] |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 EOF |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 my $d = $t->testdir(); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 foreach my $name ('localhost') { |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
86 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1116
diff
changeset
|
87 . "-out $d/$name.crt -keyout $d/$name.key " |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 . ">>$d/openssl.out 2>&1") == 0 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 or die "Can't create certificate for $name: $!\n"; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
92 $t->run()->plan(6); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 ############################################################################### |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 my ($s, $ssl); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
|
1235
3fc6817cd84a
Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1220
diff
changeset
|
98 is(stream('127.0.0.1:' . port(8080))->read(), ':::', 'no ssl'); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
100 ($s, $ssl) = get_ssl_socket(port(8081)); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 like(Net::SSLeay::read($ssl), qr/^\.:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 'ssl variables'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 |
|
1845
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
104 TODO: { |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
105 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
106 if $t->has_module('LibreSSL') && test_tls13(); |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
107 |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 my $ses = Net::SSLeay::get_session($ssl); |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
109 ($s, $ssl) = get_ssl_socket(port(8081), $ses); |
|
1835
3f155fe97521
Tests: BoringSSL does not provide session ids with TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1621
diff
changeset
|
110 like(Net::SSLeay::read($ssl), qr/^r:(\w{64})?:[\w-]+:(TLS|SSL)v(\d|\.)+$/, |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 'ssl variables - session reused'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 |
|
1845
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
113 } |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
114 |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
115 SKIP: { |
|
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
116 skip 'no sni', 3 unless $t->has_module('sni'); |
|
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
117 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
118 ($s, $ssl) = get_ssl_socket(port(8082), undef, 'example.com'); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 is(Net::SSLeay::ssl_read_all($ssl), 'example.com', 'ssl server name'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
121 my $ses = Net::SSLeay::get_session($ssl); |
|
1448
c1b969fc7a23
Tests: preserving original SNI in a resumption handshake.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1447
diff
changeset
|
122 ($s, $ssl) = get_ssl_socket(port(8082), $ses, 'example.com'); |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
123 is(Net::SSLeay::ssl_read_all($ssl), 'example.com', 'ssl server name - reused'); |
|
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
124 |
|
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
967
diff
changeset
|
125 ($s, $ssl) = get_ssl_socket(port(8082)); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 is(Net::SSLeay::ssl_read_all($ssl), '', 'ssl server name empty'); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 |
|
1447
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
128 } |
|
e1c64ee44212
Tests: added $ssl_server_name tests with SSL session reuse.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1251
diff
changeset
|
129 |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
130 ############################################################################### |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 |
|
1845
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
132 sub test_tls13 { |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
133 ($s, $ssl) = get_ssl_socket(port(8081)); |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
134 Net::SSLeay::read($ssl) =~ /TLSv1.3/; |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
135 } |
|
65b1dd07c0e4
Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1835
diff
changeset
|
136 |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 sub get_ssl_socket { |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 my ($port, $ses, $name) = @_; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
139 |
|
1621
fd440d324700
Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1609
diff
changeset
|
140 my $s = IO::Socket::INET->new('127.0.0.1:' . $port); |
|
967
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 my $ctx = Net::SSLeay::CTX_new() or die("Failed to create SSL_CTX $!"); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!"); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 Net::SSLeay::set_tlsext_host_name($ssl, $name) if defined $name; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 Net::SSLeay::set_session($ssl, $ses) if defined $ses; |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 Net::SSLeay::set_fd($ssl, fileno($s)); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 Net::SSLeay::connect($ssl) or die("ssl connect"); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
147 return ($s, $ssl); |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 } |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 |
|
eb111c5f7556
Tests: stream ssl tests with variables.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
150 ############################################################################### |