Mercurial > hg > nginx-tests
annotate mail_ssl_session_reuse.t @ 1971:ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Much like SNI support, TLS session tickets are available starting with
OpenSSL 0.9.8f if TLS extensions support is explicitly configured, and
enabled by default since 0.9.8j. As such, SNI availability is checked
to ensure TLS extensions support is compiled in.
Additionally, the ssl_session_ticket_key.t tests for automatic ticket key
rotation, which uses session ticket key callback, as introduced in
OpenSSL 0.9.8h.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 06 May 2024 00:03:16 +0300 |
| parents | c924ae8d7104 |
| children |
| rev | line source |
|---|---|
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
2 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
3 # (C) Andrey Zelenkov |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
4 # (C) Maxim Dounin |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
5 # (C) Nginx, Inc. |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
6 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
7 # Tests for mail ssl module, session reuse. |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
8 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
9 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
10 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
11 use warnings; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
12 use strict; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
13 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
14 use Test::More; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
15 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
16 BEGIN { use FindBin; chdir($FindBin::Bin); } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
17 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
18 use lib 'lib'; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
19 use Test::Nginx; |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
20 use Test::Nginx::IMAP; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
21 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
22 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
23 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
26 |
|
1856
ce4a06d72256
Tests: SIGPIPE handling in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1832
diff
changeset
|
27 local $SIG{PIPE} = 'IGNORE'; |
|
ce4a06d72256
Tests: SIGPIPE handling in mail tests.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1832
diff
changeset
|
28 |
|
1873
f7f1f349dd26
Tests: added missing socket_ssl_reused prerequisites.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1861
diff
changeset
|
29 my $t = Test::Nginx->new() |
|
f7f1f349dd26
Tests: added missing socket_ssl_reused prerequisites.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1861
diff
changeset
|
30 ->has(qw/mail mail_ssl imap socket_ssl_sslversion socket_ssl_reused/) |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
31 ->has_daemon('openssl')->plan(7); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
32 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
33 $t->write_file_expand('nginx.conf', <<'EOF'); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
34 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
35 %%TEST_GLOBALS%% |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
36 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
37 daemon off; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
38 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
39 events { |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
40 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
41 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
42 mail { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
43 auth_http http://127.0.0.1:8080; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
44 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
45 ssl_certificate localhost.crt; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
46 ssl_certificate_key localhost.key; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
47 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
48 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
49 listen 127.0.0.1:8993 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
50 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
51 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
52 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
53 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
54 listen 127.0.0.1:8994 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
55 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
56 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
57 ssl_session_cache shared:SSL:1m; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
58 ssl_session_tickets on; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
59 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
60 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
61 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
62 listen 127.0.0.1:8995 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
63 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
64 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
65 ssl_session_cache shared:SSL:1m; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
66 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
67 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
68 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
69 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
70 listen 127.0.0.1:8996 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
71 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
72 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
73 ssl_session_cache builtin; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
74 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
75 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
76 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
77 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
78 listen 127.0.0.1:8997 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
79 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
80 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
81 ssl_session_cache builtin:1000; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
82 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
83 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
84 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
85 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
86 listen 127.0.0.1:8998 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
87 protocol imap; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
88 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
89 ssl_session_cache none; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
90 ssl_session_tickets off; |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
91 } |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
92 |
|
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
93 server { |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
94 listen 127.0.0.1:8999 ssl; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
95 protocol imap; |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
96 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
97 ssl_session_cache off; |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
98 ssl_session_tickets off; |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
99 } |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
100 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
101 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
102 EOF |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
103 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
104 $t->write_file('openssl.conf', <<EOF); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
105 [ req ] |
|
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1324
diff
changeset
|
106 default_bits = 2048 |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
107 encrypt_key = no |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
108 distinguished_name = req_distinguished_name |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
109 [ req_distinguished_name ] |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
110 EOF |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
111 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
112 my $d = $t->testdir(); |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
113 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
114 foreach my $name ('localhost') { |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
115 system('openssl req -x509 -new ' |
|
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1148
diff
changeset
|
116 . "-config $d/openssl.conf -subj /CN=$name/ " |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
117 . "-out $d/$name.crt -keyout $d/$name.key " |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
118 . ">>$d/openssl.out 2>&1") == 0 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
119 or die "Can't create certificate for $name: $!\n"; |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
120 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
121 |
|
1145
f193664e06d8
Tests: remove unused http block in mail_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1142
diff
changeset
|
122 $t->run(); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
123 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
124 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
125 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
126 # session reuse: |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
127 # |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
128 # - only tickets, the default |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
129 # - tickets and shared cache, should work always |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
130 # - only shared cache |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
131 # - only builtin cache |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
132 # - only builtin cache with explicitly configured size |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
133 # - only cache none |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
134 # - only cache off |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
135 |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
136 TODO: { |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
137 local $TODO = 'no TLSv1.3 sessions, old Net::SSLeay' |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
138 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
139 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
140 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
141 local $TODO = 'no TLSv1.3 sessions in LibreSSL' |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
142 if $t->has_module('LibreSSL') && test_tls13(); |
|
1966
c924ae8d7104
Tests: session reuse handling with Net::SSLeay with LibreSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1873
diff
changeset
|
143 local $TODO = 'no TLSv1.3 sessions in Net::SSLeay (LibreSSL)' |
|
c924ae8d7104
Tests: session reuse handling with Net::SSLeay with LibreSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1873
diff
changeset
|
144 if Net::SSLeay::constant("LIBRESSL_VERSION_NUMBER") && test_tls13(); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
145 |
|
1971
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
146 TODO: { |
|
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
147 local $TODO = 'no session tickets' unless $t->has_module('tickets'); |
|
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
148 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
149 is(test_reuse(8993), 1, 'tickets reused'); |
|
1971
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
150 |
|
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
151 } |
|
ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1966
diff
changeset
|
152 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
153 is(test_reuse(8994), 1, 'tickets and cache reused'); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
154 |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
155 TODO: { |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
156 local $TODO = 'no TLSv1.3 session cache in BoringSSL' |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
157 if $t->has_module('BoringSSL') && test_tls13(); |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
158 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
159 is(test_reuse(8995), 1, 'cache shared reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
160 is(test_reuse(8996), 1, 'cache builtin reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
161 is(test_reuse(8997), 1, 'cache builtin size reused'); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
162 |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
163 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
164 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
165 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
166 is(test_reuse(8998), 0, 'cache none not reused'); |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
167 is(test_reuse(8999), 0, 'cache off not reused'); |
|
1148
44620036fedf
Tests: added starttls tests for smtp.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1147
diff
changeset
|
168 |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
169 ############################################################################### |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
170 |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
171 sub test_tls13 { |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
172 my $s = Test::Nginx::IMAP->new(SSL => 1); |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
173 return ($s->socket()->get_sslversion_int() > 0x303); |
|
1832
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
174 } |
|
2e541778e5d8
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1831
diff
changeset
|
175 |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
176 sub test_reuse { |
|
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
177 my ($port) = @_; |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
178 |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
179 my $s = Test::Nginx::IMAP->new( |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
180 PeerAddr => '127.0.0.1:' . port($port), |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
181 SSL => 1, |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
182 SSL_session_cache_size => 100 |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
183 ); |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
184 $s->read(); |
|
1831
f6d1f82f314b
Tests: separate SSL session reuse tests in mail.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1826
diff
changeset
|
185 |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
186 $s = Test::Nginx::IMAP->new( |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
187 PeerAddr => '127.0.0.1:' . port($port), |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
188 SSL => 1, |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
189 SSL_reuse_ctx => $s->socket() |
|
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
190 ); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
191 |
|
1861
7b7b64569f55
Tests: reworked mail SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1856
diff
changeset
|
192 return $s->socket()->get_session_reused(); |
|
1142
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
193 } |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
194 |
|
baeebac35a2e
Tests: basic mail ssl tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
diff
changeset
|
195 ############################################################################### |