Mercurial > hg > nginx-tests
annotate quic_retry.t @ 1971:ab45ee8011df
Tests: guarded session ticket tests for old OpenSSL versions.
Much like SNI support, TLS session tickets are available starting with
OpenSSL 0.9.8f if TLS extensions support is explicitly configured, and
enabled by default since 0.9.8j. As such, SNI availability is checked
to ensure TLS extensions support is compiled in.
Additionally, the ssl_session_ticket_key.t tests for automatic ticket key
rotation, which uses session ticket key callback, as introduced in
OpenSSL 0.9.8h.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 May 2024 00:03:16 +0300 |
parents | 24482e311749 |
children | a095b971fbcc |
rev | line source |
---|---|
1915
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for QUIC address validation. |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 use Test::Nginx::HTTP3; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 ############################################################################### |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDERR; $| = 1; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 select STDOUT; $| = 1; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 my $t = Test::Nginx->new()->has(qw/http http_v3 cryptx/) |
1939
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
27 ->has_daemon('openssl')->plan(8) |
1915
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 ->write_file_expand('nginx.conf', <<'EOF'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 %%TEST_GLOBALS%% |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 daemon off; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 events { |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 http { |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 %%TEST_GLOBALS_HTTP%% |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 ssl_certificate_key localhost.key; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 ssl_certificate localhost.crt; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 quic_retry on; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 |
1939
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
44 keepalive_timeout 3s; |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
45 |
1915
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 server { |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 listen 127.0.0.1:%%PORT_8980_UDP%% quic; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 server_name localhost; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 location / { } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 EOF |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 $t->write_file('openssl.conf', <<EOF); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 [ req ] |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 default_bits = 2048 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 encrypt_key = no |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 distinguished_name = req_distinguished_name |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 [ req_distinguished_name ] |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 EOF |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 my $d = $t->testdir(); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
66 foreach my $name ('localhost') { |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 system('openssl req -x509 -new ' |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 . "-config $d/openssl.conf -subj /CN=$name/ " |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 . "-out $d/$name.crt -keyout $d/$name.key " |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 . ">>$d/openssl.out 2>&1") == 0 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 or die "Can't create certificate for $name: $!\n"; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 } |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 $t->run(); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 ############################################################################### |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 my ($s, $sid, $frames, $frame); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 $s = Test::Nginx::HTTP3->new(8980); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 $sid = $s->new_stream(); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 $frames = $s->read(all => [{ sid => $sid, fin => 1 }, { type => 'NEW_TOKEN' }]); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 is($frame->{headers}->{':status'}, 403, 'retry success'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 is(unpack("H*", $s->retry_tag()), unpack("H*", $s->retry_verify_tag()), |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 'retry integrity tag'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 ($frame) = grep { $_->{type} eq "NEW_TOKEN" } @$frames; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 ok(my $new_token = $frame->{token}, 'new token received'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 ok(my $retry_token = $s->retry_token(), 'retry token received'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 # connection with new token |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 $s = Test::Nginx::HTTP3->new(8980, token => $new_token); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 $sid = $s->new_stream(); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 $frames = $s->read(all => [{ sid => $sid, fin => 1 }]); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 is($frame->{headers}->{':status'}, 403, 'new token success'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
103 # connection with retry token, port won't match |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
105 $s = Test::Nginx::HTTP3->new(8980, token => $retry_token, probe => 1); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 $frames = $s->read(all => [{ type => 'CONNECTION_CLOSE' }]); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 ($frame) = grep { $_->{type} eq "CONNECTION_CLOSE" } @$frames; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
109 is($frame->{error}, 11, 'retry token invalid'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 # connection with retry token, corrupted |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 |
1919
161dc73812b3
Tests: keep QUIC TODOs for a while.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1915
diff
changeset
|
113 TODO: { |
161dc73812b3
Tests: keep QUIC TODOs for a while.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1915
diff
changeset
|
114 local $TODO = 'not yet' unless $t->has_version('1.25.2'); |
161dc73812b3
Tests: keep QUIC TODOs for a while.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1915
diff
changeset
|
115 |
1915
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 substr($retry_token, 32) ^= "\xff"; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 $s = Test::Nginx::HTTP3->new(8980, token => $retry_token, probe => 1); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 $frames = $s->read(all => [{ type => 'CONNECTION_CLOSE' }]); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 ($frame) = grep { $_->{type} eq "CONNECTION_CLOSE" } @$frames; |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 is($frame->{error}, 11, 'retry token decrypt error'); |
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 |
1919
161dc73812b3
Tests: keep QUIC TODOs for a while.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1915
diff
changeset
|
123 } |
161dc73812b3
Tests: keep QUIC TODOs for a while.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1915
diff
changeset
|
124 |
1939
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
125 # resending client Initial packets after receiving a Retry packet |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
126 # to simulate server Initial packet loss triggering its retransmit, |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
127 # used to create extra nginx connections before 8f7e6d8c061e, |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
128 # caught by CRYPTO stream mismatch among server Initial packets |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
129 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
130 TODO: { |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
131 local $TODO = 'not yet' unless $t->has_version('1.25.3'); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
132 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
133 $s = new_connection_resend(); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
134 $sid = $s->new_stream(); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
135 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
136 eval { |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
137 # would die on "bad inner" sanity check |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
138 $frames = $s->read(all => [{ sid => $sid, fin => 1 }]); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
139 }; |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
140 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
141 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
142 is($frame->{headers}->{':status'}, 403, 'resend initial'); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
143 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
144 } |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
145 |
1915
15131dd931a0
Tests: QUIC address validation tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 ############################################################################### |
1939
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
147 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
148 # expanded handshake version to send repetitive Initial packets |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
149 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
150 sub new_connection_resend { |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
151 $s = Test::Nginx::HTTP3->new(8980, probe => 1); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
152 $s->{socket}->sysread($s->{buf}, 65527); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
153 # read token and updated connection IDs |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
154 (undef, undef, $s->{token}) = $s->decrypt_retry($s->{buf}); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
155 # apply connection IDs for new Initial secrets |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
156 $s->retry(probe => 1); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
157 # send the second Initial packet |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
158 $s->initial(); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
159 # the rest of handshake, advancing key schedule |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
160 $s->handshake(); |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
161 return $s; |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
162 } |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
163 |
24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1919
diff
changeset
|
164 ############################################################################### |