Mercurial > hg > nginx-tests

annotate stream_ssl.t @ 1974:b5036a0f9ae0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: improved compatibility when using recent "openssl" app. Starting with OpenSSL 3.0, "openssl genrsa" generates encrypted keys in PKCS#8 format instead of previously used PKCS#1 format. Further, since OpenSSL 1.1.0 such keys are using PBKDF2 hmacWithSHA256. Such keys are not supported by old SSL libraries, notably by OpenSSL before 1.0.0 (OpenSSL 0.9.8 only supports hmacWithSHA1) and by BoringSSL before May 21, 2019 (support for hmacWithSHA256 was added in 302a4dee6c), and trying to load such keys into nginx compiled with an old SSL library results in "unsupported prf" errors. To facilitate testing with old SSL libraries, keys are now generated with "openssl genrsa -traditional" if the flag is available.
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 06 May 2024 00:04:26 +0300
parents dbb7561a9441
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for stream ssl module.
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 use POSIX qw/ mkfifo /;
1621
fd440d324700 Tests: simplified get_ssl_socket() functions that use Net::SSLeay.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1609
diff changeset
16 use Socket qw/ $CRLF /;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18 BEGIN { use FindBin; chdir($FindBin::Bin); }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
19
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20 use lib 'lib';
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 use Test::Nginx;
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
22 use Test::Nginx::Stream qw/ stream /;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 select STDERR; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
27 select STDOUT; $| = 1;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28
1204
ba3279915da5 Tests: skip stream_ssl.t on win32 due to mkfifo.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1141
diff changeset
29 plan(skip_all => 'win32') if $^O eq 'MSWin32';
ba3279915da5 Tests: skip stream_ssl.t on win32 due to mkfifo.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1141
diff changeset
30
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
31 my $t = Test::Nginx->new()->has(qw/stream stream_ssl socket_ssl/)
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
32 ->has_daemon('openssl');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33
1833
fd9d077fee02 Tests: separate SSL session reuse tests in stream.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
34 $t->plan(5)->write_file_expand('nginx.conf', <<'EOF');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36 %%TEST_GLOBALS%%
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
38 daemon off;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
39
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 events {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43 stream {
1609
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
44 %%TEST_GLOBALS_STREAM%%
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
45
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46 ssl_certificate_key localhost.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47 ssl_certificate localhost.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49 # inherited by server "inherits"
1141
d4e779356d8d Tests: typo.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1140
diff changeset
50 ssl_password_file password_stream;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 server {
1833
fd9d077fee02 Tests: separate SSL session reuse tests in stream.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
53 listen 127.0.0.1:8443 ssl;
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
54 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
55
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
56 ssl_password_file password;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
57 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
58
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
59 server {
1833
fd9d077fee02 Tests: separate SSL session reuse tests in stream.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
60 listen 127.0.0.1:8444 ssl;
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
61 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 ssl_password_file password_many;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
64 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66 server {
1833
fd9d077fee02 Tests: separate SSL session reuse tests in stream.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
67 listen 127.0.0.1:8445 ssl;
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
68 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 ssl_password_file password_fifo;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
73 server {
1833
fd9d077fee02 Tests: separate SSL session reuse tests in stream.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1826
diff changeset
74 listen 127.0.0.1:8446 ssl;
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
75 proxy_pass 127.0.0.1:8081;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77 ssl_certificate_key inherits.key;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 ssl_certificate inherits.crt;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84 $t->write_file('openssl.conf', <<EOF);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
86 default_bits = 2048
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
87 encrypt_key = no
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
88 distinguished_name = req_distinguished_name
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
89 [ req_distinguished_name ]
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
90 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
91
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
92 my $d = $t->testdir();
1974
b5036a0f9ae0 Tests: improved compatibility when using recent "openssl" app.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1863
diff changeset
93 my $tr = `openssl genrsa -help 2>&1` =~ /-traditional/ ? '-traditional' : '';
b5036a0f9ae0 Tests: improved compatibility when using recent "openssl" app.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1863
diff changeset
94
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
95 mkfifo("$d/password_fifo", 0700);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 foreach my $name ('localhost', 'inherits') {
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
98 system("openssl genrsa -out $d/$name.key -passout pass:$name "
1974
b5036a0f9ae0 Tests: improved compatibility when using recent "openssl" app.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1863
diff changeset
99 . "-aes128 $tr 2048 >>$d/openssl.out 2>&1") == 0
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100 or die "Can't create private key: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
102 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
103 . "-out $d/$name.crt "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1204
diff changeset
104 . "-key $d/$name.key -passin pass:$name"
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 . ">>$d/openssl.out 2>&1") == 0
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 or die "Can't create certificate for $name: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109 $t->write_file('password', 'localhost');
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110 $t->write_file('password_many', "wrong$CRLF" . "localhost$CRLF");
1141
d4e779356d8d Tests: typo.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1140
diff changeset
111 $t->write_file('password_stream', 'inherits');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112
1087
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
113 my $p = fork();
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
114 exec("echo localhost > $d/password_fifo") if $p == 0;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116 $t->run_daemon(\&http_daemon);
1087
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
117
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
118 eval {
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
119 open OLDERR, ">&", \*STDERR; close STDERR;
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
120 $t->run();
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
121 open STDERR, ">&", \*OLDERR;
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
122 };
534d209f6ae4 Tests: fixed ssl_password_file test hang with missing FIFO reader.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1039
diff changeset
123 kill 'INT', $p if $@;
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
125 $t->waitforsocket('127.0.0.1:' . port(8081));
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
127 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
129 like(get(8443), qr/200 OK/, 'ssl');
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
130 like(get(8444), qr/200 OK/, 'ssl password many');
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
131 like(get(8445), qr/200 OK/, 'ssl password fifo');
645
ed103c38b115 Tests: more ssl_session_cache tests in stream_ssl.t.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 636
diff changeset
132
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133 # ssl_certificate inheritance
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
135 like(cert(8443), qr/CN=localhost/, 'CN');
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
136 like(cert(8446), qr/CN=inherits/, 'CN inner');
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
140 sub get {
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
141 my $s = get_socket(@_);
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
142 return $s->io("GET / HTTP/1.0$CRLF$CRLF");
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
143 }
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
144
1863
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
145 sub cert {
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
146 my $s = get_socket(@_);
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
147 return $s->socket()->dump_peer_certificate();
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
148 }
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
149
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
150 sub get_socket {
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
151 my ($port) = @_;
dbb7561a9441 Tests: reworked stream SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents: 1833
diff changeset
152 return stream(PeerAddr => '127.0.0.1:' . port($port), SSL => 1);
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
153 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
154
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155 ###############################################################################
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
156
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
157 sub http_daemon {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
158 my $server = IO::Socket::INET->new(
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
159 Proto => 'tcp',
974
882267679006 Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 952
diff changeset
160 LocalHost => '127.0.0.1:' . port(8081),
559
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
161 Listen => 5,
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
162 Reuse => 1
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
163 )
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
164 or die "Can't create listening socket: $!\n";
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
165
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166 local $SIG{PIPE} = 'IGNORE';
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
167
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
168 while (my $client = $server->accept()) {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
169 $client->autoflush(1);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
170
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
171 while (<$client>) {
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
172 last if (/^\x0d?\x0a?$/);
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
173 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
174
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
175 print $client <<EOF;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
176 HTTP/1.1 200 OK
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
177 Connection: close
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
178
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
179 EOF
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
180
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
181 close $client;
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
182 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
183 }
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
184
9208d8243926 Tests: stream ssl and proxy ssl tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
185 ###############################################################################