nginx-tests: ssl_curve.t annotate

annotate ssl_curve.t @ 1983:c7315caf2110

Tests: optimized processing of large QUIC packets with padding. Path MTU discovery packets might contain a lot of padding, and creating a copy of the whole buffer for each PADDING frame, which is just one byte with type 0, consumes lots of resources. This was seen to result in flapping of at least h3_keepalive.t and h3_ssl_early_data.t tests. Fix is to copy at most 8 bytes for parse_int() calls when parsing frame types.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Mon, 03 Jun 2024 04:17:28 +0300
parents	2a0a6035a1af
children

rev	line source
1749 34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	1 #!/usr/bin/perl
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	2
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	3 # (C) Sergey Kandaurov
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	4 # (C) Nginx, Inc.
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	5
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	6 # Tests for http ssl module, $ssl_curve variable.
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	7
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	8 ###############################################################################
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	9
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	10 use warnings;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	11 use strict;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	12
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	13 use Test::More;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	14
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	15 BEGIN { use FindBin; chdir($FindBin::Bin); }
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	16
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	17 use lib 'lib';
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	18 use Test::Nginx;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	19
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	20 ###############################################################################
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	21
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	22 select STDERR; $\| = 1;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	23 select STDOUT; $\| = 1;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	24
1860 58951cf933e1 Tests: added has_feature() test for SSL libraries. Maxim Dounin <mdounin@mdounin.ru> parents: 1858 diff changeset	25 my $t = Test::Nginx->new()
1935 6bafe9419126 Tests: allowed ssl_curve.t to run on BoringSSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1866 diff changeset	26 ->has(qw/http http_ssl rewrite socket_ssl/)
1749 34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	27 ->has_daemon('openssl');
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	28
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	29 $t->write_file_expand('nginx.conf', <<'EOF');
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	30
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	31 %%TEST_GLOBALS%%
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	32
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	33 daemon off;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	34
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	35 events {
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	36 }
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	37
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	38 http {
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	39 %%TEST_GLOBALS_HTTP%%
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	40
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	41 ssl_certificate_key localhost.key;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	42 ssl_certificate localhost.crt;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	43
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	44 ssl_ecdh_curve prime256v1;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	45
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	46 server {
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	47 listen 127.0.0.1:8443 ssl;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	48 server_name localhost;
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	49
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	50 return 200 "$ssl_curve $ssl_curves";
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	51 }
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	52 }
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	53
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	54 EOF
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	55
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	56 $t->write_file('openssl.conf', <<EOF);
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	57 [ req ]
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	58 default_bits = 2048
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	59 encrypt_key = no
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	60 distinguished_name = req_distinguished_name
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	61 [ req_distinguished_name ]
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	62 EOF
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	63
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	64 my $d = $t->testdir();
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	65
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	66 foreach my $name ('localhost') {
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	67 system('openssl req -x509 -new '
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	68 . "-config $d/openssl.conf -subj /CN=$name/ "
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	69 . "-out $d/$name.crt -keyout $d/$name.key "
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	70 . ">>$d/openssl.out 2>&1") == 0
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	71 or die "Can't create certificate for $name: $!\n";
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	72 }
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	73
1937 2a0a6035a1af Tests: removed TODO and try_run() checks for legacy versions. Sergey Kandaurov <pluknet@nginx.com> parents: 1935 diff changeset	74 $t->run()->plan(1);
1749 34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	75
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	76 ###############################################################################
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	77
1935 6bafe9419126 Tests: allowed ssl_curve.t to run on BoringSSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1866 diff changeset	78 local $TODO = 'OpenSSL too old'
6bafe9419126 Tests: allowed ssl_curve.t to run on BoringSSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1866 diff changeset	79 unless $t->has_feature('openssl:3.0.0')
6bafe9419126 Tests: allowed ssl_curve.t to run on BoringSSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1866 diff changeset	80 or $t->has_module('BoringSSL');
6bafe9419126 Tests: allowed ssl_curve.t to run on BoringSSL. Sergey Kandaurov <pluknet@nginx.com> parents: 1866 diff changeset	81
1866 a797d7428fa5 Tests: simplified http SSL tests with IO::Socket::SSL. Maxim Dounin <mdounin@mdounin.ru> parents: 1860 diff changeset	82 like(http_get('/curve', SSL => 1), qr/^prime256v1 /m, 'ssl curve');
1749 34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	83
34fc85598287 Tests: $ssl_curve. Sergey Kandaurov <pluknet@nginx.com> parents: diff changeset	84 ###############################################################################

Mercurial > hg > nginx-tests

annotate ssl_curve.t @ 1983:c7315caf2110