Mercurial > hg > nginx-tests

annotate stream_ssl_preread.t @ 1609:f3ba4c74de31

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: added TEST_GLOBALS_STREAM variable support.
author Andrei Belov <defan@nginx.com>
date Thu, 12 Nov 2020 17:46:49 +0300
parents dbce8fb5f5f8
children cdcd75657e52
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
1 #!/usr/bin/perl
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
2
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
3 # (C) Sergey Kandaurov
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
4 # (C) Nginx, Inc.
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
5
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
6 # Tests for stream_ssl_preread module.
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
7
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
8 ###############################################################################
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
9
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
10 use warnings;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
11 use strict;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
12
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
13 use Test::More;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
14
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
15 BEGIN { use FindBin; chdir($FindBin::Bin); }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
16
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
17 use lib 'lib';
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
18 use Test::Nginx;
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
19 use Test::Nginx::Stream qw/ stream /;
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
20
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
21 ###############################################################################
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
22
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
23 select STDERR; $| = 1;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
24 select STDOUT; $| = 1;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
25
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
26 my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/)
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
27 ->has(qw/stream_ssl stream_return/)->has_daemon('openssl')
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
28 ->write_file_expand('nginx.conf', <<'EOF');
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
29
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
30 %%TEST_GLOBALS%%
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
31
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
32 daemon off;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
33
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
34 events {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
35 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
36
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
37 stream {
1609
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
38 %%TEST_GLOBALS_STREAM%%
f3ba4c74de31 Tests: added TEST_GLOBALS_STREAM variable support.
Andrei Belov <defan@nginx.com>
parents: 1488
diff changeset
39
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
40 log_format status $status;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
41
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
42 map $ssl_preread_server_name $name {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
43 "" 127.0.0.1:8093;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
44 default $ssl_preread_server_name;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
45 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
46
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
47 upstream foo {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
48 server 127.0.0.1:8091;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
49 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
50
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
51 upstream bar {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
52 server 127.0.0.1:8092;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
53 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
54
1199
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
55 upstream next {
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
56 server 127.0.0.1:8094;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
57 server 127.0.0.1:8080;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
58 }
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
59
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
60 ssl_preread on;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
61
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
62 server {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
63 listen 127.0.0.1:8080;
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
64 return $name;
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
65 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
66
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
67 server {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
68 listen 127.0.0.1:8081;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
69 proxy_pass $name;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
70 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
71
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
72 server {
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
73 listen 127.0.0.1:8082;
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
74 proxy_pass $name;
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
75 ssl_preread off;
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
76 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
77
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
78 server {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
79 listen 127.0.0.1:8083;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
80 proxy_pass $name;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
81
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
82 preread_timeout 2s;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
83 preread_buffer_size 42;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
84
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
85 access_log %%TESTDIR%%/status.log status;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
86 }
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
87
1199
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
88 server {
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
89 listen 127.0.0.1:8084;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
90 proxy_pass next;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
91
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
92 proxy_connect_timeout 2s;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
93 preread_buffer_size 8;
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
94 }
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
95
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
96 ssl_certificate_key localhost.key;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
97 ssl_certificate localhost.crt;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
98
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
99 server {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
100 listen 127.0.0.1:8091 ssl;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
101 listen 127.0.0.1:8092 ssl;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
102 listen 127.0.0.1:8093 ssl;
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
103 ssl_preread off;
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
104 return $server_port;
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
105 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
106 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
107
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
108 EOF
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
109
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
110 eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
111 plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
112
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
113 eval {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
114 if (IO::Socket::SSL->can('can_client_sni')) {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
115 IO::Socket::SSL->can_client_sni() or die;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
116 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
117 };
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
118 plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
119
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
120 eval {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
121 my $ctx = Net::SSLeay::CTX_new() or die;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
122 my $ssl = Net::SSLeay::new($ctx) or die;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
123 Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
124 };
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
125 plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
126
1314
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
127 $t->plan(13);
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
128
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
129 $t->write_file('openssl.conf', <<EOF);
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
130 [ req ]
1488
dbce8fb5f5f8 Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1421
diff changeset
131 default_bits = 2048
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
132 encrypt_key = no
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
133 distinguished_name = req_distinguished_name
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
134 [ req_distinguished_name ]
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
135 EOF
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
136
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
137 my $d = $t->testdir();
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
138
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
139 foreach my $name ('localhost') {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
140 system('openssl req -x509 -new '
1220
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1219
diff changeset
141 . "-config $d/openssl.conf -subj /CN=$name/ "
0af58b78df35 Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1219
diff changeset
142 . "-out $d/$name.crt -keyout $d/$name.key "
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
143 . ">>$d/openssl.out 2>&1") == 0
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
144 or die "Can't create certificate for $name: $!\n";
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
145 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
146
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
147 $t->run();
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
148
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
149 ###############################################################################
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
150
1199
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
151 my ($p1, $p2, $p3, $p4) = (port(8091), port(8092), port(8093), port(8084));
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
152
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
153 is(get_ssl('foo', 8081), $p1, 'sni');
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
154 is(get_ssl('foo', 8081), $p1, 'sni again');
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
155
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
156 is(get_ssl('bar', 8081), $p2, 'sni 2');
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
157 is(get_ssl('bar', 8081), $p2, 'sni 2 again');
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
158
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
159 # fallback to an empty value for some reason
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
160
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
161 is(get_ssl('', 8081), $p3, 'no sni');
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
162 is(get_ssl('foo', 8082), $p3, 'preread off');
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
163 is(get_ssl('foo', 8083), undef, 'preread buffer full');
1235
3fc6817cd84a Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1232
diff changeset
164 is(stream('127.0.0.1:' . port(8080))->io('x' x 1000), "127.0.0.1:$p3",
3fc6817cd84a Tests: explicit peer port in stream tests now required.
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1232
diff changeset
165 'not a handshake');
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
166
1232
a4a040b4e4dd Tests: removed TODOs for fixes merged in 1.12.2.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1220
diff changeset
167 # ticket #1317
1199
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
168
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
169 is(stream("127.0.0.1:$p4")->io('x' x 16), "127.0.0.1:$p3",
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
170 'pending buffers on next upstream');
08f6eacf1cfe Tests: stream proxy next upstream with ssl_preread (ticket #1317).
Andrey Zelenkov <zelenkov@nginx.com>
parents: 1198
diff changeset
171
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
172 # no junk in variable due to short ClientHello length value
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
173
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
174 is(get_short(), "127.0.0.1:$p3", 'short client hello');
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
175
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
176 # allow record with older SSL version, such as 3.0
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
177
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
178 is(get_oldver(), 'foo', 'older version in ssl record');
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
179
1314
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
180 # SNI "foo|f" fragmented across TLS records
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
181
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
182 is(get_frag(), 'foof', 'handshake fragment split on SNI');
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
183
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
184 $t->stop();
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
185
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
186 is($t->read_file('status.log'), "400\n", 'preread buffer full - log');
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
187
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
188 ###############################################################################
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
189
1314
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
190 sub get_frag {
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
191 my $r = pack("N*", 0x16030100, 0x3b010000, 0x380303ac,
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
192 0x8c8678a0, 0xaa1e7eed, 0x3644eed6, 0xc3bd2c69,
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
193 0x7bc7deda, 0x249db0e3, 0x0c339eba, 0xa80b7600,
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
194 0x00020000, 0x0100000d, 0x00000009, 0x00070000,
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
195 0x04666f6f, 0x16030100);
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
196 $r .= pack("n", 0x0166);
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
197
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
198 http($r);
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
199 }
b6d941ff65f4 Tests: added stream ssl preread test for message fragmentation.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1251
diff changeset
200
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
201 sub get_short {
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
202 my $r = pack("N*", 0x16030100, 0x38010000, 0x330303eb);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
203 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
204 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
205 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
206 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
207
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
208 http($r);
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
209 }
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
210
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
211 sub get_oldver {
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
212 my $r = pack("N*", 0x16030000, 0x38010000, 0x340303eb);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
213 $r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
214 $r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
215 $r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
216 $r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f);
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
217
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
218 http($r);
1099
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
219 }
dd3031bbc705 Tests: various stream_ssl_preread tests with ill-formed records.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1034
diff changeset
220
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
221 sub get_ssl {
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
222 my ($host, $port) = @_;
1202
cbda704b3093 Tests: fixed stream_ssl_preread.t when run in parallel.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1199
diff changeset
223 my $s = stream('127.0.0.1:' . port($port));
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
224
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
225 eval {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
226 local $SIG{ALRM} = sub { die "timeout\n" };
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
227 local $SIG{PIPE} = sub { die "sigpipe\n" };
1421
4e48bf51714f Tests: aligned various generic read timeouts to http_end().
Sergey Kandaurov <pluknet@nginx.com>
parents: 1407
diff changeset
228 alarm(8);
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
229 IO::Socket::SSL->start_SSL($s->{_socket},
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
230 SSL_hostname => $host,
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
231 SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
232 SSL_error_trap => sub { die $_[1] }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
233 );
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
234 alarm(0);
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
235 };
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
236 alarm(0);
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
237
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
238 if ($@) {
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
239 log_in("died: $@");
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
240 return undef;
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
241 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
242
1198
cd153f1bbaad Tests: simplified stream_ssl_preread.t by not using http backends.
Sergey Kandaurov <pluknet@nginx.com>
parents: 1118
diff changeset
243 return $s->read();
1034
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
244 }
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
245
679cefd5896b Tests: stream_ssl_preread module tests.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff changeset
246 ###############################################################################