Mercurial > hg > nginx-tests
comparison h2_http2.t @ 1907:034c9121b9d1
Tests: added h2_http2.t TODOs for LibreSSL and older OpenSSL.
Those libraries provide an older callback order, where ALPN callback
is invoked before SNI callback.
Additionally, OpenSSL 1.0.2 doesn't send alert on ALPN mismatch.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 08 Jun 2023 16:41:11 +0400 |
parents | c560f5da581e |
children | 79ca9ab75310 |
comparison
equal
deleted
inserted
replaced
1906:930df2f91aec | 1907:034c9121b9d1 |
---|---|
113 ############################################################################### | 113 ############################################################################### |
114 | 114 |
115 # make sure HTTP/2 can be disabled selectively on virtual servers | 115 # make sure HTTP/2 can be disabled selectively on virtual servers |
116 | 116 |
117 ok(get_ssl_socket(8443), 'default to enabled'); | 117 ok(get_ssl_socket(8443), 'default to enabled'); |
118 | |
119 TODO: { | |
120 local $TODO = 'broken ALPN/SNI order in LibreSSL' | |
121 if $t->has_module('LibreSSL'); | |
122 local $TODO = 'OpenSSL too old' | |
123 if $t->has_module('OpenSSL') | |
124 and not $t->has_feature('openssl:1.1.0'); | |
125 | |
118 ok(!get_ssl_socket(8443, 'disabled'), 'sni to disabled'); | 126 ok(!get_ssl_socket(8443, 'disabled'), 'sni to disabled'); |
127 | |
128 } | |
119 | 129 |
120 is(get_https(8443, 'http2'), 200, 'host to enabled'); | 130 is(get_https(8443, 'http2'), 200, 'host to enabled'); |
121 is(get_https(8443, 'disabled', 'http2'), 421, 'host to disabled'); | 131 is(get_https(8443, 'disabled', 'http2'), 421, 'host to disabled'); |
122 | 132 |
123 # make sure HTTP/2 can be enabled selectively on virtual servers | 133 # make sure HTTP/2 can be enabled selectively on virtual servers |
124 | 134 |
135 TODO: { | |
136 local $TODO = 'OpenSSL too old' | |
137 if $t->has_module('OpenSSL') | |
138 and not $t->has_feature('openssl:1.1.0'); | |
139 | |
125 ok(!get_ssl_socket(8444), 'default to disabled'); | 140 ok(!get_ssl_socket(8444), 'default to disabled'); |
141 | |
142 } | |
143 | |
144 TODO: { | |
145 local $TODO = 'broken ALPN/SNI order in LibreSSL' | |
146 if $t->has_module('LibreSSL'); | |
147 local $TODO = 'OpenSSL too old' | |
148 if $t->has_module('OpenSSL') | |
149 and not $t->has_feature('openssl:1.1.0'); | |
150 | |
126 is(get_https(8444, 'http2'), 200, 'sni to enabled'); | 151 is(get_https(8444, 'http2'), 200, 'sni to enabled'); |
152 | |
153 } | |
127 | 154 |
128 # http2 detection on plain tcp socket by connection preface | 155 # http2 detection on plain tcp socket by connection preface |
129 | 156 |
130 like(http_get('/'), qr/200 OK/, 'non-ssl http'); | 157 like(http_get('/'), qr/200 OK/, 'non-ssl http'); |
131 is(get_http(8080), 200, 'non-ssl http2'); | 158 is(get_http(8080), 200, 'non-ssl http2'); |