Mercurial > hg > nginx-tests
comparison quic_retry.t @ 1939:24482e311749
Tests: added QUIC test with resending Initial packets on Retry.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 30 Aug 2023 16:47:57 +0400 |
parents | 161dc73812b3 |
children |
comparison
equal
deleted
inserted
replaced
1938:e1059682aeef | 1939:24482e311749 |
---|---|
22 | 22 |
23 select STDERR; $| = 1; | 23 select STDERR; $| = 1; |
24 select STDOUT; $| = 1; | 24 select STDOUT; $| = 1; |
25 | 25 |
26 my $t = Test::Nginx->new()->has(qw/http http_v3 cryptx/) | 26 my $t = Test::Nginx->new()->has(qw/http http_v3 cryptx/) |
27 ->has_daemon('openssl')->plan(7) | 27 ->has_daemon('openssl')->plan(8) |
28 ->write_file_expand('nginx.conf', <<'EOF'); | 28 ->write_file_expand('nginx.conf', <<'EOF'); |
29 | 29 |
30 %%TEST_GLOBALS%% | 30 %%TEST_GLOBALS%% |
31 | 31 |
32 daemon off; | 32 daemon off; |
38 %%TEST_GLOBALS_HTTP%% | 38 %%TEST_GLOBALS_HTTP%% |
39 | 39 |
40 ssl_certificate_key localhost.key; | 40 ssl_certificate_key localhost.key; |
41 ssl_certificate localhost.crt; | 41 ssl_certificate localhost.crt; |
42 quic_retry on; | 42 quic_retry on; |
43 | |
44 keepalive_timeout 3s; | |
43 | 45 |
44 server { | 46 server { |
45 listen 127.0.0.1:%%PORT_8980_UDP%% quic; | 47 listen 127.0.0.1:%%PORT_8980_UDP%% quic; |
46 server_name localhost; | 48 server_name localhost; |
47 | 49 |
118 ($frame) = grep { $_->{type} eq "CONNECTION_CLOSE" } @$frames; | 120 ($frame) = grep { $_->{type} eq "CONNECTION_CLOSE" } @$frames; |
119 is($frame->{error}, 11, 'retry token decrypt error'); | 121 is($frame->{error}, 11, 'retry token decrypt error'); |
120 | 122 |
121 } | 123 } |
122 | 124 |
125 # resending client Initial packets after receiving a Retry packet | |
126 # to simulate server Initial packet loss triggering its retransmit, | |
127 # used to create extra nginx connections before 8f7e6d8c061e, | |
128 # caught by CRYPTO stream mismatch among server Initial packets | |
129 | |
130 TODO: { | |
131 local $TODO = 'not yet' unless $t->has_version('1.25.3'); | |
132 | |
133 $s = new_connection_resend(); | |
134 $sid = $s->new_stream(); | |
135 | |
136 eval { | |
137 # would die on "bad inner" sanity check | |
138 $frames = $s->read(all => [{ sid => $sid, fin => 1 }]); | |
139 }; | |
140 | |
141 ($frame) = grep { $_->{type} eq "HEADERS" } @$frames; | |
142 is($frame->{headers}->{':status'}, 403, 'resend initial'); | |
143 | |
144 } | |
145 | |
123 ############################################################################### | 146 ############################################################################### |
147 | |
148 # expanded handshake version to send repetitive Initial packets | |
149 | |
150 sub new_connection_resend { | |
151 $s = Test::Nginx::HTTP3->new(8980, probe => 1); | |
152 $s->{socket}->sysread($s->{buf}, 65527); | |
153 # read token and updated connection IDs | |
154 (undef, undef, $s->{token}) = $s->decrypt_retry($s->{buf}); | |
155 # apply connection IDs for new Initial secrets | |
156 $s->retry(probe => 1); | |
157 # send the second Initial packet | |
158 $s->initial(); | |
159 # the rest of handshake, advancing key schedule | |
160 $s->handshake(); | |
161 return $s; | |
162 } | |
163 | |
164 ############################################################################### |