Mercurial > hg > nginx-tests
comparison proxy_ssl_conf_command.t @ 1697:5386f4328b90
Tests: added OpenSSL command tests for uwsgi and grpc backends.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 02 Jun 2021 15:51:29 +0300 |
parents | 4baeba0e0da2 |
children | 58951cf933e1 |
comparison
equal
deleted
inserted
replaced
1696:4baeba0e0da2 | 1697:5386f4328b90 |
---|---|
1 #!/usr/bin/perl | 1 #!/usr/bin/perl |
2 | 2 |
3 # (C) Sergey Kandaurov | 3 # (C) Sergey Kandaurov |
4 # (C) Nginx, Inc. | 4 # (C) Nginx, Inc. |
5 | 5 |
6 # Tests for http proxy to ssl backend, proxy_ssl_conf_command. | 6 # Tests for proxy_ssl_conf_command and friends. |
7 | 7 |
8 ############################################################################### | 8 ############################################################################### |
9 | 9 |
10 use warnings; | 10 use warnings; |
11 use strict; | 11 use strict; |
20 ############################################################################### | 20 ############################################################################### |
21 | 21 |
22 select STDERR; $| = 1; | 22 select STDERR; $| = 1; |
23 select STDOUT; $| = 1; | 23 select STDOUT; $| = 1; |
24 | 24 |
25 my $t = Test::Nginx->new()->has(qw/http http_ssl proxy/) | 25 my $t = Test::Nginx->new()->has(qw/http http_ssl proxy uwsgi http_v2 grpc/) |
26 ->has_daemon('openssl'); | 26 ->has_daemon('openssl'); |
27 | 27 |
28 $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; | 28 $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; |
29 plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; | 29 plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; |
30 plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); | 30 plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); |
43 | 43 |
44 server { | 44 server { |
45 listen 127.0.0.1:8080; | 45 listen 127.0.0.1:8080; |
46 server_name localhost; | 46 server_name localhost; |
47 | 47 |
48 proxy_ssl_certificate localhost.crt; | 48 location / { |
49 proxy_ssl_certificate_key localhost.key; | 49 proxy_ssl_certificate localhost.crt; |
50 proxy_ssl_conf_command Certificate override.crt; | 50 proxy_ssl_certificate_key localhost.key; |
51 proxy_ssl_conf_command PrivateKey override.key; | 51 proxy_ssl_conf_command Certificate override.crt; |
52 proxy_ssl_conf_command PrivateKey override.key; | |
53 proxy_pass https://127.0.0.1:8081; | |
54 } | |
52 | 55 |
53 location / { | 56 location /uwsgi { |
54 proxy_pass https://127.0.0.1:8081/; | 57 uwsgi_ssl_certificate localhost.crt; |
58 uwsgi_ssl_certificate_key localhost.key; | |
59 uwsgi_ssl_conf_command Certificate override.crt; | |
60 uwsgi_ssl_conf_command PrivateKey override.key; | |
61 uwsgi_ssl_session_reuse off; | |
62 uwsgi_pass suwsgi://127.0.0.1:8081; | |
63 } | |
64 | |
65 location /grpc { | |
66 grpc_ssl_certificate localhost.crt; | |
67 grpc_ssl_certificate_key localhost.key; | |
68 grpc_ssl_conf_command Certificate override.crt; | |
69 grpc_ssl_conf_command PrivateKey override.key; | |
70 grpc_pass grpcs://127.0.0.1:8082; | |
55 } | 71 } |
56 } | 72 } |
57 | 73 |
58 server { | 74 server { |
59 listen 127.0.0.1:8081 ssl; | 75 listen 127.0.0.1:8081 ssl; |
76 listen 127.0.0.1:8082 ssl http2; | |
60 server_name localhost; | 77 server_name localhost; |
61 | 78 |
62 ssl_certificate localhost.crt; | 79 ssl_certificate localhost.crt; |
63 ssl_certificate_key localhost.key; | 80 ssl_certificate_key localhost.key; |
64 ssl_verify_client optional_no_ca; | 81 ssl_verify_client optional_no_ca; |
65 | 82 |
66 location / { | 83 # stub to implement SSL logic for tests |
67 add_header X-Cert $ssl_client_s_dn; | 84 |
68 } | 85 add_header X-Cert $ssl_client_s_dn always; |
69 } | 86 } |
70 } | 87 } |
71 | 88 |
72 EOF | 89 EOF |
73 | 90 |
88 . ">>$d/openssl.out 2>&1") == 0 | 105 . ">>$d/openssl.out 2>&1") == 0 |
89 or die "Can't create certificate for $name: $!\n"; | 106 or die "Can't create certificate for $name: $!\n"; |
90 } | 107 } |
91 | 108 |
92 $t->write_file('index.html', ''); | 109 $t->write_file('index.html', ''); |
93 $t->run()->plan(1); | 110 $t->run()->plan(3); |
94 | 111 |
95 ############################################################################### | 112 ############################################################################### |
96 | 113 |
97 like(http_get('/'), qr/CN=override/, 'Certificate'); | 114 like(http_get('/'), qr/CN=override/, 'proxy_ssl_conf_command'); |
115 like(http_get('/uwsgi'), qr/CN=override/, 'uwsgi_ssl_conf_command'); | |
116 like(http_get('/grpc'), qr/CN=override/, 'grpc_ssl_conf_command'); | |
98 | 117 |
99 ############################################################################### | 118 ############################################################################### |