Mercurial > hg > nginx-tests
comparison ssl.t @ 1830:8dec885fa3da
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 23 Mar 2023 19:49:49 +0300 |
parents | a78c32419f02 |
children | cdcd75657e52 |
comparison
equal
deleted
inserted
replaced
1829:a78c32419f02 | 1830:8dec885fa3da |
---|---|
183 TODO: { | 183 TODO: { |
184 local $TODO = 'no TLSv1.3 sessions, old Net::SSLeay' | 184 local $TODO = 'no TLSv1.3 sessions, old Net::SSLeay' |
185 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); | 185 if $Net::SSLeay::VERSION < 1.88 && test_tls13(); |
186 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' | 186 local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL' |
187 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); | 187 if $IO::Socket::SSL::VERSION < 2.061 && test_tls13(); |
188 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
189 if $t->has_module('LibreSSL') && test_tls13(); | |
188 | 190 |
189 like(get('/', 8085, $ctx), qr/^body r$/m, 'session reused'); | 191 like(get('/', 8085, $ctx), qr/^body r$/m, 'session reused'); |
190 | 192 |
191 } | 193 } |
192 | 194 |
209 | 211 |
210 # embedded variables | 212 # embedded variables |
211 | 213 |
212 $ctx = get_ssl_context(); | 214 $ctx = get_ssl_context(); |
213 like(get('/id', 8085, $ctx), qr/^body (\w{64})?$/m, 'session id'); | 215 like(get('/id', 8085, $ctx), qr/^body (\w{64})?$/m, 'session id'); |
216 | |
217 TODO: { | |
218 local $TODO = 'no TLSv1.3 sessions in LibreSSL' | |
219 if $t->has_module('LibreSSL') && test_tls13(); | |
220 local $TODO = 'no TLSv1.3 sessions ids in BoringSSL' | |
221 if $t->has_module('BoringSSL') && test_tls13(); | |
222 | |
214 like(get('/id', 8085, $ctx), qr/^body \w{64}$/m, 'session id reused'); | 223 like(get('/id', 8085, $ctx), qr/^body \w{64}$/m, 'session id reused'); |
224 | |
225 } | |
215 | 226 |
216 unlike(http_get('/id'), qr/body \w/, 'session id no ssl'); | 227 unlike(http_get('/id'), qr/body \w/, 'session id no ssl'); |
217 | 228 |
218 like(get('/cipher', 8085), qr/^body [\w-]+$/m, 'cipher'); | 229 like(get('/cipher', 8085), qr/^body [\w-]+$/m, 'cipher'); |
219 | 230 |