Mercurial > hg > nginx-tests

comparison stream_proxy_ssl_name.t @ 559:9208d8243926

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Tests: stream ssl and proxy ssl tests.
author Sergey Kandaurov <pluknet@nginx.com>
date Thu, 23 Apr 2015 14:01:21 +0300
parents
children f02dac68d584
comparison
equal deleted inserted replaced
558:27740a2dd781 559:9208d8243926
1 #!/usr/bin/perl
2
3 # (C) Sergey Kandaurov
4 # (C) Nginx, Inc.
5
6 # Stream tests for proxy to ssl backend, use of Server Name Indication
7 # (proxy_ssl_name, proxy_ssl_server_name directives).
8
9 ###############################################################################
10
11 use warnings;
12 use strict;
13
14 use Test::More;
15
16 use IO::Select;
17
18 BEGIN { use FindBin; chdir($FindBin::Bin); }
19
20 use lib 'lib';
21 use Test::Nginx;
22
23 ###############################################################################
24
25 select STDERR; $| = 1;
26 select STDOUT; $| = 1;
27
28 my $t = Test::Nginx->new()->has(qw/stream stream_ssl http http_ssl sni/)
29 ->has_daemon('openssl')->plan(5);
30
31 $t->write_file_expand('nginx.conf', <<'EOF');
32
33 %%TEST_GLOBALS%%
34
35 daemon off;
36
37 events {
38 }
39
40 stream {
41 proxy_ssl on;
42 proxy_ssl_session_reuse off;
43
44 upstream u {
45 server 127.0.0.1:8086;
46 }
47
48 server {
49 listen 127.0.0.1:8080;
50 proxy_pass u;
51
52 proxy_ssl_server_name off;
53 }
54
55 server {
56 listen 127.0.0.1:8081;
57 proxy_pass u;
58
59 proxy_ssl_server_name on;
60 }
61
62 server {
63 listen 127.0.0.1:8082;
64 proxy_pass 127.0.0.1:8086;
65
66 proxy_ssl_server_name on;
67 proxy_ssl_name example.com;
68 }
69
70 server {
71 listen 127.0.0.1:8083;
72 proxy_pass 127.0.0.1:8086;
73
74 proxy_ssl_server_name on;
75 }
76
77 server {
78 listen 127.0.0.1:8084;
79 proxy_pass 127.0.0.1:8086;
80
81 proxy_ssl_server_name on;
82 proxy_ssl_name example.com:123;
83 }
84 }
85
86 http {
87 %%TEST_GLOBALS_HTTP%%
88
89 server {
90 listen 127.0.0.1:8086 ssl;
91 server_name localhost;
92
93 ssl_certificate_key localhost.key;
94 ssl_certificate localhost.crt;
95
96 location / {
97 add_header X-Name $ssl_server_name,;
98 }
99 }
100 }
101
102 EOF
103
104 $t->write_file('openssl.conf', <<EOF);
105 [ req ]
106 default_bits = 2048
107 encrypt_key = no
108 distinguished_name = req_distinguished_name
109 [ req_distinguished_name ]
110 EOF
111
112 my $d = $t->testdir();
113
114 foreach my $name ('localhost') {
115 system('openssl req -x509 -new '
116 . "-config '$d/openssl.conf' -subj '/CN=$name/' "
117 . "-out '$d/$name.crt' -keyout '$d/$name.key' "
118 . ">>$d/openssl.out 2>&1") == 0
119 or die "Can't create certificate for $name: $!\n";
120 }
121
122 $t->write_file('index.html', '');
123
124 $t->run();
125
126 ###############################################################################
127
128 like(http_get('/', socket => getconn('127.0.0.1:8080')),
129 qr/200 OK.*X-Name: ,/s, 'no name');
130 like(http_get('/', socket => getconn('127.0.0.1:8081')),
131 qr/200 OK.*X-Name: u,/s, 'name default');
132 like(http_get('/', socket => getconn('127.0.0.1:8082')),
133 qr/200 OK.*X-Name: example.com,/s, 'name override');
134 like(http_get('/', socket => getconn('127.0.0.1:8083')),
135 qr/200 OK.*X-Name: ,/s, 'no ip');
136 like(http_get('/', socket => getconn('127.0.0.1:8084')),
137 qr/200 OK.*X-Name: example.com,/s, 'no port in name');
138
139 ###############################################################################
140
141 sub getconn {
142 my $peer = shift;
143 my $s = IO::Socket::INET->new(
144 Proto => 'tcp',
145 PeerAddr => $peer || '127.0.0.1:8080'
146 )
147 or die "Can't connect to nginx: $!\n";
148
149 return $s;
150 }
151
152 ###############################################################################