# HG changeset patch # User Maxim Dounin # Date 1684422426 -10800 # Node ID 58951cf933e1b2dae6a19bdc657a0acad128dd43 # Parent 5f46af4707e77a4b44d79e1f3c630ceb61e10201 Tests: added has_feature() test for SSL libraries. This makes it possible to further simplify various SSL tests. It also avoids direct testing of the $t->{_configure_args} internal field, and implements proper comparison of version numbers. diff --git a/grpc_pass.t b/grpc_pass.t --- a/grpc_pass.t +++ b/grpc_pass.t @@ -107,8 +107,7 @@ like(http_get('/basic'), qr/200 OK/, 'no like(http_get('/grpc'), qr/200 OK/, 'grpc scheme'); SKIP: { -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -skip 'OpenSSL too old', 1 unless defined $1 and $1 ge '1.0.2'; +skip 'OpenSSL too old', 1 unless $t->has_feature('openssl:1.0.2'); like(http_get('/grpcs'), qr/200 OK/, 'grpcs scheme'); diff --git a/grpc_ssl.t b/grpc_ssl.t --- a/grpc_ssl.t +++ b/grpc_ssl.t @@ -24,12 +24,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/http rewrite http_v2 grpc/) - ->has(qw/upstream_keepalive http_ssl/)->has_daemon('openssl'); - -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; - -$t->write_file_expand('nginx.conf', <<'EOF')->plan(38); + ->has(qw/upstream_keepalive http_ssl openssl:1.0.2/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF')->plan(38); %%TEST_GLOBALS%% diff --git a/h2_ssl.t b/h2_ssl.t --- a/h2_ssl.t +++ b/h2_ssl.t @@ -87,10 +87,12 @@ plan(skip_all => 'no ALPN negotiation') ############################################################################### SKIP: { -$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/; -skip 'LibreSSL too old', 1 if defined $1 and $1 lt '3.4.0'; -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -skip 'OpenSSL too old', 1 if defined $1 and $1 lt '1.1.0'; +skip 'LibreSSL too old', 1 + if $t->has_module('LibreSSL') + and not $t->has_feature('libressl:3.4.0'); +skip 'OpenSSL too old', 1 + if $t->has_module('OpenSSL') + and not $t->has_feature('openssl:1.1.0'); TODO: { local $TODO = 'not yet' unless $t->has_version('1.21.4'); diff --git a/lib/Test/Nginx.pm b/lib/Test/Nginx.pm --- a/lib/Test/Nginx.pm +++ b/lib/Test/Nginx.pm @@ -266,6 +266,28 @@ sub has_feature($) { return 0; } + if ($feature =~ /^(openssl|libressl):([0-9.]+)/) { + my $library = $1; + my $need = $2; + + $self->{_configure_args} = `$NGINX -V 2>&1` + if !defined $self->{_configure_args}; + + return 0 unless + $self->{_configure_args} =~ /with $library ([0-9.]+)/i; + + my @v = split(/\./, $1); + my ($n, $v); + + for $n (split(/\./, $need)) { + $v = shift @v || 0; + return 0 if $n > $v; + return 1 if $v > $n; + } + + return 1; + } + return 0; } diff --git a/mail_ssl.t b/mail_ssl.t --- a/mail_ssl.t +++ b/mail_ssl.t @@ -175,10 +175,12 @@ like(Net::SSLeay::dump_peer_certificate( ok(get_ssl_socket(8148, ['imap']), 'alpn'); SKIP: { -$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/; -skip 'LibreSSL too old', 1 if defined $1 and $1 lt '3.4.0'; -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -skip 'OpenSSL too old', 1 if defined $1 and $1 lt '1.1.0'; +skip 'LibreSSL too old', 1 + if $t->has_module('LibreSSL') + and not $t->has_feature('libressl:3.4.0'); +skip 'OpenSSL too old', 1 + if $t->has_module('OpenSSL') + and not $t->has_feature('openssl:1.1.0'); TODO: { local $TODO = 'not yet' unless $t->has_version('1.21.4'); diff --git a/mail_ssl_conf_command.t b/mail_ssl_conf_command.t --- a/mail_ssl_conf_command.t +++ b/mail_ssl_conf_command.t @@ -32,11 +32,9 @@ eval { }; plan(skip_all => 'Net::SSLeay not installed') if $@; -my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap/) +my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/proxy_ssl_conf_command.t b/proxy_ssl_conf_command.t --- a/proxy_ssl_conf_command.t +++ b/proxy_ssl_conf_command.t @@ -22,11 +22,10 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl proxy uwsgi http_v2 grpc/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl proxy uwsgi http_v2 grpc openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_certificate.t b/ssl_certificate.t --- a/ssl_certificate.t +++ b/ssl_certificate.t @@ -39,12 +39,9 @@ eval { }; plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; -my $t = Test::Nginx->new()->has(qw/http http_ssl geo/) +my $t = Test::Nginx->new()->has(qw/http http_ssl geo openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; - $t->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% diff --git a/ssl_certificate_perl.t b/ssl_certificate_perl.t --- a/ssl_certificate_perl.t +++ b/ssl_certificate_perl.t @@ -37,10 +37,9 @@ eval { }; plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; -my $t = Test::Nginx->new()->has(qw/http http_ssl perl/)->has_daemon('openssl'); - -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; +my $t = Test::Nginx->new() + ->has(qw/http http_ssl perl openssl:1.0.2/) + ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_conf_command.t b/ssl_conf_command.t --- a/ssl_conf_command.t +++ b/ssl_conf_command.t @@ -30,11 +30,9 @@ eval { }; plan(skip_all => 'Net::SSLeay not installed') if $@; -my $t = Test::Nginx->new()->has(qw/http http_ssl/) +my $t = Test::Nginx->new()->has(qw/http http_ssl openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_curve.t b/ssl_curve.t --- a/ssl_curve.t +++ b/ssl_curve.t @@ -22,12 +22,10 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl rewrite socket_ssl openssl:3.0.0/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL (\d+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 >= 3; - $t->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% diff --git a/stream_proxy_ssl_conf_command.t b/stream_proxy_ssl_conf_command.t --- a/stream_proxy_ssl_conf_command.t +++ b/stream_proxy_ssl_conf_command.t @@ -22,11 +22,10 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl http http_ssl/) +my $t = Test::Nginx->new() + ->has(qw/stream stream_ssl http http_ssl openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/stream_ssl_alpn.t b/stream_ssl_alpn.t --- a/stream_ssl_alpn.t +++ b/stream_ssl_alpn.t @@ -81,10 +81,12 @@ is(get_ssl('wrong', 'second'), 'X second is(get_ssl(), 'X X', 'no alpn'); SKIP: { -$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/; -skip 'LibreSSL too old', 2 if defined $1 and $1 lt '3.4.0'; -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -skip 'OpenSSL too old', 2 if defined $1 and $1 lt '1.1.0'; +skip 'LibreSSL too old', 2 + if $t->has_module('LibreSSL') + and not $t->has_feature('libressl:3.4.0'); +skip 'OpenSSL too old', 2 + if $t->has_module('OpenSSL') + and not $t->has_feature('openssl:1.1.0'); ok(!get_ssl('wrong'), 'alpn mismatch'); diff --git a/stream_ssl_certificate.t b/stream_ssl_certificate.t --- a/stream_ssl_certificate.t +++ b/stream_ssl_certificate.t @@ -37,13 +37,10 @@ eval { }; plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_geo stream_return/) - ->has_daemon('openssl'); - -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; - -$t->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new() + ->has(qw/stream stream_ssl stream_geo stream_return openssl:1.0.2/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% diff --git a/stream_ssl_conf_command.t b/stream_ssl_conf_command.t --- a/stream_ssl_conf_command.t +++ b/stream_ssl_conf_command.t @@ -30,11 +30,10 @@ eval { }; plan(skip_all => 'Net::SSLeay not installed') if $@; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/) +my $t = Test::Nginx->new() + ->has(qw/stream stream_ssl stream_return openssl:1.0.2/) ->has_daemon('openssl'); -$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; -plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2'; plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL'); $t->write_file_expand('nginx.conf', <<'EOF');