# HG changeset patch # User Maxim Dounin # Date 1684422422 -10800 # Node ID cdcd75657e52409588c2659afa6368420a94a35c # Parent da3889ba0b96ce3f2cd21ba3369cee653a107bc5 Tests: added has_feature() tests for IO::Socket::SSL. The following distinct features supported: - "socket_ssl", which requires IO::Socket::SSL and also implies existance of the IO::Socket::SSL::SSL_VERIFY_NONE() symbol. It is used by most of the tests. - "socket_ssl_sni", which requires IO::Socket::SSL with the can_client_sni() function (1.84), and SNI support available in Net::SSLeay and the OpenSSL library being used. Used by ssl_sni.t, ssl_sni_sessions.t, stream_ssl_preread.t. Additional Net::SSLeay testing is believed to be unneeded and was removed. - "socket_ssl_alpn", which requires IO::Socket::SSL with ALPN support (2.009), and ALPN support in Net::SSLeay and the OpenSSL library being used. Used by h2_ssl.t, h2_ssl_verify_client.t, stream_ssl_alpn.t, stream_ssl_preread_alpn.t. - "socket_ssl_sslversion", which requires IO::Socket::SSL with the get_sslversion() and get_sslversion_int() methods (1.964). Used by mail_imap_ssl.t. - "socket_ssl_reused", which requires IO::Socket::SSL with the get_session_reused() method (2.057). To be used in the following patches. This makes it possible to simplify and unify various SSL tests. diff --git a/h2_ssl.t b/h2_ssl.t --- a/h2_ssl.t +++ b/h2_ssl.t @@ -25,7 +25,7 @@ use Test::Nginx::HTTP2; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2/) +my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 socket_ssl_alpn/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); @@ -55,15 +55,6 @@ http { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - $t->write_file('openssl.conf', < 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 proxy cache/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl http_v2 proxy cache socket_ssl/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/h2_ssl_variables.t b/h2_ssl_variables.t --- a/h2_ssl_variables.t +++ b/h2_ssl_variables.t @@ -23,12 +23,7 @@ use Test::Nginx::HTTP2; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite socket_ssl/) ->has_daemon('openssl')->plan(8); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/h2_ssl_verify_client.t b/h2_ssl_verify_client.t --- a/h2_ssl_verify_client.t +++ b/h2_ssl_verify_client.t @@ -23,14 +23,7 @@ use Test::Nginx::HTTP2; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL->can_client_sni() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'OpenSSL ALPN support required') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2/) +my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2 socket_ssl_alpn/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/lib/Test/Nginx.pm b/lib/Test/Nginx.pm --- a/lib/Test/Nginx.pm +++ b/lib/Test/Nginx.pm @@ -241,6 +241,31 @@ sub has_feature($) { return $^O ne 'MSWin32'; } + if ($feature =~ /^socket_ssl/) { + eval { require IO::Socket::SSL; }; + return 0 if $@; + eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; + return 0 if $@; + if ($feature eq 'socket_ssl') { + return 1; + } + if ($feature eq 'socket_ssl_sni') { + eval { IO::Socket::SSL->can_client_sni() or die; }; + return !$@; + } + if ($feature eq 'socket_ssl_alpn') { + eval { IO::Socket::SSL->can_alpn() or die; }; + return !$@; + } + if ($feature eq 'socket_ssl_sslversion') { + return IO::Socket::SSL->can('get_sslversion'); + } + if ($feature eq 'socket_ssl_reused') { + return IO::Socket::SSL->can('get_session_reused'); + } + return 0; + } + return 0; } diff --git a/mail_imap_ssl.t b/mail_imap_ssl.t --- a/mail_imap_ssl.t +++ b/mail_imap_ssl.t @@ -26,14 +26,10 @@ use Test::Nginx::IMAP; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - local $SIG{PIPE} = 'IGNORE'; -my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap http rewrite/) +my $t = Test::Nginx->new() + ->has(qw/mail mail_ssl imap http rewrite socket_ssl_sslversion/) ->has_daemon('openssl')->plan(13) ->write_file_expand('nginx.conf', <<'EOF'); @@ -215,12 +211,10 @@ my $s = Test::Nginx::IMAP->new(PeerAddr my ($cipher, $sslversion); -if ($IO::Socket::SSL::VERSION >= 1.964) { - $s = get_ssl_socket(8143); - $cipher = $s->get_cipher(); - $sslversion = $s->get_sslversion(); - $sslversion =~ s/_/./; -} +$s = get_ssl_socket(8143); +$cipher = $s->get_cipher(); +$sslversion = $s->get_sslversion(); +$sslversion =~ s/_/./; undef $s; @@ -239,10 +233,6 @@ like($f, qr!^on:SUCCESS:(/?CN=2.example. like($f, qr!^on:SUCCESS:(/?CN=3.example.com):\1:\w+:\w+:[^:]+:s5$!m, 'log - trusted cert'); -SKIP: { -skip 'IO::Socket::SSL version >= 1.964 required', 1 - if $IO::Socket::SSL::VERSION < 1.964; - TODO: { local $TODO = 'not yet' unless $t->has_version('1.21.2'); @@ -251,8 +241,6 @@ like($f, qr|^$cipher:$sslversion$|m, 'lo } -} - ############################################################################### sub get_ssl_socket { diff --git a/mail_resolver.t b/mail_resolver.t --- a/mail_resolver.t +++ b/mail_resolver.t @@ -23,14 +23,9 @@ use Test::Nginx::SMTP; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - local $SIG{PIPE} = 'IGNORE'; -my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite/) +my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite socket_ssl/) ->has_daemon('openssl')->plan(11) ->write_file_expand('nginx.conf', <<'EOF'); diff --git a/proxy_ssl.t b/proxy_ssl.t --- a/proxy_ssl.t +++ b/proxy_ssl.t @@ -21,11 +21,9 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') - ->plan(8)->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/) + ->has_daemon('openssl')->plan(8) + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% diff --git a/ssl.t b/ssl.t --- a/ssl.t +++ b/ssl.t @@ -25,12 +25,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy socket_ssl/) ->has_daemon('openssl')->plan(21); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_certificate_chain.t b/ssl_certificate_chain.t --- a/ssl_certificate_chain.t +++ b/ssl_certificate_chain.t @@ -22,12 +22,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/) +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_client_escaped_cert.t b/ssl_client_escaped_cert.t --- a/ssl_client_escaped_cert.t +++ b/ssl_client_escaped_cert.t @@ -22,12 +22,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_crl.t b/ssl_crl.t --- a/ssl_crl.t +++ b/ssl_crl.t @@ -22,12 +22,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/) +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_curve.t b/ssl_curve.t --- a/ssl_curve.t +++ b/ssl_curve.t @@ -22,12 +22,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl'); $t->{_configure_args} =~ /OpenSSL (\d+)/; diff --git a/ssl_password_file.t b/ssl_password_file.t --- a/ssl_password_file.t +++ b/ssl_password_file.t @@ -25,14 +25,9 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - plan(skip_all => 'win32') if $^O eq 'MSWin32'; -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl'); $t->plan(3)->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_proxy_protocol.t b/ssl_proxy_protocol.t --- a/ssl_proxy_protocol.t +++ b/ssl_proxy_protocol.t @@ -24,12 +24,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl access realip/) +my $t = Test::Nginx->new()->has(qw/http http_ssl access realip socket_ssl/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF')->plan(18); diff --git a/ssl_proxy_upgrade.t b/ssl_proxy_upgrade.t --- a/ssl_proxy_upgrade.t +++ b/ssl_proxy_upgrade.t @@ -29,12 +29,8 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') +my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF')->plan(30); %%TEST_GLOBALS%% diff --git a/ssl_reject_handshake.t b/ssl_reject_handshake.t --- a/ssl_reject_handshake.t +++ b/ssl_reject_handshake.t @@ -22,12 +22,8 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL->can_client_sni() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl sni/)->has_daemon('openssl'); +my $t = Test::Nginx->new()->has(qw/http http_ssl sni socket_ssl/) + ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_session_reuse.t b/ssl_session_reuse.t --- a/ssl_session_reuse.t +++ b/ssl_session_reuse.t @@ -23,12 +23,7 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl')->plan(8); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/ssl_sni.t b/ssl_sni.t --- a/ssl_sni.t +++ b/ssl_sni.t @@ -22,8 +22,8 @@ use Test::Nginx; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite/) - ->has_daemon('openssl') +my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/) + ->has_daemon('openssl')->plan(8) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -79,25 +79,6 @@ http { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - -$t->plan(8); - $t->write_file('openssl.conf', <new()->has(qw/http http_ssl sni rewrite/); - -$t->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -87,23 +87,6 @@ http { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - $t->write_file('openssl.conf', < 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl'); +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) + ->has_daemon('openssl'); plan(skip_all => 'LibreSSL') if $t->has_module('LibreSSL'); diff --git a/stream_js_fetch_https.t b/stream_js_fetch_https.t --- a/stream_js_fetch_https.t +++ b/stream_js_fetch_https.t @@ -23,12 +23,9 @@ use Test::Nginx::Stream qw/ stream /; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite stream stream_return/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl rewrite stream stream_return socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% diff --git a/stream_proxy_protocol_ssl.t b/stream_proxy_protocol_ssl.t --- a/stream_proxy_protocol_ssl.t +++ b/stream_proxy_protocol_ssl.t @@ -24,11 +24,8 @@ use Test::Nginx qw/ :DEFAULT http_end /; select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl') - ->plan(2); +my $t = Test::Nginx->new()->has(qw/stream stream_ssl socket_ssl/) + ->has_daemon('openssl')->plan(2); $t->write_file_expand('nginx.conf', <<'EOF'); diff --git a/stream_ssl_alpn.t b/stream_ssl_alpn.t --- a/stream_ssl_alpn.t +++ b/stream_ssl_alpn.t @@ -23,8 +23,10 @@ use Test::Nginx::Stream qw/ stream /; select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/) - ->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new() + ->has(qw/stream stream_ssl stream_return socket_ssl_alpn/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -51,15 +53,6 @@ stream { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - $t->write_file('openssl.conf', <new()->has(qw/stream stream_map stream_ssl_preread/) - ->has(qw/stream_ssl stream_return/)->has_daemon('openssl') + ->has(qw/stream_ssl stream_return socket_ssl_sni/) + ->has_daemon('openssl')->plan(13) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -107,25 +108,6 @@ stream { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - -$t->plan(13); - $t->write_file('openssl.conf', <new()->has(qw/stream stream_map stream_ssl_preread/) - ->has(qw/stream_ssl stream_return/)->has_daemon('openssl') + ->has(qw/stream_ssl stream_return socket_ssl_alpn/) + ->has_daemon('openssl')->plan(5) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -75,17 +76,6 @@ stream { EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - -$t->plan(5); - $t->write_file('openssl.conf', < 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - my $t = Test::Nginx->new()->has(qw/stream stream_return stream_realip/) - ->has(qw/stream_ssl/)->has_daemon('openssl') + ->has(qw/stream_ssl socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%%