Mercurial > hg > nginx-tests
annotate ssl_certificate_perl.t @ 1870:884e898b9fe7
Tests: unbreak stream_ssl_variables.t with old IO::Socket::SSL.
Do not clobber a stream object in test_tls13().
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 23 May 2023 16:30:01 +0400 |
parents | 0e1865aa9b33 |
children |
rev | line source |
---|---|
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http ssl module, loading certificates from memory with perl module. |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 ############################################################################### |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 select STDERR; $| = 1; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDOUT; $| = 1; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 |
1860
58951cf933e1
Tests: added has_feature() test for SSL libraries.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1621
diff
changeset
|
25 my $t = Test::Nginx->new() |
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
26 ->has(qw/http http_ssl perl openssl:1.0.2 socket_ssl_sni/) |
1860
58951cf933e1
Tests: added has_feature() test for SSL libraries.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1621
diff
changeset
|
27 ->has_daemon('openssl'); |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 $t->write_file_expand('nginx.conf', <<'EOF'); |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
30 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 daemon off; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 events { |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 http { |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 %%TEST_GLOBALS_HTTP%% |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 perl_set $pem ' |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 sub { |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 my $r = shift; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 local $/; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 my $sni = $r->variable("ssl_server_name"); |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
46 open my $fh, "<", "%%TESTDIR%%/$sni.crt"; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
47 my $content = <$fh>; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 close $fh; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 return $content; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
50 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 '; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 server { |
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
54 listen 127.0.0.1:8443 ssl; |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 server_name localhost; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
56 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 ssl_certificate data:$pem; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
58 ssl_certificate_key data:$pem; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
60 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
61 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
62 EOF |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
63 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
64 $t->write_file('openssl.conf', <<EOF); |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
65 [ req ] |
1488
dbce8fb5f5f8
Tests: align with OpenSSL security level 2.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1457
diff
changeset
|
66 default_bits = 2048 |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
67 encrypt_key = no |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
68 distinguished_name = req_distinguished_name |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
69 [ req_distinguished_name ] |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
70 EOF |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
71 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
72 my $d = $t->testdir(); |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
73 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
74 foreach my $name ('one', 'two') { |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
75 system('openssl req -x509 -new ' |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
76 . "-config $d/openssl.conf -subj /CN=$name/ " |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
77 . "-out $d/$name.crt -keyout $d/$name.crt " |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 . ">>$d/openssl.out 2>&1") == 0 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 or die "Can't create certificate for $name: $!\n"; |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 |
1535
144c6ce732e4
Tests: removed TODO and try_run() checks for legacy versions.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1488
diff
changeset
|
82 $t->run()->plan(2); |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 ############################################################################### |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 |
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
86 like(cert('one'), qr/CN=one/, 'certificate'); |
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
87 like(cert('two'), qr/CN=two/, 'certificate 2'); |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 ############################################################################### |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 sub cert { |
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
92 my $s = get_socket(@_) || return; |
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
93 return $s->dump_peer_certificate(); |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 |
1865
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
96 sub get_socket { |
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
97 my $host = shift; |
0e1865aa9b33
Tests: reworked http SSL tests to use IO::Socket::SSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1860
diff
changeset
|
98 return http_get('/', start => 1, SSL => 1, SSL_hostname => $host); |
1457
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 } |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
80911c4fe023
Tests: loading "data:..." certificates with perl module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 ############################################################################### |