Mercurial > hg > nginx-tests
annotate ssl_engine_keys.t @ 1470:ed2be714a3af
Tests: http include tests.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 24 Apr 2019 14:57:13 +0300 |
parents | 44973a23b031 |
children | dbce8fb5f5f8 |
rev | line source |
---|---|
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
2 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
3 # (C) Sergey Kandaurov |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
4 # (C) Nginx, Inc. |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
5 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
6 # Tests for http ssl module, loading "engine:..." keys. |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
7 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
8 ############################################################################### |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
9 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
10 use warnings; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
11 use strict; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
12 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
13 use Test::More; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
14 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
15 BEGIN { use FindBin; chdir($FindBin::Bin); } |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
16 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
17 use lib 'lib'; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
18 use Test::Nginx; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
19 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
20 ############################################################################### |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
21 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
22 select STDERR; $| = 1; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
23 select STDOUT; $| = 1; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
24 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
25 plan(skip_all => 'win32') if $^O eq 'MSWin32'; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
26 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
27 plan(skip_all => 'may not work, leaves coredump') |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
28 unless $ENV{TEST_NGINX_UNSAFE}; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
29 |
914
3ac4036b139d
Tests: fixed proxy prerequisites.
Sergey Kandaurov <pluknet@nginx.com>
parents:
568
diff
changeset
|
30 my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') |
1446
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
31 ->has_daemon('softhsm')->has_daemon('pkcs11-tool'); |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
32 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
33 $t->write_file_expand('nginx.conf', <<'EOF'); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
34 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
35 %%TEST_GLOBALS%% |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
36 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
37 daemon off; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
38 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
39 events { |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
40 } |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
41 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
42 http { |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
43 %%TEST_GLOBALS_HTTP%% |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
44 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
45 server { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
46 listen 127.0.0.1:8081 ssl; |
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
47 listen 127.0.0.1:8080; |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
48 server_name localhost; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
49 |
1328
a682c219af45
Tests: updated ssl_engine_keys.t test.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1220
diff
changeset
|
50 ssl_certificate localhost.crt; |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
51 ssl_certificate_key engine:pkcs11:slot_0-id_00; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
52 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
53 location / { |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
54 # index index.html by default |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
55 } |
1446
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
56 |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
57 location /proxy { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
58 proxy_pass https://127.0.0.1:8081/; |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
59 } |
1446
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
60 |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
61 location /var { |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
62 proxy_pass https://127.0.0.1:8082/; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
63 proxy_ssl_name localhost; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
64 proxy_ssl_server_name on; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
65 } |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
66 } |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
67 |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
68 server { |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
69 listen 127.0.0.1:8082 ssl; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
70 server_name localhost; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
71 |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
72 ssl_certificate $ssl_server_name.crt; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
73 ssl_certificate_key engine:pkcs11:slot_0-id_00; |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
74 |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
75 location / { |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
76 # index index.html by default |
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
77 } |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
78 } |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
79 } |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
80 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
81 EOF |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
82 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
83 # Create a SoftHSM token with a secret key, and configure OpenSSL |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
84 # to access it using the pkcs11 engine, see detailed example |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
85 # posted by Dmitrii Pichulin here: |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
86 # |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
87 # http://mailman.nginx.org/pipermail/nginx-devel/2014-October/006151.html |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
88 # |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
89 # Note that library paths may differ on different systems, |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
90 # and may need to be adjusted. |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
91 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
92 $t->write_file('openssl.conf', <<EOF); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
93 openssl_conf = openssl_def |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
94 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
95 [openssl_def] |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
96 engines = engine_section |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
97 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
98 [engine_section] |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
99 pkcs11 = pkcs11_section |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
100 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
101 [pkcs11_section] |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
102 engine_id = pkcs11 |
1328
a682c219af45
Tests: updated ssl_engine_keys.t test.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1220
diff
changeset
|
103 dynamic_path = /usr/local/lib/engines/pkcs11.so |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
104 MODULE_PATH = /usr/local/lib/softhsm/libsofthsm.so |
1328
a682c219af45
Tests: updated ssl_engine_keys.t test.
Maxim Dounin <mdounin@mdounin.ru>
parents:
1220
diff
changeset
|
105 init = 1 |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
106 PIN = 1234 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
107 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
108 [ req ] |
1116
8ef51dbb5d69
Tests: reduced OpenSSL default key length to 1024.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
109 default_bits = 1024 |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
110 encrypt_key = no |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
111 distinguished_name = req_distinguished_name |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
112 [ req_distinguished_name ] |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
113 EOF |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
114 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
115 my $d = $t->testdir(); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
116 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
117 $t->write_file('softhsm.conf', <<EOF); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
118 0:$d/slot0.db |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
119 EOF |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
120 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
121 $ENV{SOFTHSM_CONF} = "$d/softhsm.conf"; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
122 $ENV{OPENSSL_CONF} = "$d/openssl.conf"; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
123 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
124 foreach my $name ('localhost') { |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
125 system('softhsm --init-token --slot 0 --label "NginxZero" ' |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
126 . '--pin 1234 --so-pin 1234 ' |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
127 . ">>$d/openssl.out 2>&1"); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
128 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
129 system('pkcs11-tool --module=/usr/local/lib/softhsm/libsofthsm.so ' |
1140
778eae8230e4
Tests: reduced OpenSSL default key length to 1024.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
1116
diff
changeset
|
130 . '-p 1234 -l -k -d 0 -a nx_key_0 --key-type rsa:1024 ' |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
131 . ">>$d/openssl.out 2>&1"); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
132 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
133 system('openssl req -x509 -new -engine pkcs11 ' |
1220
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1140
diff
changeset
|
134 . "-config $d/openssl.conf -subj /CN=$name/ " |
0af58b78df35
Tests: removed single quotes from system() calls.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1140
diff
changeset
|
135 . "-out $d/$name.crt -keyform engine -text -key id_00 " |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
136 . ">>$d/openssl.out 2>&1") == 0 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
137 or die "Can't create certificate for $name: $!\n"; |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
138 } |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
139 |
1446
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
140 $t->try_run('no ssl_certificate variables')->plan(2); |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
141 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
142 $t->write_file('index.html', ''); |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
143 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
144 ############################################################################### |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
145 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
146 like(http_get('/proxy'), qr/200 OK/, 'ssl engine keys'); |
1446
44973a23b031
Tests: loading "engine:..." keys with certificate variable.
Sergey Kandaurov <pluknet@nginx.com>
parents:
1328
diff
changeset
|
147 like(http_get('/var'), qr/200 OK/, 'ssl_certificate with variable'); |
516
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
148 |
2bc470a58621
Tests: test for loading "engine:..." keys.
Sergey Kandaurov <pluknet@nginx.com>
parents:
diff
changeset
|
149 ############################################################################### |