Mercurial > hg > nginx-tests
diff ssl_sni_reneg.t @ 1411:a8243ed8adcb
Tests: expect ssl_sni_reneg.t failures on stable in certain cases.
Notably, if built with OpenSSL 1.1.1 on Linux, SSL renegotiation could be
handled too late if client manages to keep recv buffer filled on server.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 05 Dec 2018 17:10:01 +0300 |
parents | 0bc5bd58d9de |
children | 4e48bf51714f |
line wrap: on
line diff
--- a/ssl_sni_reneg.t Tue Dec 04 17:07:18 2018 +0300 +++ b/ssl_sni_reneg.t Wed Dec 05 17:10:01 2018 +0300 @@ -104,6 +104,8 @@ ############################################################################### +my ($ossl) = $t->{_configure_args} =~ /OpenSSL ([\d\.]+)/; + my ($s, $ssl) = get_ssl_socket(8080); ok($s, 'connection'); @@ -119,10 +121,16 @@ Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); +TODO: { +local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux' + and !$t->has_version('1.15.2'); + ok(!Net::SSLeay::read($ssl), 'response'); } +} + # virtual servers # in [1.15.4..1.15.5) SSL_OP_NO_RENEGOTIATION is cleared in servername callback @@ -141,10 +149,16 @@ Net::SSLeay::write($ssl, 'Host: localhost' . CRLF . CRLF); +TODO: { +local $TODO = 'not yet' if $ossl ge '1.1.1' and $^O eq 'linux' + and !$t->has_version('1.15.2'); + ok(!Net::SSLeay::read($ssl), 'virtual servers'); } +} + ############################################################################### sub get_ssl_socket {