Mercurial > hg > nginx-tests
changeset 1970:6d3a8f4eb9b2
Tests: relaxed SSL version used in testing.
This ensures that tests can be properly run with old OpenSSL versions
when using recent versions of IO::Socket::SSL (which defaults to TLS 1.2+
starting with IO::Socket:SSL version 2.082, and therefore not compatible
with OpenSSL before 1.0.1).
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 06 May 2024 00:03:13 +0300 |
parents | 3ba1668cea87 |
children | ab45ee8011df |
files | h2_ssl.t h2_ssl_verify_client.t lib/Test/Nginx.pm lib/Test/Nginx/HTTP2.pm lib/Test/Nginx/IMAP.pm lib/Test/Nginx/POP3.pm lib/Test/Nginx/SMTP.pm lib/Test/Nginx/Stream.pm ssl.t ssl_proxy_upgrade.t ssl_sni.t ssl_sni_sessions.t stream_proxy_protocol_ssl.t stream_ssl_realip.t |
diffstat | 14 files changed, 14 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/h2_ssl.t Mon May 06 00:03:01 2024 +0300 +++ b/h2_ssl.t Mon May 06 00:03:13 2024 +0300 @@ -154,6 +154,7 @@ Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => port(8080), + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_alpn_protocols => $alpn, SSL_error_trap => sub { die $_[1] }
--- a/h2_ssl_verify_client.t Mon May 06 00:03:01 2024 +0300 +++ b/h2_ssl_verify_client.t Mon May 06 00:03:13 2024 +0300 @@ -112,6 +112,7 @@ Proto => 'tcp', PeerAddr => '127.0.0.1', PeerPort => port(8080), + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_alpn_protocols => [ 'h2' ], SSL_hostname => $sni,
--- a/lib/Test/Nginx.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx.pm Mon May 06 00:03:13 2024 +0300 @@ -872,6 +872,7 @@ require IO::Socket::SSL; IO::Socket::SSL->start_SSL( $s, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), %extra
--- a/lib/Test/Nginx/HTTP2.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx/HTTP2.pm Mon May 06 00:03:13 2024 +0300 @@ -548,6 +548,7 @@ ); require IO::Socket::SSL if $extra{'SSL'}; IO::Socket::SSL->start_SSL($s, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_npn_protocols => $npn ? [ $npn ] : undef, SSL_alpn_protocols => $alpn ? [ $alpn ] : undef,
--- a/lib/Test/Nginx/IMAP.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx/IMAP.pm Mon May 06 00:03:13 2024 +0300 @@ -38,6 +38,7 @@ require IO::Socket::SSL; IO::Socket::SSL->start_SSL( $self->{_socket}, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), @_
--- a/lib/Test/Nginx/POP3.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx/POP3.pm Mon May 06 00:03:13 2024 +0300 @@ -38,6 +38,7 @@ require IO::Socket::SSL; IO::Socket::SSL->start_SSL( $self->{_socket}, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), @_
--- a/lib/Test/Nginx/SMTP.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx/SMTP.pm Mon May 06 00:03:13 2024 +0300 @@ -38,6 +38,7 @@ require IO::Socket::SSL; IO::Socket::SSL->start_SSL( $self->{_socket}, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), @_
--- a/lib/Test/Nginx/Stream.pm Mon May 06 00:03:01 2024 +0300 +++ b/lib/Test/Nginx/Stream.pm Mon May 06 00:03:13 2024 +0300 @@ -54,6 +54,7 @@ require IO::Socket::SSL; IO::Socket::SSL->start_SSL( $self->{_socket}, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), @_
--- a/ssl.t Mon May 06 00:03:01 2024 +0300 +++ b/ssl.t Mon May 06 00:03:13 2024 +0300 @@ -315,6 +315,7 @@ sub get_ssl_context { return IO::Socket::SSL::SSL_Context->new( + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_session_cache_size => 100 );
--- a/ssl_proxy_upgrade.t Mon May 06 00:03:01 2024 +0300 +++ b/ssl_proxy_upgrade.t Mon May 06 00:03:13 2024 +0300 @@ -170,6 +170,7 @@ my $s = IO::Socket::SSL->new( Proto => 'tcp', PeerAddr => '127.0.0.1:' . port(8080), + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), ) or die "Can't connect to nginx: $!\n";
--- a/ssl_sni.t Mon May 06 00:03:01 2024 +0300 +++ b/ssl_sni.t Mon May 06 00:03:13 2024 +0300 @@ -116,6 +116,7 @@ # $ssl_server_name in sessions my $ctx = new IO::Socket::SSL::SSL_Context( + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_session_cache_size => 100);
--- a/ssl_sni_sessions.t Mon May 06 00:03:01 2024 +0300 +++ b/ssl_sni_sessions.t Mon May 06 00:03:13 2024 +0300 @@ -159,6 +159,7 @@ sub get_ssl_context { return IO::Socket::SSL::SSL_Context->new( + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_session_cache_size => 100 );
--- a/stream_proxy_protocol_ssl.t Mon May 06 00:03:01 2024 +0300 +++ b/stream_proxy_protocol_ssl.t Mon May 06 00:03:13 2024 +0300 @@ -152,6 +152,7 @@ eval { IO::Socket::SSL->start_SSL($client, SSL_server => 1, + SSL_version => 'SSLv23', SSL_cert_file => "$d/localhost.crt", SSL_key_file => "$d/localhost.key", SSL_error_trap => sub { die $_[1] }
--- a/stream_ssl_realip.t Mon May 06 00:03:01 2024 +0300 +++ b/stream_ssl_realip.t Mon May 06 00:03:13 2024 +0300 @@ -133,6 +133,7 @@ local $SIG{PIPE} = sub { die "sigpipe\n" }; alarm(8); IO::Socket::SSL->start_SSL($s, + SSL_version => 'SSLv23', SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), SSL_error_trap => sub { die $_[1] } );