Mercurial > hg > nginx-tests
changeset 1453:6f53ec0cf591
Tests: simplified stream_proxy_ssl_verify.t using return directive.
Due to changed connection processing, it no longer triggers "phantom event"
alerts previously seen with Solaris devpoll on connections closed by client
in test cases with failed verification of the proxied server certificate.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Mon, 25 Mar 2019 19:11:11 +0300 |
parents | eda1878cf015 |
children | 3008cc57b5c9 |
files | stream_proxy_ssl_verify.t |
diffstat | 1 files changed, 13 insertions(+), 55 deletions(-) [+] |
line wrap: on
line diff
--- a/stream_proxy_ssl_verify.t Fri Mar 22 16:30:10 2019 +0300 +++ b/stream_proxy_ssl_verify.t Mon Mar 25 19:11:11 2019 +0300 @@ -16,15 +16,17 @@ use lib 'lib'; use Test::Nginx; +use Test::Nginx::Stream qw/ stream /; ############################################################################### select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl'); +my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/) + ->has_daemon('openssl')->plan(6); -$t->write_file_expand('nginx.conf', <<'EOF')->plan(6); +$t->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -87,8 +89,8 @@ server { listen 127.0.0.1:8086 ssl; - proxy_pass 127.0.0.1:8088; proxy_ssl off; + return OK; ssl_certificate 1.example.com.crt; ssl_certificate_key 1.example.com.key; @@ -96,8 +98,8 @@ server { listen 127.0.0.1:8087 ssl; - proxy_pass 127.0.0.1:8088; proxy_ssl off; + return OK; ssl_certificate 2.example.com.crt; ssl_certificate_key 2.example.com.key; @@ -144,73 +146,29 @@ sleep 1 if $^O eq 'MSWin32'; -$t->write_file('index.html', ''); - -$t->run_daemon(\&http_daemon); $t->run(); -$t->waitforsocket('127.0.0.1:' . port(8088)); - ############################################################################### # subjectAltName -like(get('/', '127.0.0.1:' . port(8080)), qr/200 OK/, 'verify'); -like(get('/', '127.0.0.1:' . port(8081)), qr/200 OK/, 'verify wildcard'); -unlike(get('/', '127.0.0.1:' . port(8082)), qr/200 OK/, 'verify fail'); +is(get(8080), 'OK', 'verify'); +is(get(8081), 'OK', 'verify wildcard'); +isnt(get(8082), 'OK', 'verify fail'); # commonName -like(get('/', '127.0.0.1:' . port(8083)), qr/200 OK/, 'verify cn'); -unlike(get('/', '127.0.0.1:' . port(8084)), qr/200 OK/, 'verify cn fail'); +is(get(8083), 'OK', 'verify cn'); +isnt(get(8084), 'OK', 'verify cn fail'); # untrusted -unlike(get('/', '127.0.0.1:' . port(8085)), qr/200 OK/, 'untrusted'); +isnt(get(8085), 'OK', 'untrusted'); ############################################################################### sub get { - my ($uri, $peer) = @_; - - my $s = IO::Socket::INET->new( - Proto => 'tcp', - PeerAddr => $peer - ) - or die "Can't connect to nginx: $!\n"; - - my $r = http_get($uri, socket => $s); - return defined $r ? $r : ''; + stream('127.0.0.1:' . port(shift))->read(); } ############################################################################### - -sub http_daemon { - my $server = IO::Socket::INET->new( - Proto => 'tcp', - LocalHost => '127.0.0.1:' . port(8088), - Listen => 5, - Reuse => 1 - ) - or die "Can't create listening socket: $!\n"; - - local $SIG{PIPE} = 'IGNORE'; - - while (my $client = $server->accept()) { - $client->autoflush(1); - - while (<$client>) { - last if (/^\x0d?\x0a?$/); - } - - print $client <<EOF; -HTTP/1.1 200 OK -Connection: close - -EOF - - close $client; - } -} - -###############################################################################