Mercurial > hg > nginx-tests
changeset 1858:cdcd75657e52
Tests: added has_feature() tests for IO::Socket::SSL.
The following distinct features supported:
- "socket_ssl", which requires IO::Socket::SSL and also implies
existance of the IO::Socket::SSL::SSL_VERIFY_NONE() symbol.
It is used by most of the tests.
- "socket_ssl_sni", which requires IO::Socket::SSL with the can_client_sni()
function (1.84), and SNI support available in Net::SSLeay and the OpenSSL
library being used. Used by ssl_sni.t, ssl_sni_sessions.t,
stream_ssl_preread.t. Additional Net::SSLeay testing is believed to be
unneeded and was removed.
- "socket_ssl_alpn", which requires IO::Socket::SSL with ALPN support (2.009),
and ALPN support in Net::SSLeay and the OpenSSL library being used.
Used by h2_ssl.t, h2_ssl_verify_client.t, stream_ssl_alpn.t,
stream_ssl_preread_alpn.t.
- "socket_ssl_sslversion", which requires IO::Socket::SSL with
the get_sslversion() and get_sslversion_int() methods (1.964).
Used by mail_imap_ssl.t.
- "socket_ssl_reused", which requires IO::Socket::SSL with
the get_session_reused() method (2.057). To be used in the following
patches.
This makes it possible to simplify and unify various SSL tests.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 18 May 2023 18:07:02 +0300 |
parents | da3889ba0b96 |
children | 5f46af4707e7 |
files | h2_ssl.t h2_ssl_proxy_cache.t h2_ssl_variables.t h2_ssl_verify_client.t lib/Test/Nginx.pm mail_imap_ssl.t mail_resolver.t proxy_ssl.t ssl.t ssl_certificate_chain.t ssl_client_escaped_cert.t ssl_crl.t ssl_curve.t ssl_password_file.t ssl_proxy_protocol.t ssl_proxy_upgrade.t ssl_reject_handshake.t ssl_session_reuse.t ssl_sni.t ssl_sni_sessions.t ssl_verify_depth.t stream_js_fetch_https.t stream_proxy_protocol_ssl.t stream_ssl_alpn.t stream_ssl_preread.t stream_ssl_preread_alpn.t stream_ssl_realip.t |
diffstat | 27 files changed, 74 insertions(+), 224 deletions(-) [+] |
line wrap: on
line diff
--- a/h2_ssl.t Thu May 18 18:07:01 2023 +0300 +++ b/h2_ssl.t Thu May 18 18:07:02 2023 +0300 @@ -25,7 +25,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2/) +my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 socket_ssl_alpn/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF'); @@ -55,15 +55,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/h2_ssl_proxy_cache.t Thu May 18 18:07:01 2023 +0300 +++ b/h2_ssl_proxy_cache.t Thu May 18 18:07:02 2023 +0300 @@ -23,10 +23,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 proxy cache/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl http_v2 proxy cache socket_ssl/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/h2_ssl_variables.t Thu May 18 18:07:01 2023 +0300 +++ b/h2_ssl_variables.t Thu May 18 18:07:02 2023 +0300 @@ -23,12 +23,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite socket_ssl/) ->has_daemon('openssl')->plan(8); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/h2_ssl_verify_client.t Thu May 18 18:07:01 2023 +0300 +++ b/h2_ssl_verify_client.t Thu May 18 18:07:02 2023 +0300 @@ -23,14 +23,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL->can_client_sni() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'OpenSSL ALPN support required') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2/) +my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2 socket_ssl_alpn/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/lib/Test/Nginx.pm Thu May 18 18:07:01 2023 +0300 +++ b/lib/Test/Nginx.pm Thu May 18 18:07:02 2023 +0300 @@ -241,6 +241,31 @@ return $^O ne 'MSWin32'; } + if ($feature =~ /^socket_ssl/) { + eval { require IO::Socket::SSL; }; + return 0 if $@; + eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; + return 0 if $@; + if ($feature eq 'socket_ssl') { + return 1; + } + if ($feature eq 'socket_ssl_sni') { + eval { IO::Socket::SSL->can_client_sni() or die; }; + return !$@; + } + if ($feature eq 'socket_ssl_alpn') { + eval { IO::Socket::SSL->can_alpn() or die; }; + return !$@; + } + if ($feature eq 'socket_ssl_sslversion') { + return IO::Socket::SSL->can('get_sslversion'); + } + if ($feature eq 'socket_ssl_reused') { + return IO::Socket::SSL->can('get_session_reused'); + } + return 0; + } + return 0; }
--- a/mail_imap_ssl.t Thu May 18 18:07:01 2023 +0300 +++ b/mail_imap_ssl.t Thu May 18 18:07:02 2023 +0300 @@ -26,14 +26,10 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - local $SIG{PIPE} = 'IGNORE'; -my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap http rewrite/) +my $t = Test::Nginx->new() + ->has(qw/mail mail_ssl imap http rewrite socket_ssl_sslversion/) ->has_daemon('openssl')->plan(13) ->write_file_expand('nginx.conf', <<'EOF'); @@ -215,12 +211,10 @@ my ($cipher, $sslversion); -if ($IO::Socket::SSL::VERSION >= 1.964) { - $s = get_ssl_socket(8143); - $cipher = $s->get_cipher(); - $sslversion = $s->get_sslversion(); - $sslversion =~ s/_/./; -} +$s = get_ssl_socket(8143); +$cipher = $s->get_cipher(); +$sslversion = $s->get_sslversion(); +$sslversion =~ s/_/./; undef $s; @@ -239,10 +233,6 @@ like($f, qr!^on:SUCCESS:(/?CN=3.example.com):\1:\w+:\w+:[^:]+:s5$!m, 'log - trusted cert'); -SKIP: { -skip 'IO::Socket::SSL version >= 1.964 required', 1 - if $IO::Socket::SSL::VERSION < 1.964; - TODO: { local $TODO = 'not yet' unless $t->has_version('1.21.2'); @@ -251,8 +241,6 @@ } -} - ############################################################################### sub get_ssl_socket {
--- a/mail_resolver.t Thu May 18 18:07:01 2023 +0300 +++ b/mail_resolver.t Thu May 18 18:07:02 2023 +0300 @@ -23,14 +23,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - local $SIG{PIPE} = 'IGNORE'; -my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite/) +my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite socket_ssl/) ->has_daemon('openssl')->plan(11) ->write_file_expand('nginx.conf', <<'EOF');
--- a/proxy_ssl.t Thu May 18 18:07:01 2023 +0300 +++ b/proxy_ssl.t Thu May 18 18:07:02 2023 +0300 @@ -21,11 +21,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') - ->plan(8)->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/) + ->has_daemon('openssl')->plan(8) + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%%
--- a/ssl.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl.t Thu May 18 18:07:02 2023 +0300 @@ -25,12 +25,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy socket_ssl/) ->has_daemon('openssl')->plan(21); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_certificate_chain.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_certificate_chain.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/) +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_client_escaped_cert.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_client_escaped_cert.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_crl.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_crl.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/) +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) ->has_daemon('openssl')->plan(3); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_curve.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_curve.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl'); $t->{_configure_args} =~ /OpenSSL (\d+)/;
--- a/ssl_password_file.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_password_file.t Thu May 18 18:07:02 2023 +0300 @@ -25,14 +25,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - plan(skip_all => 'win32') if $^O eq 'MSWin32'; -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl'); $t->plan(3)->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_proxy_protocol.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_proxy_protocol.t Thu May 18 18:07:02 2023 +0300 @@ -24,12 +24,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl access realip/) +my $t = Test::Nginx->new()->has(qw/http http_ssl access realip socket_ssl/) ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF')->plan(18);
--- a/ssl_proxy_upgrade.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_proxy_upgrade.t Thu May 18 18:07:02 2023 +0300 @@ -29,12 +29,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl') +my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF')->plan(30); %%TEST_GLOBALS%%
--- a/ssl_reject_handshake.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_reject_handshake.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL->can_client_sni() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl sni/)->has_daemon('openssl'); +my $t = Test::Nginx->new()->has(qw/http http_ssl sni socket_ssl/) + ->has_daemon('openssl'); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_session_reuse.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_session_reuse.t Thu May 18 18:07:02 2023 +0300 @@ -23,12 +23,7 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/) +my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/) ->has_daemon('openssl')->plan(8); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/ssl_sni.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_sni.t Thu May 18 18:07:02 2023 +0300 @@ -22,8 +22,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite/) - ->has_daemon('openssl') +my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/) + ->has_daemon('openssl')->plan(8) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -79,25 +79,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - -$t->plan(8); - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/ssl_sni_sessions.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_sni_sessions.t Thu May 18 18:07:02 2023 +0300 @@ -21,9 +21,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite/); - -$t->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -87,23 +87,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/ssl_verify_depth.t Thu May 18 18:07:01 2023 +0300 +++ b/ssl_verify_depth.t Thu May 18 18:07:02 2023 +0300 @@ -22,12 +22,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl'); +my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/) + ->has_daemon('openssl'); plan(skip_all => 'LibreSSL') if $t->has_module('LibreSSL');
--- a/stream_js_fetch_https.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_js_fetch_https.t Thu May 18 18:07:02 2023 +0300 @@ -23,12 +23,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - -my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite stream stream_return/) +my $t = Test::Nginx->new() + ->has(qw/http http_ssl rewrite stream stream_return socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%%
--- a/stream_proxy_protocol_ssl.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_proxy_protocol_ssl.t Thu May 18 18:07:02 2023 +0300 @@ -24,11 +24,8 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; - -my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl') - ->plan(2); +my $t = Test::Nginx->new()->has(qw/stream stream_ssl socket_ssl/) + ->has_daemon('openssl')->plan(2); $t->write_file_expand('nginx.conf', <<'EOF');
--- a/stream_ssl_alpn.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_ssl_alpn.t Thu May 18 18:07:02 2023 +0300 @@ -23,8 +23,10 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/) - ->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF'); +my $t = Test::Nginx->new() + ->has(qw/stream stream_ssl stream_return socket_ssl_alpn/) + ->has_daemon('openssl') + ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -51,15 +53,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/stream_ssl_preread.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_ssl_preread.t Thu May 18 18:07:02 2023 +0300 @@ -24,7 +24,8 @@ select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/) - ->has(qw/stream_ssl stream_return/)->has_daemon('openssl') + ->has(qw/stream_ssl stream_return socket_ssl_sni/) + ->has_daemon('openssl')->plan(13) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -107,25 +108,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { - if (IO::Socket::SSL->can('can_client_sni')) { - IO::Socket::SSL->can_client_sni() or die; - } -}; -plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@; - -eval { - my $ctx = Net::SSLeay::CTX_new() or die; - my $ssl = Net::SSLeay::new($ctx) or die; - Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die; -}; -plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@; - -$t->plan(13); - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/stream_ssl_preread_alpn.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_ssl_preread_alpn.t Thu May 18 18:07:02 2023 +0300 @@ -24,7 +24,8 @@ select STDOUT; $| = 1; my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/) - ->has(qw/stream_ssl stream_return/)->has_daemon('openssl') + ->has(qw/stream_ssl stream_return socket_ssl_alpn/) + ->has_daemon('openssl')->plan(5) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -75,17 +76,6 @@ EOF -eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; }; -plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@; - -eval { IO::Socket::SSL->can_alpn() or die; }; -plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@; - -eval { exists &Net::SSLeay::P_alpn_selected or die; }; -plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@; - -$t->plan(5); - $t->write_file('openssl.conf', <<EOF); [ req ] default_bits = 2048
--- a/stream_ssl_realip.t Thu May 18 18:07:01 2023 +0300 +++ b/stream_ssl_realip.t Thu May 18 18:07:02 2023 +0300 @@ -24,13 +24,9 @@ select STDERR; $| = 1; select STDOUT; $| = 1; -eval { require IO::Socket::SSL; }; -plan(skip_all => 'IO::Socket::SSL not installed') if $@; -eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; -plan(skip_all => 'IO::Socket::SSL too old') if $@; - my $t = Test::Nginx->new()->has(qw/stream stream_return stream_realip/) - ->has(qw/stream_ssl/)->has_daemon('openssl') + ->has(qw/stream_ssl socket_ssl/) + ->has_daemon('openssl') ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%%