Mercurial > hg > nginx-tests
changeset 1496:e1eb3432487b
Tests: added mail resolver tests with ssl.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Thu, 01 Aug 2019 14:22:46 +0300 |
parents | b8b92ed90485 |
children | 40e5f2a0a238 |
files | mail_resolver.t |
diffstat | 1 files changed, 60 insertions(+), 1 deletions(-) [+] |
line wrap: on
line diff
--- a/mail_resolver.t Wed Jul 31 12:58:03 2019 +0300 +++ b/mail_resolver.t Thu Aug 01 14:22:46 2019 +0300 @@ -23,9 +23,15 @@ select STDERR; $| = 1; select STDOUT; $| = 1; +eval { require IO::Socket::SSL; }; +plan(skip_all => 'IO::Socket::SSL not installed') if $@; +eval { IO::Socket::SSL::SSL_VERIFY_NONE(); }; +plan(skip_all => 'IO::Socket::SSL too old') if $@; + local $SIG{PIPE} = 'IGNORE'; -my $t = Test::Nginx->new()->has(qw/mail smtp http rewrite/)->plan(10) +my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite/) + ->has_daemon('openssl')->plan(11) ->write_file_expand('nginx.conf', <<'EOF'); %%TEST_GLOBALS%% @@ -89,6 +95,14 @@ resolver 127.0.0.1:%%PORT_8987_UDP%%; } + server { + ssl_certificate_key localhost.key; + ssl_certificate localhost.crt; + + listen 127.0.0.1:8033 ssl; + protocol smtp; + resolver 127.0.0.1:%%PORT_8983_UDP%%; + } } http { @@ -115,6 +129,24 @@ EOF +$t->write_file('openssl.conf', <<EOF); +[ req ] +default_bits = 2048 +encrypt_key = no +distinguished_name = req_distinguished_name +[ req_distinguished_name ] +EOF + +my $d = $t->testdir(); + +foreach my $name ('localhost') { + system('openssl req -x509 -new ' + . "-config $d/openssl.conf -subj /CN=$name/ " + . "-out $d/$name.crt -keyout $d/$name.key " + . ">>$d/openssl.out 2>&1") == 0 + or die "Can't create certificate for $name: $!\n"; +} + $t->run_daemon(\&Test::Nginx::SMTP::smtp_test_daemon); $t->run_daemon(\&dns_daemon, port($_), $t) foreach (8981 .. 8987); @@ -260,6 +292,33 @@ $s->send('QUIT'); $s->read(); +# before 1.17.3, read event while in resolving resulted in duplicate resolving + +TODO: { +todo_skip 'leaves coredump', 1 unless $ENV{TEST_NGINX_UNSAFE} + or $t->has_version('1.17.3'); + +my %ssl = ( + SSL => 1, + SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(), + SSL_error_trap => sub { die $_[1] }, +); + +$s = Test::Nginx::SMTP->new(PeerAddr => '127.0.0.1:' . port(8033), %ssl); +$s->send('EHLO example.com'); +$s->read(); +$s->send('MAIL FROM:<test@example.com> SIZE=100'); +$s->read(); +$s->read(); + +$s->send('RCPT TO:<test@example.com>'); +$s->check(qr/TEMPUNAVAIL/, 'PTR SSL empty'); + +$s->send('QUIT'); +$s->read(); + +} + ############################################################################### sub reply_handler {