Tests: simplified stream_ssl_preread.t by not using http backends.
diff --git a/stream_ssl_preread.t b/stream_ssl_preread.t
index 4982e57..48a54eb 100644
--- a/stream_ssl_preread.t
+++ b/stream_ssl_preread.t
@@ -16,6 +16,7 @@
use lib 'lib';
use Test::Nginx;
+use Test::Nginx::Stream qw/ stream /;
###############################################################################
@@ -23,7 +24,7 @@
select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/)
- ->has(qw/http http_ssl stream_ssl stream_return/)->has_daemon('openssl')
+ ->has(qw/stream_ssl stream_return/)->has_daemon('openssl')
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -53,22 +54,18 @@
server {
listen 127.0.0.1:8080;
- proxy_pass $name;
+ return $name;
}
server {
listen 127.0.0.1:8081;
proxy_pass $name;
- ssl_preread off;
}
- ssl_certificate_key localhost.key;
- ssl_certificate localhost.crt;
-
server {
- listen 127.0.0.1:8082 ssl;
+ listen 127.0.0.1:8082;
proxy_pass $name;
- proxy_ssl on;
+ ssl_preread off;
}
server {
@@ -81,15 +78,6 @@
access_log %%TESTDIR%%/status.log status;
}
- server {
- listen 127.0.0.1:8084;
- return $ssl_preread_server_name;
- }
-}
-
-http {
- %%TEST_GLOBALS_HTTP%%
-
ssl_certificate_key localhost.key;
ssl_certificate localhost.crt;
@@ -97,11 +85,8 @@
listen 127.0.0.1:8091 ssl;
listen 127.0.0.1:8092 ssl;
listen 127.0.0.1:8093 ssl;
- server_name localhost;
-
- location / {
- add_header X-Port $server_port always;
- }
+ ssl_preread off;
+ return $server_port;
}
}
@@ -150,23 +135,22 @@
my ($p1, $p2, $p3) = (port(8091), port(8092), port(8093));
-like(https_get_host('foo'), qr/$p1/, 'sni');
-like(https_get_host('foo'), qr/$p1/, 'sni again');
+is(get_ssl('foo', 8081), $p1, 'sni');
+is(get_ssl('foo', 8081), $p1, 'sni again');
-like(https_get_host('bar'), qr/$p2/, 'sni 2');
-like(https_get_host('bar'), qr/$p2/, 'sni 2 again');
+is(get_ssl('bar', 8081), $p2, 'sni 2');
+is(get_ssl('bar', 8081), $p2, 'sni 2 again');
# fallback to an empty value for some reason
-like(https_get_host('foo', ''), qr/$p3/, 'no sni');
-like(https_get_host('foo', 'foo', 8081), qr/$p3/, 'no preread');
-like(https_get_host('foo', 'foo', 8082), qr/$p3/, 'no handshake');
-
-is(https_get_host('foo', 'foo', 8083), undef, 'preread buffer full');
+is(get_ssl('', 8081), $p3, 'no sni');
+is(get_ssl('foo', 8082), $p3, 'preread off');
+is(get_ssl('foo', 8083), undef, 'preread buffer full');
+is(stream()->io('x' x 1000), "127.0.0.1:$p3", 'not a handshake');
# no junk in variable due to short ClientHello length value
-is(get_short(), '', 'short client hello');
+is(get_short(), "127.0.0.1:$p3", 'short client hello');
# allow record with older SSL version, such as 3.0
@@ -184,74 +168,34 @@
###############################################################################
sub get_short {
- my $s;
-
- eval {
- local $SIG{ALRM} = sub { die "timeout\n" };
- local $SIG{PIPE} = sub { die "sigpipe\n" };
- alarm(2);
- $s = IO::Socket::INET->new(
- Proto => 'tcp',
- PeerAddr => '127.0.0.1:' . port(8084),
- );
- alarm(0);
- };
- alarm(0);
-
- if ($@) {
- log_in("died: $@");
- return undef;
- }
-
my $r = pack("N*", 0x16030100, 0x38010000, 0x330303eb);
$r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f);
$r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682);
$r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000);
$r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f);
- http($r, socket => $s);
+ http($r);
}
sub get_oldver {
- my $s;
-
- eval {
- local $SIG{ALRM} = sub { die "timeout\n" };
- local $SIG{PIPE} = sub { die "sigpipe\n" };
- alarm(2);
- $s = IO::Socket::INET->new(
- Proto => 'tcp',
- PeerAddr => '127.0.0.1:' . port(8084),
- );
- alarm(0);
- };
- alarm(0);
-
- if ($@) {
- log_in("died: $@");
- return undef;
- }
-
my $r = pack("N*", 0x16030000, 0x38010000, 0x340303eb);
$r .= pack("N*", 0x6357cdba, 0xa6b8d853, 0xf1f6ac0f);
$r .= pack("N*", 0xdf03178c, 0x0ae41824, 0xe7643682);
$r .= pack("N*", 0x3c1b273f, 0xbfde4b00, 0x00000000);
$r .= pack("CN3", 0x0c, 0x00000008, 0x00060000, 0x03666f6f);
- http($r, socket => $s);
+ http($r);
}
-sub get_ssl_socket {
+sub get_ssl {
my ($host, $port) = @_;
- my $s;
+ my $s = stream("127.0.0.1:$port");
eval {
local $SIG{ALRM} = sub { die "timeout\n" };
local $SIG{PIPE} = sub { die "sigpipe\n" };
alarm(2);
- $s = IO::Socket::SSL->new(
- Proto => 'tcp',
- PeerAddr => '127.0.0.1:' . port($port || 8080),
+ IO::Socket::SSL->start_SSL($s->{_socket},
SSL_hostname => $host,
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
SSL_error_trap => sub { die $_[1] }
@@ -265,18 +209,7 @@
return undef;
}
- return $s;
-}
-
-sub https_get_host {
- my ($host, $sni, $port) = @_;
- my $s = get_ssl_socket(defined $sni ? $sni : $host, $port) or return;
-
- return http(<<EOF, socket => $s);
-GET / HTTP/1.0
-Host: $host
-
-EOF
+ return $s->read();
}
###############################################################################