forked from nginx/nginx-tests
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstream_pass.t
140 lines (97 loc) · 2.92 KB
/
stream_pass.t
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
#!/usr/bin/perl
# (C) Sergey Kandaurov
# (C) Nginx, Inc.
# Tests for stream pass module.
###############################################################################
use warnings;
use strict;
use Test::More;
BEGIN { use FindBin; chdir($FindBin::Bin); }
use lib 'lib';
use Test::Nginx;
###############################################################################
select STDERR; $| = 1;
select STDOUT; $| = 1;
my $t = Test::Nginx->new()
->has(qw/stream stream_ssl stream_pass stream_ssl_preread stream_geo/)
->has(qw/http http_ssl sni socket_ssl_sni/)->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
daemon off;
events {
}
stream {
%%TEST_GLOBALS_STREAM%%
log_format test $status;
access_log %%TESTDIR%%/test.log test;
server {
listen 127.0.0.1:8080;
listen 127.0.0.1:8443 ssl;
server_name default;
pass 127.0.0.1:8092;
ssl_preread on;
ssl_certificate_key localhost.key;
ssl_certificate localhost.crt;
}
server {
listen 127.0.0.1:8080;
server_name sni;
pass 127.0.0.1:8091;
}
server {
listen 127.0.0.1:8443 ssl;
server_name sni;
pass 127.0.0.1:8092;
}
geo $var {
default 127.0.0.1:8092;
}
server {
listen 127.0.0.1:8081;
pass $var;
}
}
http {
%%TEST_GLOBALS_HTTP%%
server {
listen 127.0.0.1:8091 ssl;
listen 127.0.0.1:8092;
server_name localhost;
ssl_certificate_key localhost.key;
ssl_certificate localhost.crt;
}
}
EOF
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
encrypt_key = no
distinguished_name = req_distinguished_name
[ req_distinguished_name ]
EOF
$t->write_file('index.html', '');
my $d = $t->testdir();
foreach my $name ('localhost') {
system('openssl req -x509 -new '
. "-config $d/openssl.conf -subj /CN=$name/ "
. "-out $d/$name.crt -keyout $d/$name.key "
. ">>$d/openssl.out 2>&1") == 0
or die "Can't create certificate for $name: $!\n";
}
$t->try_run('no pass module')->plan(6);
###############################################################################
# passing either to HTTP or HTTPS backend, depending on server_name
TODO: {
todo_skip 'win32', 2 if $^O eq 'MSWin32';
like(http_get('/'), qr/200 OK/, 'pass');
like(http_get('/', SSL => 1, SSL_hostname => 'sni',
PeerAddr => '127.0.0.1:' . port(8080)), qr/200 OK/, 'pass ssl');
}
like(http_get('/', SSL => 1, SSL_hostname => 'sni'), qr/200 OK/,
'pass ssl handshaked');
unlike(http_get('/', SSL => 1), qr/200 OK/, 'pass with preread');
like(http_get('/', PeerAddr => '127.0.0.1:' . port(8081)), qr/200 OK/,
'pass variable');
$t->stop();
is($t->read_file('test.log'), "500\n", 'pass with preread - log');
###############################################################################