Skip to content

Commit 9602fed

Browse files
zhuizhuhaomengzhuizhuhaomeng
committed
tests: update test to match openssl3.0.
1 parent f94da77 commit 9602fed

File tree

3 files changed

+18
-109
lines changed

3 files changed

+18
-109
lines changed

t/129-ssl-socket.t

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1155,7 +1155,7 @@ SSL reused session
11551155
server_name test.com;
11561156
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
11571157
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
1158-
ssl_protocols TLSv1;
1158+
ssl_protocols TLSv1.2;
11591159
11601160
location / {
11611161
content_by_lua_block {
@@ -1165,7 +1165,7 @@ SSL reused session
11651165
}
11661166
--- config
11671167
server_tokens off;
1168-
lua_ssl_ciphers ECDHE-RSA-AES256-SHA;
1168+
lua_ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384;
11691169
11701170
location /t {
11711171
content_by_lua '
@@ -1229,7 +1229,7 @@ lua ssl free session: ([0-9A-F]+)
12291229
$/
12301230
--- error_log eval
12311231
['lua ssl server name: "test.com"',
1232-
qr/SSL: TLSv\d(?:\.\d)?, cipher: "ECDHE-RSA-AES256-SHA (SSLv3|TLSv1)/]
1232+
qr/SSL: TLSv\d(?:\.\d)?, cipher: "ECDHE-RSA-AES256-GCM-SHA384 (SSLv3|TLSv1\.2)/]
12331233
--- no_error_log
12341234
SSL reused session
12351235
[error]
@@ -1245,7 +1245,7 @@ SSL reused session
12451245
server_name test.com;
12461246
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
12471247
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
1248-
ssl_protocols TLSv1;
1248+
ssl_protocols TLSv1.2;
12491249
12501250
location / {
12511251
content_by_lua_block {
@@ -1255,7 +1255,7 @@ SSL reused session
12551255
}
12561256
--- config
12571257
server_tokens off;
1258-
lua_ssl_protocols TLSv1;
1258+
lua_ssl_protocols TLSv1.2;
12591259
12601260
location /t {
12611261
content_by_lua '
@@ -1319,7 +1319,7 @@ lua ssl free session: ([0-9A-F]+)
13191319
$/
13201320
--- error_log eval
13211321
['lua ssl server name: "test.com"',
1322-
qr/SSL: TLSv1, cipher: "ECDHE-RSA-AES256-SHA (SSLv3|TLSv1)/]
1322+
qr/SSL: TLSv1\.2, cipher: "ECDHE-RSA-AES256-GCM-SHA384 TLSv1\.2/]
13231323
--- no_error_log
13241324
SSL reused session
13251325
[error]
@@ -2614,10 +2614,10 @@ SSL reused session
26142614
26152615
--- request
26162616
GET /t
2617-
--- response_body
2618-
connected: 1
2619-
failed to do SSL handshake: 18: self signed certificate
2620-
2617+
--- response_body eval
2618+
qr/connected: 1
2619+
failed to do SSL handshake: 18: self[- ]signed certificate
2620+
/ms
26212621
--- user_files eval
26222622
">>> test.key
26232623
$::TestCertificateKey
@@ -2626,8 +2626,8 @@ $::TestCertificate"
26262626
26272627
--- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+/
26282628
--- grep_error_log_out
2629-
--- error_log
2630-
lua ssl certificate verify error: (18: self signed certificate)
2629+
--- error_log eval
2630+
qr/lua ssl certificate verify error: \(18: self[- ]signed certificate\)/
26312631
--- no_error_log
26322632
SSL reused session
26332633
[alert]

t/140-ssl-c-api.t

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -954,8 +954,8 @@ client certificate subject: emailAddress=agentzh@gmail.com,CN=test.com
954954
955955
--- request
956956
GET /t
957-
--- response_body
958-
FAILED:self signed certificate
957+
--- response_body eval
958+
qr/FAILED:self[- ]signed certificate/
959959
960960
--- error_log
961961
client certificate subject: emailAddress=agentzh@gmail.com,CN=test.com

t/143-ssl-session-fetch.t

Lines changed: 4 additions & 95 deletions
Original file line numberDiff line numberDiff line change
@@ -1326,98 +1326,7 @@ close: 1 nil
13261326
13271327
13281328
1329-
=== TEST 16: ssl_session_fetch_by_lua* always runs when using SSLv3 (SSLv3 does not support session tickets)
1330-
--- http_config
1331-
ssl_session_fetch_by_lua_block { print("ssl_session_fetch_by_lua* is running!") }
1332-
server {
1333-
listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl;
1334-
server_name test.com;
1335-
ssl_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
1336-
ssl_certificate_key $TEST_NGINX_CERT_DIR/cert/test.key;
1337-
ssl_protocols SSLv3;
1338-
server_tokens off;
1339-
}
1340-
--- config
1341-
server_tokens off;
1342-
lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt;
1343-
lua_ssl_protocols SSLv3;
1344-
1345-
location /t {
1346-
content_by_lua_block {
1347-
do
1348-
local sock = ngx.socket.tcp()
1349-
1350-
sock:settimeout(5000)
1351-
1352-
local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock")
1353-
if not ok then
1354-
ngx.say("failed to connect: ", err)
1355-
return
1356-
end
1357-
1358-
ngx.say("connected: ", ok)
1359-
1360-
local sess, err = sock:sslhandshake(package.loaded.session, "test.com", true)
1361-
if not sess then
1362-
ngx.say("failed to do SSL handshake: ", err)
1363-
return
1364-
end
1365-
1366-
ngx.say("ssl handshake: ", type(sess))
1367-
1368-
package.loaded.session = sess
1369-
1370-
local ok, err = sock:close()
1371-
ngx.say("close: ", ok, " ", err)
1372-
end -- do
1373-
-- collectgarbage()
1374-
}
1375-
}
1376-
--- request
1377-
GET /t
1378-
--- response_body
1379-
connected: 1
1380-
ssl handshake: cdata
1381-
close: 1 nil
1382-
--- grep_error_log eval: qr/ssl_session_fetch_by_lua\(nginx\.conf:\d+\):.*?,|\bssl session fetch: connection reusable: \d+|\breusable connection: \d+/
1383-
--- grep_error_log_out eval
1384-
# Since nginx version 1.17.9, nginx call ngx_reusable_connection(c, 0)
1385-
# before call ssl callback function
1386-
$Test::Nginx::Util::NginxVersion >= 1.017009 ?
1387-
[
1388-
qr/\A(?:reusable connection: [01]\n)+\z/s,
1389-
qr/^reusable connection: 0
1390-
ssl session fetch: connection reusable: 0
1391-
ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is running!,
1392-
/m,
1393-
qr/^reusable connection: 0
1394-
ssl session fetch: connection reusable: 0
1395-
ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is running!,
1396-
/m,
1397-
]
1398-
:
1399-
[
1400-
qr/\A(?:reusable connection: [01]\n)+\z/s,
1401-
qr/^reusable connection: 1
1402-
ssl session fetch: connection reusable: 1
1403-
reusable connection: 0
1404-
ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is running!,
1405-
/m,
1406-
qr/^reusable connection: 1
1407-
ssl session fetch: connection reusable: 1
1408-
reusable connection: 0
1409-
ssl_session_fetch_by_lua\(nginx\.conf:\d+\):1: ssl_session_fetch_by_lua\* is running!,
1410-
/m,
1411-
]
1412-
--- no_error_log
1413-
[error]
1414-
[alert]
1415-
[emerg]
1416-
--- skip_eval: 6:$ENV{TEST_NGINX_USE_HTTP3}
1417-
1418-
1419-
1420-
=== TEST 17: ssl_session_fetch_by_lua* can yield when reading early data
1329+
=== TEST 16: ssl_session_fetch_by_lua* can yield when reading early data
14211330
--- skip_openssl: 6: < 1.1.1
14221331
--- http_config
14231332
ssl_session_fetch_by_lua_block {
@@ -1494,7 +1403,7 @@ qr/elapsed in ssl_session_fetch_by_lua\*: 0\.(?:09|1[01])\d+,/,
14941403
14951404
14961405
1497-
=== TEST 18: cosocket (UDP)
1406+
=== TEST 17: cosocket (UDP)
14981407
--- http_config
14991408
ssl_session_fetch_by_lua_block {
15001409
local sock = ngx.socket.udp()
@@ -1589,7 +1498,7 @@ close: 1 nil
15891498
15901499
15911500
1592-
=== TEST 19: uthread (kill)
1501+
=== TEST 18: uthread (kill)
15931502
--- http_config
15941503
ssl_session_fetch_by_lua_block {
15951504
local function f()
@@ -1689,7 +1598,7 @@ uthread: failed to kill: already waited or killed
16891598
16901599
16911600
1692-
=== TEST 20: uthread (wait)
1601+
=== TEST 19: uthread (wait)
16931602
--- http_config
16941603
ssl_session_fetch_by_lua_block {
16951604
local function f()

0 commit comments

Comments
 (0)