[PATCH 05 of 11] Tests: added has_feature() test for SSL libraries
Maxim Dounin
mdounin at mdounin.ru
Mon Apr 17 03:31:29 UTC 2023
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1681702255 -10800
# Mon Apr 17 06:30:55 2023 +0300
# Node ID a8e22a3212da945e9060d4233905eb6de1399d34
# Parent 605cab711606724e5879e8a81d5d21797e5ddcfb
Tests: added has_feature() test for SSL libraries.
This makes it possible to further simplify various SSL tests. It also
avoids direct testing of the $t->{_configure_args} internal field, and
implements proper comparison of version numbers.
diff --git a/grpc_pass.t b/grpc_pass.t
--- a/grpc_pass.t
+++ b/grpc_pass.t
@@ -107,8 +107,7 @@ like(http_get('/basic'), qr/200 OK/, 'no
like(http_get('/grpc'), qr/200 OK/, 'grpc scheme');
SKIP: {
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-skip 'OpenSSL too old', 1 unless defined $1 and $1 ge '1.0.2';
+skip 'OpenSSL too old', 1 unless $t->has_feature('openssl:1.0.2');
like(http_get('/grpcs'), qr/200 OK/, 'grpcs scheme');
diff --git a/grpc_ssl.t b/grpc_ssl.t
--- a/grpc_ssl.t
+++ b/grpc_ssl.t
@@ -24,12 +24,9 @@ select STDERR; $| = 1;
select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/http rewrite http_v2 grpc/)
- ->has(qw/upstream_keepalive http_ssl/)->has_daemon('openssl');
-
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
-
-$t->write_file_expand('nginx.conf', <<'EOF')->plan(38);
+ ->has(qw/upstream_keepalive http_ssl openssl:1.0.2/)
+ ->has_daemon('openssl')
+ ->write_file_expand('nginx.conf', <<'EOF')->plan(38);
%%TEST_GLOBALS%%
diff --git a/h2_ssl.t b/h2_ssl.t
--- a/h2_ssl.t
+++ b/h2_ssl.t
@@ -87,10 +87,12 @@ plan(skip_all => 'no ALPN negotiation')
###############################################################################
SKIP: {
-$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/;
-skip 'LibreSSL too old', 1 if defined $1 and $1 lt '3.4.0';
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-skip 'OpenSSL too old', 1 if defined $1 and $1 lt '1.1.0';
+skip 'LibreSSL too old', 1
+ if $t->has_module('LibreSSL')
+ and not $t->has_feature('libressl:3.4.0');
+skip 'OpenSSL too old', 1
+ if $t->has_module('OpenSSL')
+ and not $t->has_feature('openssl:1.1.0');
TODO: {
local $TODO = 'not yet' unless $t->has_version('1.21.4');
diff --git a/lib/Test/Nginx.pm b/lib/Test/Nginx.pm
--- a/lib/Test/Nginx.pm
+++ b/lib/Test/Nginx.pm
@@ -266,6 +266,28 @@ sub has_feature($) {
return 0;
}
+ if ($feature =~ /^(openssl|libressl):([0-9.]+)/) {
+ my $library = $1;
+ my $need = $2;
+
+ $self->{_configure_args} = `$NGINX -V 2>&1`
+ if !defined $self->{_configure_args};
+
+ return 0 unless
+ $self->{_configure_args} =~ /with $library ([0-9.]+)/i;
+
+ my @v = split(/\./, $1);
+ my ($n, $v);
+
+ for $n (split(/\./, $need)) {
+ $v = shift @v || 0;
+ return 0 if $n > $v;
+ return 1 if $v > $n;
+ }
+
+ return 1;
+ }
+
return 0;
}
diff --git a/mail_ssl.t b/mail_ssl.t
--- a/mail_ssl.t
+++ b/mail_ssl.t
@@ -175,10 +175,12 @@ like(Net::SSLeay::dump_peer_certificate(
ok(get_ssl_socket(8148, ['imap']), 'alpn');
SKIP: {
-$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/;
-skip 'LibreSSL too old', 1 if defined $1 and $1 lt '3.4.0';
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-skip 'OpenSSL too old', 1 if defined $1 and $1 lt '1.1.0';
+skip 'LibreSSL too old', 1
+ if $t->has_module('LibreSSL')
+ and not $t->has_feature('libressl:3.4.0');
+skip 'OpenSSL too old', 1
+ if $t->has_module('OpenSSL')
+ and not $t->has_feature('openssl:1.1.0');
TODO: {
local $TODO = 'not yet' unless $t->has_version('1.21.4');
diff --git a/mail_ssl_conf_command.t b/mail_ssl_conf_command.t
--- a/mail_ssl_conf_command.t
+++ b/mail_ssl_conf_command.t
@@ -32,11 +32,9 @@ eval {
};
plan(skip_all => 'Net::SSLeay not installed') if $@;
-my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap/)
+my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/proxy_ssl_conf_command.t b/proxy_ssl_conf_command.t
--- a/proxy_ssl_conf_command.t
+++ b/proxy_ssl_conf_command.t
@@ -22,11 +22,10 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/http http_ssl proxy uwsgi http_v2 grpc/)
+my $t = Test::Nginx->new()
+ ->has(qw/http http_ssl proxy uwsgi http_v2 grpc openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_certificate.t b/ssl_certificate.t
--- a/ssl_certificate.t
+++ b/ssl_certificate.t
@@ -39,12 +39,9 @@ eval {
};
plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-my $t = Test::Nginx->new()->has(qw/http http_ssl geo/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl geo openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
-
$t->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
diff --git a/ssl_certificate_perl.t b/ssl_certificate_perl.t
--- a/ssl_certificate_perl.t
+++ b/ssl_certificate_perl.t
@@ -37,10 +37,9 @@ eval {
};
plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-my $t = Test::Nginx->new()->has(qw/http http_ssl perl/)->has_daemon('openssl');
-
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
+my $t = Test::Nginx->new()
+ ->has(qw/http http_ssl perl openssl:1.0.2/)
+ ->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_conf_command.t b/ssl_conf_command.t
--- a/ssl_conf_command.t
+++ b/ssl_conf_command.t
@@ -30,11 +30,9 @@ eval {
};
plan(skip_all => 'Net::SSLeay not installed') if $@;
-my $t = Test::Nginx->new()->has(qw/http http_ssl/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_curve.t b/ssl_curve.t
--- a/ssl_curve.t
+++ b/ssl_curve.t
@@ -22,12 +22,10 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/)
+my $t = Test::Nginx->new()
+ ->has(qw/http http_ssl rewrite socket_ssl openssl:3.0.0/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL (\d+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 >= 3;
-
$t->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
diff --git a/stream_proxy_ssl_conf_command.t b/stream_proxy_ssl_conf_command.t
--- a/stream_proxy_ssl_conf_command.t
+++ b/stream_proxy_ssl_conf_command.t
@@ -22,11 +22,10 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/stream stream_ssl http http_ssl/)
+my $t = Test::Nginx->new()
+ ->has(qw/stream stream_ssl http http_ssl openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/stream_ssl_alpn.t b/stream_ssl_alpn.t
--- a/stream_ssl_alpn.t
+++ b/stream_ssl_alpn.t
@@ -81,10 +81,12 @@ is(get_ssl('wrong', 'second'), 'X second
is(get_ssl(), 'X X', 'no alpn');
SKIP: {
-$t->{_configure_args} =~ /LibreSSL ([\d\.]+)/;
-skip 'LibreSSL too old', 2 if defined $1 and $1 lt '3.4.0';
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-skip 'OpenSSL too old', 2 if defined $1 and $1 lt '1.1.0';
+skip 'LibreSSL too old', 2
+ if $t->has_module('LibreSSL')
+ and not $t->has_feature('libressl:3.4.0');
+skip 'OpenSSL too old', 2
+ if $t->has_module('OpenSSL')
+ and not $t->has_feature('openssl:1.1.0');
ok(!get_ssl('wrong'), 'alpn mismatch');
diff --git a/stream_ssl_certificate.t b/stream_ssl_certificate.t
--- a/stream_ssl_certificate.t
+++ b/stream_ssl_certificate.t
@@ -37,13 +37,10 @@ eval {
};
plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_geo stream_return/)
- ->has_daemon('openssl');
-
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
-
-$t->write_file_expand('nginx.conf', <<'EOF');
+my $t = Test::Nginx->new()
+ ->has(qw/stream stream_ssl stream_geo stream_return openssl:1.0.2/)
+ ->has_daemon('openssl')
+ ->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
diff --git a/stream_ssl_conf_command.t b/stream_ssl_conf_command.t
--- a/stream_ssl_conf_command.t
+++ b/stream_ssl_conf_command.t
@@ -30,11 +30,10 @@ eval {
};
plan(skip_all => 'Net::SSLeay not installed') if $@;
-my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/)
+my $t = Test::Nginx->new()
+ ->has(qw/stream stream_ssl stream_return openssl:1.0.2/)
->has_daemon('openssl');
-$t->{_configure_args} =~ /OpenSSL ([\d\.]+)/;
-plan(skip_all => 'OpenSSL too old') unless defined $1 and $1 ge '1.0.2';
plan(skip_all => 'no ssl_conf_command') if $t->has_module('BoringSSL');
$t->write_file_expand('nginx.conf', <<'EOF');
More information about the nginx-devel
mailing list