[PATCH 16 of 20] Tests: fixed stream_proxy_ssl.t with LibreSSL and TLSv1.3
Maxim Dounin
mdounin at mdounin.ru
Sat Mar 18 14:15:11 UTC 2023
# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1679148836 -10800
# Sat Mar 18 17:13:56 2023 +0300
# Node ID 778dcba0f619808fef92999b174c86cf9668ffeb
# Parent 6d5bede76a77ca86483f63088587913a61b8b18d
Tests: fixed stream_proxy_ssl.t with LibreSSL and TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3.
diff --git a/stream_proxy_ssl.t b/stream_proxy_ssl.t
--- a/stream_proxy_ssl.t
+++ b/stream_proxy_ssl.t
@@ -78,6 +78,8 @@ http {
ssl_certificate_key localhost.key;
ssl_certificate localhost.crt;
+
+ add_header X-Protocol $ssl_protocol;
}
}
@@ -111,9 +113,16 @@ is(stream('127.0.0.1:' . port(8081))->re
is(stream('127.0.0.1:' . port(8081))->read(), '.', 'ssl 2');
is(stream('127.0.0.1:' . port(8082))->read(), '.', 'ssl session new');
+
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
+
is(stream('127.0.0.1:' . port(8082))->read(), 'r', 'ssl session reused');
is(stream('127.0.0.1:' . port(8082))->read(), 'r', 'ssl session reused 2');
+}
+
my $s = http('', start => 1);
sleep 3;
@@ -121,3 +130,9 @@ sleep 3;
like(http_get('/', socket => $s), qr/200 OK/, 'proxy connect timeout');
###############################################################################
+
+sub test_tls13 {
+ http_get('/') =~ m/TLSv1.3/;
+}
+
+###############################################################################
More information about the nginx-devel
mailing list