[PATCH 3 of 3] Tests: adapted session reuse tests to work with TLSv1.3

Maxim Dounin mdounin at mdounin.ru
Fri Mar 10 05:00:06 UTC 2023


# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1678424073 -10800
#      Fri Mar 10 07:54:33 2023 +0300
# Node ID 946c3b39d1f9adf3f96f1c04963539ecd1c63a8f
# Parent  49d12f8c4cf69e1cbe7feccae3b0ea1ac2ca8c2f
Tests: adapted session reuse tests to work with TLSv1.3.

In TLSv1.3, session tickets are sent after the handshake, and saving session
right after the handshake is not going to work.  To properly test session
resumption, sessions are now saved after some data exchange.

diff --git a/mail_ssl.t b/mail_ssl.t
--- a/mail_ssl.t
+++ b/mail_ssl.t
@@ -182,24 +182,28 @@ my $s = Test::Nginx::IMAP->new();
 my ($ssl, $ses);
 
 ($s, $ssl) = get_ssl_socket(8145);
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(8145, $ses);
 is(Net::SSLeay::session_reused($ssl), 1, 'builtin session reused');
 
 ($s, $ssl) = get_ssl_socket(8146);
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(8146, $ses);
 is(Net::SSLeay::session_reused($ssl), 0, 'session not reused');
 
 ($s, $ssl) = get_ssl_socket(8147);
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(8147, $ses);
 is(Net::SSLeay::session_reused($ssl), 1, 'builtin size session reused');
 
 ($s, $ssl) = get_ssl_socket(8148);
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(8148, $ses);
diff --git a/stream_ssl.t b/stream_ssl.t
--- a/stream_ssl.t
+++ b/stream_ssl.t
@@ -147,24 +147,32 @@ like(Net::SSLeay::read($ssl), qr/200 OK/
 # ssl_session_cache
 
 ($s, $ssl) = get_ssl_socket(port(8080));
+Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(port(8080), $ses);
 is(Net::SSLeay::session_reused($ssl), 1, 'builtin session reused');
 
 ($s, $ssl) = get_ssl_socket(port(8082));
+Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(port(8082), $ses);
 isnt(Net::SSLeay::session_reused($ssl), 1, 'session not reused');
 
 ($s, $ssl) = get_ssl_socket(port(8083));
+Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(port(8083), $ses);
 is(Net::SSLeay::session_reused($ssl), 1, 'builtin size session reused');
 
 ($s, $ssl) = get_ssl_socket(port(8084));
+Net::SSLeay::write($ssl, "GET / HTTP/1.0$CRLF$CRLF");
+Net::SSLeay::read($ssl);
 $ses = Net::SSLeay::get_session($ssl);
 
 ($s, $ssl) = get_ssl_socket(port(8084), $ses);


More information about the nginx-devel mailing list