[PATCH 5 of 6] Tests: added missing socket_ssl_alpn guard in mail_ssl.t

Sergey Kandaurov pluknet at nginx.com
Tue May 23 12:55:44 UTC 2023 

> On 23 May 2023, at 06:17, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> Hello!
> 
> On Mon, May 22, 2023 at 11:52:17PM +0400, Sergey Kandaurov wrote:
> 
>> # HG changeset patch
>> # User Sergey Kandaurov <pluknet at nginx.com>
>> # Date 1684784660 -14400
>> #      Mon May 22 23:44:20 2023 +0400
>> # Node ID 633613b924b957fc18dde972ff346fe92b9e823e
>> # Parent  42066e126d2ca0f6d5095d818910559adf5d4bdc
>> Tests: added missing socket_ssl_alpn guard in mail_ssl.t.
>> 
>> diff --git a/mail_ssl.t b/mail_ssl.t
>> --- a/mail_ssl.t
>> +++ b/mail_ssl.t
>> @@ -164,6 +164,10 @@ like($s->socket()->dump_peer_certificate
>> 
>> # alpn
>> 
>> +TODO: {
>> +local $TODO = 'no ALPN support in IO::Socket::SSL'
>> +	unless $t->has_feature('socket_ssl_alpn');
>> +
>> $s = Test::Nginx::IMAP->new(
>> 	PeerAddr => '127.0.0.1:' . port(8148),
>> 	SSL => 1,
>> @@ -171,6 +175,8 @@ like($s->socket()->dump_peer_certificate
>> );
>> $s->ok('alpn');
>> 
>> +}
>> +
> 
> This will unexpectedly succeed if IO::Socket:SSL do not have ALPN 
> support at all (and will simply ignore SSL_alpn_protocols).
> 
> Probably skipping ALPN tests if there is no socket_ssl_alpn is the 
> way to go:

Indeed.  Applied, thanks.

> 
> diff -r a797d7428fa5 mail_ssl.t
> --- a/mail_ssl.t	Thu May 18 18:07:19 2023 +0300
> +++ b/mail_ssl.t	Tue May 23 02:17:06 2023 +0000
> @@ -164,6 +164,17 @@
> 
> # alpn
> 
> +
> +SKIP: {
> +skip 'LibreSSL too old', 2
> +	if $t->has_module('LibreSSL')
> +	and not $t->has_feature('libressl:3.4.0');
> +skip 'OpenSSL too old', 2
> +	if $t->has_module('OpenSSL')
> +	and not $t->has_feature('openssl:1.1.0');
> +skip 'no ALPN support in IO::Socket::SSL', 2
> +	unless $t->has_feature('socket_ssl_alpn');
> +
> $s = Test::Nginx::IMAP->new(
> 	PeerAddr => '127.0.0.1:' . port(8148),
> 	SSL => 1,
> @@ -171,18 +182,8 @@
> );
> $s->ok('alpn');
> 
> -SKIP: {
> -skip 'LibreSSL too old', 1
> -	if $t->has_module('LibreSSL')
> -	and not $t->has_feature('libressl:3.4.0');
> -skip 'OpenSSL too old', 1
> -	if $t->has_module('OpenSSL')
> -	and not $t->has_feature('openssl:1.1.0');
> -
> TODO: {
> local $TODO = 'not yet' unless $t->has_version('1.21.4');
> -local $TODO = 'no ALPN support in IO::Socket::SSL'
> -	unless $t->has_feature('socket_ssl_alpn');
> 
> $s = Test::Nginx::IMAP->new(
> 	PeerAddr => '127.0.0.1:' . port(8148),
> 

-- 
Sergey Kandaurov

More information about the nginx-devel mailing list