# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1679105692 -10800
# Sat Mar 18 05:14:52 2023 +0300
# Node ID 125fb8461d88a81a62ccb40d0e205a01ecc759f5
# Parent 86c394a226d2a7d463da7a1b7e88375c71c0c69b
Tests: LibreSSL and BoringSSL session reuse with TLSv1.3.
LibreSSL does not support session reuse with TLSv1.3 at all. BoringSSL
with TLSv1.3 only supports session tickets, but not server-side session
cache.
diff --git a/ssl.t b/ssl.t
--- a/ssl.t
+++ b/ssl.t
@@ -185,6 +185,8 @@ local $TODO = 'no TLSv1.3 sessions, old
if $Net::SSLeay::VERSION < 1.88 && test_tls13();
local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
like(get('/', 8085, $ctx), qr/^body r$/m, 'session reused');
@@ -211,8 +213,17 @@ like(get('/', 8086, $ctx), qr/^body \.$/
$ctx = get_ssl_context();
like(get('/id', 8085, $ctx), qr/^body (\w{64})?$/m, 'session id');
+
+TODO: {
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
+local $TODO = 'no TLSv1.3 sessions ids in BoringSSL'
+ if $t->has_module('BoringSSL') && test_tls13();
+
like(get('/id', 8085, $ctx), qr/^body \w{64}$/m, 'session id reused');
+}
+
unlike(http_get('/id'), qr/body \w/, 'session id no ssl');
like(get('/cipher', 8085), qr/^body [\w-]+$/m, 'cipher');
diff --git a/ssl_session_reuse.t b/ssl_session_reuse.t
--- a/ssl_session_reuse.t
+++ b/ssl_session_reuse.t
@@ -175,14 +175,22 @@ local $TODO = 'no TLSv1.3 sessions, old
if $Net::SSLeay::VERSION < 1.88 && test_tls13();
local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
+local $TODO = 'no TLSv1.3 sessions in LibreSSL'
+ if $t->has_module('LibreSSL') && test_tls13();
is(test_reuse(8443), 1, 'tickets reused');
is(test_reuse(8444), 1, 'tickets and cache reused');
+
+TODO: {
+local $TODO = 'no TLSv1.3 session cache in BoringSSL'
+ if $t->has_module('BoringSSL') && test_tls13();
+
is(test_reuse(8445), 1, 'cache shared reused');
is(test_reuse(8446), 1, 'cache builtin reused');
is(test_reuse(8447), 1, 'cache builtin size reused');
}
+}
is(test_reuse(8448), 0, 'cache none not reused');
is(test_reuse(8449), 0, 'cache off not reused');
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel