Welcome! Log In Create A New Profile

Advanced

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Previous Message Next Message
Forum List Message List New Topic Print View
Maxim Dounin
March 23, 2023 10:18AM
Hello!

On Wed, Mar 22, 2023 at 01:20:25PM +0400, Sergey Kandaurov wrote:

> > On 18 Mar 2023, at 18:14, Maxim Dounin <mdounin@mdounin.ru> wrote:
> >
> > # HG changeset patch
> > # User Maxim Dounin <mdounin@mdounin.ru>
> > # Date 1679107816 -10800
> > # Sat Mar 18 05:50:16 2023 +0300
> > # Node ID 97b09b6633f69747c0d6ef13c76739bdd6b7f3bb
> > # Parent 125fb8461d88a81a62ccb40d0e205a01ecc759f5
> > Tests: separate SSL session reuse tests in mail.
> >
> > Instead of being mixed with generic SSL tests, session reuse variants
> > are now tested in a separate file.
> >
> > diff --git a/mail_ssl.t b/mail_ssl.t
> > --- a/mail_ssl.t
> > +++ b/mail_ssl.t
> > @@ -37,7 +37,7 @@ eval { exists &Net::SSLeay::P_alpn_selec
> > plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@;
> >
> > my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap pop3 smtp/)
> > - ->has_daemon('openssl')->plan(22);
> > + ->has_daemon('openssl')->plan(18);
> >
> > $t->write_file_expand('nginx.conf', <<'EOF');
> >
> > @@ -51,44 +51,25 @@ events {
> > mail {
> > ssl_certificate_key localhost.key;
> > ssl_certificate localhost.crt;
> > - ssl_session_tickets off;
> >
> > ssl_password_file password;
> >
> > auth_http http://127.0.0.1:8080; # unused
> >
> > - ssl_session_cache none;
> > -
> > server {
> > listen 127.0.0.1:8143;
> > listen 127.0.0.1:8145 ssl;
> > protocol imap;
> > -
> > - ssl_session_cache builtin;
> > }
> >
> > server {
> > - listen 127.0.0.1:8146 ssl;
> > - protocol imap;
> > -
> > - ssl_session_cache off;
> > - }
> > -
> > - server {
> > - listen 127.0.0.1:8147;
> > + listen 127.0.0.1:8148;
> > protocol imap;
> >
> > # Special case for enabled "ssl" directive.
> >
> > ssl on;
> > - ssl_session_cache builtin:1000;
> > - }
> >
> > - server {
> > - listen 127.0.0.1:8148 ssl;
> > - protocol imap;
> > -
> > - ssl_session_cache shared:SSL:1m;
> > ssl_certificate_key inherits.key;
> > ssl_certificate inherits.crt;
> > }
> > @@ -169,46 +150,16 @@ open STDERR, ">&", \*OLDERR;
> >
> > ###############################################################################
> >
> > +my ($s, $ssl, $ses);
> > +
>
> $ses is no longer used there, and other cleanup on top off this change:
>
> diff --git a/mail_ssl.t b/mail_ssl.t
> --- a/mail_ssl.t
> +++ b/mail_ssl.t
> @@ -150,7 +150,7 @@ open STDERR, ">&", \*OLDERR;
>
> ###############################################################################
>
> -my ($s, $ssl, $ses);
> +my ($s, $ssl);
>
> # simple tests to ensure that nothing broke with ssl_password_file directive
>
> @@ -170,7 +170,7 @@ like(Net::SSLeay::dump_peer_certificate(
>
> # alpn
>
> -ok(get_ssl_socket(8148, undef, ['imap']), 'alpn');
> +ok(get_ssl_socket(8148, ['imap']), 'alpn');
>
> SKIP: {
> $t->{_configure_args} =~ /LibreSSL ([\d\.]+)/;
> @@ -181,7 +181,7 @@ skip 'OpenSSL too old', 1 if defined $1
> TODO: {
> local $TODO = 'not yet' unless $t->has_version('1.21.4');
>
> -ok(!get_ssl_socket(8148, undef, ['unknown']), 'alpn rejected');
> +ok(!get_ssl_socket(8148, ['unknown']), 'alpn rejected');
>
> }
>
> @@ -268,11 +268,10 @@ ok(!get_ssl_socket(8148, undef, ['unknow
> ###############################################################################
>
> sub get_ssl_socket {
> - my ($port, $ses, $alpn) = @_;
> + my ($port, $alpn) = @_;
>
> my $s = IO::Socket::INET->new('127.0.0.1:' . port($port));
> my $ssl = Net::SSLeay::new($ctx) or die("Failed to create SSL $!");
> - Net::SSLeay::set_session($ssl, $ses) if defined $ses;
> Net::SSLeay::set_alpn_protos($ssl, $alpn) if defined $alpn;
> Net::SSLeay::set_fd($ssl, fileno($s));
> Net::SSLeay::connect($ssl) == 1 or return;
> diff --git a/mail_ssl_session_reuse.t b/mail_ssl_session_reuse.t
> --- a/mail_ssl_session_reuse.t
> +++ b/mail_ssl_session_reuse.t
> @@ -132,8 +132,6 @@ my $ctx = Net::SSLeay::CTX_new() or die(
>
> ###############################################################################
>
> -my ($ssl, $ses);
> -
> # session reuse:
> #
> # - only tickets, the default

Applied, thanks.

--
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Reply Quote
RSS
Subject Author Views Posted

[PATCH 00 of 20] tests suite fixes for TLSv1.3

Maxim Dounin 535 March 18, 2023 10:18AM

[PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Maxim Dounin 154 March 18, 2023 10:18AM

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Sergey Kandaurov 130 March 22, 2023 05:22AM

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Maxim Dounin 122 March 23, 2023 10:18AM

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Sergey Kandaurov 145 March 22, 2023 05:48AM

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Maxim Dounin 129 March 23, 2023 10:16AM

Re: [PATCH 03 of 20] Tests: separate SSL session reuse tests in mail

Sergey Kandaurov 125 March 23, 2023 12:00PM

[PATCH 01 of 20] Tests: separate SSL session reuse tests

Maxim Dounin 203 March 18, 2023 10:18AM

Re: [PATCH 01 of 20] Tests: separate SSL session reuse tests

Sergey Kandaurov 189 March 22, 2023 04:58AM

Re: [PATCH 01 of 20] Tests: separate SSL session reuse tests

Maxim Dounin 131 March 23, 2023 10:12AM

Re: [PATCH 01 of 20] Tests: separate SSL session reuse tests

Sergey Kandaurov 123 March 23, 2023 12:00PM

Re: [PATCH 01 of 20] Tests: separate SSL session reuse tests

Maxim Dounin 172 March 23, 2023 01:26PM

Re: [PATCH 01 of 20] Tests: separate SSL session reuse tests

Sergey Kandaurov 188 March 24, 2023 08:40AM

[PATCH 08 of 20] Tests: enabled session reuse via TLS session tickets

Maxim Dounin 131 March 18, 2023 10:20AM

[PATCH 07 of 20] Tests: BoringSSL does not provide session ids with TLSv1.3

Maxim Dounin 139 March 18, 2023 10:20AM

[PATCH 09 of 20] Tests: restored proper port numbers in ssl_sni_sessions.t

Maxim Dounin 132 March 18, 2023 10:20AM

[PATCH 10 of 20] Tests: disabled ssl_sni_sessions.t with LibreSSL and BoringSSL

Maxim Dounin 149 March 18, 2023 10:20AM

[PATCH 05 of 20] Tests: separate SSL session reuse tests in stream

Maxim Dounin 145 March 18, 2023 10:20AM

Re: [PATCH 05 of 20] Tests: separate SSL session reuse tests in stream

Sergey Kandaurov 141 March 22, 2023 05:56AM

Re: [PATCH 05 of 20] Tests: separate SSL session reuse tests in stream

Maxim Dounin 123 March 23, 2023 10:18AM

[PATCH 06 of 20] Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail

Maxim Dounin 131 March 18, 2023 10:20AM

Re: [PATCH 06 of 20] Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail

Sergey Kandaurov 129 March 22, 2023 06:00AM

Re: [PATCH 06 of 20] Tests: LibreSSL and BoringSSL session reuse with TLSv1.3 in mail

Maxim Dounin 118 March 23, 2023 10:18AM

[PATCH 12 of 20] Tests: fixed ssl_session_ticket_key.t with LibreSSL and TLSv1.3

Maxim Dounin 114 March 18, 2023 10:20AM

[PATCH 13 of 20] Tests: fixed ssl_sni.t with LibreSSL and TLSv1.3

Maxim Dounin 170 March 18, 2023 10:20AM

[PATCH 11 of 20] Tests: fixed proxy_ssl.t with LibreSSL and TLSv1.3

Maxim Dounin 161 March 18, 2023 10:20AM

[PATCH 14 of 20] Tests: LibreSSL certificate negotiation with TLSv1.3

Maxim Dounin 200 March 18, 2023 10:20AM

[PATCH 15 of 20] Tests: LibreSSL does not send CA lists with TLSv1.3

Maxim Dounin 161 March 18, 2023 10:20AM

Re: [PATCH 15 of 20] Tests: LibreSSL does not send CA lists with TLSv1.3

Sergey Kandaurov 144 March 22, 2023 06:40AM

[PATCH 16 of 20] Tests: fixed stream_proxy_ssl.t with LibreSSL and TLSv1.3

Maxim Dounin 193 March 18, 2023 10:20AM

[PATCH 18 of 20] Tests: cleaned up ssl_ocsp.t

Maxim Dounin 159 March 18, 2023 10:20AM

[PATCH 20 of 20] Tests: fixed ssl_ocsp.t with LibreSSL and TLSv1.3

Maxim Dounin 166 March 18, 2023 10:20AM

Re: [PATCH 20 of 20] Tests: fixed ssl_ocsp.t with LibreSSL and TLSv1.3

Sergey Kandaurov 152 March 22, 2023 07:12AM

Re: [PATCH 20 of 20] Tests: fixed ssl_ocsp.t with LibreSSL and TLSv1.3

Maxim Dounin 135 March 23, 2023 10:20AM

[PATCH 19 of 20] Tests: removed multiple server certificates from ssl_ocsp.t

Maxim Dounin 150 March 18, 2023 10:20AM

Re: [PATCH 19 of 20] Tests: removed multiple server certificates from ssl_ocsp.t

Sergey Kandaurov 135 March 22, 2023 07:06AM

Re: [PATCH 19 of 20] Tests: removed multiple server certificates from ssl_ocsp.t

Maxim Dounin 127 March 23, 2023 10:18AM

[PATCH 17 of 20] Tests: fixed stream_ssl_variables.t.t with LibreSSL and TLSv1.3

Maxim Dounin 139 March 18, 2023 10:20AM

Re: [PATCH 00 of 20] tests suite fixes for TLSv1.3

Sergey Kandaurov 120 March 22, 2023 07:44AM

Re: [PATCH 00 of 20] tests suite fixes for TLSv1.3

Maxim Dounin 143 March 23, 2023 10:20AM

Re: [PATCH 00 of 20] tests suite fixes for TLSv1.3

Sergey Kandaurov 120 March 23, 2023 12:02PM

Re: [PATCH 00 of 20] tests suite fixes for TLSv1.3

Maxim Dounin 117 March 23, 2023 12:54PM



Sorry, you do not have permission to post/reply in this forum.

Online Users

Guests: 208
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready