# HG changeset patch
# User Maxim Dounin <mdounin@mdounin.ru>
# Date 1681702252 -10800
# Mon Apr 17 06:30:52 2023 +0300
# Node ID f704912ed09f3494a815709710c3744b0adca50b
# Parent 6f0148ef1991d92a003c8529c8cce9a8dd49e706
Tests: added has_feature() tests for IO::Socket::SSL.
The following distinct features supported:
- "socket_ssl", which requires IO::Socket::SSL and also implies
existance of the IO::Socket::SSL::SSL_VERIFY_NONE() symbol.
It is used by most of the tests.
- "socket_ssl_sni", which requires IO::Socket::SSL with the can_client_sni()
function (1.84), and SNI support available in Net::SSLeay and the OpenSSL
library being used. Used by ssl_sni.t, ssl_sni_sessions.t,
stream_ssl_preread.t. Additional Net::SSLeay testing is believed to be
unneeded and was removed.
- "socket_ssl_alpn", which requires IO::Socket::SSL with ALPN support (2.009),
and ALPN support in Net::SSLeay and the OpenSSL library being used.
Used by h2_ssl.t, h2_ssl_verify_client.t, stream_ssl_alpn.t,
stream_ssl_preread_alpn.t.
- "socket_ssl_sslversion", which requires IO::Socket::SSL with
the get_sslversion() and get_sslversion_int() methods (1.964).
Used by mail_imap_ssl.t.
- "socket_ssl_reused", which requires IO::Socket::SSL with
the get_session_reused() method (2.057). To be used in the following
patches.
This makes it possible to simplify and unify various SSL tests.
diff --git a/h2_ssl.t b/h2_ssl.t
--- a/h2_ssl.t
+++ b/h2_ssl.t
@@ -25,7 +25,7 @@ use Test::Nginx::HTTP2;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 socket_ssl_alpn/)
->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
@@ -55,15 +55,6 @@ http {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval { IO::Socket::SSL->can_alpn() or die; };
-plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@;
-
-eval { exists &Net::SSLeay::P_alpn_selected or die; };
-plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@;
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/h2_ssl_proxy_cache.t b/h2_ssl_proxy_cache.t
--- a/h2_ssl_proxy_cache.t
+++ b/h2_ssl_proxy_cache.t
@@ -23,10 +23,8 @@ use Test::Nginx::HTTP2;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 proxy cache/)
+my $t = Test::Nginx->new()
+ ->has(qw/http http_ssl http_v2 proxy cache socket_ssl/)
->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/h2_ssl_variables.t b/h2_ssl_variables.t
--- a/h2_ssl_variables.t
+++ b/h2_ssl_variables.t
@@ -23,12 +23,7 @@ use Test::Nginx::HTTP2;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl http_v2 rewrite socket_ssl/)
->has_daemon('openssl')->plan(8);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/h2_ssl_verify_client.t b/h2_ssl_verify_client.t
--- a/h2_ssl_verify_client.t
+++ b/h2_ssl_verify_client.t
@@ -23,14 +23,7 @@ use Test::Nginx::HTTP2;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL->can_client_sni() or die; };
-plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
-eval { IO::Socket::SSL->can_alpn() or die; };
-plan(skip_all => 'OpenSSL ALPN support required') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl sni http_v2 socket_ssl_alpn/)
->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/lib/Test/Nginx.pm b/lib/Test/Nginx.pm
--- a/lib/Test/Nginx.pm
+++ b/lib/Test/Nginx.pm
@@ -241,6 +241,31 @@ sub has_feature($) {
return $^O ne 'MSWin32';
}
+ if ($feature =~ /^socket_ssl/) {
+ eval { require IO::Socket::SSL; };
+ return 0 if $@;
+ eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
+ return 0 if $@;
+ if ($feature eq 'socket_ssl') {
+ return 1;
+ }
+ if ($feature eq 'socket_ssl_sni') {
+ eval { IO::Socket::SSL->can_client_sni() or die; };
+ return !$@;
+ }
+ if ($feature eq 'socket_ssl_alpn') {
+ eval { IO::Socket::SSL->can_alpn() or die; };
+ return !$@;
+ }
+ if ($feature eq 'socket_ssl_sslversion') {
+ return IO::Socket::SSL->can('get_sslversion');
+ }
+ if ($feature eq 'socket_ssl_reused') {
+ return IO::Socket::SSL->can('get_session_reused');
+ }
+ return 0;
+ }
+
return 0;
}
diff --git a/mail_imap_ssl.t b/mail_imap_ssl.t
--- a/mail_imap_ssl.t
+++ b/mail_imap_ssl.t
@@ -26,14 +26,10 @@ use Test::Nginx::IMAP;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
local $SIG{PIPE} = 'IGNORE';
-my $t = Test::Nginx->new()->has(qw/mail mail_ssl imap http rewrite/)
+my $t = Test::Nginx->new()
+ ->has(qw/mail mail_ssl imap http rewrite socket_ssl_sslversion/)
->has_daemon('openssl')->plan(13)
->write_file_expand('nginx.conf', <<'EOF');
@@ -215,12 +211,10 @@ my $s = Test::Nginx::IMAP->new(PeerAddr
my ($cipher, $sslversion);
-if ($IO::Socket::SSL::VERSION >= 1.964) {
- $s = get_ssl_socket(8143);
- $cipher = $s->get_cipher();
- $sslversion = $s->get_sslversion();
- $sslversion =~ s/_/./;
-}
+$s = get_ssl_socket(8143);
+$cipher = $s->get_cipher();
+$sslversion = $s->get_sslversion();
+$sslversion =~ s/_/./;
undef $s;
@@ -239,10 +233,6 @@ like($f, qr!^on:SUCCESS:(/?CN=2.example.
like($f, qr!^on:SUCCESS:(/?CN=3.example.com):\1:\w+:\w+:[^:]+:s5$!m,
'log - trusted cert');
-SKIP: {
-skip 'IO::Socket::SSL version >= 1.964 required', 1
- if $IO::Socket::SSL::VERSION < 1.964;
-
TODO: {
local $TODO = 'not yet' unless $t->has_version('1.21.2');
@@ -251,8 +241,6 @@ like($f, qr|^$cipher:$sslversion$|m, 'lo
}
-}
-
###############################################################################
sub get_ssl_socket {
diff --git a/mail_resolver.t b/mail_resolver.t
--- a/mail_resolver.t
+++ b/mail_resolver.t
@@ -23,14 +23,9 @@ use Test::Nginx::SMTP;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
local $SIG{PIPE} = 'IGNORE';
-my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite/)
+my $t = Test::Nginx->new()->has(qw/mail mail_ssl smtp http rewrite socket_ssl/)
->has_daemon('openssl')->plan(11)
->write_file_expand('nginx.conf', <<'EOF');
diff --git a/proxy_ssl.t b/proxy_ssl.t
--- a/proxy_ssl.t
+++ b/proxy_ssl.t
@@ -21,11 +21,9 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl')
- ->plan(8)->write_file_expand('nginx.conf', <<'EOF');
+my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/)
+ ->has_daemon('openssl')->plan(8)
+ ->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
diff --git a/ssl.t b/ssl.t
--- a/ssl.t
+++ b/ssl.t
@@ -25,12 +25,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite proxy socket_ssl/)
->has_daemon('openssl')->plan(21);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_certificate_chain.t b/ssl_certificate_chain.t
--- a/ssl_certificate_chain.t
+++ b/ssl_certificate_chain.t
@@ -22,12 +22,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
->has_daemon('openssl')->plan(3);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_client_escaped_cert.t b/ssl_client_escaped_cert.t
--- a/ssl_client_escaped_cert.t
+++ b/ssl_client_escaped_cert.t
@@ -22,12 +22,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/)
->has_daemon('openssl')->plan(3);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_crl.t b/ssl_crl.t
--- a/ssl_crl.t
+++ b/ssl_crl.t
@@ -22,12 +22,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
->has_daemon('openssl')->plan(3);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_curve.t b/ssl_curve.t
--- a/ssl_curve.t
+++ b/ssl_curve.t
@@ -22,12 +22,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/)
->has_daemon('openssl');
$t->{_configure_args} =~ /OpenSSL (\d+)/;
diff --git a/ssl_password_file.t b/ssl_password_file.t
--- a/ssl_password_file.t
+++ b/ssl_password_file.t
@@ -25,14 +25,9 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
plan(skip_all => 'win32') if $^O eq 'MSWin32';
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/)
->has_daemon('openssl');
$t->plan(3)->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_proxy_protocol.t b/ssl_proxy_protocol.t
--- a/ssl_proxy_protocol.t
+++ b/ssl_proxy_protocol.t
@@ -24,12 +24,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl access realip/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl access realip socket_ssl/)
->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF')->plan(18);
diff --git a/ssl_proxy_upgrade.t b/ssl_proxy_upgrade.t
--- a/ssl_proxy_upgrade.t
+++ b/ssl_proxy_upgrade.t
@@ -29,12 +29,8 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http proxy http_ssl/)->has_daemon('openssl')
+my $t = Test::Nginx->new()->has(qw/http proxy http_ssl socket_ssl/)
+ ->has_daemon('openssl')
->write_file_expand('nginx.conf', <<'EOF')->plan(30);
%%TEST_GLOBALS%%
diff --git a/ssl_reject_handshake.t b/ssl_reject_handshake.t
--- a/ssl_reject_handshake.t
+++ b/ssl_reject_handshake.t
@@ -22,12 +22,8 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL->can_client_sni() or die; };
-plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl sni/)->has_daemon('openssl');
+my $t = Test::Nginx->new()->has(qw/http http_ssl sni socket_ssl/)
+ ->has_daemon('openssl');
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_session_reuse.t b/ssl_session_reuse.t
--- a/ssl_session_reuse.t
+++ b/ssl_session_reuse.t
@@ -23,12 +23,7 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite/)
+my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite socket_ssl/)
->has_daemon('openssl')->plan(8);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/ssl_sni.t b/ssl_sni.t
--- a/ssl_sni.t
+++ b/ssl_sni.t
@@ -22,8 +22,8 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite/)
- ->has_daemon('openssl')
+my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/)
+ ->has_daemon('openssl')->plan(8)
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -79,25 +79,6 @@ http {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval {
- if (IO::Socket::SSL->can('can_client_sni')) {
- IO::Socket::SSL->can_client_sni() or die;
- }
-};
-plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
-
-eval {
- my $ctx = Net::SSLeay::CTX_new() or die;
- my $ssl = Net::SSLeay::new($ctx) or die;
- Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
-};
-plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-
-$t->plan(8);
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/ssl_sni_sessions.t b/ssl_sni_sessions.t
--- a/ssl_sni_sessions.t
+++ b/ssl_sni_sessions.t
@@ -21,9 +21,9 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite/);
-
-$t->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF');
+my $t = Test::Nginx->new()->has(qw/http http_ssl sni rewrite socket_ssl_sni/)
+ ->has_daemon('openssl')
+ ->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -87,23 +87,6 @@ http {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval {
- if (IO::Socket::SSL->can('can_client_sni')) {
- IO::Socket::SSL->can_client_sni() or die;
- }
-};
-plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
-
-eval {
- my $ctx = Net::SSLeay::CTX_new() or die;
- my $ssl = Net::SSLeay::new($ctx) or die;
- Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
-};
-plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/ssl_verify_depth.t b/ssl_verify_depth.t
--- a/ssl_verify_depth.t
+++ b/ssl_verify_depth.t
@@ -22,12 +22,8 @@ use Test::Nginx;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl/)->has_daemon('openssl');
+my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
+ ->has_daemon('openssl');
plan(skip_all => 'LibreSSL') if $t->has_module('LibreSSL');
diff --git a/stream_js_fetch_https.t b/stream_js_fetch_https.t
--- a/stream_js_fetch_https.t
+++ b/stream_js_fetch_https.t
@@ -23,12 +23,9 @@ use Test::Nginx::Stream qw/ stream /;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
-my $t = Test::Nginx->new()->has(qw/http http_ssl rewrite stream stream_return/)
+my $t = Test::Nginx->new()
+ ->has(qw/http http_ssl rewrite stream stream_return socket_ssl/)
+ ->has_daemon('openssl')
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
diff --git a/stream_proxy_protocol_ssl.t b/stream_proxy_protocol_ssl.t
--- a/stream_proxy_protocol_ssl.t
+++ b/stream_proxy_protocol_ssl.t
@@ -24,11 +24,8 @@ use Test::Nginx qw/ :DEFAULT http_end /;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-
-my $t = Test::Nginx->new()->has(qw/stream stream_ssl/)->has_daemon('openssl')
- ->plan(2);
+my $t = Test::Nginx->new()->has(qw/stream stream_ssl socket_ssl/)
+ ->has_daemon('openssl')->plan(2);
$t->write_file_expand('nginx.conf', <<'EOF');
diff --git a/stream_ssl_alpn.t b/stream_ssl_alpn.t
--- a/stream_ssl_alpn.t
+++ b/stream_ssl_alpn.t
@@ -23,8 +23,10 @@ use Test::Nginx::Stream qw/ stream /;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-my $t = Test::Nginx->new()->has(qw/stream stream_ssl stream_return/)
- ->has_daemon('openssl')->write_file_expand('nginx.conf', <<'EOF');
+my $t = Test::Nginx->new()
+ ->has(qw/stream stream_ssl stream_return socket_ssl_alpn/)
+ ->has_daemon('openssl')
+ ->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -51,15 +53,6 @@ stream {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval { IO::Socket::SSL->can_alpn() or die; };
-plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@;
-
-eval { exists &Net::SSLeay::P_alpn_selected or die; };
-plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@;
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/stream_ssl_preread.t b/stream_ssl_preread.t
--- a/stream_ssl_preread.t
+++ b/stream_ssl_preread.t
@@ -24,7 +24,8 @@ select STDERR; $| = 1;
select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/)
- ->has(qw/stream_ssl stream_return/)->has_daemon('openssl')
+ ->has(qw/stream_ssl stream_return socket_ssl_sni/)
+ ->has_daemon('openssl')->plan(13)
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -107,25 +108,6 @@ stream {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval {
- if (IO::Socket::SSL->can('can_client_sni')) {
- IO::Socket::SSL->can_client_sni() or die;
- }
-};
-plan(skip_all => 'IO::Socket::SSL with OpenSSL SNI support required') if $@;
-
-eval {
- my $ctx = Net::SSLeay::CTX_new() or die;
- my $ssl = Net::SSLeay::new($ctx) or die;
- Net::SSLeay::set_tlsext_host_name($ssl, 'example.org') == 1 or die;
-};
-plan(skip_all => 'Net::SSLeay with OpenSSL SNI support required') if $@;
-
-$t->plan(13);
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/stream_ssl_preread_alpn.t b/stream_ssl_preread_alpn.t
--- a/stream_ssl_preread_alpn.t
+++ b/stream_ssl_preread_alpn.t
@@ -24,7 +24,8 @@ select STDERR; $| = 1;
select STDOUT; $| = 1;
my $t = Test::Nginx->new()->has(qw/stream stream_map stream_ssl_preread/)
- ->has(qw/stream_ssl stream_return/)->has_daemon('openssl')
+ ->has(qw/stream_ssl stream_return socket_ssl_alpn/)
+ ->has_daemon('openssl')->plan(5)
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
@@ -75,17 +76,6 @@ stream {
EOF
-eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 1.56; };
-plan(skip_all => 'IO::Socket::SSL version >= 1.56 required') if $@;
-
-eval { IO::Socket::SSL->can_alpn() or die; };
-plan(skip_all => 'IO::Socket::SSL with OpenSSL ALPN support required') if $@;
-
-eval { exists &Net::SSLeay::P_alpn_selected or die; };
-plan(skip_all => 'Net::SSLeay with OpenSSL ALPN support required') if $@;
-
-$t->plan(5);
-
$t->write_file('openssl.conf', <<EOF);
[ req ]
default_bits = 2048
diff --git a/stream_ssl_realip.t b/stream_ssl_realip.t
--- a/stream_ssl_realip.t
+++ b/stream_ssl_realip.t
@@ -24,13 +24,9 @@ use Test::Nginx qw/ :DEFAULT http_end /;
select STDERR; $| = 1;
select STDOUT; $| = 1;
-eval { require IO::Socket::SSL; };
-plan(skip_all => 'IO::Socket::SSL not installed') if $@;
-eval { IO::Socket::SSL::SSL_VERIFY_NONE(); };
-plan(skip_all => 'IO::Socket::SSL too old') if $@;
-
my $t = Test::Nginx->new()->has(qw/stream stream_return stream_realip/)
- ->has(qw/stream_ssl/)->has_daemon('openssl')
+ ->has(qw/stream_ssl socket_ssl/)
+ ->has_daemon('openssl')
->write_file_expand('nginx.conf', <<'EOF');
%%TEST_GLOBALS%%
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel
