details: http://freenginx.org/hg/nginx-tests/rev/3cae7b54841e
branches:
changeset: 1964:3cae7b54841e
user: Maxim Dounin <mdou...@mdounin.ru>
date: Mon May 06 00:01:33 2024 +0300
description:
Tests: fixed hangs with Net::SSLeay with LibreSSL on macOS.
On macOS (as seen on 14.4.1, latest at the moment), Net::SSLeay compiled
with LibreSSL is shipped with the OS (Net::SSLeay 1.88, LibreSSL 3.3.6).
And for some reason mail_ssl_conf_command.t and stream_ssl_conf_command.t
tests hang after the test, waiting indefinitely in reused SSL socket close().
This seems to be an LibreSSL bug in SSL_shutdown() (at least a couple was
fixed in LibreSSL 3.5.0), probably related to session reuse (which do work
in these particular tests due to TLSv1.2 explicitly used for testing).
Still, calling close(SSL_no_shutdown => 1) explicitly is a trivial workaround,
and hence it is implemented.
diffstat:
mail_ssl_conf_command.t | 2 ++
stream_ssl_conf_command.t | 2 ++
2 files changed, 4 insertions(+), 0 deletions(-)
diffs (24 lines):
diff --git a/mail_ssl_conf_command.t b/mail_ssl_conf_command.t
--- a/mail_ssl_conf_command.t
+++ b/mail_ssl_conf_command.t
@@ -103,6 +103,8 @@ like($s->socket()->dump_peer_certificate
);
ok($s->socket()->get_session_reused(), 'SessionTicket');
+$s->socket()->close(SSL_no_shutdown => 1);
+
$s = Test::Nginx::IMAP->new(
SSL => 1,
SSL_cipher_list =>
diff --git a/stream_ssl_conf_command.t b/stream_ssl_conf_command.t
--- a/stream_ssl_conf_command.t
+++ b/stream_ssl_conf_command.t
@@ -104,6 +104,8 @@ like($s->socket()->dump_peer_certificate
);
ok($s->socket()->get_session_reused(), 'SessionTicket');
+$s->socket()->close(SSL_no_shutdown => 1);
+
$s = stream(
PeerAddr => '127.0.0.1:' . port(8443),
SSL => 1,
--
nginx-devel mailing list
nginx-devel@freenginx.org
https://freenginx.org/mailman/listinfo/nginx-devel
