Re: [PATCH 2 of 6] Tests: unbreak tests with IO::Socket:SSL lacking SSL_session_key

Mon, 22 May 2023 16:44:02 -0700 

Hello!

On Mon, May 22, 2023 at 11:52:14PM +0400, Sergey Kandaurov wrote:

> # HG changeset patch
> # User Sergey Kandaurov <pluk...@nginx.com>
> # Date 1684773874 -14400
> #      Mon May 22 20:44:34 2023 +0400
> # Node ID 4a3a451716ba26f8fc4be1ccc88dd8596101a6b2
> # Parent  231b14e2041afed10f5c2e6f62aad298854a6379
> Tests: unbreak tests with IO::Socket:SSL lacking SSL_session_key.
> 
> diff --git a/ssl_certificate.t b/ssl_certificate.t
> --- a/ssl_certificate.t
> +++ b/ssl_certificate.t
> @@ -171,6 +171,8 @@ local $TODO = 'no TLSv1.3 sessions, old 
>       if $Net::SSLeay::VERSION < 1.88 && test_tls13();
>  local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
>       if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
> +local $TODO = 'no SSL_session_key, old IO::Socket::SSL'
> +     if $IO::Socket::SSL::VERSION < 1.965;
>  
>  like(get('default', 8080, $s), qr/default:r/, 'session reused');
>  

Should be:

diff -r a797d7428fa5 ssl_certificate.t
--- a/ssl_certificate.t Thu May 18 18:07:19 2023 +0300
+++ b/ssl_certificate.t Mon May 22 22:20:59 2023 +0000
@@ -177,6 +177,8 @@
 TODO: {
 # ticket key name mismatch prevents session resumption
 local $TODO = 'not yet' unless $t->has_version('1.23.2');
+local $TODO = 'no SSL_session_key, old IO::Socket::SSL'
+       if $IO::Socket::SSL::VERSION < 1.965;
 
 like(get('default', 8081, $s), qr/default:r/, 'session id context match');
 
as the "session reused" is passed regardless of SSL_session_key 
presence.

> diff --git a/stream_ssl_certificate.t b/stream_ssl_certificate.t
> --- a/stream_ssl_certificate.t
> +++ b/stream_ssl_certificate.t
> @@ -148,6 +148,8 @@ local $TODO = 'no TLSv1.3 sessions, old 
>       if $Net::SSLeay::VERSION < 1.88 && test_tls13();
>  local $TODO = 'no TLSv1.3 sessions, old IO::Socket::SSL'
>       if $IO::Socket::SSL::VERSION < 2.061 && test_tls13();
> +local $TODO = 'no SSL_session_key, old IO::Socket::SSL'
> +     if $IO::Socket::SSL::VERSION < 1.965;
>  
>  like(get('default', 8080, $s), qr/default:r/, 'session reused');
>  

The same here.

Additionally, ssl_session_ticket_key.t also uses SSL_session_key, 
but it currently happens to be skipped at least on CentOS 7 due to 
old Net::SSLeay.  Given IO::Socket::SSL changes, appropriate 
version for it is probably 2.029.

diff --git a/ssl_session_ticket_key.t b/ssl_session_ticket_key.t
--- a/ssl_session_ticket_key.t
+++ b/ssl_session_ticket_key.t
@@ -24,6 +24,8 @@ select STDOUT; $| = 1;
 
 eval { require Net::SSLeay; die if $Net::SSLeay::VERSION < 1.86; };
 plan(skip_all => 'Net::SSLeay version => 1.86 required') if $@;
+eval { require IO::Socket::SSL; die if $IO::Socket::SSL::VERSION < 2.029; };
+plan(skip_all => 'IO::Socket::SSL version => 2.029 required') if $@;
 
 my $t = Test::Nginx->new()->has(qw/http http_ssl socket_ssl/)
        ->has_daemon('openssl')->plan(2)

-- 
Maxim Dounin
http://mdounin.ru/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel

Reply via email to