[PATCH 07 of 11] Tests: simplified mail_imap_ssl.t

Maxim Dounin Sun, 16 Apr 2023 20:45:09 -0700

# HG changeset patch
# User Maxim Dounin <mdou...@mdounin.ru>
# Date 1681702259 -10800
#      Mon Apr 17 06:30:59 2023 +0300
# Node ID 072be0b91d77eb9c9ab15c20d4df04efac51106a
# Parent  20d603cd3cbeab89127108fe9cb6dffd0e9469e8
Tests: simplified mail_imap_ssl.t.


The test now uses improved IO::Socket::SSL infrastructure in Test::Nginx::IMAP.
While here, fixed incorrect port being used for the "trusted cert" test.

diff --git a/mail_imap_ssl.t b/mail_imap_ssl.t
--- a/mail_imap_ssl.t
+++ b/mail_imap_ssl.t
@@ -50,12 +50,12 @@ mail {
     ssl_certificate 1.example.com.crt;
 
     server {
-        listen     127.0.0.1:8142;
+        listen     127.0.0.1:8143;
         protocol   imap;
     }
 
     server {
-        listen     127.0.0.1:8143 ssl;
+        listen     127.0.0.1:8993 ssl;
         protocol   imap;
 
         ssl_verify_client on;
@@ -63,7 +63,7 @@ mail {
     }
 
     server {
-        listen     127.0.0.1:8145 ssl;
+        listen     127.0.0.1:8994 ssl;
         protocol   imap;
 
         ssl_verify_client optional;
@@ -71,7 +71,7 @@ mail {
     }
 
     server {
-        listen     127.0.0.1:8146 ssl;
+        listen     127.0.0.1:8995 ssl;
         protocol   imap;
 
         ssl_verify_client optional;
@@ -80,7 +80,7 @@ mail {
     }
 
     server {
-        listen     127.0.0.1:8147 ssl;
+        listen     127.0.0.1:8996 ssl;
         protocol   imap;
 
         ssl_verify_client optional_no_ca;
@@ -140,46 +140,41 @@ foreach my $name ('1.example.com', '2.ex
 ###############################################################################
 
 my $cred = sub { encode_base64("\0test\@example.com\0$_[0]", '') };
-my %ssl = (
-       SSL => 1,
-       SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
-       SSL_error_trap => sub { die $_[1] },
-);
 
 # no ssl connection
 
-my $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8142));
+my $s = Test::Nginx::IMAP->new();
 $s->ok('plain connection');
 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s1"));
 
 # no cert
 
-$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8143), %ssl);
+$s = Test::Nginx::IMAP->new(SSL => 1);
 $s->check(qr/BYE No required SSL certificate/, 'no cert');
 
 # no cert with ssl_verify_client optional
 
-$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8145), %ssl);
+$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8994), SSL => 1);
 $s->ok('no optional cert');
 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s2"));
 
 # wrong cert with ssl_verify_client optional
 
 $s = Test::Nginx::IMAP->new(
-       PeerAddr => '127.0.0.1:' . port(8145),
+       PeerAddr => '127.0.0.1:' . port(8995),
+       SSL => 1,
        SSL_cert_file => "$d/1.example.com.crt",
-       SSL_key_file => "$d/1.example.com.key",
-       %ssl,
+       SSL_key_file => "$d/1.example.com.key"
 );
 $s->check(qr/BYE SSL certificate error/, 'bad optional cert');
 
 # wrong cert with ssl_verify_client optional_no_ca
 
 $s = Test::Nginx::IMAP->new(
-       PeerAddr => '127.0.0.1:' . port(8147),
+       PeerAddr => '127.0.0.1:' . port(8996),
+       SSL => 1,
        SSL_cert_file => "$d/1.example.com.crt",
-       SSL_key_file => "$d/1.example.com.key",
-       %ssl,
+       SSL_key_file => "$d/1.example.com.key"
 );
 $s->ok('bad optional_no_ca cert');
 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s3"));
@@ -187,10 +182,10 @@ my $s = Test::Nginx::IMAP->new(PeerAddr 
 # matching cert with ssl_verify_client optional
 
 $s = Test::Nginx::IMAP->new(
-       PeerAddr => '127.0.0.1:' . port(8145),
+       PeerAddr => '127.0.0.1:' . port(8995),
+       SSL => 1,
        SSL_cert_file => "$d/2.example.com.crt",
-       SSL_key_file => "$d/2.example.com.key",
-       %ssl,
+       SSL_key_file => "$d/2.example.com.key"
 );
 $s->ok('good cert');
 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s4"));
@@ -198,10 +193,10 @@ my $s = Test::Nginx::IMAP->new(PeerAddr 
 # trusted cert with ssl_verify_client optional
 
 $s = Test::Nginx::IMAP->new(
-       PeerAddr => '127.0.0.1:' . port(8146),
+       PeerAddr => '127.0.0.1:' . port(8995),
+       SSL => 1,
        SSL_cert_file => "$d/3.example.com.crt",
-       SSL_key_file => "$d/3.example.com.key",
-       %ssl,
+       SSL_key_file => "$d/3.example.com.key"
 );
 $s->ok('trusted cert');
 $s->send('1 AUTHENTICATE PLAIN ' . $cred->("s5"));
@@ -211,9 +206,9 @@ my $s = Test::Nginx::IMAP->new(PeerAddr 
 
 my ($cipher, $sslversion);
 
-$s = get_ssl_socket(8143);
-$cipher = $s->get_cipher();
-$sslversion = $s->get_sslversion();
+$s = Test::Nginx::IMAP->new(SSL => 1);
+$cipher = $s->socket()->get_cipher();
+$sslversion = $s->socket()->get_sslversion();
 $sslversion =~ s/_/./;
 
 undef $s;
@@ -242,31 +237,3 @@ like($f, qr|^$cipher:$sslversion$|m, 'lo
 }
 
 ###############################################################################
-
-sub get_ssl_socket {
-       my ($port) = @_;
-       my $s;
-
-       eval {
-               local $SIG{ALRM} = sub { die "timeout\n" };
-               local $SIG{PIPE} = sub { die "sigpipe\n" };
-               alarm(8);
-               $s = IO::Socket::SSL->new(
-                       Proto => 'tcp',
-                       PeerAddr => '127.0.0.1:' . port($port),
-                       SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
-                       SSL_error_trap => sub { die $_[1] }
-               );
-               alarm(0);
-       };
-       alarm(0);
-
-       if ($@) {
-               log_in("died: $@");
-               return undef;
-       }
-
-       return $s;
-}
-
-###############################################################################
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
https://mailman.nginx.org/mailman/listinfo/nginx-devel

[PATCH 07 of 11] Tests: simplified mail_imap_ssl.t

Reply via email to