Skip to content

Commit debfe2f

Browse files
mdouninmdounin
committed
Tests: simplified mail_imap_ssl.t.
The test now uses improved IO::Socket::SSL infrastructure in Test::Nginx::IMAP. While here, fixed incorrect port being used for the "trusted cert" test.
1 parent 41ba3ed commit debfe2f

File tree

1 file changed

+23
-56
lines changed

1 file changed

+23
-56
lines changed

mail_imap_ssl.t

Lines changed: 23 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -50,28 +50,28 @@ mail {
5050
ssl_certificate 1.example.com.crt;
5151
5252
server {
53-
listen 127.0.0.1:8142;
53+
listen 127.0.0.1:8143;
5454
protocol imap;
5555
}
5656
5757
server {
58-
listen 127.0.0.1:8143 ssl;
58+
listen 127.0.0.1:8993 ssl;
5959
protocol imap;
6060
6161
ssl_verify_client on;
6262
ssl_client_certificate 2.example.com.crt;
6363
}
6464
6565
server {
66-
listen 127.0.0.1:8145 ssl;
66+
listen 127.0.0.1:8994 ssl;
6767
protocol imap;
6868
6969
ssl_verify_client optional;
7070
ssl_client_certificate 2.example.com.crt;
7171
}
7272
7373
server {
74-
listen 127.0.0.1:8146 ssl;
74+
listen 127.0.0.1:8995 ssl;
7575
protocol imap;
7676
7777
ssl_verify_client optional;
@@ -80,7 +80,7 @@ mail {
8080
}
8181
8282
server {
83-
listen 127.0.0.1:8147 ssl;
83+
listen 127.0.0.1:8996 ssl;
8484
protocol imap;
8585
8686
ssl_verify_client optional_no_ca;
@@ -140,68 +140,63 @@ $t->run()->waitforsocket('127.0.0.1:' . port(8144));
140140
###############################################################################
141141

142142
my $cred = sub { encode_base64("\0test\@example.com\0$_[0]", '') };
143-
my %ssl = (
144-
SSL => 1,
145-
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
146-
SSL_error_trap => sub { die $_[1] },
147-
);
148143

149144
# no ssl connection
150145

151-
my $s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8142));
146+
my $s = Test::Nginx::IMAP->new();
152147
$s->ok('plain connection');
153148
$s->send('1 AUTHENTICATE PLAIN ' . $cred->("s1"));
154149

155150
# no cert
156151

157-
$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8143), %ssl);
152+
$s = Test::Nginx::IMAP->new(SSL => 1);
158153
$s->check(qr/BYE No required SSL certificate/, 'no cert');
159154

160155
# no cert with ssl_verify_client optional
161156

162-
$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8145), %ssl);
157+
$s = Test::Nginx::IMAP->new(PeerAddr => '127.0.0.1:' . port(8994), SSL => 1);
163158
$s->ok('no optional cert');
164159
$s->send('1 AUTHENTICATE PLAIN ' . $cred->("s2"));
165160

166161
# wrong cert with ssl_verify_client optional
167162

168163
$s = Test::Nginx::IMAP->new(
169-
PeerAddr => '127.0.0.1:' . port(8145),
164+
PeerAddr => '127.0.0.1:' . port(8995),
165+
SSL => 1,
170166
SSL_cert_file => "$d/1.example.com.crt",
171-
SSL_key_file => "$d/1.example.com.key",
172-
%ssl,
167+
SSL_key_file => "$d/1.example.com.key"
173168
);
174169
$s->check(qr/BYE SSL certificate error/, 'bad optional cert');
175170

176171
# wrong cert with ssl_verify_client optional_no_ca
177172

178173
$s = Test::Nginx::IMAP->new(
179-
PeerAddr => '127.0.0.1:' . port(8147),
174+
PeerAddr => '127.0.0.1:' . port(8996),
175+
SSL => 1,
180176
SSL_cert_file => "$d/1.example.com.crt",
181-
SSL_key_file => "$d/1.example.com.key",
182-
%ssl,
177+
SSL_key_file => "$d/1.example.com.key"
183178
);
184179
$s->ok('bad optional_no_ca cert');
185180
$s->send('1 AUTHENTICATE PLAIN ' . $cred->("s3"));
186181

187182
# matching cert with ssl_verify_client optional
188183

189184
$s = Test::Nginx::IMAP->new(
190-
PeerAddr => '127.0.0.1:' . port(8145),
185+
PeerAddr => '127.0.0.1:' . port(8995),
186+
SSL => 1,
191187
SSL_cert_file => "$d/2.example.com.crt",
192-
SSL_key_file => "$d/2.example.com.key",
193-
%ssl,
188+
SSL_key_file => "$d/2.example.com.key"
194189
);
195190
$s->ok('good cert');
196191
$s->send('1 AUTHENTICATE PLAIN ' . $cred->("s4"));
197192

198193
# trusted cert with ssl_verify_client optional
199194

200195
$s = Test::Nginx::IMAP->new(
201-
PeerAddr => '127.0.0.1:' . port(8146),
196+
PeerAddr => '127.0.0.1:' . port(8995),
197+
SSL => 1,
202198
SSL_cert_file => "$d/3.example.com.crt",
203-
SSL_key_file => "$d/3.example.com.key",
204-
%ssl,
199+
SSL_key_file => "$d/3.example.com.key"
205200
);
206201
$s->ok('trusted cert');
207202
$s->send('1 AUTHENTICATE PLAIN ' . $cred->("s5"));
@@ -211,9 +206,9 @@ $s->read();
211206

212207
my ($cipher, $sslversion);
213208

214-
$s = get_ssl_socket(8143);
215-
$cipher = $s->get_cipher();
216-
$sslversion = $s->get_sslversion();
209+
$s = Test::Nginx::IMAP->new(SSL => 1);
210+
$cipher = $s->socket()->get_cipher();
211+
$sslversion = $s->socket()->get_sslversion();
217212
$sslversion =~ s/_/./;
218213

219214
undef $s;
@@ -242,31 +237,3 @@ like($f, qr|^$cipher:$sslversion$|m, 'log - cipher sslversion');
242237
}
243238

244239
###############################################################################
245-
246-
sub get_ssl_socket {
247-
my ($port) = @_;
248-
my $s;
249-
250-
eval {
251-
local $SIG{ALRM} = sub { die "timeout\n" };
252-
local $SIG{PIPE} = sub { die "sigpipe\n" };
253-
alarm(8);
254-
$s = IO::Socket::SSL->new(
255-
Proto => 'tcp',
256-
PeerAddr => '127.0.0.1:' . port($port),
257-
SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE(),
258-
SSL_error_trap => sub { die $_[1] }
259-
);
260-
alarm(0);
261-
};
262-
alarm(0);
263-
264-
if ($@) {
265-
log_in("died: $@");
266-
return undef;
267-
}
268-
269-
return $s;
270-
}
271-
272-
###############################################################################

0 commit comments

Comments
 (0)