Skip to content

Commit

Permalink
Set up nginx integration test
Browse files Browse the repository at this point in the history 
This uses the system nginx (assumed to be available) to start a
server, then grabs a small html file and a larger 5MB download
with the system curl (using system openssl).
  • Loading branch information
@ctz
ctz committed Apr 9, 2024
1 parent b0fed9a commit 33ecff8
Showing 1 changed file with 134 additions and 1 deletion.
135 changes: 134 additions & 1 deletion rustls-libssl/tests/runner.rs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
use std::io::Read;
use std::process::{Child, Command, Output, Stdio};
use std::{net, thread, time};
use std::{fs, net, thread, time};

/* Note:
*
Expand Down Expand Up @@ -322,6 +322,139 @@ fn server() {
assert_eq!(openssl_output, rustls_output);
}

const NGINX_LOG_LEVEL: &str = "info";

#[test]
#[ignore]
fn nginx() {
fs::create_dir_all("target/nginx-tmp/basic/html").unwrap();
fs::write(
"target/nginx-tmp/basic/server.conf",
"
daemon off;
master_process off;
pid nginx.pid;
events {
}
http {
ssl_session_cache builtin;
access_log access.log;
server {
listen 8443 ssl;
server_name localhost;
ssl_certificate ../../../test-ca/rsa/server.cert;
ssl_certificate_key ../../../test-ca/rsa/server.key;
add_header x-ssl-protocol \"$ssl_protocol\";
add_header x-ssl-cipher \"$ssl_cipher\";
add_header x-ssl-ciphers \"$ssl_ciphers\";
add_header x-ssl-curves \"$ssl_curves\";
add_header x-ssl-session-id \"$ssl_session_id\";
add_header x-ssl-session-reused \"$ssl_session_reused\";
add_header x-ssl-early-data \"$ssl_early_data\";
add_header x-ssl-server-name \"$ssl_server_name\";
add_header x-ssl-client-cert \"$ssl_client_cert\";
add_header x-ssl-client-raw-cert \"$ssl_client_raw_cert\";
add_header x-ssl-client-escaped-cert \"$ssl_client_escaped_cert\";
add_header x-ssl-client-s-dn \"$ssl_client_s_dn\";
add_header x-ssl-client-i-dn \"$ssl_client_i_dn\";
add_header x-ssl-client-s-dn-legacy \"$ssl_client_s_dn_legacy\";
add_header x-ssl-client-i-dn-legacy \"$ssl_client_i_dn_legacy\";
add_header x-ssl-client-serial \"$ssl_client_serial\";
add_header x-ssl-client-fingerprint \"$ssl_client_fingerprint\";
add_header x-ssl-client-verify \"$ssl_client_verify\";
add_header x-ssl-client-v-start \"$ssl_client_v_start\";
add_header x-ssl-client-v-end \"$ssl_client_v_end\";
add_header x-ssl-client-v-remain \"$ssl_client_v_remain\";
}
}
",
)
.unwrap();

fs::write(
"target/nginx-tmp/basic/html/welcome.html",
"<h1>hello world!</h1>",
)
.unwrap();
let big_file = vec![b'a'; 5 * 1024 * 1024];
fs::write("target/nginx-tmp/basic/html/large.html", &big_file).unwrap();

let nginx_server = KillOnDrop(Some(
Command::new("tests/maybe-valgrind.sh")
.args([
"nginx",
"-g",
&format!("error_log stderr {NGINX_LOG_LEVEL};"),
"-p",
"./target/nginx-tmp/basic",
"-c",
"server.conf",
])
.spawn()
.unwrap(),
));
wait_for_port(8443);

// basic single request
assert_eq!(
Command::new("curl")
.env("LD_LIBRARY_PATH", "")
.args([
"--cacert",
"test-ca/rsa/ca.cert",
"https://localhost:8443/welcome.html"
])
.stdout(Stdio::piped())
.output()
.map(print_output)
.unwrap()
.stdout,
b"<h1>hello world!</h1>"
);

// double request without http connection reuse (second should be a TLS resumption)
assert_eq!(
Command::new("curl")
.env("LD_LIBRARY_PATH", "")
.args([
"--verbose",
"--cacert",
"test-ca/rsa/ca.cert",
"-H",
"connection: close",
"https://localhost:8443/welcome.html",
"https://localhost:8443/welcome.html"
])
.stdout(Stdio::piped())
.output()
.map(print_output)
.unwrap()
.stdout,
b"<h1>hello world!</h1><h1>hello world!</h1>"
);

// big download
assert_eq!(
Command::new("curl")
.env("LD_LIBRARY_PATH", "")
.args([
"--cacert",
"test-ca/rsa/ca.cert",
"https://localhost:8443/large.html"
])
.stdout(Stdio::piped())
.output()
.unwrap()
.stdout,
big_file
);

drop(nginx_server);
}

struct KillOnDrop(Option<Child>);

impl KillOnDrop {
Expand Down

0 comments on commit 33ecff8

Please sign in to comment.