summaryrefslogtreecommitdiffstats
path: root/test/modules/tls/test_08_vars.py
diff options
context:
space:
mode:
Diffstat (limited to 'test/modules/tls/test_08_vars.py')
-rw-r--r--test/modules/tls/test_08_vars.py60
1 files changed, 60 insertions, 0 deletions
diff --git a/test/modules/tls/test_08_vars.py b/test/modules/tls/test_08_vars.py
new file mode 100644
index 0000000..f1bd9b4
--- /dev/null
+++ b/test/modules/tls/test_08_vars.py
@@ -0,0 +1,60 @@
+import re
+
+import pytest
+
+from .conf import TlsTestConf
+from .env import TlsTestEnv
+
+
+class TestVars:
+
+ @pytest.fixture(autouse=True, scope='class')
+ def _class_scope(self, env):
+ conf = TlsTestConf(env=env, extras={
+ 'base': [
+ "TLSHonorClientOrder off",
+ "TLSOptions +StdEnvVars",
+ ]
+ })
+ conf.add_tls_vhosts(domains=[env.domain_a, env.domain_b])
+ conf.install()
+ assert env.apache_restart() == 0
+
+ def test_tls_08_vars_root(self, env):
+ # in domain_b root, the StdEnvVars is switch on
+ exp_proto = "TLSv1.2"
+ exp_cipher = "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
+ options = [ '--tls-max', '1.2']
+ r = env.tls_get(env.domain_b, "/vars.py", options=options)
+ assert r.exit_code == 0, r.stderr
+ assert r.json == {
+ 'https': 'on',
+ 'host': 'b.mod-tls.test',
+ 'protocol': 'HTTP/1.1',
+ 'ssl_protocol': exp_proto,
+ # this will vary by client potentially
+ 'ssl_cipher': exp_cipher,
+ }
+
+ @pytest.mark.parametrize("name, value", [
+ ("SERVER_NAME", "b.mod-tls.test"),
+ ("SSL_SESSION_RESUMED", "Initial"),
+ ("SSL_SECURE_RENEG", "false"),
+ ("SSL_COMPRESS_METHOD", "NULL"),
+ ("SSL_CIPHER_EXPORT", "false"),
+ ("SSL_CLIENT_VERIFY", "NONE"),
+ ])
+ def test_tls_08_vars_const(self, env, name: str, value: str):
+ r = env.tls_get(env.domain_b, f"/vars.py?name={name}")
+ assert r.exit_code == 0, r.stderr
+ assert r.json == {name: value}, r.stdout
+
+ @pytest.mark.parametrize("name, pattern", [
+ ("SSL_VERSION_INTERFACE", r'mod_tls/\d+\.\d+\.\d+'),
+ ("SSL_VERSION_LIBRARY", r'rustls-ffi/\d+\.\d+\.\d+/rustls/\d+\.\d+\.\d+'),
+ ])
+ def test_tls_08_vars_match(self, env, name: str, pattern: str):
+ r = env.tls_get(env.domain_b, f"/vars.py?name={name}")
+ assert r.exit_code == 0, r.stderr
+ assert name in r.json
+ assert re.match(pattern, r.json[name]), r.json