tests: t/129-ssl-socket.t: use the same IP to ensure that the ssl session can be reused.

xiaocang · xiaocang · commit 85a0a1f6e78f · 2023-12-18T17:32:28.000+08:00
diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t
@@ -15,13 +15,17 @@ use File::Basename;
 
 repeat_each(2);
 
+sub resolve($$);
+
 plan tests => repeat_each() * (blocks() * 7 - 3);
 
 $ENV{TEST_NGINX_HTML_DIR} ||= html_dir();
 $ENV{TEST_NGINX_MEMCACHED_PORT} ||= 11211;
 $ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8';
 $ENV{TEST_NGINX_SERVER_SSL_PORT} ||= 12345;
 $ENV{TEST_NGINX_CERT_DIR} ||= dirname(realpath(abs_path(__FILE__)));
+$ENV{TEST_NGINX_OPENRESTY_ORG_IP} ||= resolve($ENV{TEST_NGINX_RESOLVER},
+    "openresty.org");
 
 my $NginxBinary = $ENV{'TEST_NGINX_BINARY'} || 'nginx';
 my $openssl_version = eval { `$NginxBinary -V 2>&1` };
@@ -44,6 +48,19 @@ sub read_file {
     $cert;
 }
 
+sub resolve ($$) {
+    my ($resolver, $domain) = @_;
+    my $ips = qx/dig \@$resolver +short $domain/;
+
+    my $exit_code = $? >> 8;
+    if (!$ips || $exit_code != 0) {
+        die "failed to resolve '$domain' using '$resolver' as resolver";
+    }
+
+    my ($ip) = split /\n/, $ips;
+    return $ip;
+}
+
 our $DSTRootCertificate = read_file("t/cert/dst-ca.crt");
 our $EquifaxRootCertificate = read_file("t/cert/equifax.crt");
 our $TestCertificate = read_file("t/cert/test.crt");
@@ -1397,6 +1414,7 @@ SSL reused session
     location /t {
         #set $port 5000;
         set $port $TEST_NGINX_MEMCACHED_PORT;
+        set $openresty_org_ip $TEST_NGINX_OPENRESTY_ORG_IP;
 
         content_by_lua '
             local sock = ngx.socket.tcp()
@@ -1406,7 +1424,8 @@ SSL reused session
 
             local session
             for i = 1, 3 do
-                local ok, err = sock:connect("openresty.org", 443)
+                -- Use the same IP to ensure that the connection can be reused
+                local ok, err = sock:connect(ngx.var.openresty_org_ip, 443)
                 if not ok then
                     ngx.say("failed to connect: ", err)
                     return
@@ -1473,6 +1492,7 @@ SSL reused session
     lua_ssl_verify_depth 2;
     location /t {
         #set $port 5000;
+        set $openresty_org_ip $TEST_NGINX_OPENRESTY_ORG_IP;
         set $port $TEST_NGINX_MEMCACHED_PORT;
 
         content_by_lua '
@@ -1482,7 +1502,8 @@ SSL reused session
             do
 
             for i = 1, 3 do
-                local ok, err = sock:connect("openresty.org", 443)
+                -- Use the same IP to ensure that the connection can be reused
+                local ok, err = sock:connect(ngx.var.openresty_org_ip, 443)
                 if not ok then
                     ngx.say("failed to connect: ", err)
                     return
