| [4b53371] | 1 | Unit Tests for Apache's mod_gnutls |
|---|
| 2 | ================================== |
|---|
| 3 | |
|---|
| [26081ce] | 4 | Authors: Daniel Kahn Gillmor <dkg@fifthhorseman.net> |
|---|
| 5 | Thomas Klute <thomas2.klute@uni-dortmund.de> |
|---|
| [4b53371] | 6 | |
|---|
| 7 | There are a lot of ways that a TLS-capable web server can go wrong. I |
|---|
| 8 | want to at least test for some basic/common configurations. |
|---|
| 9 | |
|---|
| 10 | |
|---|
| 11 | Running the tests |
|---|
| 12 | ================= |
|---|
| 13 | |
|---|
| [e78bc78] | 14 | from the top level of the source, or from test/ (where this README is), |
|---|
| [0f5c9e1] | 15 | just run: |
|---|
| [4b53371] | 16 | |
|---|
| 17 | make check |
|---|
| 18 | |
|---|
| [7813802] | 19 | from test/ you can also run specific tests by passing their script |
|---|
| 20 | names to make in the TESTS variable: |
|---|
| [4b53371] | 21 | |
|---|
| [7813802] | 22 | TESTS="test-03_cachetimeout_in_vhost.bash" make -e check |
|---|
| [4b53371] | 23 | |
|---|
| 24 | This should be handy when you're just trying to experiment with a new |
|---|
| 25 | test and don't want to wait for the full test suite to run. |
|---|
| 26 | |
|---|
| [26081ce] | 27 | The default configuration assumes that an IPv6 loopback device is |
|---|
| 28 | available (TEST_IP=[::1]) and that TEST_HOST="localhost" resolves to |
|---|
| 29 | the IPv6 loopback address [::1]. If this does not apply to your |
|---|
| 30 | system, you can pass different values to ./configure, e.g. to use IPv4 |
|---|
| 31 | instead: |
|---|
| 32 | |
|---|
| 33 | TEST_HOST="localhost" TEST_IP="127.0.0.1" ./configure |
|---|
| [4b53371] | 34 | |
|---|
| 35 | Adding a Test |
|---|
| 36 | ============= |
|---|
| 37 | |
|---|
| 38 | Please add more tests! |
|---|
| 39 | |
|---|
| [e78bc78] | 40 | The simplest way to add a test is (from test/): |
|---|
| [4b53371] | 41 | |
|---|
| 42 | ./newtest |
|---|
| 43 | |
|---|
| [e78bc78] | 44 | This will prompt you for a simple name for the test and then copy a |
|---|
| 45 | starting set of files from tests/00_basic, and create a script which |
|---|
| 46 | you can add to TESTS in Makefile.am when your test is ready for |
|---|
| 47 | inclusion in the test suite. |
|---|
| [4b53371] | 48 | |
|---|
| 49 | |
|---|
| 50 | Implementation |
|---|
| 51 | ============== |
|---|
| 52 | |
|---|
| [e78bc78] | 53 | Each test consists of a directory in test/tests/, which will cause the |
|---|
| [4b53371] | 54 | test suite to spin up an isolated apache instance and try to connect |
|---|
| 55 | to it with gnutls-cli and make a simple HTTP 1.1 request. |
|---|
| 56 | |
|---|
| 57 | By default, these tests are expected to succeed, by having |
|---|
| 58 | |
|---|
| 59 | In each directory, you can put the following files: |
|---|
| 60 | |
|---|
| 61 | * apache.conf -- the apache configuration to be used |
|---|
| 62 | |
|---|
| 63 | * gnutls-cli.args -- the arguments to pass to gnutls-cli |
|---|
| 64 | |
|---|
| 65 | * input -- the full HTTP request (including the final blank line) |
|---|
| 66 | |
|---|
| 67 | * output [optional] -- the lines of this file will be checked against |
|---|
| 68 | the same number of lines at the end of the output produced by the |
|---|
| 69 | gnutls-cli process. |
|---|
| 70 | |
|---|
| 71 | * fail.server [optional] -- if this file exists, it means we expect |
|---|
| 72 | the web server to fail to even start due to some serious |
|---|
| 73 | configuration problem. |
|---|
| 74 | |
|---|
| 75 | * fail.client [optional] -- if this file exists, it means we expect |
|---|
| 76 | the client to fail to fetch its file. If you already have |
|---|
| 77 | fail.server, do not also specify this; we know that a failed server |
|---|
| 78 | should result in a failed file retrieval. |
|---|
| 79 | |
|---|
| 80 | |
|---|
| 81 | Robustness and Tuning |
|---|
| 82 | ===================== |
|---|
| 83 | |
|---|
| 84 | These tests aren't nearly as robust as i'd like them to be, but they |
|---|
| 85 | work for the moment and they're better than no tests at all. |
|---|
| 86 | |
|---|
| 87 | Here are some things that you might want to tune based on your |
|---|
| 88 | expected setup (along with the variables that can be passed to "make |
|---|
| 89 | check" to adjust them): |
|---|
| 90 | |
|---|
| [26081ce] | 91 | * they need a functioning loopback device. |
|---|
| [4b53371] | 92 | |
|---|
| [26081ce] | 93 | * they expect (by default) the TEST_IP to have port 9932 |
|---|
| [4b53371] | 94 | open. [TEST_PORT] |
|---|
| 95 | |
|---|
| 96 | * if a machine is particularly slow or under heavy load, it's |
|---|
| 97 | possible that these tests will fail for timing |
|---|
| 98 | reasons. [TEST_QUERY_DELAY (seconds for the http request to be sent |
|---|
| 99 | and responded to)] and [TEST_GAP (seconds to wait between tests)] |
|---|
