source: mod_gnutls/test/TestMakefile @ dda3acf

debian/masterdebian/stretch-backportsjessie-backportsupstream
Last change on this file since dda3acf was dda3acf, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Speed up tests with background sleep

Until now, a significant part of test run time was spent waiting
TEST_QUERY_DELAY seconds for a response from the server. The sleep call
used for that keeps the pipe from the subshell to gnutls-cli open,
without it, gnutls-cli would terminate as soon as sed is done, leading
to failing tests. However, in many cases the wait is longer than
necessary for the test.

Sending sleep to the background allows the test case to proceed instead
of waiting for sleep to return, but has the disadvantage of leaving the
sleep process dangling until it eventually times out. I think the
significantly reduced test execution time is worth it.

  • Property mode set to 100644
File size: 3.8 KB
Line 
1#!/usr/bin/make -f
2
3# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
4
5# run these tests to ensure that mod_gnutls can handle a range of
6# simple configuration choices.
7
8export TEST_HOST ?= localhost
9export TEST_IP ?= ::1
10# chosen at random:
11export TEST_PORT ?= 9932
12export MSVA_PORT ?= 9933
13
14export TEST_GAP ?= 1.5
15export TEST_QUERY_DELAY ?= 6
16
17TEST_LOCK := ./test.lock
18
19all: setup.done
20        TEST_LOCK=$(TEST_LOCK) ./runtests
21
22t-%: setup.done
23        TEST_LOCK=$(TEST_LOCK) ./runtests $@
24
25
26
27
28
29### for setting up a little miniature CA + server + client environment:
30identities := server authority client imposter rogueca
31tokens := x509.pem secring.gpg secret.key cert.pgp secret.pgp
32all_tokens := $(foreach id,$(identities),$(foreach token,$(tokens),$(id)/$(token)))
33
34%.template: %.template.in
35        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
36
37server.uid: server.uid.in
38        sed s/__HOSTNAME__/$(TEST_HOST)/ < $< > $@
39
40%/secret.key:
41        mkdir -p $(dir $@)
42        chmod 0700 $(dir $@)
43        certtool --generate-privkey > $@
44
45%/secring.gpg: %.uid %/secret.key
46        rm -f $(dir $@)pubring.gpg $(dir $@)secring.gpg $(dir $@)trustdb.gpg
47        PEM2OPENPGP_EXPIRATION=86400 PEM2OPENPGP_USAGE_FLAGS=authenticate,certify,sign pem2openpgp "$$(cat $<)" < $(dir $@)secret.key | GNUPGHOME=$(dir $@) gpg --import
48        printf "%s:6:\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
49
50%/gpg.conf: %/secring.gpg
51        printf "default-key %s\n" "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
52
53%/secret.pgp: %/secring.gpg
54        GNUPGHOME=$(dir $@) gpg --armor --batch --no-tty --yes --export-secret-key "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
55
56%/minimal.pgp: %/secring.gpg
57        GNUPGHOME=$(dir $@) gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
58
59%/cert.pgp: %/minimal.pgp authority/gpg.conf
60        GNUPGHOME=authority gpg --import $<
61        GNUPGHOME=authority gpg --batch --sign-key --no-tty --yes "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)"
62        GNUPGHOME=authority gpg --armor --export "$$(GNUPGHOME=$(dir $@) gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" > $@
63
64# special cases for the authorities' root certs:
65authority/x509.pem: authority.template authority/secret.key
66        certtool --generate-self-signed --load-privkey authority/secret.key --template authority.template > $@
67rogueca/x509.pem: rogueca.template rogueca/secret.key
68        certtool --generate-self-signed --load-privkey rogueca/secret.key --template rogueca.template > $@
69
70%/cert-request: %.template %/secret.key
71        certtool --generate-request --load-privkey $(dir $@)secret.key --template $< > $@
72
73%/x509.pem: %.template %/cert-request authority/secret.key authority/x509.pem
74        certtool --generate-certificate --load-ca-certificate authority/x509.pem --load-ca-privkey authority/secret.key --load-request $(dir $@)cert-request --template $< > $@
75
76msva.gnupghome/trustdb.gpg: authority/minimal.pgp client/cert.pgp
77        mkdir -p -m 0700 $(dir $@)
78        GNUPGHOME=$(dir $@) gpg --import < $<
79        printf "%s:6:\n" "$$(GNUPGHOME=authority gpg --with-colons --list-secret-keys --fingerprint | grep ^fpr: | cut -f 10 -d :)" | GNUPGHOME=$(dir $@) gpg --import-ownertrust
80        GNUPGHOME=$(dir $@) gpg --import < client/cert.pgp
81        printf "keyserver does-not-exist.example\n" > msva.gnupghome/gpg.conf
82
83
84setup.done: $(all_tokens) msva.gnupghome/trustdb.gpg
85        mkdir -p logs cache outputs
86        touch setup.done
87
88
89clean:
90        rm -rf server client authority logs cache outputs setup.done server.template msva.gnupghome \
91         */*.pgp */*.gpg */*.gpg~ */*.pem */*.key authority.template client.template server.uid
92        rmdir imposter rogueca
93
94.PHONY: all clean
Note: See TracBrowser for help on using the repository browser.