source: mod_gnutls/test/runtests @ 3be92d3

asyncioproxy-ticket
Last change on this file since 3be92d3 was e3e0de1, checked in by Fiona Klute <fiona.klute@…>, 17 months ago

https-test-client.py: Make host and port configurable per connection

Both variables can use environment variables. If unset they default to
TEST_TARGET and TEST_PORT. This makes it possible to connect to
different servers in one test, for example in proxy tests to check
that the backend server is behaving as expected.

  • Property mode set to 100755
File size: 6.1 KB
RevLine 
[4b53371]1#!/bin/bash
2
[ae38a49]3# Authors:
4# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
[3c123cd]5# Fiona Klute <fiona.klute@gmx.de>
[4b53371]6
7set -e
[412ee84]8. ${srcdir}/common.bash
[1872744]9. ${srcdir}/apache_service.bash
[cf4e708]10netns_reexec ${@}
[4b53371]11
[56056de]12testid="${1##t-}"
13
14if [ -z "$testid" ] ; then
15    echo -e "No test case selected.\nUsage: ${0} t-N" >&2
16    exit 1
17else
18    testid=${srcdir}/tests/"$(printf "%02d" "$testid")"_*
19fi
[b28158c]20testdir="$(realpath ${testid})"
[4b53371]21
22BADVARS=0
[4fb510d]23for v in APACHE2 TEST_HOST TEST_PORT TEST_QUERY_TIMEOUT TEST_SERVICE_WAIT \
[412ee84]24                 MSVA_PORT; do
[4b53371]25    if [ ! -v "$v" ]; then
26        printf "You need to set the %s environment variable\n" "$v" >&2
27        BADVARS=1
28    fi
29done
30
31if [ 0 != "$BADVARS" ]; then
32    exit 1
33fi
34
[45ae2ef]35# write script file and line to stderr on error
36function pinpoint_error()
37{
[5f3222b]38    echo "Command \"${BASH_COMMAND}\" failed. Call trace:" >&2
39    local stack=0
40    while caller $((stack++)) >&2; do true; done
[45ae2ef]41}
[5f3222b]42trap 'pinpoint_error' ERR
[45ae2ef]43
[ae38a49]44function stop_msva()
45{
46    kill_by_pidfile "${msva_pidfile}"
47    unset msva_pidfile
[e3cbda4]48}
49
[232fb60]50# Run a command, storing its PID in the given file
51# Usage: run_with_pidfile PIDFILE COMMAND [ARGS]
52function run_with_pidfile()
53{
54    local pidfile=$1
55    local cmd=$2
56    shift 2
57    echo $BASHPID >${pidfile}
58    exec ${cmd} $*
59}
60
61# Kills the process with the PID contained in a given file, then
62# deletes the file.
63# Usage: kill_by_pidfile PIDFILE
64function kill_by_pidfile()
65{
66    local pidfile="${1}"
67    # In some testcases with expected failure, gnutls-cli sometimes
68    # failed before the subshell in front of the pipe (see gnutls-cli
69    # call below) got so far as to write the PID, much less exec
70    # sleep. So we need to check if there actually is anything to
71    # kill.
72    if [ -n "${pidfile}" ]; then
73        local pid=$(cat "${pidfile}")
74        if [ -n "${pid}" ] && ps -p "${pid}"; then
75            kill "${pid}"
[bbfcbb5]76        else
77            echo "No running process with PID ${pid} (${pidfile})."
[232fb60]78        fi
79        rm "${pidfile}"
80    fi
81}
82
[4b53371]83function apache_down_err() {
84    printf "FAILURE: %s\n" "$TEST_NAME"
[b28158c]85    ${APACHE2} -f "${testdir}/apache.conf" -k stop || true
[232fb60]86
[b28158c]87    if [ -r "${testdir}/backend.conf" ]; then
[1872744]88        apache_service "${testdir}" "backend.conf" stop || true
[b28158c]89    fi
90
[321912b]91    if [ -r "${testdir}/ocsp.conf" ]; then
92        apache_service "${testdir}" "ocsp.conf" stop || true
93    fi
94
[03295a9]95    local errlog="logs/${TEST_NAME}.error.log"
96    if [ -r "${errlog}" ]; then
97        printf "\nApache error logs:\n"
98        tail "${errlog}"
99    fi
[232fb60]100
[302965e]101    if [ -n "${USE_MSVA}" ]; then
102        stop_msva
103    fi
[4b53371]104}
105
[302965e]106if [ -n "${USE_MSVA}" ]; then
[ae38a49]107    msva_pidfile="$(mktemp mod_gnutls_test-XXXXXX.pid)"
108    GNUPGHOME=msva.gnupghome MSVA_KEYSERVER_POLICY=never run_with_pidfile "${msva_pidfile}" monkeysphere-validation-agent &
[302965e]109    trap stop_msva EXIT
[e3cbda4]110
[302965e]111    printf "TESTING: initial MSVA verification\n"
[7adbcd7]112    export MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT"
[a61edfd]113
[e5546be]114    msva_test_cmd="msva-query-agent https \"$(cat authority/client/uid)\" x509pem client < authority/client/x509.pem"
[7adbcd7]115    # check if MSVA is up, fail if not
[4fb510d]116    if wait_ready "${msva_test_cmd}"; then
[7adbcd7]117        printf "\nSUCCESS: initial MSVA verification\n"
118    else
119        printf "\nFAIL: initial MSVA verification\n"
120        exit 1
121    fi
[302965e]122fi
[e3cbda4]123
[dbec528]124# configure locking for the Apache process
[cf4e708]125if [ -n "${USE_TEST_NAMESPACE}" ]; then
126    echo "Using namespaces to isolate tests, no need for locking."
127    flock_cmd=""
[cdc6e4a]128elif [ -n "${FLOCK}" ]; then
[4ae5b82]129    flock_cmd="${FLOCK} -w ${TEST_LOCK_WAIT} $(realpath ${TEST_LOCK})"
[412ee84]130else
131    echo "Locking disabled, using wait based on Apache PID file."
[e00d91a]132    wait_pid_gone "${TEST_LOCK}"
[412ee84]133    flock_cmd=""
134fi
[dbec528]135
[5d85ad3]136export srcdir="$(realpath ${srcdir})"
[b28158c]137export TEST_NAME="$(basename "${testdir}")"
[5d85ad3]138output="outputs/${TEST_NAME}.output"
139rm -f "$output"
140
[b28158c]141if [ -e ${testdir}/fail.* ]; then
[5d85ad3]142    EXPECTED_FAILURE="$(printf " (expected: %s)" fail.*)"
143else
144    unset EXPECTED_FAILURE
145fi
146printf "TESTING: %s%s\n" "$TEST_NAME" "$EXPECTED_FAILURE"
147trap apache_down_err EXIT
148if [ -n "${USE_MSVA}" ]; then
[d39ea18]149    export MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT"
150fi
[fb4da99]151
152# If VERBOSE is enabled, log the HTTPD build configuration
153if [ -n "${VERBOSE}" ]; then
154    ${APACHE2} -f "${srcdir}/base_apache.conf" -V
155fi
156
[321912b]157# Start OCSP responder, if configured
158if [ -r "${testdir}/ocsp.conf" ]; then
159    apache_service "${testdir}" "ocsp.conf" start "${OCSP_LOCK}"
160    CHECK_OCSP_SERVER="true"
161    if [ -n "${VERBOSE}" ]; then
162        echo "OCSP index for the test CA:"
163        cat authority/ocsp_index.txt
164    fi
165fi
166
167# Start proxy backend server, if configured
[b28158c]168if [ -r "${testdir}/backend.conf" ]; then
[1872744]169    apache_service "${testdir}" "backend.conf" start "${BACKEND_LOCK}"
[b28158c]170fi
171
172if ! ${flock_cmd} ${APACHE2} -f "${testdir}/apache.conf" -k start; then
173    if [ -e "${testdir}/fail.server" ]; then
[d39ea18]174        echo "Apache HTTPD failed to start as expected."
175        exit 0
176    else
177        echo "Apache HTTPD unexpectedly failed to start."
178        exit 1
179    fi
[5d85ad3]180fi
[4b53371]181
[c4d6e77]182# check OCSP server
183if [ -n "${CHECK_OCSP_SERVER}" ]; then
[94cb972]184    if [ -n "${OCSP_RESPONSE_FILE}" ]; then
185        store_ocsp="--outfile ${OCSP_RESPONSE_FILE}"
186    fi
[c4d6e77]187    echo "---- Testing OCSP server ----"
[c825c3a]188    wait_ready "ocsptool --ask --nonce --load-issuer authority/x509.pem --load-cert authority/server/x509.pem ${store_ocsp}"
[c4d6e77]189    echo "---- OCSP test done ----"
190fi
191
[849b87e]192if [ -n "${TARGET_IP}" ]; then
[e3e0de1]193    export TEST_TARGET="${TARGET_IP}"
[849b87e]194else
[e3e0de1]195    export TEST_TARGET="${TEST_HOST}"
[849b87e]196fi
197
[e3e0de1]198${PYTHON} ${srcdir}/https-test-client.py \
[42097fb]199          --test-config "${testdir}/test.yml" \
200          --timeout "${TEST_QUERY_TIMEOUT}" \
[1c2b936]201    |& tee "$output"
202# We care about the exit status of the Python script, not tee
203if [ ${PIPESTATUS[0]} -ne 0 ]; then
204    exit 1
[5d85ad3]205fi
[dda3acf]206
[5d85ad3]207if [ -n "${USE_MSVA}" ]; then
208    trap stop_msva EXIT
209else
210    trap - EXIT
211fi
[b28158c]212${APACHE2} -f "${testdir}/apache.conf" -k stop || [ -e ${testdir}/fail.server ]
[5d85ad3]213printf "SUCCESS: %s\n" "$TEST_NAME"
[e3cbda4]214
[b28158c]215if [ -r "${testdir}/backend.conf" ]; then
[1872744]216    apache_service "${testdir}" "backend.conf" stop || true
[b28158c]217fi
218
[321912b]219if [ -r "${testdir}/ocsp.conf" ]; then
220    apache_service "${testdir}" "ocsp.conf" stop || true
221fi
222
[302965e]223if [ -n "${USE_MSVA}" ]; then
224    stop_msva
[ae38a49]225    # Without explicitly resetting the trap function, it would be
226    # called again on exit. Of course, we could just not stop MSVA and
227    # let the trap do the work, but I think the code is easier to
228    # understand like this.
229    trap - EXIT
[302965e]230fi
Note: See TracBrowser for help on using the repository browser.