source: mod_gnutls/test/runtests @ a213967

debian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
Last change on this file since a213967 was a213967, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Test suite: Filter "Server" header when checking output

Like "Date", this header is likely to change between builds or runs, e.g. because
of different Apache and GnuTLS versions between hosts.
  • Property mode set to 100755
File size: 4.2 KB
Line 
1#!/bin/bash
2
3# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
4
5set -e
6
7tests="${1##t-}"
8
9if [ -n "${TEST_LOCK}" ]; then
10    TEST_LOCK="$(realpath ${TEST_LOCK})"
11    flock_cmd="flock -w 10 ${TEST_LOCK}"
12fi
13
14BADVARS=0
15for v in TEST_HOST TEST_IP TEST_PORT TEST_QUERY_DELAY TEST_GAP MSVA_PORT; do
16    if [ ! -v "$v" ]; then
17        printf "You need to set the %s environment variable\n" "$v" >&2
18        BADVARS=1
19    fi
20done
21
22if [ 0 != "$BADVARS" ]; then
23    exit 1
24fi
25
26if [ . != "$(dirname "$0")" ]; then
27    printf "You should only run this mod-gnutls test suite from the test/ directory of the mod_gnutls source.\n" >&2
28    exit 1
29fi
30
31function stop_msva() {
32    kill %1
33}
34
35# Compare expected/actual outputs, filtering out headers from actual
36# output that are expected to change between runs or builds (currently
37# "Date" and "Server"). The headers must be excluded in the expected
38# output.
39#
40# Parameters:
41# $1: path to expected output
42# $2: path to actual output
43# $3: additional options for diff (optional)
44function diff_output_filter_headers()
45{
46    expected="$1"
47    actual="$2"
48    diff $3 -u "${expected}" <( cat "${actual}" | \
49        grep -v -P '^Date:\s.*GMT\s?$' | \
50        grep -v -P '^Server:\sApache'  | \
51        tail -n "$(wc -l < ${expected})" )
52}
53
54function apache_down_err() {
55    printf "FAILURE: %s\n" "$TEST_NAME"
56    /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k stop || true
57    if [ -e output ]; then
58        printf "\ngnutls-cli outputs:\n"
59        diff_output_filter_headers "output" "$output" || true
60    fi
61    printf "\nApache error logs:\n"
62    tail "../../logs/${TEST_NAME}.error.log"
63    if [ -n "${USE_MSVA}" ]; then
64        stop_msva
65    fi
66}
67
68if [ -z "$tests" ] ; then
69    tests=./tests/*
70else
71    tests=./tests/"$(printf "%02d" "$tests")"_*
72fi
73
74if [ -n "${USE_MSVA}" ]; then
75    GNUPGHOME=$(pwd)/msva.gnupghome MSVA_KEYSERVER_POLICY=never monkeysphere-validation-agent &
76    trap stop_msva EXIT
77
78    sleep "$TEST_GAP"
79
80    printf "TESTING: initial MSVA verification\n"
81    MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT" msva-query-agent https "$(cat client.uid)" x509pem client < client/x509.pem
82    printf "\nSUCCESS: initial MSVA verification\n"
83fi
84
85for t in $tests; do
86    if [ -z "${flock_cmd}" ]; then
87        echo "Warning: no lock file set"
88        sleep "$TEST_GAP"
89    fi
90    export TEST_NAME="$(basename "$t")"
91    output="../../outputs/${TEST_NAME}.output"
92    rm -f "$output"
93    cd "$t"
94    if [ -e fail.* ]; then
95        EXPECTED_FAILURE="$(printf " (expected: %s)" fail.*)"
96    else
97        unset EXPECTED_FAILURE
98    fi
99    printf "TESTING: %s%s\n" "$TEST_NAME" "$EXPECTED_FAILURE"
100    trap apache_down_err EXIT
101    if [ -n "${USE_MSVA}" ]; then
102        MONKEYSPHERE_VALIDATION_AGENT_SOCKET="http://127.0.0.1:$MSVA_PORT" \
103            ${flock_cmd} \
104            /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k start \
105            || [ -e fail.server ]
106    else
107        ${flock_cmd} \
108            /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k start \
109            || [ -e fail.server ]
110    fi
111
112    # The sleep call keeps the pipe from the subshell to gnutls-cli
113    # open. Without it gnutls-cli would terminate as soon as sed is
114    # done, and not wait for a response from the server, leading to
115    # failing tests. Sending sleep to the background allows the test
116    # case to proceed instead of waiting for it to return, but has the
117    # disadvantage of leaving the sleep process dangling until it
118    # eventually times out. Still preferable to a fixed delay.
119    if (sed "s/__HOSTNAME__/${TEST_HOST}/" <./input && \
120        sleep "${TEST_QUERY_DELAY}" &) | \
121        gnutls-cli -p "${TEST_PORT}" $(cat ./gnutls-cli.args) "${TEST_HOST}" \
122        >"$output";
123    then
124        if [ -e fail* ]; then
125            printf "%s should have failed but succeeded\n" "$(basename "$t")" >&2
126            exit 1
127        fi
128    else
129        if [ ! -e fail* ]; then
130            printf "%s should have succeeded but failed\n" "$(basename "$t")" >&2
131            exit 1
132        fi
133    fi
134
135    if [ -e output ] ; then
136        diff_output_filter_headers "output" "$output" "-q"
137    fi
138    /usr/sbin/apache2 -f "$(pwd)/apache.conf" -k stop || [ -e fail.server ]
139    if [ -n "${USE_MSVA}" ]; then
140        trap stop_msva EXIT
141    else
142        trap - EXIT
143    fi
144    printf "SUCCESS: %s\n" "$TEST_NAME"
145    cd ../..
146done
147
148if [ -n "${USE_MSVA}" ]; then
149    stop_msva
150fi
Note: See TracBrowser for help on using the repository browser.