source: mod_gnutls/test/test-26_HTTPS_server_var.bash @ 8ac7c0d

debian/masterdebian/stretch-backportsjessie-backportsproxy-ticketupstream
Last change on this file since 8ac7c0d was 8ac7c0d, checked in by Thomas Klute <thomas2.klute@…>, 5 years ago

Register "ssl_is_https" function for compatibility with mod_rewrite

mod_rewrite calls this function to fill its %{HTTPS} special variable,
and not providing it meant that conditions like

RewriteCond? "%{HTTPS}" "off"

would match HTTPS connections using mod_gnutls. When used to redirect
clients from HTTP to HTTPS connections, this could lead to redirection
loops as reported in Debian bug #514005 [1]. In addition to
registering the function this commit also adds a test chase that
checks if an HTTP to HTTPS redirection works.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514005

  • Property mode set to 100755
File size: 1.1 KB
Line 
1#!/bin/bash
2#
3# This test checks if mod_rewrite rules can detect HTTPS connections
4# with "%{HTTPS}".
5
6set -e
7: ${srcdir:="."}
8. ${srcdir}/common.bash
9netns_reexec ${@}
10
11testdir="${srcdir}/tests/26_HTTPS_server_var"
12TEST_NAME="$(basename ${testdir})"
13. $(dirname ${0})/proxy_backend.bash
14
15: ${TEST_HTTP_PORT:="9935"}
16export TEST_HTTP_PORT
17
18# "Proxy backend" functions are used to start the only instance needed
19# here without "runtests". We have to override BACKEND_PORT to use the
20# right port.
21export BACKEND_PORT="${TEST_PORT}"
22function stop_backend
23{
24    backend_apache "${testdir}" "apache.conf" stop
25}
26backend_apache "${testdir}" "apache.conf" start "${TEST_LOCK}"
27trap stop_backend EXIT
28
29output="outputs/${TEST_NAME}.output"
30rm -f "$output"
31
32# Send status request over HTTP. This should get redirected to HTTPS.
33wget --ca-certificate=authority/x509.pem -O "${output}" \
34     "http://${TEST_HOST}:${TEST_HTTP_PORT}/status?auto"
35
36# If the request was redirected correctly, the status report lists the
37# used ciphersuite.
38grep "Current TLS session: (TLS" "${output}"
39
40backend_apache "${testdir}" "apache.conf" stop
41trap - EXIT
Note: See TracBrowser for help on using the repository browser.