asynciodebian/masterdebian/stretch-backportsproxy-ticketupstream
|
Last change
on this file since 97d7c63 was
94430e6,
checked in by Thomas Klute <thomas2.klute@…>, 3 years ago
|
|
Test suite: Run a separate Apache instance for the OCSP responder
This change will be needed to cache OCSP responses on start (and
schedule) instead of when needed. An OCSP responder in the same Apache
instance won't be ready while the mod_gnutls post_config hook is
executing.
The changes to lock file handling included in this patch mean that
most parts of the test framework won't need to check which locking
method (if any) is used, they can just pass a lock file which is then
used for flock or PID file checks depending on ./configure results.
|
-
Property mode set to
100755
|
|
File size:
1.4 KB
|
| Line | |
|---|
| 1 | #!/bin/bash |
|---|
| 2 | # |
|---|
| 3 | # This test checks if mod_rewrite rules can detect HTTPS connections |
|---|
| 4 | # with "%{HTTPS}". |
|---|
| 5 | |
|---|
| 6 | set -e |
|---|
| 7 | : ${srcdir:="."} |
|---|
| 8 | . ${srcdir}/common.bash |
|---|
| 9 | netns_reexec ${@} |
|---|
| 10 | |
|---|
| 11 | testdir="${srcdir}/tests/26_redirect_HTTP_to_HTTPS" |
|---|
| 12 | TEST_NAME="$(basename ${testdir})" |
|---|
| 13 | . $(dirname ${0})/proxy_backend.bash |
|---|
| 14 | |
|---|
| 15 | : ${TEST_HTTP_PORT:="9935"} |
|---|
| 16 | export TEST_HTTP_PORT |
|---|
| 17 | |
|---|
| 18 | # "Proxy backend" functions are used to start the only instance needed |
|---|
| 19 | # here without "runtests". We have to override BACKEND_PORT to make it |
|---|
| 20 | # match what a runtests-based test would use. |
|---|
| 21 | export BACKEND_PORT="${TEST_PORT}" |
|---|
| 22 | function stop_backend |
|---|
| 23 | { |
|---|
| 24 | backend_apache "${testdir}" "apache.conf" stop |
|---|
| 25 | } |
|---|
| 26 | backend_apache "${testdir}" "apache.conf" start "${TEST_LOCK}" |
|---|
| 27 | trap stop_backend EXIT |
|---|
| 28 | |
|---|
| 29 | output="outputs/${TEST_NAME}.output" |
|---|
| 30 | rm -f "$output" |
|---|
| 31 | |
|---|
| 32 | # Send status request over HTTP. This should get redirected to HTTPS. |
|---|
| 33 | URL="http://${TEST_HOST}:${TEST_HTTP_PORT}/status?auto" |
|---|
| 34 | if [ "$(basename ${HTTP_CLI})" = "curl" ]; then |
|---|
| 35 | ${HTTP_CLI} --location --verbose --cacert authority/x509.pem "${URL}" \ |
|---|
| 36 | >"${output}" |
|---|
| 37 | elif [ "$(basename ${HTTP_CLI})" = "wget" ]; then |
|---|
| 38 | ${HTTP_CLI} --ca-certificate=authority/x509.pem -O "${output}" "${URL}" |
|---|
| 39 | else |
|---|
| 40 | echo "No HTTP client (curl or wget) found, skipping." 2>&1 |
|---|
| 41 | exit 77 |
|---|
| 42 | fi |
|---|
| 43 | |
|---|
| 44 | # If the request was redirected correctly, the status report lists the |
|---|
| 45 | # used ciphersuite. |
|---|
| 46 | grep "Current TLS session: (TLS" "${output}" |
|---|
| 47 | |
|---|
| 48 | backend_apache "${testdir}" "apache.conf" stop |
|---|
| 49 | trap - EXIT |
|---|
Note: See
TracBrowser
for help on using the repository browser.
