Context Navigation

← Previous Changeset
Next Changeset →

Changeset 1c2b936 in mod_gnutls

Timestamp:

Dec 4, 2019, 6:20:53 AM (10 months ago)

Author:

Fiona Klute <fiona.klute@…>

Branches:

master, proxy-ticket

Children:

Parents:

Message:

Test suite: Use the new Python-based test client

Location:

Files:

: 33 added
: 97 deleted
: 4 edited

Makefile.am (modified) (1 diff)
runtests (modified) (4 diffs)
tests/00_basic/gnutls-cli.args (deleted)
tests/00_basic/input (deleted)
tests/00_basic/output (deleted)
tests/00_basic/test.yml (added)
tests/01_serverwide_priorities/gnutls-cli.args (deleted)
tests/01_serverwide_priorities/input (deleted)
tests/01_serverwide_priorities/output (deleted)
tests/01_serverwide_priorities/test.yml (added)
tests/02_cache_in_vhost/gnutls-cli.args (deleted)
tests/02_cache_in_vhost/input (deleted)
tests/02_cache_in_vhost/test.yml (added)
tests/03_cachetimeout_in_vhost/gnutls-cli.args (deleted)
tests/03_cachetimeout_in_vhost/input (deleted)
tests/03_cachetimeout_in_vhost/output (deleted)
tests/03_cachetimeout_in_vhost/test.yml (added)
tests/04_basic_nosni/gnutls-cli.args (deleted)
tests/04_basic_nosni/input (deleted)
tests/04_basic_nosni/output (deleted)
tests/04_basic_nosni/test.yml (added)
tests/05_mismatched-priorities/apache.conf (modified) (1 diff)
tests/05_mismatched-priorities/fail.client (deleted)
tests/05_mismatched-priorities/gnutls-cli.args (deleted)
tests/05_mismatched-priorities/input (deleted)
tests/05_mismatched-priorities/test.yml (added)
tests/06_verify_sni_a/gnutls-cli.args (deleted)
tests/06_verify_sni_a/input (deleted)
tests/06_verify_sni_a/output (deleted)
tests/06_verify_sni_a/test.yml (added)
tests/07_verify_sni_b/gnutls-cli.args (deleted)
tests/07_verify_sni_b/input (deleted)
tests/07_verify_sni_b/output (deleted)
tests/07_verify_sni_b/test.yml (added)
tests/08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args (deleted)
tests/08_verify_no_sni_fallback_to_first_vhost/input (deleted)
tests/08_verify_no_sni_fallback_to_first_vhost/output (deleted)
tests/08_verify_no_sni_fallback_to_first_vhost/test.yml (added)
tests/09_verify_no_sni_fails_with_wrong_order/fail.client (deleted)
tests/09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args (deleted)
tests/09_verify_no_sni_fails_with_wrong_order/input (deleted)
tests/09_verify_no_sni_fails_with_wrong_order/test.yml (added)
tests/10_basic_client_verification/gnutls-cli.args (deleted)
tests/10_basic_client_verification/input (deleted)
tests/10_basic_client_verification/output (deleted)
tests/10_basic_client_verification/test.yml (added)
tests/11_basic_client_verification_fail/fail.client (deleted)
tests/11_basic_client_verification_fail/gnutls-cli.args (deleted)
tests/11_basic_client_verification_fail/input (deleted)
tests/11_basic_client_verification_fail/test.yml (added)
tests/12_cgi_variables/gnutls-cli.args (deleted)
tests/12_cgi_variables/input (deleted)
tests/12_cgi_variables/output (deleted)
tests/12_cgi_variables/test.yml (added)
tests/13_cgi_variables_no_client_cert/gnutls-cli.args (deleted)
tests/13_cgi_variables_no_client_cert/input (deleted)
tests/13_cgi_variables_no_client_cert/output (deleted)
tests/13_cgi_variables_no_client_cert/test.yml (added)
tests/14_resume_session/gnutls-cli.args (deleted)
tests/14_resume_session/input (deleted)
tests/14_resume_session/output (deleted)
tests/14_resume_session/test.yml (added)
tests/15_basic_msva/gnutls-cli.args (deleted)
tests/15_basic_msva/input (deleted)
tests/15_basic_msva/output (deleted)
tests/15_basic_msva/test.yml (added)
tests/16_view-status/gnutls-cli.args (deleted)
tests/16_view-status/input (deleted)
tests/16_view-status/test.yml (added)
tests/17_cgi_vars_large_cert/gnutls-cli.args (deleted)
tests/17_cgi_vars_large_cert/input (deleted)
tests/17_cgi_vars_large_cert/output (deleted)
tests/17_cgi_vars_large_cert/test.yml (added)
tests/18_client_verification_wrong_cert/gnutls-cli.args (deleted)
tests/18_client_verification_wrong_cert/input (deleted)
tests/18_client_verification_wrong_cert/output (deleted)
tests/18_client_verification_wrong_cert/test.yml (added)
tests/19_TLS_reverse_proxy/gnutls-cli.args (deleted)
tests/19_TLS_reverse_proxy/input (deleted)
tests/19_TLS_reverse_proxy/output (deleted)
tests/19_TLS_reverse_proxy/test.yml (added)
tests/20_TLS_reverse_proxy_client_auth/gnutls-cli.args (deleted)
tests/20_TLS_reverse_proxy_client_auth/input (deleted)
tests/20_TLS_reverse_proxy_client_auth/output (deleted)
tests/20_TLS_reverse_proxy_client_auth/test.yml (added)
tests/21_TLS_reverse_proxy_wrong_cert/gnutls-cli.args (deleted)
tests/21_TLS_reverse_proxy_wrong_cert/input (deleted)
tests/21_TLS_reverse_proxy_wrong_cert/output (deleted)
tests/21_TLS_reverse_proxy_wrong_cert/test.yml (added)
tests/22_TLS_reverse_proxy_crl_revoke/gnutls-cli.args (deleted)
tests/22_TLS_reverse_proxy_crl_revoke/input (deleted)
tests/22_TLS_reverse_proxy_crl_revoke/output (deleted)
tests/22_TLS_reverse_proxy_crl_revoke/test.yml (added)
tests/23_TLS_reverse_proxy_mismatched_priorities/gnutls-cli.args (deleted)
tests/23_TLS_reverse_proxy_mismatched_priorities/input (deleted)
tests/23_TLS_reverse_proxy_mismatched_priorities/output (deleted)
tests/23_TLS_reverse_proxy_mismatched_priorities/test.yml (added)
tests/24_pkcs11_cert/gnutls-cli.args (deleted)
tests/24_pkcs11_cert/input (deleted)
tests/24_pkcs11_cert/output (deleted)
tests/24_pkcs11_cert/test.yml (added)
tests/25_Disable_TLS_1.0/fail.client (deleted)
tests/25_Disable_TLS_1.0/gnutls-cli.args (deleted)
tests/25_Disable_TLS_1.0/input (deleted)
tests/25_Disable_TLS_1.0/test.yml (added)
tests/27_OCSP_server/gnutls-cli.args (deleted)
tests/27_OCSP_server/input (deleted)
tests/27_OCSP_server/output (deleted)
tests/27_OCSP_server/test.yml (added)
tests/29_force_handshake_vhost/gnutls-cli.args (deleted)
tests/29_force_handshake_vhost/input (deleted)
tests/29_force_handshake_vhost/output (deleted)
tests/29_force_handshake_vhost/test.yml (added)
tests/30_ip_based_vhosts/gnutls-cli.args (deleted)
tests/30_ip_based_vhosts/input (deleted)
tests/30_ip_based_vhosts/output (deleted)
tests/30_ip_based_vhosts/test.yml (added)
tests/31_vhost_SNI_serveralias_match/gnutls-cli.args (deleted)
tests/31_vhost_SNI_serveralias_match/input (deleted)
tests/31_vhost_SNI_serveralias_match/output (deleted)
tests/31_vhost_SNI_serveralias_match/test.yml (added)
tests/32_vhost_SNI_serveralias_mismatch/gnutls-cli.args (deleted)
tests/32_vhost_SNI_serveralias_mismatch/input (deleted)
tests/32_vhost_SNI_serveralias_mismatch/output (deleted)
tests/32_vhost_SNI_serveralias_mismatch/test.yml (added)
tests/33_vhost_SNI_serveralias_missinghost/gnutls-cli.args (deleted)
tests/33_vhost_SNI_serveralias_missinghost/input (deleted)
tests/33_vhost_SNI_serveralias_missinghost/output (deleted)
tests/33_vhost_SNI_serveralias_missinghost/test.yml (added)
tests/34_TLS_reverse_proxy_h2/gnutls-cli.args (deleted)
tests/34_TLS_reverse_proxy_h2/input (deleted)
tests/34_TLS_reverse_proxy_h2/output (deleted)
tests/34_TLS_reverse_proxy_h2/test.yml (added)
tests/Makefile.am (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

test/Makefile.am

r5c7e570	r1c2b936
249	249	EXTRA_DIST = $(apache_data) $(cert_templates) $(shared_identities:=/uid.in) \
250	250	apache_service.bash common.bash runtests authority/server/crl.template \
251		softhsm.bash
	251	softhsm.bash https-test-client.py
252	252
253	253	# Lockfile for the main Apache process

test/runtests

-                      r5c7e570
+                      r1c2b936
     kill_by_pidfile "${msva_pidfile}"
     unset msva_pidfile
+}
-# Compare expected/actual outputs, filtering out headers from actual
-# output that are expected to change between runs or builds (currently
-# "Date", "Server" and "Content-Length"). The headers must be excluded
-# in the expected output.
+#
-# Parameters:
-# $1: path to expected output
-# $2: path to actual output
-# $3: additional options for diff (optional)
-function diff_output_filter_headers()
+{
-    local expected="$1"
-    local actual="$2"
-    diff $3 -u "${expected}" <( cat "${actual}" | \
-        grep -v -P '^Date:\s.*GMT\s?$' | \
-        grep -v -P '^Server:\sApache'  | \
-        grep -v -P '^Content-Length:\s\d+\s?$' | \
-        tail -n "$(wc -l < ${expected})" )
+}
 …
     printf "FAILURE: %s\n" "$TEST_NAME"
     ${APACHE2} -f "${testdir}/apache.conf" -k stop || true
-    if [ -e output ]; then
-        printf "\ngnutls-cli outputs:\n"
-        diff_output_filter_headers "output" "$output" || true
-    fi
     if [ -r "${testdir}/backend.conf" ]; then
 …
     if [ -r "${testdir}/ocsp.conf" ]; then
         apache_service "${testdir}" "ocsp.conf" stop || true
-    fi
-    if [ -n "${sleep_pidfile}" ]; then
-        kill_by_pidfile "${sleep_pidfile}"
     fi
 …
 fi
+# PID file for sleep command (explanation below)
+sleep_pidfile="$(mktemp mod_gnutls_test-XXXXXX.pid)"
+# The sleep call keeps the pipe from the subshell to gnutls-cli
+# open. Without it gnutls-cli would terminate as soon as sed is
+# done, and not wait for a response from the server, leading to
+# failing tests. Sending sleep to the background allows the test
+# case to proceed instead of waiting for it to return. The sleep
+# process is stopped after gnutls-cli terminates.
+#
+# The line end manipulation in sed guarantees that all header lines
+# end with CRLF as required by RFC 7230, Section 3.1.1 regardless of
+# the line ends in the input file.
+if (sed -r "s/__HOSTNAME__/${TEST_HOST}/;s/\r?$/\r/" <${testdir}/input && \
+           run_with_pidfile "${sleep_pidfile}" sleep "${TEST_QUERY_TIMEOUT}" &) | \
+       gnutls-cli -p "${TEST_PORT}" $(cat ${testdir}/gnutls-cli.args) "${TARGET}" \
+       | tee "$output" && test "${PIPESTATUS[1]}" -eq 0;
+then
+    if [ -e ${testdir}/fail* ]; then
+        printf "%s should have failed but succeeded\n" "$(basename "$testdir")" >&2
+        exit 1
+    fi
+else
+    if [ ! -e ${testdir}/fail* ]; then
+        printf "%s should have succeeded but failed\n" "$(basename "$testdir")" >&2
+        exit 1
+    fi
+fi
+kill_by_pidfile "${sleep_pidfile}"
+unset sleep_pidfile
+if [ -e ${testdir}/output ] ; then
+    diff_output_filter_headers "${testdir}/output" "$output" >&2
+fi
+${PYTHON} ${srcdir}/https-test-client.py -p "${TEST_PORT}" "${TARGET}" \
+          --test-config "${testdir}/test.yml"\
+    |& tee "$output"
+# We care about the exit status of the Python script, not tee
+if [ ${PIPESTATUS[0]} -ne 0 ]; then
+    exit 1
+fi
 if [ -n "${USE_MSVA}" ]; then
     trap stop_msva EXIT

test/tests/05_mismatched-priorities/apache.conf

r5c7e570	r1c2b936
8	8	GnuTLSCertificateFile authority/server/x509.pem
9	9	GnuTLSKeyFile authority/server/secret.key
10		GnuTLSPriorities NORMAL:-VERS-~~SSL3.0~~
	10	GnuTLSPriorities NORMAL:-VERS-TLS1.2
11	11	</VirtualHost>

test/tests/Makefile.am

-                      r5c7e570
+                      r1c2b936
 EXTRA_DIST = \
 _basic/apache.conf 00_basic/gnutls-cli.args 00_basic/input 00_basic/output \
 _serverwide_priorities/apache.conf 01_serverwide_priorities/gnutls-cli.args 01_serverwide_priorities/input 01_serverwide_priorities/output \
 _cache_in_vhost/apache.conf 02_cache_in_vhost/fail.server 02_cache_in_vhost/gnutls-cli.args 02_cache_in_vhost/input \
 _cachetimeout_in_vhost/apache.conf 03_cachetimeout_in_vhost/gnutls-cli.args 03_cachetimeout_in_vhost/input 03_cachetimeout_in_vhost/output \
 _basic_nosni/apache.conf 04_basic_nosni/gnutls-cli.args 04_basic_nosni/input 04_basic_nosni/output \
 _mismatched-priorities/apache.conf 05_mismatched-priorities/fail.client 05_mismatched-priorities/gnutls-cli.args 05_mismatched-priorities/input \
 _verify_sni_a/apache.conf 06_verify_sni_a/gnutls-cli.args 06_verify_sni_a/input 06_verify_sni_a/output \
 _verify_sni_b/apache.conf 07_verify_sni_b/gnutls-cli.args 07_verify_sni_b/input 07_verify_sni_b/output \
 _verify_no_sni_fallback_to_first_vhost/apache.conf 08_verify_no_sni_fallback_to_first_vhost/gnutls-cli.args 08_verify_no_sni_fallback_to_first_vhost/input 08_verify_no_sni_fallback_to_first_vhost/output \
 _verify_no_sni_fails_with_wrong_order/apache.conf 09_verify_no_sni_fails_with_wrong_order/fail.client 09_verify_no_sni_fails_with_wrong_order/gnutls-cli.args 09_verify_no_sni_fails_with_wrong_order/input \
 _basic_client_verification/apache.conf 10_basic_client_verification/gnutls-cli.args 10_basic_client_verification/input 10_basic_client_verification/output \
 _basic_client_verification_fail/apache.conf 11_basic_client_verification_fail/fail.client 11_basic_client_verification_fail/gnutls-cli.args 11_basic_client_verification_fail/input \
 _cgi_variables/apache.conf 12_cgi_variables/gnutls-cli.args 12_cgi_variables/input 12_cgi_variables/output \
 _cgi_variables_no_client_cert/apache.conf 13_cgi_variables_no_client_cert/gnutls-cli.args 13_cgi_variables_no_client_cert/input 13_cgi_variables_no_client_cert/output \
 _resume_session/apache.conf 14_resume_session/gnutls-cli.args 14_resume_session/input 14_resume_session/output \
 _basic_msva/apache.conf 15_basic_msva/gnutls-cli.args 15_basic_msva/input 15_basic_msva/output \
 _view-status/apache.conf 16_view-status/gnutls-cli.args 16_view-status/input \
 _cgi_vars_large_cert/apache.conf 17_cgi_vars_large_cert/gnutls-cli.args 17_cgi_vars_large_cert/input 17_cgi_vars_large_cert/output \
 _client_verification_wrong_cert/apache.conf 18_client_verification_wrong_cert/gnutls-cli.args 18_client_verification_wrong_cert/input 18_client_verification_wrong_cert/output \
 _TLS_reverse_proxy/apache.conf 19_TLS_reverse_proxy/backend.conf 19_TLS_reverse_proxy/gnutls-cli.args 19_TLS_reverse_proxy/input 19_TLS_reverse_proxy/output \
 _TLS_reverse_proxy_client_auth/apache.conf 20_TLS_reverse_proxy_client_auth/backend.conf 20_TLS_reverse_proxy_client_auth/gnutls-cli.args 20_TLS_reverse_proxy_client_auth/input 20_TLS_reverse_proxy_client_auth/output \
 _TLS_reverse_proxy_wrong_cert/apache.conf 21_TLS_reverse_proxy_wrong_cert/backend.conf 21_TLS_reverse_proxy_wrong_cert/gnutls-cli.args 21_TLS_reverse_proxy_wrong_cert/input 21_TLS_reverse_proxy_wrong_cert/output \
 _TLS_reverse_proxy_crl_revoke/apache.conf 22_TLS_reverse_proxy_crl_revoke/backend.conf 22_TLS_reverse_proxy_crl_revoke/gnutls-cli.args 22_TLS_reverse_proxy_crl_revoke/input 22_TLS_reverse_proxy_crl_revoke/output \
 _TLS_reverse_proxy_mismatched_priorities/apache.conf 23_TLS_reverse_proxy_mismatched_priorities/backend.conf 23_TLS_reverse_proxy_mismatched_priorities/gnutls-cli.args 23_TLS_reverse_proxy_mismatched_priorities/input 23_TLS_reverse_proxy_mismatched_priorities/output \
 _pkcs11_cert/apache.conf 24_pkcs11_cert/gnutls-cli.args 24_pkcs11_cert/input 24_pkcs11_cert/output \
 _Disable_TLS_1.0/apache.conf 25_Disable_TLS_1.0/fail.client 25_Disable_TLS_1.0/gnutls-cli.args 25_Disable_TLS_1.0/input \
+_basic/apache.conf 00_basic/test.yml \
+_serverwide_priorities/apache.conf 01_serverwide_priorities/test.yml \
+_cache_in_vhost/apache.conf 02_cache_in_vhost/fail.server 02_cache_in_vhost/test.yml \
+_cachetimeout_in_vhost/apache.conf 03_cachetimeout_in_vhost/test.yml \
+_basic_nosni/apache.conf 04_basic_nosni/test.yml \
+_mismatched-priorities/apache.conf 05_mismatched-priorities/test.yml \
+_verify_sni_a/apache.conf 06_verify_sni_a/test.yml \
+_verify_sni_b/apache.conf 07_verify_sni_b/test.yml \
+_verify_no_sni_fallback_to_first_vhost/apache.conf 08_verify_no_sni_fallback_to_first_vhost/test.yml \
+_verify_no_sni_fails_with_wrong_order/apache.conf 09_verify_no_sni_fails_with_wrong_order/test.yml \
+_basic_client_verification/apache.conf 10_basic_client_verification/test.yml \
+_basic_client_verification_fail/apache.conf 11_basic_client_verification_fail/test.yml \
+_cgi_variables/apache.conf 12_cgi_variables/test.yml \
+_cgi_variables_no_client_cert/apache.conf 13_cgi_variables_no_client_cert/test.yml \
+_resume_session/apache.conf 14_resume_session/test.yml \
+_basic_msva/apache.conf 15_basic_msva/test.yml \
+_view-status/apache.conf 16_view-status/test.yml \
+_cgi_vars_large_cert/apache.conf 17_cgi_vars_large_cert/test.yml \
+_client_verification_wrong_cert/apache.conf 18_client_verification_wrong_cert/test.yml \
+_TLS_reverse_proxy/apache.conf 19_TLS_reverse_proxy/backend.conf 19_TLS_reverse_proxy/test.yml \
+_TLS_reverse_proxy_client_auth/apache.conf 20_TLS_reverse_proxy_client_auth/backend.conf 20_TLS_reverse_proxy_client_auth/test.yml \
+_TLS_reverse_proxy_wrong_cert/apache.conf 21_TLS_reverse_proxy_wrong_cert/backend.conf 21_TLS_reverse_proxy_wrong_cert/test.yml \
+_TLS_reverse_proxy_crl_revoke/apache.conf 22_TLS_reverse_proxy_crl_revoke/backend.conf 22_TLS_reverse_proxy_crl_revoke/test.yml \
+_TLS_reverse_proxy_mismatched_priorities/apache.conf 23_TLS_reverse_proxy_mismatched_priorities/backend.conf 23_TLS_reverse_proxy_mismatched_priorities/test.yml \
+_pkcs11_cert/apache.conf 24_pkcs11_cert/test.yml \
+_Disable_TLS_1.0/apache.conf 25_Disable_TLS_1.0/test.yml \
 _redirect_HTTP_to_HTTPS/apache.conf \
 _OCSP_server/apache.conf 27_OCSP_server/gnutls-cli.args 27_OCSP_server/input 27_OCSP_server/ocsp.conf 27_OCSP_server/output \
+_OCSP_server/apache.conf 27_OCSP_server/ocsp.conf 27_OCSP_server/test.yml \
 _HTTP2_support/apache.conf \
 _force_handshake_vhost/apache.conf 29_force_handshake_vhost/gnutls-cli.args 29_force_handshake_vhost/input 29_force_handshake_vhost/output \
 _ip_based_vhosts/apache.conf 30_ip_based_vhosts/gnutls-cli.args 30_ip_based_vhosts/input 30_ip_based_vhosts/output 31_vhost_SNI_serveralias_match \
 _vhost_SNI_serveralias_match/gnutls-cli.args 31_vhost_SNI_serveralias_match/input 31_vhost_SNI_serveralias_match/apache.conf 31_vhost_SNI_serveralias_match/output \
 _vhost_SNI_serveralias_mismatch/gnutls-cli.args 32_vhost_SNI_serveralias_mismatch/input 32_vhost_SNI_serveralias_mismatch/apache.conf 32_vhost_SNI_serveralias_mismatch/output \
 _vhost_SNI_serveralias_missinghost/gnutls-cli.args 33_vhost_SNI_serveralias_missinghost/input 33_vhost_SNI_serveralias_missinghost/apache.conf 33_vhost_SNI_serveralias_missinghost/output \
 _TLS_reverse_proxy_h2/apache.conf 34_TLS_reverse_proxy_h2/backend.conf 34_TLS_reverse_proxy_h2/gnutls-cli.args 34_TLS_reverse_proxy_h2/input 34_TLS_reverse_proxy_h2/output
+_force_handshake_vhost/apache.conf 29_force_handshake_vhost/test.yml \
+_ip_based_vhosts/apache.conf 30_ip_based_vhosts/test.yml \
+_vhost_SNI_serveralias_match/apache.conf 31_vhost_SNI_serveralias_match/test.yml \
+_vhost_SNI_serveralias_mismatch/apache.conf 32_vhost_SNI_serveralias_mismatch/test.yml \
+_vhost_SNI_serveralias_missinghost/apache.conf 33_vhost_SNI_serveralias_missinghost/test.yml \
+_TLS_reverse_proxy_h2/apache.conf 34_TLS_reverse_proxy_h2/backend.conf 34_TLS_reverse_proxy_h2/test.yml

Note: See TracChangeset for help on using the changeset viewer.

Download in other formats: