Unit Tests for Apache's mod_gnutls ================================== Initial Author: Daniel Kahn Gillmor There are a lot of ways that a TLS-capable web server can go wrong. I want to at least test for some basic/common configurations. Running the tests ================= from the top level of the source, just run: make check from t/ (where this README is), just run: make also from t/ you can also run specific tests (identified by number) with: make t-3 This should be handy when you're just trying to experiment with a new test and don't want to wait for the full test suite to run. Adding a Test ============= Please add more tests! The simplest way to add a test is (from t/): ./newtest This will prompt you for a simple name for the test and then copy a starting set of files from tests/00_basic. Implementation ============== Each test consists of a directory in t/tests/, which will cause the test suite to spin up an isolated apache instance and try to connect to it with gnutls-cli and make a simple HTTP 1.1 request. By default, these tests are expected to succeed, by having In each directory, you can put the following files: * apache.conf -- the apache configuration to be used * gnutls-cli.args -- the arguments to pass to gnutls-cli * input -- the full HTTP request (including the final blank line) * output [optional] -- the lines of this file will be checked against the same number of lines at the end of the output produced by the gnutls-cli process. * fail.server [optional] -- if this file exists, it means we expect the web server to fail to even start due to some serious configuration problem. * fail.client [optional] -- if this file exists, it means we expect the client to fail to fetch its file. If you already have fail.server, do not also specify this; we know that a failed server should result in a failed file retrieval. Robustness and Tuning ===================== These tests aren't nearly as robust as i'd like them to be, but they work for the moment and they're better than no tests at all. Here are some things that you might want to tune based on your expected setup (along with the variables that can be passed to "make check" to adjust them): * they need a functioning loopback device and expect (by default) to have IPv6 functionality. [TEST_IP] * they expect (by default) the IPv6 loopback to have port 9932 open. [TEST_PORT] * if a machine is particularly slow or under heavy load, it's possible that these tests will fail for timing reasons. [TEST_QUERY_DELAY (seconds for the http request to be sent and responded to)] and [TEST_GAP (seconds to wait between tests)] * they assume that the name "localhost" is associated with the IPv6 loopback address [TEST_HOST]