From c955255347f4ca514f26ad96a12524b38d235dee Mon Sep 17 00:00:00 2001 From: Simon Ruderich Date: Tue, 15 Mar 2011 21:27:49 +0100 Subject: [PATCH] tests: Separate common test data, move tests in tests-normal.sh. --- tests/Makefile.am | 2 +- tests/common.sh | 46 ++++++++++++++++ tests/tests-normal.sh | 112 +++++++++++++++++++++++++++++++++++++++ tests/tests.sh | 118 +----------------------------------------- 4 files changed, 161 insertions(+), 117 deletions(-) create mode 100644 tests/common.sh create mode 100755 tests/tests-normal.sh diff --git a/tests/Makefile.am b/tests/Makefile.am index 6ec752e..f41c6b0 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -1,5 +1,5 @@ TESTS = tests.sh -dist_check_SCRIPTS = tests.sh +dist_check_SCRIPTS = tests.sh tests-normal.sh common.sh check_PROGRAMS = client client_SOURCES = client.c diff --git a/tests/common.sh b/tests/common.sh new file mode 100644 index 0000000..05641db --- /dev/null +++ b/tests/common.sh @@ -0,0 +1,46 @@ +# Functions used by all tests. +# +# Copyright (C) 2011 Simon Ruderich +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +abort() { + echo abort + pkill -n gnutls-serv + pkill -n tlsproxy + exit 1 +} +server() { + gnutls-serv --http --port 4712 "$@" >/dev/null 2>/dev/null & +} +client() { + ./client ./proxy-ca.pem "$@" > tmp 2>&1 +} + +test_proxy_failure() { + grep 'proxy failure' tmp >/dev/null || abort + grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \ + || abort +} +test_proxy_successful() { + grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \ + || abort +} +test_invalid_certificate() { + grep 'certificate invalid' tmp >/dev/null || abort +} +test_no_invalid_certificate() { + grep 'certificate invalid' tmp >/dev/null && abort +} diff --git a/tests/tests-normal.sh b/tests/tests-normal.sh new file mode 100755 index 0000000..41b6e36 --- /dev/null +++ b/tests/tests-normal.sh @@ -0,0 +1,112 @@ +#!/bin/sh + +# Normal tlsproxy tests. +# +# Copyright (C) 2011 Simon Ruderich +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +# Handle empty $srcdir. +[ "x$srcdir" = x ] && srcdir=. + +. $srcdir/common.sh + + +# Create necessary files. +$srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null + +# Normal tests. +../src/tlsproxy -d2 4711 >/dev/null & +server --x509certfile $srcdir/server.pem \ + --x509keyfile $srcdir/server-key.pem +sleep 1 + + +echo invalid hostname +client unknown-host 80 - && abort +test_proxy_failure +test_no_invalid_certificate + +echo missing proxy and server certificate +client localhost 4712 invalid || abort +test_proxy_successful +test_invalid_certificate + +# Create the proxy certificate. +$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ + >/dev/null 2>/dev/null +rm -f certificate-localhost-server.pem + +echo missing server certificate +client localhost 4712 invalid || abort +test_proxy_successful +test_invalid_certificate + +# Create the proxy and server certificate. +$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ + >/dev/null 2>/dev/null + +echo normal connection +client localhost 4712 localhost || abort +test_proxy_successful +test_no_invalid_certificate + + +# Stop server and try a "MITM" with a bad certificate. +echo +pkill -n gnutls-serv +server --x509certfile $srcdir/server-bad.pem \ + --x509keyfile $srcdir/server-key.pem +sleep 1 + + +echo mitm invalid hostname +client unknown-host 80 - && abort +test_proxy_failure +test_no_invalid_certificate + +echo mitm missing proxy and server certificate +client localhost 4712 invalid || abort +test_proxy_successful +test_invalid_certificate + +# Create the proxy certificate. +$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ + >/dev/null 2>/dev/null +rm -f certificate-localhost-server.pem + +echo mitm missing server certificate +client localhost 4712 invalid || abort +test_proxy_successful +test_invalid_certificate + +# Create the proxy and server certificate. +$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ + >/dev/null 2>/dev/null + +echo mitm normal connection +client localhost 4712 invalid || abort +test_proxy_successful +test_invalid_certificate + + +pkill -n gnutls-serv +pkill -n tlsproxy + +rm -f tmp \ + certificate-localhost-proxy.pem certificate-localhost-server.pem \ + proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem + +exit 0 diff --git a/tests/tests.sh b/tests/tests.sh index 13735a0..0dc7912 100755 --- a/tests/tests.sh +++ b/tests/tests.sh @@ -21,119 +21,5 @@ # Handle empty $srcdir. [ "x$srcdir" = x ] && srcdir=. -abort() { - echo abort - pkill -n gnutls-serv - pkill -n tlsproxy - exit 1 -} -server() { - gnutls-serv --http --port 4712 "$@" >/dev/null 2>/dev/null & -} -client() { - ./client ./proxy-ca.pem "$@" > tmp 2>&1 -} - -test_proxy_failure() { - grep 'proxy failure' tmp >/dev/null || abort - grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \ - || abort -} -test_proxy_successful() { - grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \ - || abort -} -test_invalid_certificate() { - grep 'certificate invalid' tmp >/dev/null || abort -} -test_no_invalid_certificate() { - grep 'certificate invalid' tmp >/dev/null && abort -} - - -# Create necessary files. -$srcdir/../src/tlsproxy-setup >/dev/null 2>/dev/null - -# Normal tests. -../src/tlsproxy -d2 4711 >/dev/null & -server --x509certfile $srcdir/server.pem \ - --x509keyfile $srcdir/server-key.pem -sleep 1 - - -echo invalid hostname -client unknown-host 80 - && abort -test_proxy_failure -test_no_invalid_certificate - -echo missing proxy and server certificate -client localhost 4712 invalid || abort -test_proxy_successful -test_invalid_certificate - -# Create the proxy certificate. -$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ - >/dev/null 2>/dev/null -rm -f certificate-localhost-server.pem - -echo missing server certificate -client localhost 4712 invalid || abort -test_proxy_successful -test_invalid_certificate - -# Create the proxy and server certificate. -$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ - >/dev/null 2>/dev/null - -echo normal connection -client localhost 4712 localhost || abort -test_proxy_successful -test_no_invalid_certificate - - -# Stop server and try a "MITM" with a bad certificate. -echo -pkill -n gnutls-serv -server --x509certfile $srcdir/server-bad.pem \ - --x509keyfile $srcdir/server-key.pem -sleep 1 - - -echo mitm invalid hostname -client unknown-host 80 - && abort -test_proxy_failure -test_no_invalid_certificate - -echo mitm missing proxy and server certificate -client localhost 4712 invalid || abort -test_proxy_successful -test_invalid_certificate - -# Create the proxy certificate. -$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ - >/dev/null 2>/dev/null -rm -f certificate-localhost-server.pem - -echo mitm missing server certificate -client localhost 4712 invalid || abort -test_proxy_successful -test_invalid_certificate - -# Create the proxy and server certificate. -$srcdir/../src/tlsproxy-add localhost $srcdir/server.pem \ - >/dev/null 2>/dev/null - -echo mitm normal connection -client localhost 4712 invalid || abort -test_proxy_successful -test_invalid_certificate - - -pkill -n gnutls-serv -pkill -n tlsproxy - -rm -f tmp \ - certificate-localhost-proxy.pem certificate-localhost-server.pem \ - proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem - -exit 0 +echo "RUNNING NORMAL TESTS" +$srcdir/tests-normal.sh -- 2.45.2