# Functions used by all tests.
#
-# Copyright (C) 2011-2012 Simon Ruderich
+# Copyright (C) 2011-2014 Simon Ruderich
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# along with this program. If not, see <http://www.gnu.org/licenses/>.
+set -e
+
+
+# Terminate all running servers when the script terminates.
+trap 'stop_servers' 0
+# Same when the user presses Ctrl-C.
+trap 'abort SIGINT' INT
+
+
cleanup() {
rm -f \
- certificate-localhost-proxy.pem certificate-localhost-server.pem \
- proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem
+ tmp tlsproxy-log gnutls-serv-log \
+ certificate-localhost-proxy.pem certificate-localhost-server.pem
+}
+stop_servers() {
+ if test -n "$pid_server"; then
+ kill $pid_server || echo 'failed to kill gnutls-serv'
+ fi
+ if test -n "$pid_tlsproxy"; then
+ kill $pid_tlsproxy || echo 'failed to kill tlsproxy'
+ fi
}
abort() {
- echo abort
- pkill -n gnutls-serv
- pkill -n tlsproxy
+ echo "abort: $*"
+ stop_servers
exit 1
}
-server() {
- gnutls-serv --http --port 4712 "$@" >/dev/null 2>/dev/null &
+tlsproxy_setup() {
+ # Don't waste time running `tlsproxy-setup` when all files are still
+ # present.
+ if test -f proxy-ca-key.pem &&
+ test -f proxy-ca.pem &&
+ test -f proxy-dh.pem &&
+ test -f proxy-invalid.pem &&
+ test -f proxy-key.pem
+ then
+ return
+ fi
+
+ "$srcdir/../src/tlsproxy-setup" >/dev/null 2>&1
+}
+tlsproxy_add() {
+ # `make distcheck` marks the source PEM-file as read-only which is copied
+ # over when using `cp`. This causes a check failure when tlsproxy_add() is
+ # called again with the same hostname. Instead use redirection which
+ # doesn't use `cp`.
+ "$srcdir/../src/tlsproxy-add" "$1" <"$srcdir/$2" >/dev/null 2>&1
+}
+tlsproxy_background() {
+ #valgrind --leak-check=full --error-exitcode=1 --track-fds=yes \
+ ../src/tlsproxy -d3 "$@" >tlsproxy-log 2>&1 &
+ pid_tlsproxy=$!
+}
+server_background() {
+ gnutls-serv --http --port 4712 --debug 10 "$@" >gnutls-serv-log 2>&1 &
+ pid_server=$!
}
client() {
- ./client ./proxy-ca.pem "$@" > tmp 2>&1
+ ./client ./proxy-ca.pem "$@" >tmp 2>&1
+}
+
+wait_for_ports() {
+ for x in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do
+ sleep 1
+
+ # Check if each given port can be reached.
+ ready=1
+ for port in "$@"; do
+ printf 'invalid request\r\n\r\n' \
+ | nc localhost "$port" >/dev/null 2>&1 \
+ || ready=
+ done
+
+ if test -n "$ready"; then
+ break
+ fi
+
+ echo "waiting for ports $* ..."
+ done
}
test_proxy_failure() {
- grep 'proxy failure' tmp >/dev/null || abort
+ grep 'proxy failure' tmp >/dev/null \
+ || abort 'test_proxy_failure'
grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \
- || abort
+ || abort 'test_proxy_failure 2'
+}
+test_proxy_authentication_failure() {
+ grep 'proxy failure' tmp >/dev/null \
+ || abort 'test_proxy_authentication_failure'
+ grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \
+ || abort 'test_proxy_authentication_failure 2'
+}
+test_authentication_missing() {
+ grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \
+ || abort 'test_authentication_missing'
}
test_proxy_successful() {
grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \
- || abort
+ || abort 'test_proxy_successful'
}
test_invalid_certificate() {
- grep 'certificate invalid' tmp >/dev/null || abort
+ grep 'certificate invalid' tmp >/dev/null \
+ || abort 'test_invalid_certificate'
}
test_no_invalid_certificate() {
- grep 'certificate invalid' tmp >/dev/null && abort
+ grep 'certificate invalid' tmp >/dev/null \
+ && abort 'test_no_invalid_certificate' || true
}
ruderich.org/simon / tlsproxy / tlsproxy.git / blobdiff