X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=blobdiff_plain;f=tests%2Fcommon.sh;h=74165f658b1ece7b32056e6de6bb3a3c2783cde4;hp=587b5f897f56e3b97b5c61a7addb07bd3a824d57;hb=7eba49d24d56288d83746f3f0ce383d7c0c36552;hpb=cf65dc05b04654c77b71d881e3196c2b5fa3d715 diff --git a/tests/common.sh b/tests/common.sh index 587b5f8..74165f6 100644 --- a/tests/common.sh +++ b/tests/common.sh @@ -1,6 +1,6 @@ # Functions used by all tests. # -# Copyright (C) 2011-2013 Simon Ruderich +# Copyright (C) 2011-2014 Simon Ruderich # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -19,30 +19,82 @@ set -e +# Terminate all running servers when the script terminates. +trap 'stop_servers' 0 +# Same when the user presses Ctrl-C. +trap 'abort SIGINT' INT + + cleanup() { rm -f \ - certificate-localhost-proxy.pem certificate-localhost-server.pem \ - proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem + tmp tlsproxy-log gnutls-serv-log \ + certificate-localhost-proxy.pem certificate-localhost-server.pem } stop_servers() { - kill $pid_server || echo 'failed to kill gnutls-serv' - kill $pid_tlsproxy || echo 'failed to kill tlsproxy' + if test -n "$pid_server"; then + kill $pid_server || echo 'failed to kill gnutls-serv' + fi + if test -n "$pid_tlsproxy"; then + kill $pid_tlsproxy || echo 'failed to kill tlsproxy' + fi } abort() { echo "abort: $*" stop_servers exit 1 } -tlsproxy() { - ../src/tlsproxy -d2 "$@" >/dev/null & +tlsproxy_setup() { + # Don't waste time running `tlsproxy-setup` when all files are still + # present. + if test -f proxy-ca-key.pem && + test -f proxy-ca.pem && + test -f proxy-dh.pem && + test -f proxy-invalid.pem && + test -f proxy-key.pem + then + return + fi + + "$srcdir/../src/tlsproxy-setup" >/dev/null 2>&1 +} +tlsproxy_add() { + # `make distcheck` marks the source PEM-file as read-only which is copied + # over when using `cp`. This causes a check failure when tlsproxy_add() is + # called again with the same hostname. Instead use redirection which + # doesn't use `cp`. + "$srcdir/../src/tlsproxy-add" "$1" <"$srcdir/$2" >/dev/null 2>&1 +} +tlsproxy_background() { + #valgrind --leak-check=full --error-exitcode=1 --track-fds=yes \ + ../src/tlsproxy -d3 "$@" >tlsproxy-log 2>&1 & pid_tlsproxy=$! } -server() { - gnutls-serv --http --port 4712 "$@" >/dev/null 2>&1 & +server_background() { + gnutls-serv --http --port 4712 --debug 10 "$@" >gnutls-serv-log 2>&1 & pid_server=$! } client() { - ./client ./proxy-ca.pem "$@" > tmp 2>&1 + ./client ./proxy-ca.pem "$@" >tmp 2>&1 +} + +wait_for_ports() { + for x in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do + sleep 1 + + # Check if each given port can be reached. + ready=1 + for port in "$@"; do + printf 'invalid request\r\n\r\n' \ + | nc localhost "$port" >/dev/null 2>&1 \ + || ready= + done + + if test -n "$ready"; then + break + fi + + echo "waiting for ports $* ..." + done } test_proxy_failure() { @@ -51,6 +103,16 @@ test_proxy_failure() { grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \ || abort 'test_proxy_failure 2' } +test_proxy_authentication_failure() { + grep 'proxy failure' tmp >/dev/null \ + || abort 'test_proxy_authentication_failure' + grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \ + || abort 'test_proxy_authentication_failure 2' +} +test_authentication_missing() { + grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \ + || abort 'test_authentication_missing' +} test_proxy_successful() { grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \ || abort 'test_proxy_successful'