X-Git-Url: https://ruderich.org/simon/gitweb/?p=tlsproxy%2Ftlsproxy.git;a=blobdiff_plain;f=tests%2Fcommon.sh;h=74165f658b1ece7b32056e6de6bb3a3c2783cde4;hp=8b93ce41b2f722fea6d1bd942b0b9b63b0fc780f;hb=7eba49d24d56288d83746f3f0ce383d7c0c36552;hpb=3407f290e07d17e850a1756aebee4354db83ce71 diff --git a/tests/common.sh b/tests/common.sh index 8b93ce4..74165f6 100644 --- a/tests/common.sh +++ b/tests/common.sh @@ -1,6 +1,6 @@ # Functions used by all tests. # -# Copyright (C) 2011-2013 Simon Ruderich +# Copyright (C) 2011-2014 Simon Ruderich # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -19,25 +19,82 @@ set -e +# Terminate all running servers when the script terminates. +trap 'stop_servers' 0 +# Same when the user presses Ctrl-C. +trap 'abort SIGINT' INT + + cleanup() { rm -f \ - certificate-localhost-proxy.pem certificate-localhost-server.pem \ - proxy-ca-key.pem proxy-ca.pem proxy-invalid.pem proxy-key.pem + tmp tlsproxy-log gnutls-serv-log \ + certificate-localhost-proxy.pem certificate-localhost-server.pem } stop_servers() { - pkill -n gnutls-serv - pkill -n tlsproxy + if test -n "$pid_server"; then + kill $pid_server || echo 'failed to kill gnutls-serv' + fi + if test -n "$pid_tlsproxy"; then + kill $pid_tlsproxy || echo 'failed to kill tlsproxy' + fi } abort() { echo "abort: $*" stop_servers exit 1 } -server() { - gnutls-serv --http --port 4712 "$@" >/dev/null 2>&1 & +tlsproxy_setup() { + # Don't waste time running `tlsproxy-setup` when all files are still + # present. + if test -f proxy-ca-key.pem && + test -f proxy-ca.pem && + test -f proxy-dh.pem && + test -f proxy-invalid.pem && + test -f proxy-key.pem + then + return + fi + + "$srcdir/../src/tlsproxy-setup" >/dev/null 2>&1 +} +tlsproxy_add() { + # `make distcheck` marks the source PEM-file as read-only which is copied + # over when using `cp`. This causes a check failure when tlsproxy_add() is + # called again with the same hostname. Instead use redirection which + # doesn't use `cp`. + "$srcdir/../src/tlsproxy-add" "$1" <"$srcdir/$2" >/dev/null 2>&1 +} +tlsproxy_background() { + #valgrind --leak-check=full --error-exitcode=1 --track-fds=yes \ + ../src/tlsproxy -d3 "$@" >tlsproxy-log 2>&1 & + pid_tlsproxy=$! +} +server_background() { + gnutls-serv --http --port 4712 --debug 10 "$@" >gnutls-serv-log 2>&1 & + pid_server=$! } client() { - ./client ./proxy-ca.pem "$@" > tmp 2>&1 + ./client ./proxy-ca.pem "$@" >tmp 2>&1 +} + +wait_for_ports() { + for x in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20; do + sleep 1 + + # Check if each given port can be reached. + ready=1 + for port in "$@"; do + printf 'invalid request\r\n\r\n' \ + | nc localhost "$port" >/dev/null 2>&1 \ + || ready= + done + + if test -n "$ready"; then + break + fi + + echo "waiting for ports $* ..." + done } test_proxy_failure() { @@ -46,6 +103,16 @@ test_proxy_failure() { grep 'response: HTTP/1.0 503 Forwarding failure' tmp >/dev/null \ || abort 'test_proxy_failure 2' } +test_proxy_authentication_failure() { + grep 'proxy failure' tmp >/dev/null \ + || abort 'test_proxy_authentication_failure' + grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \ + || abort 'test_proxy_authentication_failure 2' +} +test_authentication_missing() { + grep 'response: HTTP/1.0 407 Proxy Authentication Required' tmp >/dev/null \ + || abort 'test_authentication_missing' +} test_proxy_successful() { grep 'response: HTTP/1.0 200 Connection established' tmp >/dev/null \ || abort 'test_proxy_successful'