aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Fandrich <dan@coneharvesters.com>2007-03-08 02:38:49 +0000
committerDan Fandrich <dan@coneharvesters.com>2007-03-08 02:38:49 +0000
commit1bfa7dfe39ec74cbec28808969ba8320f0807ae4 (patch)
tree969d2808edbe0ae257a8e0eb12268e946e528354
parent85daec253cf5a6e1eb3f023e76180f553c715de8 (diff)
Added test infrastructure to support basic FTPS tests. This currently
supports only ftps:// URLs with --ftp-ssl-control specified, which implicitly encrypts the control channel but not the data channels. That allows stunnel to be used with an unmodified ftp server in exactly the same way that the test https server is set up. Added test case 400 as a basic FTPS test.
-rw-r--r--tests/README24
-rw-r--r--tests/data/Makefile.am2
-rw-r--r--tests/data/test40061
-rw-r--r--tests/httpsserver.pl16
-rwxr-xr-xtests/runtests.pl93
5 files changed, 175 insertions, 21 deletions
diff --git a/tests/README b/tests/README
index b7fb2c86d..7e7e63242 100644
--- a/tests/README
+++ b/tests/README
@@ -13,13 +13,17 @@ Requires:
TCP ports used:
- - 8999 on localhost for HTTP tests
- - 8433 on localhost for HTTPS tests
- - 8921 on localhost for FTP tests
- - 8821 on localhost for FTPS tests (currently disabled)
-
- The test suite runs simple FTP and HTTP servers on these ports to which
- it makes requests.
+ - 8990 on localhost for HTTP tests
+ - 8991 on localhost for HTTPS tests
+ - 8994 on localhost for HTTP IPv6 tests
+ - 8992 on localhost for FTP tests
+ - 8995 on localhost for FTP (2) tests
+ - 8993 on localhost for FTPS tests
+ - 8996 on localhost for FTP IPv6 tests
+ - 8997 on localhost for TFTP tests
+
+ The test suite runs simple FTP, HTTP and TFTP servers on these ports to
+ which it makes requests.
Run:
'make test'. This invokes the 'runtests.pl' perl script. Edit the top
@@ -57,12 +61,12 @@ Debug:
(gdb) where
Logs:
- All logs are generated in the logs/ subdirctory (it is emptied first
+ All logs are generated in the logs/ subdirectory (it is emptied first
in the runtests.pl script). Use runtests.pl -k to keep the temporary files
after the test run.
Data:
- All test cases are put in the data/ subdirctory. Each test is stored in the
+ All test cases are put in the data/ subdirectory. Each test is stored in the
file named according to the test number.
See FILEFORMAT for the description of the test case files.
@@ -85,4 +89,4 @@ TEST CASE NUMBERS
TODO:
- * Add tests for TELNET, LDAP, DICT...
+ * Add tests for TELNET, LDAP, DICT, SCP, SFTP...
diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
index c8c36bedb..440588511 100644
--- a/tests/data/Makefile.am
+++ b/tests/data/Makefile.am
@@ -37,4 +37,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \
test274 test275 test524 test525 test276 test277 test526 test527 test528 \
test530 DISABLED test278 test279 test531 test280 test529 test532 test533 \
test534 test535 test281 test537 test282 test283 test284 test538 test285 \
- test286 test307 test308 test287
+ test286 test307 test308 test287 test400
diff --git a/tests/data/test400 b/tests/data/test400
new file mode 100644
index 000000000..aa587a387
--- /dev/null
+++ b/tests/data/test400
@@ -0,0 +1,61 @@
+<testcase>
+<info>
+<keywords>
+FTPS
+PASV
+LIST
+</keywords>
+</info>
+#
+# Server-side
+<reply>
+# When doing LIST, we get the default list output hard-coded in the test
+# FTPS server
+<datacheck>
+total 20
+drwxr-xr-x 8 98 98 512 Oct 22 13:06 .
+drwxr-xr-x 8 98 98 512 Oct 22 13:06 ..
+drwxr-xr-x 2 98 98 512 May 2 1996 .NeXT
+-r--r--r-- 1 0 1 35 Jul 16 1996 README
+lrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin
+dr-xr-xr-x 2 0 1 512 Oct 1 1997 dev
+drwxrwxrwx 2 98 98 512 May 29 16:04 download.html
+dr-xr-xr-x 2 0 1 512 Nov 30 1995 etc
+drwxrwxrwx 2 98 1 512 Oct 30 14:33 pub
+dr-xr-xr-x 5 0 1 512 Oct 1 1997 usr
+</datacheck>
+</reply>
+
+#
+# Client-side
+<client>
+<server>
+ftps
+</server>
+ <name>
+FTPS dir list PASV unencrypted data
+ </name>
+ <command>
+-k --ftp-ssl-control ftps://%HOSTIP:%FTPSPORT/
+</command>
+</client>
+
+#
+# Verify data after the test has been "shot"
+<verify>
+<strip>
+filter off really nothing
+</strip>
+<protocol>
+USER anonymous
+PASS ftp@example.com
+PBSZ 0
+PROT C
+PWD
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol>
+</verify>
+</testcase>
diff --git a/tests/httpsserver.pl b/tests/httpsserver.pl
index be4b843ad..648b148df 100644
--- a/tests/httpsserver.pl
+++ b/tests/httpsserver.pl
@@ -1,7 +1,7 @@
#!/usr/bin/env perl
#
# $Id$
-# This is the HTTPS server designed for the curl test suite.
+# This is the HTTPS and FTPS server designed for the curl test suite.
#
# It is actually just a layer that runs stunnel properly.
@@ -18,14 +18,16 @@ my $stunnel = "stunnel";
my $verbose=0; # set to 1 for debugging
-my $port = 8433; # just our default, weird enough
-my $target_port = 8999; # test http-server port
+my $port = 8991; # just our default, weird enough
+my $target_port = 8999; # default test http-server port
my $path = `pwd`;
chomp $path;
my $srcdir=$path;
+my $proto='https';
+
do {
if($ARGV[0] eq "-v") {
$verbose=1;
@@ -33,6 +35,10 @@ do {
if($ARGV[0] eq "-w") {
return 0; # return success, means we have stunnel working!
}
+ elsif($ARGV[0] eq "-p") {
+ $proto=$ARGV[1];
+ shift @ARGV;
+ }
elsif($ARGV[0] eq "-r") {
$target_port=$ARGV[1];
shift @ARGV;
@@ -52,7 +58,7 @@ do {
my $conffile="$path/stunnel.conf"; # stunnel configuration data
my $certfile="$srcdir/stunnel.pem"; # stunnel server certificate
-my $pidfile="$path/.https.pid"; # stunnel process pid file
+my $pidfile="$path/.$proto.pid"; # stunnel process pid file
open(CONF, ">$conffile") || return 1;
print CONF "
@@ -79,7 +85,7 @@ my $version_ge_4=system("$stunnel -V 2>&1|grep '^stunnel.* on '>/dev/null 2>&1")
if ($version_ge_4) { $cmd="$stunnel $conffile"; }
if($verbose) {
- print "HTTPS server: $cmd\n";
+ print uc($proto)." server: $cmd\n";
}
my $rc = system($cmd);
diff --git a/tests/runtests.pl b/tests/runtests.pl
index c2f561b43..aeff8b4fa 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -480,7 +480,11 @@ sub verifyftp {
my ($proto, $ip, $port) = @_;
my $pid;
my $time=time();
- my $cmd="$CURL -m$server_response_maxtime --silent -vg \"$proto://$ip:$port/verifiedserver\" 2>log/verifyftp";
+ my $extra;
+ if($proto eq "ftps") {
+ $extra = "-k --ftp-ssl-control ";
+ }
+ my $cmd="$CURL -m$server_response_maxtime --silent -vg $extra\"$proto://$ip:$port/verifiedserver\" 2>log/verifyftp";
# check if this is our server running on this port:
my @data=`$cmd`;
logmsg "RUN: $cmd\n" if($verbose);
@@ -518,6 +522,7 @@ sub verifyftp {
my %protofunc = ('http' => \&verifyhttp,
'https' => \&verifyhttp,
'ftp' => \&verifyftp,
+ 'ftps' => \&verifyftp,
'tftp' => \&verifyftp);
sub verifyserver {
@@ -628,7 +633,7 @@ sub runhttpsserver {
}
my $flag=$debugprotocol?"-v ":"";
- my $cmd="$perl $srcdir/httpsserver.pl $flag -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
+ my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT";
my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE);
@@ -722,6 +727,60 @@ sub runftpserver {
}
#######################################################################
+# start the ftps server (or rather, tunnel)
+#
+sub runftpsserver {
+ my ($verbose, $ipv6) = @_;
+ my $STATUS;
+ my $RUNNING;
+ my $ip = $HOSTIP;
+
+ if(!$stunnel) {
+ return 0;
+ }
+
+ if($ipv6) {
+ # not complete yet
+ $ip = $HOST6IP;
+ }
+
+ my $pid=checkserver($FTPSPIDFILE);
+
+ if($pid > 0) {
+ # kill previous stunnel!
+ stopserver($pid);
+ }
+
+ my $flag=$debugprotocol?"-v ":"";
+ my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT";
+
+ my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE);
+
+ if(!kill(0, $ftpspid)) {
+ # it is NOT alive
+ logmsg "RUN: failed to start the FTPS server!\n";
+ stopservers($verbose);
+ return(0,0);
+ }
+
+ # Server is up. Verify that we can speak to it.
+ if(!verifyserver("ftps", $ip, $FTPSPORT)) {
+ logmsg "RUN: FTPS server failed verification\n";
+ # failed to talk to it properly. Kill the server and return failure
+ stopserver("$ftpspid $pid2");
+ return (0,0);
+ }
+
+ if($verbose) {
+ logmsg "RUN: FTPS server is now running PID $ftpspid\n";
+ }
+
+ sleep(1);
+
+ return ($ftpspid, $pid2);
+}
+
+#######################################################################
# start the tftp server
#
sub runtftpserver {
@@ -1072,7 +1131,7 @@ sub checksystem {
logmsg sprintf("* FTP port: %d\n", $FTPPORT);
logmsg sprintf("* FTP port 2: %d\n", $FTP2PORT);
if($stunnel) {
- #logmsg sprintf("* FTPS port: %d\n", $FTPSPORT);
+ logmsg sprintf("* FTPS port: %d\n", $FTPSPORT);
logmsg sprintf("* HTTPS port: %d\n", $HTTPSPORT);
}
if($http_ipv6) {
@@ -1890,8 +1949,32 @@ sub startservers {
}
}
elsif($what eq "ftps") {
- # we can't run ftps tests at all for the moment
- return "test suite lacks FTPS support";
+ if(!$stunnel) {
+ # we can't run ftps tests without stunnel
+ return "no stunnel";
+ }
+ if(!$ssl_version) {
+ # we can't run ftps tests if libcurl is SSL-less
+ return "curl lacks SSL support";
+ }
+
+ if(!$run{'ftp'}) {
+ ($pid, $pid2) = runftpserver("", $verbose);
+ if($pid <= 0) {
+ return "failed starting FTP server";
+ }
+ printf ("* pid ftp => %d %d\n", $pid, $pid2) if($verbose);
+ $run{'ftp'}="$pid $pid2";
+ }
+ if(!$run{'ftps'}) {
+ ($pid, $pid2) = runftpsserver($verbose);
+ if($pid <= 0) {
+ return "failed starting FTPS server (stunnel)";
+ }
+ logmsg sprintf("* pid ftps => %d %d\n", $pid, $pid2)
+ if($verbose);
+ $run{'ftps'}="$pid $pid2";
+ }
}
elsif($what eq "file") {
# we support it but have no server!