diff options
author | Dan Fandrich <dan@coneharvesters.com> | 2007-03-08 02:38:49 +0000 |
---|---|---|
committer | Dan Fandrich <dan@coneharvesters.com> | 2007-03-08 02:38:49 +0000 |
commit | 1bfa7dfe39ec74cbec28808969ba8320f0807ae4 (patch) | |
tree | 969d2808edbe0ae257a8e0eb12268e946e528354 | |
parent | 85daec253cf5a6e1eb3f023e76180f553c715de8 (diff) |
Added test infrastructure to support basic FTPS tests. This currently
supports only ftps:// URLs with --ftp-ssl-control specified, which
implicitly encrypts the control channel but not the data channels. That
allows stunnel to be used with an unmodified ftp server in exactly the
same way that the test https server is set up.
Added test case 400 as a basic FTPS test.
-rw-r--r-- | tests/README | 24 | ||||
-rw-r--r-- | tests/data/Makefile.am | 2 | ||||
-rw-r--r-- | tests/data/test400 | 61 | ||||
-rw-r--r-- | tests/httpsserver.pl | 16 | ||||
-rwxr-xr-x | tests/runtests.pl | 93 |
5 files changed, 175 insertions, 21 deletions
diff --git a/tests/README b/tests/README index b7fb2c86d..7e7e63242 100644 --- a/tests/README +++ b/tests/README @@ -13,13 +13,17 @@ Requires: TCP ports used: - - 8999 on localhost for HTTP tests - - 8433 on localhost for HTTPS tests - - 8921 on localhost for FTP tests - - 8821 on localhost for FTPS tests (currently disabled) - - The test suite runs simple FTP and HTTP servers on these ports to which - it makes requests. + - 8990 on localhost for HTTP tests + - 8991 on localhost for HTTPS tests + - 8994 on localhost for HTTP IPv6 tests + - 8992 on localhost for FTP tests + - 8995 on localhost for FTP (2) tests + - 8993 on localhost for FTPS tests + - 8996 on localhost for FTP IPv6 tests + - 8997 on localhost for TFTP tests + + The test suite runs simple FTP, HTTP and TFTP servers on these ports to + which it makes requests. Run: 'make test'. This invokes the 'runtests.pl' perl script. Edit the top @@ -57,12 +61,12 @@ Debug: (gdb) where Logs: - All logs are generated in the logs/ subdirctory (it is emptied first + All logs are generated in the logs/ subdirectory (it is emptied first in the runtests.pl script). Use runtests.pl -k to keep the temporary files after the test run. Data: - All test cases are put in the data/ subdirctory. Each test is stored in the + All test cases are put in the data/ subdirectory. Each test is stored in the file named according to the test number. See FILEFORMAT for the description of the test case files. @@ -85,4 +89,4 @@ TEST CASE NUMBERS TODO: - * Add tests for TELNET, LDAP, DICT... + * Add tests for TELNET, LDAP, DICT, SCP, SFTP... diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index c8c36bedb..440588511 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -37,4 +37,4 @@ EXTRA_DIST = test1 test108 test117 test127 test20 test27 test34 test46 \ test274 test275 test524 test525 test276 test277 test526 test527 test528 \ test530 DISABLED test278 test279 test531 test280 test529 test532 test533 \ test534 test535 test281 test537 test282 test283 test284 test538 test285 \ - test286 test307 test308 test287 + test286 test307 test308 test287 test400 diff --git a/tests/data/test400 b/tests/data/test400 new file mode 100644 index 000000000..aa587a387 --- /dev/null +++ b/tests/data/test400 @@ -0,0 +1,61 @@ +<testcase> +<info> +<keywords> +FTPS +PASV +LIST +</keywords> +</info> +# +# Server-side +<reply> +# When doing LIST, we get the default list output hard-coded in the test +# FTPS server +<datacheck> +total 20 +drwxr-xr-x 8 98 98 512 Oct 22 13:06 . +drwxr-xr-x 8 98 98 512 Oct 22 13:06 .. +drwxr-xr-x 2 98 98 512 May 2 1996 .NeXT +-r--r--r-- 1 0 1 35 Jul 16 1996 README +lrwxrwxrwx 1 0 1 7 Dec 9 1999 bin -> usr/bin +dr-xr-xr-x 2 0 1 512 Oct 1 1997 dev +drwxrwxrwx 2 98 98 512 May 29 16:04 download.html +dr-xr-xr-x 2 0 1 512 Nov 30 1995 etc +drwxrwxrwx 2 98 1 512 Oct 30 14:33 pub +dr-xr-xr-x 5 0 1 512 Oct 1 1997 usr +</datacheck> +</reply> + +# +# Client-side +<client> +<server> +ftps +</server> + <name> +FTPS dir list PASV unencrypted data + </name> + <command> +-k --ftp-ssl-control ftps://%HOSTIP:%FTPSPORT/ +</command> +</client> + +# +# Verify data after the test has been "shot" +<verify> +<strip> +filter off really nothing +</strip> +<protocol> +USER anonymous
+PASS ftp@example.com
+PBSZ 0
+PROT C
+PWD
+EPSV
+TYPE A
+LIST
+QUIT
+</protocol> +</verify> +</testcase> diff --git a/tests/httpsserver.pl b/tests/httpsserver.pl index be4b843ad..648b148df 100644 --- a/tests/httpsserver.pl +++ b/tests/httpsserver.pl @@ -1,7 +1,7 @@ #!/usr/bin/env perl # # $Id$ -# This is the HTTPS server designed for the curl test suite. +# This is the HTTPS and FTPS server designed for the curl test suite. # # It is actually just a layer that runs stunnel properly. @@ -18,14 +18,16 @@ my $stunnel = "stunnel"; my $verbose=0; # set to 1 for debugging -my $port = 8433; # just our default, weird enough -my $target_port = 8999; # test http-server port +my $port = 8991; # just our default, weird enough +my $target_port = 8999; # default test http-server port my $path = `pwd`; chomp $path; my $srcdir=$path; +my $proto='https'; + do { if($ARGV[0] eq "-v") { $verbose=1; @@ -33,6 +35,10 @@ do { if($ARGV[0] eq "-w") { return 0; # return success, means we have stunnel working! } + elsif($ARGV[0] eq "-p") { + $proto=$ARGV[1]; + shift @ARGV; + } elsif($ARGV[0] eq "-r") { $target_port=$ARGV[1]; shift @ARGV; @@ -52,7 +58,7 @@ do { my $conffile="$path/stunnel.conf"; # stunnel configuration data my $certfile="$srcdir/stunnel.pem"; # stunnel server certificate -my $pidfile="$path/.https.pid"; # stunnel process pid file +my $pidfile="$path/.$proto.pid"; # stunnel process pid file open(CONF, ">$conffile") || return 1; print CONF " @@ -79,7 +85,7 @@ my $version_ge_4=system("$stunnel -V 2>&1|grep '^stunnel.* on '>/dev/null 2>&1") if ($version_ge_4) { $cmd="$stunnel $conffile"; } if($verbose) { - print "HTTPS server: $cmd\n"; + print uc($proto)." server: $cmd\n"; } my $rc = system($cmd); diff --git a/tests/runtests.pl b/tests/runtests.pl index c2f561b43..aeff8b4fa 100755 --- a/tests/runtests.pl +++ b/tests/runtests.pl @@ -480,7 +480,11 @@ sub verifyftp { my ($proto, $ip, $port) = @_; my $pid; my $time=time(); - my $cmd="$CURL -m$server_response_maxtime --silent -vg \"$proto://$ip:$port/verifiedserver\" 2>log/verifyftp"; + my $extra; + if($proto eq "ftps") { + $extra = "-k --ftp-ssl-control "; + } + my $cmd="$CURL -m$server_response_maxtime --silent -vg $extra\"$proto://$ip:$port/verifiedserver\" 2>log/verifyftp"; # check if this is our server running on this port: my @data=`$cmd`; logmsg "RUN: $cmd\n" if($verbose); @@ -518,6 +522,7 @@ sub verifyftp { my %protofunc = ('http' => \&verifyhttp, 'https' => \&verifyhttp, 'ftp' => \&verifyftp, + 'ftps' => \&verifyftp, 'tftp' => \&verifyftp); sub verifyserver { @@ -628,7 +633,7 @@ sub runhttpsserver { } my $flag=$debugprotocol?"-v ":""; - my $cmd="$perl $srcdir/httpsserver.pl $flag -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT"; + my $cmd="$perl $srcdir/httpsserver.pl $flag -p https -s \"$stunnel\" -d $srcdir -r $HTTPPORT $HTTPSPORT"; my ($httpspid, $pid2) = startnew($cmd, $HTTPSPIDFILE); @@ -722,6 +727,60 @@ sub runftpserver { } ####################################################################### +# start the ftps server (or rather, tunnel) +# +sub runftpsserver { + my ($verbose, $ipv6) = @_; + my $STATUS; + my $RUNNING; + my $ip = $HOSTIP; + + if(!$stunnel) { + return 0; + } + + if($ipv6) { + # not complete yet + $ip = $HOST6IP; + } + + my $pid=checkserver($FTPSPIDFILE); + + if($pid > 0) { + # kill previous stunnel! + stopserver($pid); + } + + my $flag=$debugprotocol?"-v ":""; + my $cmd="$perl $srcdir/httpsserver.pl $flag -p ftps -s \"$stunnel\" -d $srcdir -r $FTPPORT $FTPSPORT"; + + my ($ftpspid, $pid2) = startnew($cmd, $FTPSPIDFILE); + + if(!kill(0, $ftpspid)) { + # it is NOT alive + logmsg "RUN: failed to start the FTPS server!\n"; + stopservers($verbose); + return(0,0); + } + + # Server is up. Verify that we can speak to it. + if(!verifyserver("ftps", $ip, $FTPSPORT)) { + logmsg "RUN: FTPS server failed verification\n"; + # failed to talk to it properly. Kill the server and return failure + stopserver("$ftpspid $pid2"); + return (0,0); + } + + if($verbose) { + logmsg "RUN: FTPS server is now running PID $ftpspid\n"; + } + + sleep(1); + + return ($ftpspid, $pid2); +} + +####################################################################### # start the tftp server # sub runtftpserver { @@ -1072,7 +1131,7 @@ sub checksystem { logmsg sprintf("* FTP port: %d\n", $FTPPORT); logmsg sprintf("* FTP port 2: %d\n", $FTP2PORT); if($stunnel) { - #logmsg sprintf("* FTPS port: %d\n", $FTPSPORT); + logmsg sprintf("* FTPS port: %d\n", $FTPSPORT); logmsg sprintf("* HTTPS port: %d\n", $HTTPSPORT); } if($http_ipv6) { @@ -1890,8 +1949,32 @@ sub startservers { } } elsif($what eq "ftps") { - # we can't run ftps tests at all for the moment - return "test suite lacks FTPS support"; + if(!$stunnel) { + # we can't run ftps tests without stunnel + return "no stunnel"; + } + if(!$ssl_version) { + # we can't run ftps tests if libcurl is SSL-less + return "curl lacks SSL support"; + } + + if(!$run{'ftp'}) { + ($pid, $pid2) = runftpserver("", $verbose); + if($pid <= 0) { + return "failed starting FTP server"; + } + printf ("* pid ftp => %d %d\n", $pid, $pid2) if($verbose); + $run{'ftp'}="$pid $pid2"; + } + if(!$run{'ftps'}) { + ($pid, $pid2) = runftpsserver($verbose); + if($pid <= 0) { + return "failed starting FTPS server (stunnel)"; + } + logmsg sprintf("* pid ftps => %d %d\n", $pid, $pid2) + if($verbose); + $run{'ftps'}="$pid $pid2"; + } } elsif($what eq "file") { # we support it but have no server! |