aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorYang Tse <yangsita@gmail.com>2010-01-18 17:03:59 +0000
committerYang Tse <yangsita@gmail.com>2010-01-18 17:03:59 +0000
commit0687bc6bd617de33fa5e8e53428993896a3fd4e7 (patch)
tree90ec3bc5463a22586397c9df9f19a5c65e3104d7 /tests
parent424a8882fbfea76479469034157a1ed48404e010 (diff)
Stop ssl running server when cert file currently used by server is
different than the one specified in test definition for same server
Diffstat (limited to 'tests')
-rwxr-xr-xtests/runtests.pl37
1 files changed, 29 insertions, 8 deletions
diff --git a/tests/runtests.pl b/tests/runtests.pl
index ce3fddaac..06eb01c43 100755
--- a/tests/runtests.pl
+++ b/tests/runtests.pl
@@ -249,6 +249,7 @@ my $postmortem; # display detailed info about failed tests
my %run; # running server
my %doesntrun; # servers that don't work, identified by pidfile
my %serverpidfile;# all server pid file names, identified by server id
+my %runcert; # cert file currently in use by an ssl running server
# torture test variables
my $torture;
@@ -631,6 +632,7 @@ sub stopserver {
foreach my $server (@killservers) {
if($run{$server}) {
$pidlist .= "$run{$server} ";
+ $runcert{$server} = 0;
$run{$server} = 0;
}
}
@@ -1021,13 +1023,15 @@ sub runhttpsserver {
$srvrname = servername_str($proto, $ipvnum, $idnum);
+ $certfile = 'stunnel.pem' unless($certfile);
+
$logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);
$flags .= "--verbose " if($debugprotocol);
$flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
$flags .= "--id $idnum " if($idnum > 1);
$flags .= "--ipv$ipvnum --proto $proto ";
- $flags .= "--certfile \"$certfile\" " if($certfile);
+ $flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem');
$flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";
$flags .= "--connect $HTTPPORT --accept $HTTPSPORT";
@@ -1055,6 +1059,8 @@ sub runhttpsserver {
}
# Here pid3 is actually the pid returned by the unsecure-http server.
+ $runcert{$server} = $certfile;
+
if($verbose) {
logmsg "RUN: $srvrname server is now running PID $httpspid\n";
}
@@ -1195,13 +1201,15 @@ sub runftpsserver {
$srvrname = servername_str($proto, $ipvnum, $idnum);
+ $certfile = 'stunnel.pem' unless($certfile);
+
$logfile = server_logfilename($LOGDIR, $proto, $ipvnum, $idnum);
$flags .= "--verbose " if($debugprotocol);
$flags .= "--pidfile \"$pidfile\" --logfile \"$logfile\" ";
$flags .= "--id $idnum " if($idnum > 1);
$flags .= "--ipv$ipvnum --proto $proto ";
- $flags .= "--certfile \"$certfile\" " if($certfile);
+ $flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem');
$flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";
$flags .= "--connect $FTPPORT --accept $FTPSPORT";
@@ -1229,6 +1237,8 @@ sub runftpsserver {
}
# Here pid3 is actually the pid returned by the unsecure-ftp server.
+ $runcert{$server} = $certfile;
+
if($verbose) {
logmsg "RUN: $srvrname server is now running PID $ftpspid\n";
}
@@ -2532,6 +2542,7 @@ sub singletest {
foreach my $server (@killservers) {
if($run{$server}) {
$pidlist .= "$run{$server} ";
+ $runcert{$server} = 0;
$run{$server} = 0;
}
}
@@ -2909,6 +2920,7 @@ sub stopservers {
}
}
$pidlist .= "$run{$server} ";
+ $runcert{$server} = 0;
$run{$server} = 0;
}
}
@@ -2940,6 +2952,11 @@ sub startservers {
my $what = lc($whatlist[0]);
$what =~ s/[^a-z0-9-]//g;
+ my $certfile;
+ if($what =~ /^(ftp|http|imap|pop3|smtp)s(.*)$/) {
+ $certfile = ($whatlist[1]) ? $whatlist[1] : 'stunnel.pem';
+ }
+
if(($what eq "pop3") ||
($what eq "ftp") ||
($what eq "imap") ||
@@ -3004,7 +3021,10 @@ sub startservers {
# we can't run ftps tests if libcurl is SSL-less
return "curl lacks SSL support";
}
-
+ if($runcert{'ftps'} && ($runcert{'ftps'} ne $certfile)) {
+ # stop server when running and using a different cert
+ stopserver('ftps');
+ }
if(!$run{'ftp'}) {
($pid, $pid2) = runpingpongserver("ftp", "", $verbose);
if($pid <= 0) {
@@ -3014,7 +3034,7 @@ sub startservers {
$run{'ftp'}="$pid $pid2";
}
if(!$run{'ftps'}) {
- ($pid, $pid2) = runftpsserver($verbose);
+ ($pid, $pid2) = runftpsserver($verbose, "", $certfile);
if($pid <= 0) {
return "failed starting FTPS server (stunnel)";
}
@@ -3035,7 +3055,10 @@ sub startservers {
# we can't run ftps tests if libcurl is SSL-less
return "curl lacks SSL support";
}
-
+ if($runcert{'https'} && ($runcert{'https'} ne $certfile)) {
+ # stop server when running and using a different cert
+ stopserver('https');
+ }
if(!$run{'http'}) {
($pid, $pid2) = runhttpserver($verbose);
if($pid <= 0) {
@@ -3044,10 +3067,8 @@ sub startservers {
printf ("* pid http => %d %d\n", $pid, $pid2) if($verbose);
$run{'http'}="$pid $pid2";
}
- # FIXME properly - ssl tests may use different cert files.
- # We must stop running server when using a different cert.
if(!$run{'https'}) {
- ($pid, $pid2) = runhttpsserver($verbose,"",$whatlist[1]);
+ ($pid, $pid2) = runhttpsserver($verbose, "", $certfile);
if($pid <= 0) {
return "failed starting HTTPS server (stunnel)";
}