Repository: trafficserver Updated Branches: refs/heads/master 2200e8672 -> 523a3baf0
[TS-3396] new tsqa_spdy protocol selection tests This closes #172 Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/523a3baf Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/523a3baf Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/523a3baf Branch: refs/heads/master Commit: 523a3baf0d19e3882cf1342724b16f627d1cda85 Parents: 2200e86 Author: [email protected] <[email protected]> Authored: Fri Feb 20 16:22:05 2015 -0800 Committer: Thomas Jackson <[email protected]> Committed: Fri Mar 6 17:27:11 2015 -0800 ---------------------------------------------------------------------- ci/new_tsqa/files/rsa_keys/README.rst | 2 + ci/new_tsqa/tests/test_spdy_protocol_select.py | 156 ++++++++++++++++++++ 2 files changed, 158 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/trafficserver/blob/523a3baf/ci/new_tsqa/files/rsa_keys/README.rst ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/files/rsa_keys/README.rst b/ci/new_tsqa/files/rsa_keys/README.rst index f3510de..c799025 100644 --- a/ci/new_tsqa/files/rsa_keys/README.rst +++ b/ci/new_tsqa/files/rsa_keys/README.rst @@ -1,5 +1,7 @@ All of these certificates are self-signed and are *not* secure. They are intended only for use in testing. +Try to use existing certs if possible rather than generating your own. + # generated using (make sure to set "hostname"): openssl req -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -nodes && cat key.pem cert.pem > keypair.pem && rm key.pem cert.pem http://git-wip-us.apache.org/repos/asf/trafficserver/blob/523a3baf/ci/new_tsqa/tests/test_spdy_protocol_select.py ---------------------------------------------------------------------- diff --git a/ci/new_tsqa/tests/test_spdy_protocol_select.py b/ci/new_tsqa/tests/test_spdy_protocol_select.py new file mode 100644 index 0000000..50fabce --- /dev/null +++ b/ci/new_tsqa/tests/test_spdy_protocol_select.py @@ -0,0 +1,156 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os +import requests +import time +import logging +import subprocess + +import helpers + +import tsqa.test_cases +import tsqa.utils +import tsqa.endpoint + +log = logging.getLogger(__name__) + +#helper function to get spdycat path +def which(program): + def is_exe(fpath): + return os.path.isfile(fpath) and os.access(fpath, os.X_OK) + fpath, fname = os.path.split(program) + if fpath: + if is_exe(program): + return program + else: + for path in os.environ["PATH"].split(os.pathsep): + path = path.strip('"') + exe_file = os.path.join(path, program) + if is_exe(exe_file): + return exe_file + return None + +class TestSPDY(helpers.EnvironmentCase): + environment_factory = { + 'configure': {'enable-spdy': None}, + 'env': {'PKG_CONFIG_PATH': os.getenv("SPDY_PKG_CONFIG_PATH", "/opt/spdylay/lib/pkgconfig/")}, + } + + @classmethod + def setUpEnv(cls, env): + ''' + This function is responsible for setting up the environment for this fixture + This includes everything pre-daemon start + ''' + # set up spdycat + cls.client = which('spdycat') + if cls.client is None: + build_dir = os.environ.get('top_builddir', '../..') + log.info('top build_dir = {0}'.format(build_dir)) + cls.client = '%s/spdylay/src/spdycat' % build_dir + if os.path.isfile(cls.client) is False: + raise helpers.unittest.SkipTest('Cannot find spdycat. skipping test.') + + log.info('spdycat path = {0}'.format(cls.client)) + + # get spdy server ports + cls.spdy_port = tsqa.utils.bind_unused_port()[1] + log.info('spdy server port = {0}'.format(cls.spdy_port)) + cls.http_port = tsqa.utils.bind_unused_port()[1] + log.info('http server port = {0}'.format(cls.http_port)) + + cls.configs['remap.config'].add_line('map / https://docs.trafficserver.apache.org/\n') + + # set only one ET_NET thread (so we don't have to worry about the per-thread pools causing issues) + cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.limit'] = 1 + cls.configs['records.config']['CONFIG']['proxy.config.exec_thread.autoconfig'] = 0 + + # SPDY configs + cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:ssl {1}:proto=http:ssl'.format(cls.spdy_port, cls.http_port) + cls.configs['records.config']['CONFIG']['proxy.config.ssl.server.cert.path'] = helpers.tests_file_path('rsa_keys') + + # configure SSL multicert + cls.configs['ssl_multicert.config'].add_line('dest_ip=* ssl_cert_name={0}\n'.format(helpers.tests_file_path('rsa_keys/www.example.com.pem'))) + + @classmethod + def callSpdycat(self, port, path, args): + full_args = [self.client,'https://localhost:%d%s' % (port, path)] + args + self.log.info('full args = {0}'.format(full_args)) + p = subprocess.Popen(full_args, stdout=subprocess.PIPE, + stdin=subprocess.PIPE) + self.stdout, self.stderr = p.communicate() + return p.returncode + +""" +TODO: re-add spdy2 tests. looks like support here might be lacking some way. was not able to get ATS to advertise spdy/2 +even when it was explicitly set with proto=spdy/2 +""" +class TestSPDYv2(TestSPDY): + @classmethod + def setUpClass(cls): + ''' + Skip spdy2 tests for now + ''' + raise helpers.unittest.SkipTest('Skipping spdy/2 tests') + + @classmethod + def setUpEnv(cls, env): + ''' + This function is responsible for setting up the environment for this fixture + This includes everything pre-daemon start + ''' + super(TestSPDYv2, cls).setUpEnv(env) + + cls.spdy2_port = tsqa.utils.bind_unused_port()[1] + log.info('spdy2 server port = {0}'.format(cls.spdy2_port)) + # make sure we add port supports spdy2 + cls.configs['records.config']['CONFIG']['proxy.config.http.server_ports'] += ' {0}:proto=spdy/2:ssl'.format(cls.spdy2_port) + + def test_SPDY_v2(self): + ''' + Test that the origin does in fact support spdy 2 + ''' + self.assertEquals(0, self.callSpdycat(self.spdy2_port, '/', ['-nv', '--spdy2'])) #this isn't passing + self.assertIn('version=2', self.stdout) + +class TestSPDYv3(TestSPDY): + def test_SPDY_v3(self): + ''' + Test that the origin does in fact support spdy 3 + ''' + self.assertEquals(0, self.callSpdycat(self.spdy_port, '/', ['-nv', '--spdy3'])) + self.assertIn('NPN selected the protocol: spdy/3', self.stdout) + + def test_SPDY_v3_failed_request(self): + ''' + Test that non spdy port won't advertise spdy + ''' + self.assertEquals(1, self.callSpdycat(self.http_port, '/', ['-nv', '--spdy3'])) + +class TestSPDYv3_1(TestSPDY): + def test_SPDY_v3_1(self): + ''' + Test that the origin does in fact support spdy 3.1 + ''' + self.assertEquals(0, self.callSpdycat(self.spdy_port, '/', ['-nv', '--spdy3-1'])) + self.assertIn('NPN selected the protocol: spdy/3.1', self.stdout) + + def test_SPDY_v3_1_failed_request(self): + ''' + Test that non spdy port won't advertise spdy + ''' + self.assertEquals(1, self.callSpdycat(self.http_port, '/', ['-nv', '--spdy3-1']))
