1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-11 05:58:01 -05:00

tests: tests: run stunnel for HTTPS and FTPS on dynamic ports

As stunnel is an external tool and it has no specific option to export
the actually used port number when asked to listen to 0, runtests
instead iterates over ten randomly picked high number ports and sticks
to the first one stunnel can listen to.

Closes #5267
This commit is contained in:
Daniel Stenberg 2020-04-21 09:57:22 +02:00
parent d1239b50be
commit 9a8fa076bf
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2

View File

@ -1623,41 +1623,52 @@ sub runhttpsserver {
$flags .= "--ipv$ipvnum --proto $proto "; $flags .= "--ipv$ipvnum --proto $proto ";
$flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem'); $flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem');
$flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" "; $flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";
$flags .= "--connect $HTTPPORT --accept $HTTPSPORT"; $flags .= "--connect $HTTPPORT";
my $cmd = "$perl $srcdir/secureserver.pl $flags"; my $pid2;
my ($httpspid, $pid2) = startnew($cmd, $pidfile, 15, 0); my $pid3;
my $httpspid;
my $port = 24512; # start attempt
for (1 .. 10) {
$port += int(rand(600));
my $options = "$flags --accept $port";
if($httpspid <= 0 || !pidexists($httpspid)) { my $cmd = "$perl $srcdir/secureserver.pl $options";
# it is NOT alive ($httpspid, $pid2) = startnew($cmd, $pidfile, 15, 0);
logmsg "RUN: failed to start the $srvrname server\n";
stopserver($server, "$pid2");
displaylogs($testnumcheck);
$doesntrun{$pidfile} = 1;
return(0,0);
}
# Server is up. Verify that we can speak to it. if($httpspid <= 0 || !pidexists($httpspid)) {
my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $HTTPSPORT); # it is NOT alive
if(!$pid3) { logmsg "RUN: failed to start the $srvrname server\n";
logmsg "RUN: $srvrname server failed verification\n"; stopserver($server, "$pid2");
# failed to talk to it properly. Kill the server and return failure displaylogs($testnumcheck);
stopserver($server, "$httpspid $pid2"); $doesntrun{$pidfile} = 1;
displaylogs($testnumcheck); next;
$doesntrun{$pidfile} = 1; }
return (0,0);
# Server is up. Verify that we can speak to it.
$pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port);
if(!$pid3) {
logmsg "RUN: $srvrname server failed verification\n";
# failed to talk to it properly. Kill the server and return failure
stopserver($server, "$httpspid $pid2");
displaylogs($testnumcheck);
$doesntrun{$pidfile} = 1;
next;
}
# we have a server!
last;
} }
# Here pid3 is actually the pid returned by the unsecure-http server. # Here pid3 is actually the pid returned by the unsecure-http server.
$runcert{$server} = $certfile; $runcert{$server} = $certfile;
if($verbose) { if($verbose) {
logmsg "RUN: $srvrname server is now running PID $httpspid\n"; logmsg "RUN: $srvrname server is PID $httpspid port $port\n";
} }
sleep(1); sleep(1);
return ($httpspid, $pid2); return ($httpspid, $pid2, $port);
} }
####################################################################### #######################################################################
@ -1906,41 +1917,48 @@ sub runftpsserver {
$flags .= "--ipv$ipvnum --proto $proto "; $flags .= "--ipv$ipvnum --proto $proto ";
$flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem'); $flags .= "--certfile \"$certfile\" " if($certfile ne 'stunnel.pem');
$flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" "; $flags .= "--stunnel \"$stunnel\" --srcdir \"$srcdir\" ";
$flags .= "--connect $FTPPORT --accept $FTPSPORT"; $flags .= "--connect $FTPPORT";
my $cmd = "$perl $srcdir/secureserver.pl $flags"; my $port = 26713;
my ($ftpspid, $pid2) = startnew($cmd, $pidfile, 15, 0); my $pid2;
my $pid3;
my $ftpspid;
for (1 .. 10) {
$port += int(rand(700));
my $options = "$flags --accept $port";
my $cmd = "$perl $srcdir/secureserver.pl $options";
($ftpspid, $pid2) = startnew($cmd, $pidfile, 15, 0);
if($ftpspid <= 0 || !pidexists($ftpspid)) { if($ftpspid <= 0 || !pidexists($ftpspid)) {
# it is NOT alive # it is NOT alive
logmsg "RUN: failed to start the $srvrname server\n"; logmsg "RUN: failed to start the $srvrname server\n";
stopserver($server, "$pid2"); stopserver($server, "$pid2");
displaylogs($testnumcheck); displaylogs($testnumcheck);
$doesntrun{$pidfile} = 1; $doesntrun{$pidfile} = 1;
return(0,0); next;
}
$pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $port);
if(!$pid3) {
logmsg "RUN: $srvrname server failed verification\n";
# failed to talk to it properly. Kill the server and return failure
stopserver($server, "$ftpspid $pid2");
displaylogs($testnumcheck);
$doesntrun{$pidfile} = 1;
next;
}
# Here pid3 is actually the pid returned by the unsecure-ftp server.
$runcert{$server} = $certfile;
if($verbose) {
logmsg "RUN: $srvrname server is PID $ftpspid port $port\n";
}
last;
} }
# Server is up. Verify that we can speak to it.
my $pid3 = verifyserver($proto, $ipvnum, $idnum, $ip, $FTPSPORT);
if(!$pid3) {
logmsg "RUN: $srvrname server failed verification\n";
# failed to talk to it properly. Kill the server and return failure
stopserver($server, "$ftpspid $pid2");
displaylogs($testnumcheck);
$doesntrun{$pidfile} = 1;
return (0,0);
}
# Here pid3 is actually the pid returned by the unsecure-ftp server.
$runcert{$server} = $certfile;
if($verbose) {
logmsg "RUN: $srvrname server is now running PID $ftpspid\n";
}
sleep(1); sleep(1);
return ($ftpspid, $pid2); return ($ftpspid, $pid2, $port);
} }
####################################################################### #######################################################################
@ -3187,10 +3205,6 @@ sub checksystem {
if($verbose) { if($verbose) {
logmsg "* Ports: "; logmsg "* Ports: ";
if($stunnel) {
logmsg sprintf("FTPS/%d ", $FTPSPORT);
logmsg sprintf("HTTPS/%d ", $HTTPSPORT);
}
if($httptlssrv) { if($httptlssrv) {
logmsg sprintf("HTTPTLS/%d ", $HTTPTLSPORT); logmsg sprintf("HTTPTLS/%d ", $HTTPTLSPORT);
if($has_ipv6) { if($has_ipv6) {
@ -4735,7 +4749,8 @@ sub startservers {
$run{'ftp'}="$pid $pid2"; $run{'ftp'}="$pid $pid2";
} }
if(!$run{'ftps'}) { if(!$run{'ftps'}) {
($pid, $pid2) = runftpsserver($verbose, "", $certfile); ($pid, $pid2, $FTPSPORT) =
runftpsserver($verbose, "", $certfile);
if($pid <= 0) { if($pid <= 0) {
return "failed starting FTPS server (stunnel)"; return "failed starting FTPS server (stunnel)";
} }
@ -4770,7 +4785,8 @@ sub startservers {
$run{'http'}="$pid $pid2"; $run{'http'}="$pid $pid2";
} }
if(!$run{'https'}) { if(!$run{'https'}) {
($pid, $pid2) = runhttpsserver($verbose, "", $certfile); ($pid, $pid2, $HTTPSPORT) =
runhttpsserver($verbose, "", $certfile);
if($pid <= 0) { if($pid <= 0) {
return "failed starting HTTPS server (stunnel)"; return "failed starting HTTPS server (stunnel)";
} }
@ -5415,8 +5431,6 @@ if ($gdbthis) {
} }
$minport = $base; # original base port number $minport = $base; # original base port number
$HTTPSPORT = $base++; # HTTPS (stunnel) server port
$FTPSPORT = $base++; # FTPS (stunnel) server port
$HTTPTLSPORT = $base++; # HTTP TLS (non-stunnel) server port $HTTPTLSPORT = $base++; # HTTP TLS (non-stunnel) server port
$HTTPTLS6PORT = $base++; # HTTP TLS (non-stunnel) IPv6 server port $HTTPTLS6PORT = $base++; # HTTP TLS (non-stunnel) IPv6 server port
$HTTP2PORT = $base++; # HTTP/2 port $HTTP2PORT = $base++; # HTTP/2 port