From 2303793a626158627bdb2ac255e0f58697682b24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tim=20R=C3=BChsen?= <tim.ruehsen@gmx.de>
Date: Mon, 3 Nov 2014 11:27:33 +0100
Subject: [PATCH]  * Test-proxied-https-auth.px:    add valgrind support,   
 sync parent / child (client / server)

Fixed the missing synchronization between server and client.
Without this, we experienced random test failures.
Also added valgrind support.
---
 tests/ChangeLog                  |  5 +++
 tests/Test-proxied-https-auth.px | 63 ++++++++++++++++++--------------
 2 files changed, 41 insertions(+), 27 deletions(-)

diff --git a/tests/ChangeLog b/tests/ChangeLog
index 5097871f..3a3f65e8 100644
--- a/tests/ChangeLog
+++ b/tests/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-03  Tim Ruehsen <tim.ruehsen@gmx.de>
+
+       * Test-proxied-https-auth.px: add valgrind support,
+         sync parent / child (client / server)
+
 2014-10-31  Pär Karlsson <feinorgh@gmail.com>
 	* WgetTests.pm: Proper conditional operators, tidied up code, idiomatic
 	improvements as per modern Perl best practices.
diff --git a/tests/Test-proxied-https-auth.px b/tests/Test-proxied-https-auth.px
index 272003f8..d2c710a3 100755
--- a/tests/Test-proxied-https-auth.px
+++ b/tests/Test-proxied-https-auth.px
@@ -1,4 +1,6 @@
 #!/usr/bin/env perl
+# Simulate a tunneling proxy to a HTTPS URL that needs authentication.
+# Use two connections (Connection: close)
 
 use strict;
 use warnings;
@@ -50,33 +52,32 @@ sub get_request {
 
 sub do_server {
     my ($synch_callback) = @_;
-    my $alrm = alarm 10;
     my $s = $SOCKET;
     my $conn;
     my $rqst;
     my $rspn;
 
+    my %options = (
+        SSL_server => 1,
+        SSL_passwd_cb => sub { return "Hello"; });
+    $options{SSL_cert_file} = $cert_path if ($cert_path);
+    $options{SSL_key_file} = $key_path if ($key_path);
+    my @options = %options;
+
+    # sync with the parent
     $synch_callback->();
 
+    # Simulate a HTTPS proxy server with tunneling.
+
     for my $expect_inner_auth (0, 1) {
         $conn = $s->accept;
         $rqst = $conn->get_request;
-
-        # TODO: expect no auth the first time, request it, expect it the second
-        #   time.
-
         die "Method not CONNECT\n" if ($rqst->method ne 'CONNECT');
         $rspn = HTTP::Response->new(200, 'OK');
         $conn->send_response($rspn);
 
-        my %options = (
-            SSL_server => 1,
-            SSL_passwd_cb => sub { return "Hello"; });
-
-        $options{SSL_cert_file} = $cert_path if ($cert_path);
-        $options{SSL_key_file} = $key_path if ($key_path);
-
-        my @options = %options;
+        # Now switch from plain to SSL (for simulating a transparent tunnel
+        # to an HTTPS server).
 
         $conn = IO::Socket::SSL->new_from_fd($conn->fileno, @options)
             or die "Couldn't initiate SSL";
@@ -87,14 +88,10 @@ sub do_server {
         unless ($expect_inner_auth) {
             die "Early proxied auth\n" if $rqst->header('Authorization');
 
-            # TODO: handle non-persistent connection here.
             $rspn = HTTP::Response->new(401, 'Unauthorized', [
                 'WWW-Authenticate' => 'Basic realm="gondor"',
                 Connection => 'close'
                 ]);
-            $rspn->protocol('HTTP/1.0');
-            print STDERR $rspn->as_string;
-            print $conn $rspn->as_string;
         } else {
             die "No proxied auth\n" unless $rqst->header('Authorization');
 
@@ -102,17 +99,19 @@ sub do_server {
                 'Content-Type' => 'text/plain',
                 'Connection' => 'close',
                 ], "foobarbaz\n");
-            $rspn->protocol('HTTP/1.0');
-            print STDERR "=====\n";
-            print STDERR $rspn->as_string;
-            print STDERR "\n=====\n";
-            print $conn $rspn->as_string;
         }
+
+        $rspn->protocol('HTTP/1.0');
+        print STDERR "=====\n";
+        print STDERR $rspn->as_string;
+        print STDERR "\n=====\n";
+        print $conn $rspn->as_string;
+
         $conn->close;
     }
+
     undef $conn;
     undef $s;
-    alarm $alrm;
 }
 
 sub fork_server {
@@ -126,6 +125,7 @@ sub fork_server {
         # child
         close FROM_CHILD;
         do_server(sub { print TO_PARENT "SYNC\n"; close TO_PARENT });
+        exit 0;
     } else {
         # parent
         close TO_PARENT;
@@ -136,7 +136,7 @@ sub fork_server {
     return $pid;
 }
 
-system ('rm -f needs-auth.txt');
+unlink "needs-auth.txt";
 my $pid = &fork_server;
 
 my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee"
@@ -145,9 +145,18 @@ my $cmdline = $WgetTest::WGETPATH . " --user=fiddle-dee-dee"
     . " https://no.such.domain/needs-auth.txt";
 $cmdline =~ s/{{port}}/$SOCKET->sockport()/e;
 
-my $code = system($cmdline);
-system ('rm -f needs-auth.txt');
+my $valgrind = $ENV{VALGRIND_TESTS};
+if (!defined $valgrind || $valgrind eq "" || $valgrind == 0) {
+    # Valgrind not requested - leave $cmdline as it is
+} elsif ($valgrind == 1) {
+    $cmdline = "valgrind --error-exitcode=301 --leak-check=yes --track-origins=yes " . $cmdline;
+} else {
+    $cmdline = $valgrind . " " . $cmdline;
+}
+
+my $code = system($cmdline . " 2>&1") >> 8;
+unlink "needs-auth.txt";
 
 warn "Got code: $code\n" if $code;
 kill ('TERM', $pid);
-exit ($code >> 8);
+exit ($code != 0);