summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--test/test_python_application.py30
-rw-r--r--test/test_reconfigure.py53
-rw-r--r--test/test_reconfigure_tls.py102
-rw-r--r--test/test_tls.py21
4 files changed, 155 insertions, 51 deletions
diff --git a/test/test_python_application.py b/test/test_python_application.py
index 9463b792..befbd4d8 100644
--- a/test/test_python_application.py
+++ b/test/test_python_application.py
@@ -293,36 +293,6 @@ custom-header: BLAH
assert resp == {}, 'reconfigure 2 keep-alive 3'
- def test_python_keepalive_reconfigure_3(self):
- self.load('empty')
-
- assert self.get()['status'] == 200, 'init'
-
- (_, sock) = self.http(
- b"""GET / HTTP/1.1
-""",
- start=True,
- raw=True,
- no_recv=True,
- )
-
- assert self.get()['status'] == 200
-
- assert 'success' in self.conf(
- {"listeners": {}, "applications": {}}
- ), 'reconfigure 3 clear configuration'
-
- resp = self.http(
- b"""Host: localhost
-Connection: close
-
-""",
- sock=sock,
- raw=True,
- )
-
- assert resp['status'] == 200, 'reconfigure 3'
-
def test_python_atexit(self):
self.load('atexit')
diff --git a/test/test_reconfigure.py b/test/test_reconfigure.py
new file mode 100644
index 00000000..ab05a1c8
--- /dev/null
+++ b/test/test_reconfigure.py
@@ -0,0 +1,53 @@
+import time
+
+import pytest
+from unit.applications.proto import TestApplicationProto
+
+
+class TestReconfigure(TestApplicationProto):
+ prerequisites = {}
+
+ @pytest.fixture(autouse=True)
+ def setup_method_fixture(self):
+ assert 'success' in self.conf(
+ {
+ "listeners": {"*:7080": {"pass": "routes"}},
+ "routes": [{"action": {"return": 200}}],
+ "applications": {},
+ }
+ )
+
+ def clear_conf(self):
+ assert 'success' in self.conf({"listeners": {}, "applications": {}})
+
+ def test_reconfigure(self):
+ (_, sock) = self.http(
+ b"""GET / HTTP/1.1
+""",
+ start=True,
+ raw=True,
+ no_recv=True,
+ )
+
+ self.clear_conf()
+
+ resp = self.http(
+ b"""Host: localhost
+Connection: close
+
+""",
+ sock=sock,
+ raw=True,
+ )
+ assert resp['status'] == 200, 'finish request'
+
+ def test_reconfigure_2(self):
+ (_, sock) = self.http(b'', raw=True, start=True, no_recv=True)
+
+ # Waiting for connection completion.
+ # Delay should be more than TCP_DEFER_ACCEPT.
+ time.sleep(1.5)
+
+ self.clear_conf()
+
+ assert self.get(sock=sock)['status'] == 408, 'request timeout'
diff --git a/test/test_reconfigure_tls.py b/test/test_reconfigure_tls.py
new file mode 100644
index 00000000..28a3fc66
--- /dev/null
+++ b/test/test_reconfigure_tls.py
@@ -0,0 +1,102 @@
+import socket
+import ssl
+import time
+
+import pytest
+from unit.applications.tls import TestApplicationTLS
+
+
+class TestReconfigureTLS(TestApplicationTLS):
+ prerequisites = {'modules': {'openssl': 'any'}}
+
+ @pytest.fixture(autouse=True)
+ def setup_method_fixture(self):
+ self.certificate()
+
+ assert 'success' in self.conf(
+ {
+ "listeners": {
+ "*:7080": {
+ "pass": "routes",
+ "tls": {"certificate": "default"},
+ }
+ },
+ "routes": [{"action": {"return": 200}}],
+ "applications": {},
+ }
+ ), 'load application configuration'
+
+ def create_socket(self):
+ ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
+ ctx.verify_mode = ssl.CERT_NONE
+ ctx.check_hostname = False
+
+ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ ssl_sock = ctx.wrap_socket(
+ s, server_hostname='localhost', do_handshake_on_connect=False
+ )
+ ssl_sock.connect(('127.0.0.1', 7080))
+
+ return ssl_sock
+
+ def clear_conf(self):
+ assert 'success' in self.conf({"listeners": {}, "applications": {}})
+
+ @pytest.mark.skip('not yet')
+ def test_reconfigure_tls_switch(self):
+ assert 'success' in self.conf_delete('listeners/*:7080/tls')
+
+ (_, sock) = self.get(
+ headers={'Host': 'localhost', 'Connection': 'keep-alive'},
+ start=True,
+ read_timeout=1,
+ )
+
+ assert 'success' in self.conf(
+ {"pass": "routes", "tls": {"certificate": "default"}},
+ 'listeners/*:7080',
+ )
+
+ assert self.get(sock=sock)['status'] == 200, 'reconfigure'
+ assert self.get_ssl()['status'] == 200, 'reconfigure tls'
+
+ def test_reconfigure_tls(self):
+ ssl_sock = self.create_socket()
+
+ ssl_sock.sendall("""GET / HTTP/1.1\r\n""".encode())
+
+ self.clear_conf()
+
+ ssl_sock.sendall(
+ """Host: localhost\r\nConnection: close\r\n\r\n""".encode()
+ )
+
+ assert (
+ self.recvall(ssl_sock).decode().startswith('HTTP/1.1 200 OK')
+ ), 'finish request'
+
+ def test_reconfigure_tls_2(self):
+ ssl_sock = self.create_socket()
+
+ # Waiting for connection completion.
+ # Delay should be more than TCP_DEFER_ACCEPT.
+ time.sleep(1.5)
+
+ self.clear_conf()
+
+ try:
+ ssl_sock.do_handshake()
+ except ssl.SSLError:
+ ssl_sock.close()
+ success = True
+
+ if not success:
+ pytest.fail('Connection is not closed.')
+
+ def test_reconfigure_tls_3(self):
+ ssl_sock = self.create_socket()
+ ssl_sock.do_handshake()
+
+ self.clear_conf()
+
+ assert self.get(sock=ssl_sock)['status'] == 408, 'request timeout'
diff --git a/test/test_tls.py b/test/test_tls.py
index dab8ffba..56ee8298 100644
--- a/test/test_tls.py
+++ b/test/test_tls.py
@@ -493,27 +493,6 @@ basicConstraints = critical,CA:TRUE"""
}, 'subject alt_names'
assert cert['chain'][0]['issuer']['common_name'] == 'root', 'issuer'
- @pytest.mark.skip('not yet')
- def test_tls_reconfigure(self):
- self.load('empty')
-
- assert self.get()['status'] == 200, 'init'
-
- self.certificate()
-
- (resp, sock) = self.get(
- headers={'Host': 'localhost', 'Connection': 'keep-alive'},
- start=True,
- read_timeout=1,
- )
-
- assert resp['status'] == 200, 'initial status'
-
- self.add_tls()
-
- assert self.get(sock=sock)['status'] == 200, 'reconfigure status'
- assert self.get_ssl()['status'] == 200, 'reconfigure tls status'
-
def test_tls_keepalive(self):
self.load('mirror')