diff options
-rw-r--r-- | test/test_python_application.py | 30 | ||||
-rw-r--r-- | test/test_reconfigure.py | 53 | ||||
-rw-r--r-- | test/test_reconfigure_tls.py | 102 | ||||
-rw-r--r-- | test/test_tls.py | 21 |
4 files changed, 155 insertions, 51 deletions
diff --git a/test/test_python_application.py b/test/test_python_application.py index 9463b792..befbd4d8 100644 --- a/test/test_python_application.py +++ b/test/test_python_application.py @@ -293,36 +293,6 @@ custom-header: BLAH assert resp == {}, 'reconfigure 2 keep-alive 3' - def test_python_keepalive_reconfigure_3(self): - self.load('empty') - - assert self.get()['status'] == 200, 'init' - - (_, sock) = self.http( - b"""GET / HTTP/1.1 -""", - start=True, - raw=True, - no_recv=True, - ) - - assert self.get()['status'] == 200 - - assert 'success' in self.conf( - {"listeners": {}, "applications": {}} - ), 'reconfigure 3 clear configuration' - - resp = self.http( - b"""Host: localhost -Connection: close - -""", - sock=sock, - raw=True, - ) - - assert resp['status'] == 200, 'reconfigure 3' - def test_python_atexit(self): self.load('atexit') diff --git a/test/test_reconfigure.py b/test/test_reconfigure.py new file mode 100644 index 00000000..ab05a1c8 --- /dev/null +++ b/test/test_reconfigure.py @@ -0,0 +1,53 @@ +import time + +import pytest +from unit.applications.proto import TestApplicationProto + + +class TestReconfigure(TestApplicationProto): + prerequisites = {} + + @pytest.fixture(autouse=True) + def setup_method_fixture(self): + assert 'success' in self.conf( + { + "listeners": {"*:7080": {"pass": "routes"}}, + "routes": [{"action": {"return": 200}}], + "applications": {}, + } + ) + + def clear_conf(self): + assert 'success' in self.conf({"listeners": {}, "applications": {}}) + + def test_reconfigure(self): + (_, sock) = self.http( + b"""GET / HTTP/1.1 +""", + start=True, + raw=True, + no_recv=True, + ) + + self.clear_conf() + + resp = self.http( + b"""Host: localhost +Connection: close + +""", + sock=sock, + raw=True, + ) + assert resp['status'] == 200, 'finish request' + + def test_reconfigure_2(self): + (_, sock) = self.http(b'', raw=True, start=True, no_recv=True) + + # Waiting for connection completion. + # Delay should be more than TCP_DEFER_ACCEPT. + time.sleep(1.5) + + self.clear_conf() + + assert self.get(sock=sock)['status'] == 408, 'request timeout' diff --git a/test/test_reconfigure_tls.py b/test/test_reconfigure_tls.py new file mode 100644 index 00000000..28a3fc66 --- /dev/null +++ b/test/test_reconfigure_tls.py @@ -0,0 +1,102 @@ +import socket +import ssl +import time + +import pytest +from unit.applications.tls import TestApplicationTLS + + +class TestReconfigureTLS(TestApplicationTLS): + prerequisites = {'modules': {'openssl': 'any'}} + + @pytest.fixture(autouse=True) + def setup_method_fixture(self): + self.certificate() + + assert 'success' in self.conf( + { + "listeners": { + "*:7080": { + "pass": "routes", + "tls": {"certificate": "default"}, + } + }, + "routes": [{"action": {"return": 200}}], + "applications": {}, + } + ), 'load application configuration' + + def create_socket(self): + ctx = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2) + ctx.verify_mode = ssl.CERT_NONE + ctx.check_hostname = False + + s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + ssl_sock = ctx.wrap_socket( + s, server_hostname='localhost', do_handshake_on_connect=False + ) + ssl_sock.connect(('127.0.0.1', 7080)) + + return ssl_sock + + def clear_conf(self): + assert 'success' in self.conf({"listeners": {}, "applications": {}}) + + @pytest.mark.skip('not yet') + def test_reconfigure_tls_switch(self): + assert 'success' in self.conf_delete('listeners/*:7080/tls') + + (_, sock) = self.get( + headers={'Host': 'localhost', 'Connection': 'keep-alive'}, + start=True, + read_timeout=1, + ) + + assert 'success' in self.conf( + {"pass": "routes", "tls": {"certificate": "default"}}, + 'listeners/*:7080', + ) + + assert self.get(sock=sock)['status'] == 200, 'reconfigure' + assert self.get_ssl()['status'] == 200, 'reconfigure tls' + + def test_reconfigure_tls(self): + ssl_sock = self.create_socket() + + ssl_sock.sendall("""GET / HTTP/1.1\r\n""".encode()) + + self.clear_conf() + + ssl_sock.sendall( + """Host: localhost\r\nConnection: close\r\n\r\n""".encode() + ) + + assert ( + self.recvall(ssl_sock).decode().startswith('HTTP/1.1 200 OK') + ), 'finish request' + + def test_reconfigure_tls_2(self): + ssl_sock = self.create_socket() + + # Waiting for connection completion. + # Delay should be more than TCP_DEFER_ACCEPT. + time.sleep(1.5) + + self.clear_conf() + + try: + ssl_sock.do_handshake() + except ssl.SSLError: + ssl_sock.close() + success = True + + if not success: + pytest.fail('Connection is not closed.') + + def test_reconfigure_tls_3(self): + ssl_sock = self.create_socket() + ssl_sock.do_handshake() + + self.clear_conf() + + assert self.get(sock=ssl_sock)['status'] == 408, 'request timeout' diff --git a/test/test_tls.py b/test/test_tls.py index dab8ffba..56ee8298 100644 --- a/test/test_tls.py +++ b/test/test_tls.py @@ -493,27 +493,6 @@ basicConstraints = critical,CA:TRUE""" }, 'subject alt_names' assert cert['chain'][0]['issuer']['common_name'] == 'root', 'issuer' - @pytest.mark.skip('not yet') - def test_tls_reconfigure(self): - self.load('empty') - - assert self.get()['status'] == 200, 'init' - - self.certificate() - - (resp, sock) = self.get( - headers={'Host': 'localhost', 'Connection': 'keep-alive'}, - start=True, - read_timeout=1, - ) - - assert resp['status'] == 200, 'initial status' - - self.add_tls() - - assert self.get(sock=sock)['status'] == 200, 'reconfigure status' - assert self.get_ssl()['status'] == 200, 'reconfigure tls status' - def test_tls_keepalive(self): self.load('mirror') |