diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2019-02-06 12:31:02 +0000 |
| commit | 9c9d011eed674ddd7e4a0a148691887afb9e75cd (patch) | |
| tree | cd45bceeed24e66e5b2838e8589d2c111cf691c6 /testdata/ssl_req_timeout.tdir | |
| parent | 089d83fbd0b24f957b753d440f188ddadaabf4ff (diff) | |
Diffstat (limited to 'testdata/ssl_req_timeout.tdir')
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.conf | 25 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.dsc | 16 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.post | 12 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.pre | 31 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.test | 136 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/ssl_req_timeout.testns | 63 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/unbound_server.key | 15 | ||||
| -rw-r--r-- | testdata/ssl_req_timeout.tdir/unbound_server.pem | 11 |
8 files changed, 309 insertions, 0 deletions
diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.conf b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.conf new file mode 100644 index 000000000000..c461db29962a --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.conf @@ -0,0 +1,25 @@ +server: + verbosity: 2 + # num-threads: 1 + interface: 127.0.0.1 + port: @PORT@ + use-syslog: no + directory: . + pidfile: "unbound.pid" + chroot: "" + username: "" + do-not-query-localhost: no + ssl-port: @PORT@ + ssl-service-key: "unbound_server.key" + ssl-service-pem: "unbound_server.pem" + + local-zone: "example.net" static + local-data: "www1.example.net. IN A 1.2.3.1" + local-data: "www2.example.net. IN A 1.2.3.2" + local-data: "www3.example.net. IN A 1.2.3.3" + tcp-idle-timeout: 2000 + local-zone: "drop.net" deny + +forward-zone: + name: "." + forward-addr: "127.0.0.1@@TOPORT@" diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.dsc b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.dsc new file mode 100644 index 000000000000..1e933274b8a4 --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.dsc @@ -0,0 +1,16 @@ +BaseName: ssl_req_timeout +Version: 1.0 +Description: Test ssl request order timeouts. +CreationDate: Mon Jan 21 11:23:00 CET 2018 +Maintainer: Wouter Wijngaards +Category: +Component: +CmdDepends: +Depends: +Help: +Pre: ssl_req_timeout.pre +Post: ssl_req_timeout.post +Test: ssl_req_timeout.test +AuxFiles: +Passed: +Failure: diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.post b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.post new file mode 100644 index 000000000000..e170f4b6e9fa --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.post @@ -0,0 +1,12 @@ +# #-- ssl_req_timeout.post --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# source the test var file when it's there +[ -f .tpkg.var.test ] && source .tpkg.var.test +# +# do your teardown here +. ../common.sh +kill_pid $FWD_PID +kill_pid $UNBOUND_PID +cat fwd.log +cat unbound.log diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.pre b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.pre new file mode 100644 index 000000000000..b13de5b3abbf --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.pre @@ -0,0 +1,31 @@ +# #-- ssl_req_timeout.pre--# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +. ../common.sh +get_random_port 2 +UNBOUND_PORT=$RND_PORT +FWD_PORT=$(($RND_PORT + 1)) +echo "UNBOUND_PORT=$UNBOUND_PORT" >> .tpkg.var.test +echo "FWD_PORT=$FWD_PORT" >> .tpkg.var.test + +# start forwarder +get_ldns_testns +$LDNS_TESTNS -p $FWD_PORT ssl_req_timeout.testns >fwd.log 2>&1 & +FWD_PID=$! +echo "FWD_PID=$FWD_PID" >> .tpkg.var.test + +# make config file +sed -e 's/@PORT\@/'$UNBOUND_PORT'/' -e 's/@TOPORT\@/'$FWD_PORT'/' < ssl_req_timeout.conf > ub.conf +# start unbound in the background +PRE="../.." +$PRE/unbound -vvvv -d -c ub.conf >unbound.log 2>&1 & +UNBOUND_PID=$! +echo "UNBOUND_PID=$UNBOUND_PID" >> .tpkg.var.test + +cat .tpkg.var.test +wait_ldns_testns_up fwd.log +wait_unbound_up unbound.log + diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test new file mode 100644 index 000000000000..5223fc9853b3 --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.test @@ -0,0 +1,136 @@ +# #-- ssl_req_timeout.test --# +# source the master var file when it's there +[ -f ../.tpkg.var.master ] && source ../.tpkg.var.master +# use .tpkg.var.test for in test variable passing +[ -f .tpkg.var.test ] && source .tpkg.var.test + +PRE="../.." +. ../common.sh +get_make +(cd $PRE; $MAKE streamtcp) +# check what sort of netcat we have +if nc -h 2>&1 | grep "q secs"; then + ncopt="-q 3 -i 4" +else + ncopt="-i 4" +fi + +# this test query should just work (server is up) +echo "> query www1.example.net." +$PRE/streamtcp -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +echo "OK" + +# multiple requests that are answered immediately and then the timeout +echo "> query www1.example.net. www2.example.net. www3.example.net. www.example.com." +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www1.example.net. A IN www2.example.net A IN www3.example.net A IN www.example.com. A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "www1.example.net" outfile | grep "1.2.3.1"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www2.example.net" outfile | grep "1.2.3.2"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "www3.example.net" outfile | grep "1.2.3.3"; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi +if grep "stream closed" outfile; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# multiple requests that are waiting for answers and then the timeout +echo "> query www2.example.com. www2.example.com. www3.example.com." +$PRE/streamtcp -a -s -f 127.0.0.1@$UNBOUND_PORT www2.example.com. A IN www2.example.com A IN www3.example.com A IN >outfile 2>&1 +cat outfile +if test "$?" -ne 0; then + echo "exit status not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "Not OK" + exit 1 +fi +if grep "stream closed" outfile; then + echo "content OK" +else + echo "result contents not OK" + echo "> cat logfiles" + cat outfile + cat fwd.log + cat unbound.log + echo "result contents not OK" + exit 1 +fi + +# wait a bit +sleep 2 + +# echo a couple requests to the other side and then wait for the timeout. +# this creates waiting answers in the reply queue. +echo "> nc www.example.net www2.example.net www3.example.net" +( echo "0021eb410100000100000000000003777777076578616d706c65036e657400000100010022eb41010000010000000000000477777732076578616d706c65036e657400000100010022eb41010000010000000000000477777733076578616d706c65036e65740000010001" | xxd -r -p ; sleep 10 ; echo "") | nc $ncopt --ssl 127.0.0.1 $UNBOUND_PORT | xxd | tee outfile + +echo "OK" +exit 0 diff --git a/testdata/ssl_req_timeout.tdir/ssl_req_timeout.testns b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.testns new file mode 100644 index 000000000000..694600974c0b --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/ssl_req_timeout.testns @@ -0,0 +1,63 @@ +; nameserver test file +$ORIGIN example.com. +$TTL 3600 + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=4 +SECTION QUESTION +www IN A +SECTION ANSWER +www IN A 10.20.30.40 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=4 +SECTION QUESTION +www2 IN A +SECTION ANSWER +www2 IN A 10.20.30.42 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=4 +SECTION QUESTION +www3 IN A +SECTION ANSWER +www3 IN A 10.20.30.43 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www4 IN A +SECTION ANSWER +www4 IN A 10.20.30.44 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www5 IN A +SECTION ANSWER +www5 IN A 10.20.30.45 +ENTRY_END + +ENTRY_BEGIN +MATCH opcode qtype qname +REPLY QR AA NOERROR +ADJUST copy_id sleep=2 +SECTION QUESTION +www6 IN A +SECTION ANSWER +www6 IN A 10.20.30.46 +ENTRY_END diff --git a/testdata/ssl_req_timeout.tdir/unbound_server.key b/testdata/ssl_req_timeout.tdir/unbound_server.key new file mode 100644 index 000000000000..4256c421dd0d --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/unbound_server.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICWwIBAAKBgQC3F7Jsv2u01pLL9rFnjsMU/IaCFUIz/624DcaE84Z4gjMl5kWA +3axQcqul1wlwSrbKwrony+d9hH/+MX0tZwvl8w3OmhmOAiaQ+SHCsIuOjVwQjX0s +RLB61Pz5+PAiVvnPa9JIYB5QrK6DVEsxIHj8MOc5JKORrnESsFDh6yeMeQIDAQAB +AoGAAuWoGBprTOA8UGfl5LqYkaNxSWumsYXxLMFjC8WCsjN1NbtQDDr1uAwodSZS +6ujzvX+ZTHnofs7y64XC8k34HTOCD2zlW7kijWbT8YjRYFU6o9F5zUGD9RCan0ds +sVscT2psLSzfdsmFAcbmnGdxYkXk2PC1FHtaqExxehralGUCQQDcqrg9uQKXlhQi +XAaPr8SiWvtRm2a9IMMZkRfUWZclPHq6fCWNuUaCD+cTat4wAuqeknAz33VEosw3 +fXGsok//AkEA1GjIHXrOcSlpfVJb6NeOBugjRtZ7ZDT5gbtnMS9ob0qntKV6saaL +CNmJwuD9Q3XkU5j1+uHvYGP2NzcJd2CjhwJACV0hNlVMe9w9fHvFN4Gw6WbM9ViP +0oS6YrJafYNTu5vGZXVxLoNnL4u3NYa6aPUmuZXjNwBLfJ8f5VboZPf6RwJAINd2 +oYA8bSi/A755MX4qmozH74r4Fx1Nuq5UHTm8RwDe/0Javx8F/j9MWpJY9lZDEF3l +In5OebPa/NyInSmW/wJAZuP9aRn0nDBkHYri++1A7NykMiJ/nH0mDECbnk+wxx0S +LwqIetBhxb8eQwMg45+iAH7CHAMQ8BQuF/nFE6eotg== +-----END RSA PRIVATE KEY----- diff --git a/testdata/ssl_req_timeout.tdir/unbound_server.pem b/testdata/ssl_req_timeout.tdir/unbound_server.pem new file mode 100644 index 000000000000..aeda3ff11882 --- /dev/null +++ b/testdata/ssl_req_timeout.tdir/unbound_server.pem @@ -0,0 +1,11 @@ +-----BEGIN CERTIFICATE----- +MIIBmzCCAQQCCQDsNJ1UmphEFzANBgkqhkiG9w0BAQUFADASMRAwDgYDVQQDEwd1 +bmJvdW5kMB4XDTA4MDkxMTA5MDk0MFoXDTI4MDUyOTA5MDk0MFowEjEQMA4GA1UE +AxMHdW5ib3VuZDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtxeybL9rtNaS +y/axZ47DFPyGghVCM/+tuA3GhPOGeIIzJeZFgN2sUHKrpdcJcEq2ysK6J8vnfYR/ +/jF9LWcL5fMNzpoZjgImkPkhwrCLjo1cEI19LESwetT8+fjwIlb5z2vSSGAeUKyu +g1RLMSB4/DDnOSSjka5xErBQ4esnjHkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAZ +9N0lnLENs4JMvPS+mn8C5m9bkkFITd32IiLjf0zgYpIUbFXH6XaEr9GNZBUG8feG +l/6WRXnbnVSblI5odQ4XxGZ9inYY6qtW30uv76HvoKp+QZ1c3460ddR8NauhcCHH +Z7S+QbLXi+r2JAhpPozZCjBHlRD0ixzA1mKQTJhJZg== +-----END CERTIFICATE----- |