Merge pull request #141 from ipfs/test/sharness-https-api
Sharness tests for API SSL support
This commit is contained in:
commit
b911aa7bdc
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -2,6 +2,9 @@ coverage.out
|
|||
ipfs-cluster-service/ipfs-cluster-service
|
||||
ipfs-cluster-ctl/ipfs-cluster-ctl
|
||||
deptools
|
||||
sharness/lib/sharness
|
||||
sharness/test-results
|
||||
sharness/trash*
|
||||
|
||||
raftFolderFromTest*
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ test_ipfs_init() {
|
|||
echo "Error running go-ipfs in docker."
|
||||
exit 1
|
||||
fi
|
||||
sleep 6
|
||||
sleep 10
|
||||
fi
|
||||
test_set_prereq IPFS
|
||||
}
|
||||
|
@ -50,6 +50,8 @@ test_ipfs_running() {
|
|||
}
|
||||
|
||||
test_cluster_init() {
|
||||
custom_config_files="$1"
|
||||
|
||||
which ipfs-cluster-service >/dev/null 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "ipfs-cluster-service not found"
|
||||
|
@ -60,27 +62,29 @@ test_cluster_init() {
|
|||
echo "ipfs-cluster-ctl not found"
|
||||
exit 1
|
||||
fi
|
||||
export CLUSTER_TEMP_DIR=`mktemp -d cluster-XXXXX`
|
||||
ipfs-cluster-service -f --config "$CLUSTER_TEMP_DIR" init >"$IPFS_OUTPUT" 2>&1
|
||||
ipfs-cluster-service -f --config "test-config" init >"$IPFS_OUTPUT" 2>&1
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "error initializing ipfs cluster"
|
||||
exit 1
|
||||
fi
|
||||
ipfs-cluster-service --config "$CLUSTER_TEMP_DIR" >"$IPFS_OUTPUT" 2>&1 &
|
||||
if [ -n "$custom_config_files" ]; then
|
||||
cp -f ${custom_config_files}/* "test-config"
|
||||
fi
|
||||
ipfs-cluster-service --config "test-config" >"$IPFS_OUTPUT" 2>&1 &
|
||||
export CLUSTER_D_PID=$!
|
||||
sleep 5
|
||||
test_set_prereq CLUSTER
|
||||
}
|
||||
|
||||
test_cluster_config() {
|
||||
export CLUSTER_CONFIG_PATH="${CLUSTER_TEMP_DIR}/service.json"
|
||||
export CLUSTER_CONFIG_PATH="test-config/service.json"
|
||||
export CLUSTER_CONFIG_ID=`jq --raw-output ".id" $CLUSTER_CONFIG_PATH`
|
||||
export CLUSTER_CONFIG_PK=`jq --raw-output ".private_key" $CLUSTER_CONFIG_PATH`
|
||||
[ "$CLUSTER_CONFIG_ID" != "null" ] && [ "$CLUSTER_CONFIG_PK" != "null" ]
|
||||
}
|
||||
|
||||
cluster_id() {
|
||||
echo "$CLUSTER_CONFIG_ID"
|
||||
jq --raw-output ".id" test-config/service.json
|
||||
}
|
||||
|
||||
# Cleanup functions
|
||||
|
@ -92,5 +96,6 @@ test_clean_ipfs(){
|
|||
|
||||
test_clean_cluster(){
|
||||
kill -1 "$CLUSTER_D_PID"
|
||||
rm -rf "$CLUSTER_TEMP_DIR"
|
||||
rm -rf test-config
|
||||
sleep 2
|
||||
}
|
||||
|
|
24
sharness/ssl/server.crt
Normal file
24
sharness/ssl/server.crt
Normal file
|
@ -0,0 +1,24 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIID7TCCAtWgAwIBAgIJAMqpHdKRMzMLMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
|
||||
VQQGEwJVUzERMA8GA1UECAwIQ29sb3JhZG8xDzANBgNVBAcMBmdvbGRlbjEMMAoG
|
||||
A1UECgwDQ1NNMREwDwYDVQQLDAhTZWN0b3IgNzEMMAoGA1UEAwwDQm9iMSAwHgYJ
|
||||
KoZIhvcNAQkBFhFtaW5pc3RlckBtb3N3Lm9yZzAeFw0xNzA3MjExNjA5NTlaFw0y
|
||||
NzA3MTkxNjA5NTlaMIGCMQswCQYDVQQGEwJVUzERMA8GA1UECAwIQ29sb3JhZG8x
|
||||
DzANBgNVBAcMBmdvbGRlbjEMMAoGA1UECgwDQ1NNMREwDwYDVQQLDAhTZWN0b3Ig
|
||||
NzEMMAoGA1UEAwwDQm9iMSAwHgYJKoZIhvcNAQkBFhFtaW5pc3RlckBtb3N3Lm9y
|
||||
ZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALuoP8PehGItmKPi3+8S
|
||||
IV1qz8C3FiK85X/INxYLjyuzvpmDROtlkOvdmPCJrveKDZF7ECQpwIGApFbnKCCW
|
||||
3zdOPQmAVzm4N8bvnzFtM9mTm8qKb9SwRi6ZLZ/qXo98t8C7CV6FaNKUkIw0lUes
|
||||
ZiXEcmknrlPy3svaDQVoSOH8L38d0g4geqiNrMmZDaGe8FAYdpCoeYDIm/u0Ag9y
|
||||
G3+XAbETxWhkfTyH3XcQ/Izg0wG9zFY8y/fyYwC+C7+xF75x4gbIzHAY2iFS2ua7
|
||||
GTKa2GZhOXtMuzJ6cf+TZW460Z+O+PkA1aH01WrGL7iCW/6Cn9gPRKL+IP6iyDnh
|
||||
9HMCAwEAAaNkMGIwDwYDVR0RBAgwBocEfwAAATAdBgNVHQ4EFgQU9mXv8mv/LlAa
|
||||
jwr8X9hzk52cBagwHwYDVR0jBBgwFoAU9mXv8mv/LlAajwr8X9hzk52cBagwDwYD
|
||||
VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAIxqpKYzF6A9RlLso0lkF
|
||||
nYfcyeVAvi03IBdiTNnpOe6ROa4gNwKH/JUJMCRDPzm/x78+srCmrcCCAJJTcqgi
|
||||
b84vq3DegGPg2NXbn9qVUA1SdiXFelqMFwLitDn2KKizihEN4L5PEArHuDaNvLI+
|
||||
kMr+yZSALWTdtfydj211c7hTBvFqO8l5MYDXCmfoS9sqniorlNHIaBim/SNfDsi6
|
||||
8hAhvfRvk3e6dPjAPrIZYdQR5ROGewtD4F/anXgKY2BmBtWwd6gbGeMnnVi1SGRP
|
||||
0UHc4O9aq9HrAOFL/72WVk/kyyPyJ/GtSaPYL1OFS12R/l0hNi+pER7xDtLOVHO2
|
||||
iw==
|
||||
-----END CERTIFICATE-----
|
27
sharness/ssl/server.key
Normal file
27
sharness/ssl/server.key
Normal file
|
@ -0,0 +1,27 @@
|
|||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpQIBAAKCAQEAu6g/w96EYi2Yo+Lf7xIhXWrPwLcWIrzlf8g3FguPK7O+mYNE
|
||||
62WQ692Y8Imu94oNkXsQJCnAgYCkVucoIJbfN049CYBXObg3xu+fMW0z2ZObyopv
|
||||
1LBGLpktn+pej3y3wLsJXoVo0pSQjDSVR6xmJcRyaSeuU/Ley9oNBWhI4fwvfx3S
|
||||
DiB6qI2syZkNoZ7wUBh2kKh5gMib+7QCD3Ibf5cBsRPFaGR9PIfddxD8jODTAb3M
|
||||
VjzL9/JjAL4Lv7EXvnHiBsjMcBjaIVLa5rsZMprYZmE5e0y7Mnpx/5NlbjrRn474
|
||||
+QDVofTVasYvuIJb/oKf2A9Eov4g/qLIOeH0cwIDAQABAoIBAAOYreArG45mIU7C
|
||||
wlfqmQkZSvH+kEYKKLvSMnwRrKTBxR1cDq4UPDrI/G1ftiK4Wpo3KZAH3NCejoe7
|
||||
1mEJgy2kKjdMZl+M0ETXws1Hsn6w/YNcM9h3qGCsPtuZukY1ta/T5dIR7HhcsIh/
|
||||
WX0OKMcAhNDPGeAx/2MYwrcf0IXELx0+eP1fuBllkajH14J8+ZkVrBMDhqppn8Iq
|
||||
f9poVNQliJtN7VkL6lJ60HwoVNGEhFaOYphn3CR/sCc6xl+/CzV4h6c5X/RIUfDs
|
||||
kjgl9mlPFuWq9S19Z+XVfLSE+sYd6LDrh0IZEx9s0OfOjucH2bUAuKNDnCq0wW70
|
||||
FzH6KoECgYEA4ZOcAMgujk8goL8nleNjuEq7d8pThAsuAy5vq9oyol8oe+p1pXHR
|
||||
SHP6wHyhXeTS5g1Ej+QV6f0v9gVFS2pFqTXymc9Gxald3trcnheodZXx63YbxHm2
|
||||
H7mYWyZvq05A0qRLmmqCoSRJHUOkH2wVqgj9KsVYP1anIhdykbycansCgYEA1Pdp
|
||||
uAfWt/GLZ7B0q3JPlVvusf97wBIUcoaxLHGKopvfsaFp0EY3NRxLSTaZ0NPOxTHh
|
||||
W6xaIlBmKllyt6q8W609A8hrXayV1yYnVE44b5UEMhVlfRFeEdf9Sp4YdQJ8r1J0
|
||||
QA89jHCjf8VocP5pSJz5tXvWHhmaotXBthFgWGkCgYEAiy7dwenCOBKAqk5n6Wb9
|
||||
X3fVBguzzjRrtpDPXHTsax1VyGeZIXUB0bemD2CW3G1U55dmJ3ZvQwnyrtT/tZGj
|
||||
280qnFa1bz6aaegW2gD082CKfWNJrMgAZMDKTeuAWW2WN6Ih9+wiH7VY25Kh0LWL
|
||||
BHg5ZUuQsLwRscpP6bY7uMMCgYEAwY23hK2DJZyfEXcbIjL7R4jNMPM82nzUHp5x
|
||||
6i2rTUyTitJj5Anc5SU4+2pnc5b9RtWltva22Jbvs6+mBm1jUYLqgESn5/QSHv8r
|
||||
IYER47+wl4BAw+GD+H2wVB/JpJbFEWbEBvCTBM/emSKmYIOo1njsrlfFa4fjtfjG
|
||||
XJ4ATXkCgYEAzeSrCCVrfPMLCmOijIYD1F7TMFthosW2JJie3bcHZMu2QEM8EIif
|
||||
YzkUvMaDAXJ4VniTHkDf3ubRoUi3DwLbvJIPnoOlx3jmzz6KYiEd+uXx40Yrebb0
|
||||
V9GB2S2q1RY7wsFoCqT/mq8usQkjr3ulYMJqeIWnCTWgajXWqAHH/Mw=
|
||||
-----END RSA PRIVATE KEY-----
|
19
sharness/ssl/service.json
Normal file
19
sharness/ssl/service.json
Normal file
|
@ -0,0 +1,19 @@
|
|||
{
|
||||
"id": "QmdEtBsfumeH2V6dnx1fgn8zuW7XYjWdgJF4NEYpEBcTsg",
|
||||
"private_key": "CAASqAkwggSkAgEAAoIBAQC/ZmfWDbwyI0nJdRxgHcTdEaBFQo8sky9E+OOvtwZa5WKoLdHyHOLWxCAdpIHUBbhxz5rkMEWLwPI6ykqLIJToMPO8lJbKVzphOjv4JwpiAPdmeSiYMKLjx5V8MpqU2rwj/Uf3sRL8Gg9/Tei3PZ8cftxN1rkQQeeaOtk0CBxUFZSHEsyut1fbgIeL7TAY+4vCmXW0DBr4wh9fnoES/YivOvSiN9rScgWg6N65LfkI78hzaOJ4Nok2S4vYFCxjTAI9NWFUbhP5eJIFzTU+bZuQZxOn2qsoyw8pNZwuF+JClA/RcgBcCvVZcDH2ueVq/zT++bGCN+EWsAEdvJqJ5bsjAgMBAAECggEAaGDUZ6t94mnUJ4UyQEh7v4OJP7wYkFqEAL0qjfzl/lPyBX1XbQ3Ltwul6AR6uMGV4JszARZCFwDWGLGRDWZrTmTDxyfRQ+9l6vfzFFVWGDQmtz+Dn9uGOWnyX5TJMDxJNec+hBmRHOKpaOd37dYxGz0jr19V9UO7piRJp1J1AHUCypUGv5x1IekioSCu5fEyc7dyWwnmITHBjD08st+bCcjrIUFeXSdJKC8SymYeXdaVE3xH3zVEISKnrfT7bhuKZY1iibZIlXbVLNpyX36LkYJOiCqsMum3u70LH0VvTypkqiDbD4S6qfJ4vvUakpmKpOPutikiP7jkSP+AkaO0AQKBgQDkTuhnDK6+Y0a/HgpHJisji0coO+g2gsIszargHk8nNY2AB8t+EUn7C+Qu8cmrem5V8EXcdxS6z7iAXpJmY1Xepnsz+JP7Q91Lgt3OoqK5EybzUXXKkmNCD65n70Xxn2fEFzm6+GJP3c/HymlDKU2KBCYIyuUeaREjT0Fu3v6tgQKBgQDWnXppJwn4LJHhzFOCeO4zomDJDbLTZCabdKZoFP9r+vtEHAnclDDKx4AYbomSqgERe+DX6HR/tPHRVizP63RYPf7al2mJmPzt1nTkoc1/q5hQoD+oE154dADsW1pUp7AQjwCtys4iq5S0qAwIDpuY8M8bOHwZ+QmBvHYAigJCowKBgQC3HH6TX/2rH463bE2MARXqXSPGJj45sigwrQfW1xhe9zm1LQtN4mn2mvP5nt1D1l82OA6gIzYSGtX8x10eF5/ggqAf78goZ6bOkHh76b8fNzgvQO97eGt5qYAVRjhP8azU/lfEGMEpE1s5/6LrRe41utwSg0C+YkBnlIKDfQDAgQKBgDoBTCF5hK9H1JHzuKpt5uubuo78ndWWnvyrNYKyEirsJddNwLiWcO2NqChyT8qNGkbQdX/Fex89F5KduPTlTYfAEc6g18xxxgK+UM+uj60vArbf6PSTb5gculcnha2VuPdwvx050Cb8uu9s7/uJfzKB+2f/B0O51ID1H+ubYWsDAoGBAKrwGKHyqFTHSPg3XuRA1FgDAoOsfzP9ZJvMEXUWyu/VxjNt+0mRlyGeZ5qb9UZG+K/In4FbC/ux2P/PucCUIbgy/XGPtPXVavMwNbx0MquAcU0FihKXP0CUpi8zwiYc42MF7n/SztQnismxigBMSuJEDurcXXazjfcSRTypduNn",
|
||||
"cluster_secret": "84399cd0be811c2ca372d6ca473ffd73c09034f991c5e306fe9ada6c5fcfb641",
|
||||
"cluster_peers": [],
|
||||
"bootstrap": [],
|
||||
"leave_on_shutdown": false,
|
||||
"cluster_multiaddress": "/ip4/0.0.0.0/tcp/9096",
|
||||
"api_listen_multiaddress": "/ip4/127.0.0.1/tcp/9094",
|
||||
"ssl_cert_file": "test-config/server.crt",
|
||||
"ssl_key_file": "test-config/server.key",
|
||||
"ipfs_proxy_listen_multiaddress": "/ip4/127.0.0.1/tcp/9095",
|
||||
"ipfs_node_multiaddress": "/ip4/127.0.0.1/tcp/5001",
|
||||
"state_sync_seconds": 60,
|
||||
"ipfs_sync_seconds": 130,
|
||||
"replication_factor": -1,
|
||||
"monitoring_interval_seconds": 15,
|
||||
"allocation_strategy": "reposize"
|
||||
}
|
|
@ -11,7 +11,7 @@ cleanup test_clean_cluster
|
|||
|
||||
test_expect_success IPFS,CLUSTER,JQ "cluster-ctl can read id" '
|
||||
id=`cluster_id`
|
||||
test_cluster_config && ipfs-cluster-ctl id | egrep -q "$id"
|
||||
[ -n "$id" ] && ( ipfs-cluster-ctl id | egrep -q "$id" )
|
||||
'
|
||||
|
||||
test_expect_success IPFS,CLUSTER "cluster-ctl list 0 peers" '
|
||||
|
|
24
sharness/t0040-ssl-simple-exchange.sh
Executable file
24
sharness/t0040-ssl-simple-exchange.sh
Executable file
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
|
||||
test_description="Test service + ctl SSL interaction"
|
||||
|
||||
ssl_config="`pwd`/ssl"
|
||||
|
||||
. lib/test-lib.sh
|
||||
|
||||
test_ipfs_init
|
||||
cleanup test_clean_ipfs
|
||||
|
||||
test_cluster_init "$ssl_config"
|
||||
cleanup test_clean_cluster
|
||||
|
||||
test_expect_success "prerequisites" '
|
||||
test_have_prereq IPFS && test_have_prereq CLUSTER
|
||||
'
|
||||
|
||||
test_expect_success "ssl interaction succeeds" '
|
||||
id=`cluster_id`
|
||||
ipfs-cluster-ctl --https --no-check-certificate id | egrep -q "$id"
|
||||
'
|
||||
|
||||
test_done
|
22
sharness/t0041-ssl-enforcement.sh
Executable file
22
sharness/t0041-ssl-enforcement.sh
Executable file
|
@ -0,0 +1,22 @@
|
|||
#!/bin/sh
|
||||
|
||||
test_description="Test failure when server not using SSL but client requests it"
|
||||
|
||||
. lib/test-lib.sh
|
||||
|
||||
test_ipfs_init
|
||||
cleanup test_clean_ipfs
|
||||
test_cluster_init
|
||||
cleanup test_clean_cluster
|
||||
|
||||
test_expect_success "prerequisites" '
|
||||
test_have_prereq IPFS && test_have_prereq CLUSTER
|
||||
'
|
||||
|
||||
test_expect_success "ssl enforced by client" '
|
||||
test_cluster_config
|
||||
id=`cluster_id`
|
||||
test_must_fail ipfs-cluster-ctl --https --no-check-certificate id
|
||||
'
|
||||
|
||||
test_done
|
Loading…
Reference in New Issue
Block a user