Omar Polo
4b5b1e82a9
add a test for the `proxy relay-to' rule
2021-12-29 20:36:54 +00:00
Omar Polo
a62c63f261
retire the old gg
2021-12-29 18:18:41 +00:00
Omar Polo
7a4ae106ec
switch to the new gg for the regress suite
2021-12-29 18:16:00 +00:00
Omar Polo
ce09569f7b
typo
2021-12-29 18:13:55 +00:00
Omar Polo
ae0d3cdbbe
typo
...
forgot to rename variable in lib.sh: dont_check ->
dont_check_server_alive.
2021-12-09 19:13:30 +00:00
Omar Polo
e5285d5422
rename runtime' to
regress'
...
while there also kill an unused rule `regress', it's now redundant since
all the tests are run together.
2021-12-09 20:06:38 +01:00
Omar Polo
a721c233ee
rename variable
2021-12-09 19:03:18 +00:00
Omar Polo
5741561d57
run all kinds of tests via tests.sh/runtime
...
while there also change the dependency in the makefile: iri_test should
be alone, not as deps of `data'.
2021-12-09 19:02:09 +00:00
Omar Polo
ea47a245aa
add ocs stapling checking for gg
2021-12-09 18:51:02 +00:00
Omar Polo
3096da4ef4
allow to run only a subset of the runtime tests
...
with
make TESTS='test_1 test_2 ...' regress
now it's possible to run only that specified subset of tests. It's
really useful during debugging :)
2021-10-07 08:55:44 +00:00
Omar Polo
6e0f14d51e
re-add sha script; it's used in the Makefile
...
While there, use it in the tests too
2021-10-04 09:40:05 +00:00
Omar Polo
260becda9c
reduced the timeout time for single checks
2021-10-04 09:34:39 +00:00
Omar Polo
4a2a525d7c
allow running only specific tests
...
It's now possible to run only a subset of the tests with:
./runtime test1 test2 ...
2021-10-04 09:30:18 +00:00
Omar Polo
99c91b4a51
remove unused script
2021-10-04 09:07:42 +00:00
Omar Polo
176179b2a9
rework the regression suite
...
The tests are still there, the suite is equivalent to the old one, but
this one is better structured.
The biggest annoyance I had with the old one was that it wasn't
straightforward to test only a specific set of tests. It's still
impossible, but it's way easier to do it now.
This extract all the tests to their own functions. It's overall
better in all possible regards.
2021-10-04 09:04:33 +00:00
Omar Polo
c28994868e
update clean target
2021-10-02 19:35:30 +00:00
Omar Polo
827cc37cff
update tests
...
* we don't add a space before the lang anymore
* we're more strict in CGI handling: the `invalid' CGI script now
triggers a 42 CGI ERROR
2021-10-02 17:20:56 +00:00
Omar Polo
3571854e94
fix possible out-of-bound access
...
While computing the parent directory it an out-of-bound access can
occur, which usually means the server process dies.
In particular, it can be triggered by making a request for a
non-existent file in the root of a virtual host if the path matches
the `cgi` pattern.
Thanks cage for helping in debugging!
2021-09-24 10:48:51 +00:00
Omar Polo
3e0164f4c3
use certs from regress/
2021-07-19 11:37:01 +00:00
Omar Polo
735336b21e
unbreak configless mode
...
An un-initialized field in the configless code path leads to a crash
on the first request.
2021-07-19 11:15:44 +00:00
Omar Polo
a82d4dfa25
provide a fallback value for SKIP_RUNTIME_TESTS
...
some [ implementation will warn about "bad number"
2021-07-10 09:09:26 +00:00
Omar Polo
d19951cf03
rename mime MIME EXT' to
map MIME to-ext EXT'
...
With the newish automatic string concatenation, options like `mime'
that accepts two strings as parameter start to become ambiguous: which
strings gets concatenated? Instead of trying to document in the
manpage which argument(s) is subject to string concatenation, do the
concat always and introduce a separator. In the case of mime,
`to-ext' now acts as a separator to distinguish. While there, also
use a new keyword because it sounds better.
It's dead-easy to upgrade to the new configuration, possibly with some
sed magic, but for the moment the old `mime' form is preserved: (with
a warning!) Will be dropped in the next release.
2021-07-09 08:30:55 +02:00
Omar Polo
bffa7daab8
provide a means to skip the runtime tests
...
Setting the environment variable SKIP_RUNTIME_TESTS to 1 will prevent
the runtime tests. This is useful when running the tests inside a
sandbox.
based on a similar diff by Anna "CyberTailor"
2021-07-08 17:13:17 +02:00
Anna “CyberTailor”
9797799ad4
regress/Makefile: add missing LDFLAGS
2021-07-08 16:55:08 +02:00
Omar Polo
321341f6c0
add -T timeout to gg; don't let the regress test hang
2021-07-06 13:09:24 +00:00
Omar Polo
ca3f67564c
don't log too much by default
2021-07-06 11:53:24 +00:00
Omar Polo
fb4102a5ff
test macro expansion too
2021-07-06 11:52:28 +00:00
Omar Polo
7322a054f5
use -subj /CN=name when generating the keys for the tests
...
`printf | openssl` is ugly :/
2021-07-03 08:13:42 +00:00
Omar Polo
89c110fe7b
be quieter
...
nobody really cares if must_read fails, as it normally shouldn't. It
only clutters the regression tests with scary messages that looks like
failure but are, in fact, expected.
2021-06-15 08:07:44 +00:00
Omar Polo
0f2124e291
add some simple test for fastcgi
...
and while there reorder the targets in the Makefile a bit
2021-06-12 13:47:01 +00:00
Omar Polo
03fcfb79d6
add simple fcgi application for test purposes
2021-06-12 13:46:05 +00:00
Omar Polo
f48e3b85a9
move gg to regress
2021-05-24 13:48:55 +00:00
Omar Polo
7aa9258633
make more explicit the per-location roots test
2021-04-30 19:08:27 +00:00
Omar Polo
737a6b50c5
ensure %p (path) is always absolute
...
with the recent changes, sometimes the path may not start with a '/'.
This ensures that %s is ALWAYS an absolute path.
2021-04-30 19:07:37 +00:00
Omar Polo
fdea6aa0bc
allow ``root'' rule to be specified per-location block
2021-04-30 17:16:34 +00:00
Omar Polo
9d092b607a
fix IRI-parsing bug
...
Some particularly crafted IRIs can cause a denial of service (DOS).
IRIs which have a trailing `..' segment and resolve to a valid IRI
(i.e. a .. that's not escaping the root directory) will make the
server process loop forever.
This is """just""" an DOS vulnerability, it doesn't expose anything
sensitive or give an attacker anything else.
2021-04-12 20:11:47 +00:00
Omar Polo
c836cdfadb
handle CGI scripts that replies with the maximum header length allowed
...
the 1024 bytes limits is for the META only, not for the whole
response. That means that the maximum size for the header line is
1029!
2021-03-29 09:42:06 +00:00
Omar Polo
052c9d2403
kill only $pid during regress testing
...
before we did `pkill gmid', but that would influence also other
instances of gmid!
2021-03-20 08:51:58 +00:00
Omar Polo
62e001b067
move all sandbox-related code to sandbox.c
...
while there, add capsicum for the logger process
2021-03-20 08:42:08 +00:00
Omar Polo
bc99d868bc
refactoring: imsg everywhere
...
use imsg to handle ALL kinds of IPC in gmid. This simplifies and shorten the
code, and makes everything more uniform too.
2021-03-19 19:21:29 +00:00
Omar Polo
17458f11e1
sync global variables
2021-02-23 13:44:20 +01:00
Omar Polo
a4188b7865
echo parsing test result
2021-02-12 11:27:52 +00:00
Omar Polo
e1b4612359
dup line
2021-02-12 08:49:31 +00:00
Omar Polo
4ad0601d18
link to compat/ even in regress
...
this unlocks the full regress tests on arch, for instance, or every
OS where we don't have strl*
2021-02-10 22:06:16 +00:00
Omar Polo
49b73ba1ab
fix "first location" bug
...
reported by devel at datenbrei dot de. The first location would
overwrite the default value for a server, triggering the "`foo' rule
specified more than once" error. This also needed a small tweak on
how we match locations to avoid breaking other tests.
2021-02-10 16:37:08 +00:00
Omar Polo
2898780aea
fix ca generation
2021-02-10 15:09:08 +00:00
Omar Polo
d3f073c9ed
don't delete valid.ext
2021-02-09 22:40:04 +00:00
Omar Polo
02be96c6dd
add `require client ca' rule to require certs signed by a CA
2021-02-09 22:30:04 +00:00
Omar Polo
2ff026b09b
add conf for a ca
2021-02-09 22:12:19 +00:00
Omar Polo
319b7fa909
define conf in the test program, not in puny.c
2021-02-08 12:43:36 +00:00
Omar Polo
b63e30ff44
define TLS_CLIENT_NOT_BEFORE/NOT_AFTER in CGI scripts
2021-02-07 21:47:01 +00:00
Omar Polo
9f006a2127
[cgi] split the query in words if needed and add them to the argv
2021-02-07 18:55:04 +00:00
Omar Polo
3abf91b0b4
improve logs management
2021-02-07 15:30:28 +00:00
Omar Polo
2564eddee4
add set -e to env script
...
It avoids some long sequences of "echo: IO error" when the client
close the connection before EOF.
2021-02-07 11:32:53 +00:00
Omar Polo
3704b36bda
add script for the regress suite
2021-02-06 18:29:36 +00:00
Omar Polo
e3ddf39095
add the ``entrypoint'' option
2021-02-06 18:28:43 +00:00
Omar Polo
afc025ff60
restart the daemon instead of kill+start
...
this way we can also test the reload capability!
2021-02-06 17:35:48 +00:00
Omar Polo
6abda252e9
added `block return'' and
`strip'' options
2021-02-06 17:22:37 +00:00
Omar Polo
4125c94fda
make sure @ is allowed, and rephrase another test
2021-02-06 13:57:12 +00:00
Omar Polo
8404ec301f
don't %-decode the query
2021-02-05 14:31:53 +00:00
Omar Polo
87f2b68b58
cgi now follows globbing rules
2021-02-02 22:38:35 +00:00
Omar Polo
5f715ce43f
print the header in the directory listing
2021-02-02 09:48:32 +00:00
Omar Polo
35744950aa
simplify handle_cgi
...
Now that I got rid of the enum+switch, adding more state is easier.
Before, we used an hack to remember if we had read the CGI reply or
not (c->code = -1).
This introduces a new state, handle_cgi_reply that reads the CGI
script reply, logs it, and only then switches to handle_cgi.
handle_cgi itself is cleaner, now it only reads into c->sbuf and send
what it had red.
We even get, almost for free, the 42 error. If read exists with -1 or
0 from in handle_cgi_reply, we return a proper error to the client.
We can extend this further in the future and also try to validate the
CGI reply (for now we're only looking for a \n).
2021-02-01 22:04:51 +00:00
Omar Polo
1e7591a922
parse_err is a const pointer
2021-02-01 19:58:04 +00:00
Omar Polo
6ff23c6739
use absolute paths in the regression suite
2021-02-01 11:04:21 +00:00
Omar Polo
e7c7f19c4e
more IRI tests
...
ensure non-encoded and pct-encoded hostnames are parsed correctly
2021-01-29 18:52:36 +00:00
Omar Polo
cef60084e6
fix puny-test build
2021-01-29 18:51:35 +00:00
Omar Polo
44ee1bac8b
use starts_with in puny.c
2021-01-27 15:35:09 +00:00
Omar Polo
46af8c6cfe
drop the daemon config in favour of the -f flag
...
Now it daemonize by default when running with a config, unless the -f
flag is given.
2021-01-27 12:04:37 +00:00
Omar Polo
7957cbd9aa
const-ify puny_decode (and add puny.c)
2021-01-27 11:21:23 +00:00
Omar Polo
3300cbe06a
initial punycode support
2021-01-27 10:47:49 +00:00
Omar Polo
252908e6bb
added support for location blocks
2021-01-24 18:53:26 +00:00
Omar Polo
c8b7433918
added support for location blocks
2021-01-24 14:11:40 +00:00
Omar Polo
7b31a6386d
test CGI with big files
2021-01-24 10:24:34 +00:00
Omar Polo
e7a2a99b5a
added index option
2021-01-24 09:14:01 +00:00
Omar Polo
6cdecad88d
fix test portability
...
wc return 2048 on fedora (it doesn't count the trailing \n), while on
OpenBSD, Void linux on aarch64 and Alpine linux on vmd(8) returns
2049.
2021-01-23 17:44:23 +00:00
Omar Polo
2349b02b26
bump the key size a little
...
on fedora with libretls (running on top of openssl) it won't open the
key otherwise.
2021-01-23 17:42:04 +00:00
Omar Polo
ce06cdc5bd
drop gg.py
2021-01-23 17:11:16 +00:00
Omar Polo
31a4993a94
use gg instead of gg.py for the regression suite
2021-01-23 17:10:00 +00:00
Omar Polo
3309ef975c
accumulate the whole response line for CGI scripts
2021-01-23 15:32:38 +00:00
Omar Polo
c421bd46ed
drop genbigfile
2021-01-22 17:24:33 +00:00
Omar Polo
609fc9f9d9
use a c program to fill the file
...
it's several order of magnitude faster than the equivalent shell script
2021-01-22 17:18:55 +00:00
Omar Polo
99f95f7762
fix for sha256sum
2021-01-22 17:14:40 +00:00
Omar Polo
5c2e310ede
brand new regress suite
2021-01-22 16:48:04 +00:00