httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ic...@apache.org
Subject svn commit: r1750781 - in /httpd/test/mod_h2/trunk: conf/sites/test.example.org.conf htdocs/test.example.org/ssl-client-verify/ htdocs/test.example.org/ssl-client-verify/index.html test/test.sh test/test_renegotiate.sh test/test_ssl.sh
Date Thu, 30 Jun 2016 12:11:41 GMT
Author: icing
Date: Thu Jun 30 12:11:41 2016
New Revision: 1750781

URL: http://svn.apache.org/viewvc?rev=1750781&view=rev
Log:
add ssl test repeats

Added:
    httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/
    httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/index.html
    httpd/test/mod_h2/trunk/test/test_ssl.sh
Removed:
    httpd/test/mod_h2/trunk/test/test_renegotiate.sh
Modified:
    httpd/test/mod_h2/trunk/conf/sites/test.example.org.conf
    httpd/test/mod_h2/trunk/test/test.sh

Modified: httpd/test/mod_h2/trunk/conf/sites/test.example.org.conf
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/conf/sites/test.example.org.conf?rev=1750781&r1=1750780&r2=1750781&view=diff
==============================================================================
--- httpd/test/mod_h2/trunk/conf/sites/test.example.org.conf (original)
+++ httpd/test/mod_h2/trunk/conf/sites/test.example.org.conf Thu Jun 30 12:11:41 2016
@@ -20,6 +20,11 @@
     AllowOverride All
 </Directory>
 
+<Directory "SUBST_SERVER_ROOT_SUBST/htdocs/test.example.org/ssl-client-verify">
+    Require all granted
+     SSLVerifyClient require
+</Directory>
+
 <VirtualHost *:SUBST_PORT_HTTPS_SUBST>
 	ServerName test.example.org
     ServerAlias test3.example.org

Added: httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/index.html
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/index.html?rev=1750781&view=auto
==============================================================================
--- httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/index.html (added)
+++ httpd/test/mod_h2/trunk/htdocs/test.example.org/ssl-client-verify/index.html Thu Jun 30
12:11:41 2016
@@ -0,0 +1,7 @@
+<html>
+    <head>
+    </head>
+    <body>
+        <h2>only https with client cert</h2>
+    </body>
+</html>

Modified: httpd/test/mod_h2/trunk/test/test.sh
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/test/test.sh?rev=1750781&r1=1750780&r2=1750781&view=diff
==============================================================================
--- httpd/test/mod_h2/trunk/test/test.sh (original)
+++ httpd/test/mod_h2/trunk/test/test.sh Thu Jun 30 12:11:41 2016
@@ -39,7 +39,7 @@ export CURL="$CURL"
 $SHELL "$TEST_DIR"/test_curl_altsvc.sh $HTTP_AUTH  $HTTPS_AUTH                &&
 $SHELL "$TEST_DIR"/test_proto_order.sh $HTTPS_AUTH $HTTPS_AUTH_2              &&
 $SHELL "$TEST_DIR"/test_alt_host.sh    $HTTPS_AUTH $HTTPS_AUTH_2              &&
-$SHELL "$TEST_DIR"/test_renegotiate.sh $HTTPS_AUTH                            &&
+$SHELL "$TEST_DIR"/test_ssl.sh         $HTTPS_AUTH                            &&
 $SHELL "$TEST_DIR"/test_upgrade.sh     $HTTP_AUTH  $HTTPS_AUTH                &&
 $SHELL "$TEST_DIR"/test_nghttp_get.sh  $HTTPS_AUTH                            &&
 $SHELL "$TEST_DIR"/test_nghttp_post.sh $HTTPS_AUTH                            &&

Added: httpd/test/mod_h2/trunk/test/test_ssl.sh
URL: http://svn.apache.org/viewvc/httpd/test/mod_h2/trunk/test/test_ssl.sh?rev=1750781&view=auto
==============================================================================
--- httpd/test/mod_h2/trunk/test/test_ssl.sh (added)
+++ httpd/test/mod_h2/trunk/test/test_ssl.sh Thu Jun 30 12:11:41 2016
@@ -0,0 +1,54 @@
+#!/bin/bash
+# Copyright 2015 greenbytes GmbH (https://www.greenbytes.de)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+source $(dirname $0)/test_common.sh
+echo "test renegotiate: $@"
+
+################################################################################
+# check access to other hosts on same connection
+################################################################################
+
+
+URL1="$1"
+
+URL_PREFIX="$URL1"
+
+# lookup a resource that requires TLS cipher suite renegotiation. Should
+# work when using HTTP/1.1
+#
+# With current openssl 1.1.0 work in trunk, this no longer works
+# TODO: not working with openssl 1.0.2f?
+#curl_check_status ssl/renegotiate/cipher "404" "curl reneg cipher: http/1"
+
+# curl does not give the RST_STREAM error anywhere, it seems. Skip this for now
+#curl_check_status ssl/renegotiate/cipher "404" "curl reneg cipher: h2" --http2
+
+# nghttp gives RST_STREAM in verbose mode, check that the given urls
+# signal fallback to HTTP/1.1
+#
+if min_version 2.4.18; then
+    nghttp_check_rst_error ssl/renegotiate/cipher "HTTP_1_1_REQUIRED" "nghttp reneg cipher"
+    nghttp_check_rst_error ssl/renegotiate/verify "HTTP_1_1_REQUIRED" "nghttp reneg verify"
+
+
+    nghttp_check_rst_error ssl-client-verify/index.html "HTTP_1_1_REQUIRED" "nghttp client
certificate"
+    # check that client-verify fails and keeps on failing on the same connection
+    # reported by erki@example.ee
+    h2load_check_requests "loading from client-verify location several times" \
+        $URL_PREFIX/ssl-client-verify/index.html -n 10 -c 1 -t 1 -m 1  <<EOF
+requests: 10 total, 10 started, 10 done, 0 succeeded, 10 failed, 10 errored, 0 timeout
+EOF
+fi



Mime
View raw message