Skip to content

Test improvements#73

Merged
theyoyojo merged 20 commits into
masterfrom
test_improvements
Apr 1, 2024
Merged

Test improvements#73
theyoyojo merged 20 commits into
masterfrom
test_improvements

Conversation

@charliemirabile

@charliemirabile charliemirabile commented Apr 1, 2024

Copy link
Copy Markdown
Contributor

substantial cleanup / refactor of tests to make them more useful.

Fixes: #56

Comment thread test.sh
Comment thread test.sh
Comment thread test.sh

@theyoyojo theyoyojo left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

small comments

@theyoyojo

Copy link
Copy Markdown
Contributor

Tests fail when test directory (not in source control) doen't exist:

sudo ./test.sh
+ trap : EXIT
+ require curl
+ command -v curl
+ ./script-lint.sh
+ shellcheck script-lint.sh
+ shellcheck test.sh
+ shellcheck extenginx/create_dev_keys.sh
+ shellcheck orbit/test-style.sh
+ shellcheck orbit/warpdrive.sh
+ pushd orbit
/home/joel/src/singularity/orbit /home/joel/src/singularity
+ ./test-style.sh
+ flake8 radius.py
+ flake8 config.py
+ flake8 db.py
+ flake8 hyperspace.py
+ popd
/home/joel/src/singularity
+ rm -f test/create_user test/delete_user test/login_fail_invalid test/login_fail_no_user test/login_success test/pop_get_empty test/pop_get_message test/register_fail_duplicate test/register_fail_no_user test/register_fail_wrong test/register_success test/smtp_send_email email/logs/2.1711999267.1 email/mail/2.1711999267.0
+ DEVEL=
+ STAGING=
+ PORT=443
+ POP_PORT=995
+ SMTP_PORT=465
+ EMAIL_HOSTNAME=kdlp.underground.software
+ '[' -n '' ']'
+ '[' -n '' ']'
+ CURL_OPTS=(--verbose --cacert ssl/fullchain.pem --fail --no-progress-meter)
+ curl --url https://localhost:443/register --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data student_id=1234
+ tee test/register_fail_no_user
+ grep 'msg = no such student'
* processing: https://localhost:443/register
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /register HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 15
> Content-Type: application/x-www-form-urlencoded
>
} [15 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:19 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1160 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = no such student</code><br>
+ curl --url https://localhost:443/login --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data 'username=user&password=pass'
+ grep 'msg = authentication failure'
+ tee test/login_fail_no_user
* processing: https://localhost:443/login
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /login HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 27
> Content-Type: application/x-www-form-urlencoded
>
} [27 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:19 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1365 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = authentication failure</code><br>
+ orbit/warpdrive.sh -u user -p pass -i 1234 -n
+ tee test/create_user
+ grep 'credentials(username: user, password:pass)'
credentials(username: user, password:pass)
+ add_cleanup 'orbit/warpdrive.sh   -u user -w   | tee test/delete_user   | grep '\''user'\'''
++ printf '%s\n' 'orbit/warpdrive.sh   -u user -w   | tee test/delete_user   | grep '\''user'\'''
+++ trap -p EXIT
++ eval 'get_stack trap -- '\'':'\'' EXIT'
+++ get_stack trap -- : EXIT
+++ printf '%s\n' :
+ trap -- 'orbit/warpdrive.sh   -u user -w   | tee test/delete_user   | grep '\''user'\''
:' EXIT
+ curl --url https://localhost:443/register --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data student_id=123
+ tee test/register_fail_wrong
+ grep 'msg = no such student'
* processing: https://localhost:443/register
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /register HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 14
> Content-Type: application/x-www-form-urlencoded
>
} [14 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:19 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1160 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = no such student</code><br>
+ tee test/register_success
+ curl --url https://localhost:443/register --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data student_id=1234
+ grep 'msg = welcome to the classroom'
* processing: https://localhost:443/register
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /register HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 15
> Content-Type: application/x-www-form-urlencoded
>
} [15 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:19 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1070 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = welcome to the classroom</code><br>
+ curl --url https://localhost:443/register --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data student_id=1234
+ tee test/register_fail_duplicate
+ grep 'msg = no such student'
* processing: https://localhost:443/register
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /register HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 15
> Content-Type: application/x-www-form-urlencoded
>
} [15 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:19 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1160 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = no such student</code><br>
+ curl --url https://localhost:443/login --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data 'username=user&password=invalid'
+ tee test/login_fail_invalid
+ grep 'msg = authentication failure'
* processing: https://localhost:443/login
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /login HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 30
> Content-Type: application/x-www-form-urlencoded
>
} [30 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:20 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1365 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = authentication failure</code><br>
+ curl --url https://localhost:443/login --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data 'username=user&password=pass'
+ tee test/login_success
+ grep 'msg = user authenticated by password'
* processing: https://localhost:443/login
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /login HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 27
> Content-Type: application/x-www-form-urlencoded
>
} [27 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:20 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=ca3e393abbb8e105b07c1742cba2c5bba698b816050c0538c3af2accee1a24a6; Expires=Mon, 01 Apr 2024 22:21:20 GMT; Max-Age=10800; Path=/
<
{ [1633 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = user authenticated by password</code><br>
+ curl --url pop3s://localhost:995 --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --user user:pass
+ tee test/pop_get_empty
+ diff /dev/fd/63 /dev/stdin
++ printf '\r\n'
* processing: pop3s://localhost:995
*   Trying [::1]:995...
* connect to ::1 port 995 failed: Connection refused
*   Trying 127.0.0.1:995...
* Connected to localhost (127.0.0.1) port 995
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [6 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< +OK POP3 ready
} [5 bytes data]
> CAPA
{ [5 bytes data]
< +OK Capability list follows
< TOP
< USER
< UIDL
< SASL PLAIN LOGIN
< .
} [5 bytes data]
> AUTH PLAIN
{ [5 bytes data]
< +
} [5 bytes data]
> AHVzZXIAcGFzcw==
{ [5 bytes data]
< +OK got username
} [5 bytes data]
> LIST
{ [5 bytes data]
< +OK maildrop follows
{ [5 bytes data]
* Connection #0 to host localhost left intact
++ printf '\r'
+ CR=$'\r'
+ curl --url smtps://localhost:465 --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --mail-from user@kdlp.underground.software --mail-rcpt other@kdlp.underground.software --upload-file - --user user:pass
+ tee test/smtp_send_email
+ diff /dev/fd/63 /dev/stdin
++ printf ''
* processing: smtps://localhost:465
*   Trying [::1]:465...
* connect to ::1 port 465 failed: Connection refused
*   Trying 127.0.0.1:465...
* Connected to localhost (127.0.0.1) port 465
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [6 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< 220 kdlp.underground.software ESMTP ready
} [5 bytes data]
> EHLO fedora
{ [5 bytes data]
< 250-kdlp.underground.software
< 250 AUTH PLAIN LOGIN
} [5 bytes data]
> AUTH PLAIN
{ [5 bytes data]
< 334
} [5 bytes data]
> AHVzZXIAcGFzcw==
{ [5 bytes data]
< 235 2.0.0 OK
} [5 bytes data]
> MAIL FROM:<user@kdlp.underground.software>
{ [5 bytes data]
< 250 OK
} [5 bytes data]
> RCPT TO:<other@kdlp.underground.software>
{ [5 bytes data]
< 250 OK
} [5 bytes data]
> DATA
{ [5 bytes data]
< 354 Start input
} [5 bytes data]
< 250 OK
* Connection #0 to host localhost left intact
+ curl --url pop3s://localhost:995/1 --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --user user:pass
+ tee test/pop_get_message
+ grep 'Bottom text'
* processing: pop3s://localhost:995/1
*   Trying [::1]:995...
* connect to ::1 port 995 failed: Connection refused
*   Trying 127.0.0.1:995...
* Connected to localhost (127.0.0.1) port 995
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [6 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< +OK POP3 ready
} [5 bytes data]
> CAPA
{ [5 bytes data]
< +OK Capability list follows
< TOP
< USER
< UIDL
< SASL PLAIN LOGIN
< .
} [5 bytes data]
> AUTH PLAIN
{ [5 bytes data]
< +
} [5 bytes data]
> AHVzZXIAcGFzcw==
{ [5 bytes data]
< +OK got username
} [5 bytes data]
> RETR 1
{ [5 bytes data]
< +OK message follows
{ [5 bytes data]
* Connection #0 to host localhost left intact
Bottom text
+ orbit/warpdrive.sh -u user -w
+ tee test/delete_user
+ grep user
user
+ :
rm -rf test
sudo ./test.sh
+ trap : EXIT
+ require curl
+ command -v curl
+ ./script-lint.sh
+ shellcheck script-lint.sh
+ shellcheck test.sh
+ shellcheck extenginx/create_dev_keys.sh
+ shellcheck orbit/test-style.sh
+ shellcheck orbit/warpdrive.sh
+ pushd orbit
/home/joel/src/singularity/orbit /home/joel/src/singularity
+ ./test-style.sh
+ flake8 radius.py
+ flake8 config.py
+ flake8 db.py
+ flake8 hyperspace.py
+ popd
/home/joel/src/singularity
+ rm -f 'test/*' email/logs/3.1711999280.1 email/mail/3.1711999280.0
+ DEVEL=
+ STAGING=
+ PORT=443
+ POP_PORT=995
+ SMTP_PORT=465
+ EMAIL_HOSTNAME=kdlp.underground.software
+ '[' -n '' ']'
+ '[' -n '' ']'
+ CURL_OPTS=(--verbose --cacert ssl/fullchain.pem --fail --no-progress-meter)
+ curl --url https://localhost:443/register --verbose --cacert ssl/fullchain.pem --fail --no-progress-meter --data student_id=1234
+ tee test/register_fail_no_user
+ grep 'msg = no such student'
tee: test/register_fail_no_user: No such file or directory
* processing: https://localhost:443/register
*   Trying [::1]:443...
* connect to ::1 port 443 failed: Connection refused
*   Trying 127.0.0.1:443...
* Connected to localhost (127.0.0.1) port 443
* ALPN: offers h2,http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: ssl/fullchain.pem
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [1308 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [520 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=localhost
*  start date: Mar 13 02:05:24 2024 GMT
*  expire date: Apr  6 02:05:24 2389 GMT
*  common name: localhost (matched)
*  issuer: CN=localhost
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> POST /register HTTP/1.1
> Host: localhost
> User-Agent: curl/8.2.1
> Accept: */*
> Content-Length: 15
> Content-Type: application/x-www-form-urlencoded
>
} [15 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [57 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Mon, 01 Apr 2024 19:21:27 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: auth=
< Set-Cookie: auth=
<
{ [1160 bytes data]
* Connection #0 to host localhost left intact
        <code>msg = no such student</code><br>
+ :

Fixes: 9008715 ("test: add initial basic testing script")
Fixes: 0cfe1f2 ("test: use shellcheck to scan the two scripts in the repo")
Since the return code is all we are after, we can shove
the output into dev null.

Fixes: ba3b47a ("test: create abstraction for command requirements checking")
Fixes: 74189f7 ("test: bail at the begining when dependencies are lacking")
If there are syntax or style errors, we should bail early instead
of failing in potentially a more complicated way by running the
real functionality tests.
instead of introducing a function to print the command being executed
and exit the shell if it fails, just use the builtin set -e and set -x
flags in the shell.
we don't need anything bash specific so use a more generic shell
that is going to be present on all systems
this script calls shellcheck on all the .sh files similar
to test-style.sh from orbit.
Shellcheck SC2086 suggests doing this. It is unlikely that
the container name could have a space (is it even possible?)
but it is good practice nonetheless and tidier than having
a nolint comment.
we now lint the warpdrive script during the tests.
Shellcheck SC3040 warns about using pipefail when the shebang is
/bin/sh since it is not specified by posix. There are no commands
with pipes in the script so it wasn't doing anything anyways and
can just be removed to make shellcheck happy.
we now lint create_dev_keys.sh during the tests
Since podman is never directly invoked in test.sh, it is
clearer to delegate checking for it to the script that actually
uses it (warpdrive)
The inclusion of chcon was a relic of an earlier version of the test
script that never even got merged. That version would fully delete
the email directory and so it needed to use chcon to set it back to
container_file_t before starting the tests, but during the review
process the code was changed to just delete all emails and logs within
the folder instead of deleting the folder itself, so this code was and
is no longer necessary.

Fixes: 9008715 ("test: add initial basic testing script")
flake8 is never invoked directly in test.sh so it is kind of
confusing that it is listed as a requirement. We can just delegate
checking for required commands to any subscripts instead of having
to bubble the dependencies up so it is easier to keep them up to date.
since d752e19 the login page has not been returning a 401 so it is no
longer necessary to omit --fail on the curl command.

Fixes: d752e19 ("nginx: fix unauthorized redirect to properly include original target")
Fixes: 9008715 ("test: add initial basic testing script")
the test script now maintains a stack of functions to run at exit from the
shell. the `add_cleanup` function pushes a new entry to the stack and then
regardless of how the script terminates (error or successfully) any items
that have been pushed on to the stack are executed in reverse order. As an
example, the user deletion code is moved from being executed after all the
authentication related test code runs, to being pushed on to the cleanup
stack immediately after the user creation is performed so that regardless
of whether the subsequent tests pass, the user will be deleted and the
script can be run idempotently.
instead of deleting and recreating the folder, just rm the contents
Even if the files in the test folder are owned by root, as long
as the folder is owned by the regular user, they can be deleted.

Now that the folder is not recreated every time the script is run
it can just stick around as a folder owned by the unprivileged
user even when it is used to hold the output of runs using sudo.
since every curl command has
--verbose
--insecure
--fail
--no-progress-meter
they can be stored in a variable and referenced where used
insecure disables all cert verification including basic things like the
expiry date matching hostnames, etc. Instead we can provide the cert
public key from the ssl folder to curl so that it can recognize the
cert even though it is self signed. Fixes #56
@theyoyojo theyoyojo merged commit bb0f4b5 into master Apr 1, 2024
@theyoyojo theyoyojo deleted the test_improvements branch April 1, 2024 20:35
@charliemirabile charliemirabile mentioned this pull request Apr 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

avoid --insecure curl option in testing

2 participants