From: Felix Dörre Date: Thu, 28 Aug 2014 18:25:01 +0000 (+0200) Subject: [Test-Configchange]: add http-ping-testing X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=0b77293697a8a0fabf120c7b820a71ec94831c82;ds=sidebyside [Test-Configchange]: add http-ping-testing domain.dnsmanage renamed to domain.manage (php script was updated) domain.http new domain for http pinging --- diff --git a/config/test.properties.template b/config/test.properties.template index bc8d3355..19e2645b 100644 --- a/config/test.properties.template +++ b/config/test.properties.template @@ -24,6 +24,7 @@ sql.user=cacert sql.password= -domain.dnsmanage=http://you-installation-of-the/index.php +domain.manage=http://you-installation-of-the/index.php +domain.http=you-intstallation-for-the-textfiles domain.dnstest=the.dns.zone domain.testns=the.authorativ.ns.for.domain.dnstest diff --git a/doc/jenkinsJob/ci-tests-setup.txt b/doc/jenkinsJob/ci-tests-setup.txt index 2b75bd03..e51c280c 100644 --- a/doc/jenkinsJob/ci-tests-setup.txt +++ b/doc/jenkinsJob/ci-tests-setup.txt @@ -8,7 +8,9 @@ make jenkins write them to "config/test.properties" -you need a dynamically managable dns zone. Write the zone name to "domain.dnstest" in "test.properties" -and a manage script (see dyn-txt.php). Put the url with password in "domain.dnsmanage" +and a manage script (see dyn-txt.php). +- Put the url with password in "domain.manage" +- Put the host with password in "domain.http" Setup with bind9: dnssec-keygen -a HMAC-SHA512 -b 512 -n HOST example.org. diff --git a/doc/jenkinsJob/dyn-txt.php b/doc/jenkinsJob/dyn-txt.php index c7c73e4c..7914b986 100644 --- a/doc/jenkinsJob/dyn-txt.php +++ b/doc/jenkinsJob/dyn-txt.php @@ -1,27 +1,65 @@ "){ - die (); +define("ZONENAME", "cacert.dyn.dogcraft.de"); +define("KEYNAME", "keys/Kcacert.dyn.dogcraft.de.+165+54687.key"); + +if(!isset($_GET['token']) || !isset($_GET['t1']) || !isset($_GET['t2']) || !isset($_GET['action'])){ + die("Error"); +} +if($_GET['token'] != "rD1m3A9ew6Hs4DIv7lnTxNbR6dr"){ + die (); } $t1 = $_GET['t1']; $t2 = $_GET['t2']; -if(!preg_match("/[a-zA-Z0-9]+/", $t1) || !preg_match("/[a-zA-Z0-9]+/", $t2)){ +if(!preg_match("/^[a-zA-Z0-9]+$/", $t1) || !preg_match("/^[a-zA-Z0-9]+$/", $t2)){ die("Error"); } +$todelete = array(); -$call = << TXT -update add cacert-{$t1}. 60 TXT {$t2} -send -quit +if(file_exists("data.php")){ + include ("data.php"); +} -EOF; -echo $call; +$time = time()/60; +if(!isset($todelete[$time])){ + $todelete[$time] = array(); +} + +$dnscalls = ""; -$nsupdate = popen("/usr/bin/nsupdate -k .key", 'w'); -fwrite($nsupdate, $call); -$retval = pclose($nsupdate); // nsupdate doesn't return anything useful when called this way +if($_GET['action'] == "http"){ + $todelete[$time][] = array("http", $t1); + file_put_contents("cacert-$t1.txt", $t2); +} else if($_GET['action'] == "dns") { + $todelete[$time][] = array("dns", $t1); + $dnscalls .= "update delete cacert-{$t1}." . ZONENAME . " TXT\n" + ."update add cacert-{$t1}." . ZONENAME . " 60 TXT {$t2}\n"; +} +$copy = $todelete; +foreach($copy as $nt => $ar){ + if($nt < $time - 2){ + unset($todelete[$nt]); + foreach($ar as $act){ + if($act[0] == "http"){ + unlink("cacert-{$act[1]}.txt"); + } else if($act[0] == "dns") { + $dnscalls .= "update delete cacert-{$act[1]}." . ZONENAME . " TXT\n"; + } + } + } +} +file_put_contents("data.php", ""); + +if($dnscalls != ""){ + dnsAction($dnscalls); +} + +function dnsAction($command) { + $call = "server localhost\n$command\nsend\nquit\n"; + + $nsupdate = popen("/usr/bin/nsupdate -k " . KEYNAME, 'w'); + fwrite($nsupdate, $call); + $retval = pclose($nsupdate); // nsupdate doesn't return anything useful when called this way +} -?> diff --git a/tests/org/cacert/gigi/ping/TestDNS.java b/tests/org/cacert/gigi/ping/TestDNS.java index cf154199..76169451 100644 --- a/tests/org/cacert/gigi/ping/TestDNS.java +++ b/tests/org/cacert/gigi/ping/TestDNS.java @@ -3,30 +3,23 @@ package org.cacert.gigi.ping; import static org.junit.Assert.*; import java.io.IOException; -import java.net.HttpURLConnection; -import java.net.MalformedURLException; import java.net.URL; -import java.net.URLConnection; import java.net.URLEncoder; -import java.sql.PreparedStatement; -import java.sql.ResultSet; import java.sql.SQLException; import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.naming.NamingException; -import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.pages.account.DomainOverview; import org.cacert.gigi.testUtils.IOUtils; -import org.cacert.gigi.testUtils.ManagedTest; +import org.cacert.gigi.testUtils.PingTest; import org.cacert.gigi.testUtils.TestEmailReciever.TestMail; import org.cacert.gigi.util.DNSUtil; import org.cacert.gigi.util.RandomToken; -import org.junit.After; import org.junit.Test; -public class TestDNS extends ManagedTest { +public class TestDNS extends PingTest { @Test public void dnsSanity() throws IOException, NamingException { @@ -34,8 +27,8 @@ public class TestDNS extends ManagedTest { String token = RandomToken.generateToken(16); String value = RandomToken.generateToken(16); - String reRead = updateDNS(token, value); - assertEquals(value, reRead); + updateService(token, value, "dns"); + assertEquals(value, readDNS(token)); } @@ -44,11 +37,6 @@ public class TestDNS extends ManagedTest { testEmailAndDNS(0, 0, true, true); } - @After - public void purgeDbAfterTest() throws SQLException, IOException { - purgeDatabase(); - } - @Test public void dnsFail() throws IOException, InterruptedException, SQLException, NamingException { testEmailAndDNS(1, 0, false, true); @@ -70,21 +58,12 @@ public class TestDNS extends ManagedTest { } public void testEmailAndDNS(int dnsVariant, int emailVariant, boolean successDNS, boolean successMail) throws IOException, InterruptedException, SQLException, NamingException { - String email = createUniqueName() + "@example.org"; - createVerifiedUser("a", "b", email, TEST_PASSWORD); - String cookie = login(email, TEST_PASSWORD); String test = getTestProps().getProperty("domain.dnstest"); - URL u = new URL("https://" + getServerName() + DomainOverview.PATH); - URLConnection openConnection = u.openConnection(); - openConnection.setRequestProperty("Cookie", cookie); - String content1 = IOUtils.readURL(openConnection); - String csrf = getCSRF(1, content1); - Pattern p = Pattern.compile("cacert-([A-Za-z0-9]+) IN TXT ([A-Za-z0-9]+)"); - Matcher m = p.matcher(content1); - m.find(); - updateDNS(m.group(1) + (dnsVariant == 1 ? "a" : ""), m.group(2) + (dnsVariant == 2 ? "a" : "")); + URL u = new URL("https://" + getServerName() + DomainOverview.PATH); + Matcher m = initailizeDomainForm(u); + updateService(m.group(1) + (dnsVariant == 1 ? "a" : ""), m.group(2) + (dnsVariant == 2 ? "a" : ""), "dns"); String content = "newdomain=" + URLEncoder.encode(test, "UTF-8") + // "&emailType=y&email=2&DNSType=y" + // @@ -93,17 +72,7 @@ public class TestDNS extends ManagedTest { "&ssl-type-2=direct&ssl-port-2=" + // "&ssl-type-3=direct&ssl-port-3=" + // "&adddomain&csrf=" + csrf; - openConnection = u.openConnection(); - openConnection.setRequestProperty("Cookie", cookie); - openConnection.setDoOutput(true); - openConnection.getOutputStream().write(content.getBytes()); - openConnection.getHeaderField("Location"); - - String newcontent = IOUtils.readURL(cookie(u.openConnection(), cookie)); - Pattern dlink = Pattern.compile(DomainOverview.PATH + "([0-9]+)'>"); - Matcher m1 = dlink.matcher(newcontent); - m1.find(); - URL u2 = new URL(u.toString() + m1.group(1)); + URL u2 = sendDomainForm(u, content); TestMail mail = getMailReciever().recieve(); if (emailVariant == 0) { @@ -111,31 +80,21 @@ public class TestDNS extends ManagedTest { new URL(link).openConnection().getHeaderField(""); } - PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT COUNT(*) FROM domainPinglog"); - while (true) { - ResultSet rs = ps.executeQuery(); - rs.next(); - if (rs.getInt(1) >= 2) { - break; - } - Thread.sleep(200); - } + waitForPings(2); - newcontent = IOUtils.readURL(cookie(u2.openConnection(), cookie)); + String newcontent = IOUtils.readURL(cookie(u2.openConnection(), cookie)); Pattern pat = Pattern.compile("dns\\s*success"); assertTrue(newcontent, !successDNS ^ pat.matcher(newcontent).find()); pat = Pattern.compile("email\\s*success"); assertTrue(newcontent, !successMail ^ pat.matcher(newcontent).find()); } - private String updateDNS(String token, String value) throws IOException, MalformedURLException, NamingException { + private String readDNS(String token) throws NamingException { String test = getTestProps().getProperty("domain.dnstest"); String targetDomain = "cacert-" + token + "." + test; - String manage = getTestProps().getProperty("domain.dnsmanage"); - String url = manage + "t1=" + token + "&t2=" + value; - assertEquals(200, ((HttpURLConnection) new URL(url).openConnection()).getResponseCode()); String[] data = DNSUtil.getTXTEntries(targetDomain, getTestProps().getProperty("domain.testns")); assertEquals(1, data.length); return data[0]; + } } diff --git a/tests/org/cacert/gigi/ping/TestHTTP.java b/tests/org/cacert/gigi/ping/TestHTTP.java new file mode 100644 index 00000000..d6718241 --- /dev/null +++ b/tests/org/cacert/gigi/ping/TestHTTP.java @@ -0,0 +1,86 @@ +package org.cacert.gigi.ping; + +import static org.junit.Assert.*; + +import java.io.IOException; +import java.io.InputStreamReader; +import java.net.URL; +import java.net.URLEncoder; +import java.sql.SQLException; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import javax.naming.NamingException; + +import org.cacert.gigi.pages.account.DomainOverview; +import org.cacert.gigi.testUtils.IOUtils; +import org.cacert.gigi.testUtils.PingTest; +import org.cacert.gigi.testUtils.TestEmailReciever.TestMail; +import org.cacert.gigi.util.RandomToken; +import org.junit.Test; + +public class TestHTTP extends PingTest { + + @Test + public void httpSanity() throws IOException, NamingException { + + String token = RandomToken.generateToken(16); + String value = RandomToken.generateToken(16); + + TestDNS.updateService(token, value, "http"); + assertEquals(value, readHTTP(token)); + + } + + @Test + public void httpAndMailSuccess() throws IOException, InterruptedException, SQLException { + testEmailAndHTTP(0, 0, true, true); + } + + @Test + public void httpFailKeyAndMailSuccess() throws IOException, InterruptedException, SQLException { + testEmailAndHTTP(1, 0, false, true); + } + + @Test + public void httpFailValAndMailFail() throws IOException, InterruptedException, SQLException { + testEmailAndHTTP(2, 1, false, false); + } + + public void testEmailAndHTTP(int httpVariant, int emailVariant, boolean successHTTP, boolean successMail) throws IOException, InterruptedException, SQLException { + + String test = getTestProps().getProperty("domain.http"); + + URL u = new URL("https://" + getServerName() + DomainOverview.PATH); + Matcher m = initailizeDomainForm(u); + updateService(m.group(1) + (httpVariant == 1 ? "a" : ""), m.group(2) + (httpVariant == 2 ? "a" : ""), "http"); + + String content = "newdomain=" + URLEncoder.encode(test, "UTF-8") + // + "&emailType=y&email=2&HTTPType=y" + // + "&ssl-type-0=direct&ssl-port-0=" + // + "&ssl-type-1=direct&ssl-port-1=" + // + "&ssl-type-2=direct&ssl-port-2=" + // + "&ssl-type-3=direct&ssl-port-3=" + // + "&adddomain&csrf=" + csrf; + URL u2 = sendDomainForm(u, content); + + TestMail mail = getMailReciever().recieve(); + if (emailVariant == 0) { + String link = mail.extractLink(); + new URL(link).openConnection().getHeaderField(""); + } + waitForPings(2); + + String newcontent = IOUtils.readURL(cookie(u2.openConnection(), cookie)); + Pattern pat = Pattern.compile("http\\s*success"); + assertTrue(newcontent, !successHTTP ^ pat.matcher(newcontent).find()); + pat = Pattern.compile("email\\s*success"); + assertTrue(newcontent, !successMail ^ pat.matcher(newcontent).find()); + } + + private String readHTTP(String token) throws IOException { + URL u = new URL("http://" + getTestProps().getProperty("domain.http") + "/cacert-" + token + ".txt"); + return IOUtils.readURL(new InputStreamReader(u.openStream())).trim(); + + } +} diff --git a/tests/org/cacert/gigi/testUtils/ClientTest.java b/tests/org/cacert/gigi/testUtils/ClientTest.java new file mode 100644 index 00000000..ab88844f --- /dev/null +++ b/tests/org/cacert/gigi/testUtils/ClientTest.java @@ -0,0 +1,22 @@ +package org.cacert.gigi.testUtils; + +import java.io.IOException; + +public abstract class ClientTest extends ManagedTest { + + protected String email = createUniqueName() + "@example.org"; + + protected int userid = createVerifiedUser("a", "b", email, TEST_PASSWORD); + + protected String cookie; + + protected String csrf; + + public ClientTest() { + try { + cookie = login(email, TEST_PASSWORD); + } catch (IOException e) { + throw new Error(e); + } + } +} diff --git a/tests/org/cacert/gigi/testUtils/PingTest.java b/tests/org/cacert/gigi/testUtils/PingTest.java new file mode 100644 index 00000000..bc844c48 --- /dev/null +++ b/tests/org/cacert/gigi/testUtils/PingTest.java @@ -0,0 +1,78 @@ +package org.cacert.gigi.testUtils; + +import static org.junit.Assert.*; + +import java.io.IOException; +import java.net.HttpURLConnection; +import java.net.MalformedURLException; +import java.net.URL; +import java.net.URLConnection; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.pages.account.DomainOverview; +import org.junit.Before; + +public abstract class PingTest extends ClientTest { + + protected static void updateService(String token, String value, String action) throws IOException, MalformedURLException { + String manage = getTestProps().getProperty("domain.manage"); + String url = manage + "t1=" + token + "&t2=" + value + "&action=" + action; + assertEquals(200, ((HttpURLConnection) new URL(url).openConnection()).getResponseCode()); + } + + protected void waitForPings(int count) throws SQLException, InterruptedException { + PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT COUNT(*) FROM domainPinglog"); + while (true) { + ResultSet rs = ps.executeQuery(); + rs.next(); + if (rs.getInt(1) >= count) { + break; + } + Thread.sleep(200); + } + } + + protected URL sendDomainForm(URL u, String content) throws IOException, MalformedURLException { + URLConnection openConnection = u.openConnection(); + openConnection.setRequestProperty("Cookie", cookie); + openConnection.setDoOutput(true); + openConnection.getOutputStream().write(content.getBytes()); + openConnection.getHeaderField("Location"); + + String newcontent = IOUtils.readURL(cookie(u.openConnection(), cookie)); + Pattern dlink = Pattern.compile(DomainOverview.PATH + "([0-9]+)'>"); + Matcher m1 = dlink.matcher(newcontent); + m1.find(); + URL u2 = new URL(u.toString() + m1.group(1)); + return u2; + } + + protected Matcher initailizeDomainForm(URL u) throws IOException, Error { + URLConnection openConnection = u.openConnection(); + openConnection.setRequestProperty("Cookie", cookie); + String content1 = IOUtils.readURL(openConnection); + csrf = getCSRF(1, content1); + + Pattern p = Pattern.compile("cacert-([A-Za-z0-9]+) IN TXT ([A-Za-z0-9]+)"); + Matcher m = p.matcher(content1); + m.find(); + return m; + } + + private static boolean first = true; + + @Before + public void purgeDbAfterTest() throws SQLException, IOException { + if (first) { + first = false; + return; + } + purgeDatabase(); + } + +}