diff options
author | Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com> | 2014-12-15 13:24:55 +0100 |
---|---|---|
committer | Tor Arne Vestbø <tor.arne.vestbo@theqtcompany.com> | 2015-11-02 11:49:53 +0100 |
commit | cd84a1e53c76c46c44510cf4932a4733c1aa9320 (patch) | |
tree | 5f1266005a858f5e0c433728973fff0b2a05e2b6 | |
parent | 67afb256a6f5073e2ac97848938a7fffe67a6412 (diff) |
Network test server: add an OpenSSL server for testing TSL-PSK
Cherry-picked from sysadmin repo:
1f8cab2c3bcd91335684c95afa95ae71e00a94e4
Change-Id: I8d197e9dfeae66901722c6a421b5a5cf711763bc
Author: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com>
4 files changed, 195 insertions, 0 deletions
diff --git a/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk b/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk new file mode 100755 index 0000000000..5edf5b0f80 --- /dev/null +++ b/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk @@ -0,0 +1,159 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: openssl_server_psk +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: OpenSSL PSK server +# Description: This file should be used to construct scripts to be +# placed in /etc/init.d. +### END INIT INFO + +# Author: Giuseppe D'Angelo <giuseppe.dangelo@kdab.com> +# +# Please remove the "Author" lines above and replace them +# with your own name if you copy and modify this script. + +# Do NOT "set -e" + +# PATH should only include /usr/* if it runs after the mountnfs.sh script +PATH=/sbin:/usr/sbin:/bin:/usr/bin +DESC="A simple OpenSSL based server using PSK" +NAME=openssl_server_psk +DAEMON=/home/qt-test-server/openssl_server_psk.sh +DAEMON_ARGS="" +PIDFILE=/var/run/$NAME.pid +SCRIPTNAME=/etc/init.d/$NAME + +# Exit if the package is not installed +[ -x "$DAEMON" ] || exit 0 + +# Read configuration variable file if it is present +[ -r /etc/default/$NAME ] && . /etc/default/$NAME + +# Load the VERBOSE setting and other rcS variables +. /lib/init/vars.sh + +# Define LSB log_* functions. +# Depend on lsb-base (>= 3.2-14) to ensure that this file is present +# and status_of_proc is working. +. /lib/lsb/init-functions + +# +# Function that starts the daemon/service +# +do_start() +{ + # Return + # 0 if daemon has been started + # 1 if daemon was already running + # 2 if daemon could not be started + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \ + || return 1 + start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \ + $DAEMON_ARGS \ + || return 2 + # Add code here, if necessary, that waits for the process to be ready + # to handle requests from services started subsequently which depend + # on this one. As a last resort, sleep for some time. +} + +# +# Function that stops the daemon/service +# +do_stop() +{ + # Return + # 0 if daemon has been stopped + # 1 if daemon was already stopped + # 2 if daemon could not be stopped + # other if a failure occurred + start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME + RETVAL="$?" + [ "$RETVAL" = 2 ] && return 2 + # Wait for children to finish too if this is a daemon that forks + # and if the daemon is only ever run from this initscript. + # If the above conditions are not satisfied then add some other code + # that waits for the process to drop all resources that could be + # needed by services started subsequently. A last resort is to + # sleep for some time. + start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON + [ "$?" = 2 ] && return 2 + # Many daemons don't delete their pidfiles when they exit. + rm -f $PIDFILE + return "$RETVAL" +} + +# +# Function that sends a SIGHUP to the daemon/service +# +do_reload() { + # + # If the daemon can reload its configuration without + # restarting (for example, when it is sent a SIGHUP), + # then implement that here. + # + start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME + return 0 +} + +case "$1" in + start) + [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME" + do_start + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + stop) + [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME" + do_stop + case "$?" in + 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;; + 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;; + esac + ;; + status) + status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $? + ;; + #reload|force-reload) + # + # If do_reload() is not implemented then leave this commented out + # and leave 'force-reload' as an alias for 'restart'. + # + #log_daemon_msg "Reloading $DESC" "$NAME" + #do_reload + #log_end_msg $? + #;; + restart|force-reload) + # + # If the "reload" option is implemented then remove the + # 'force-reload' alias + # + log_daemon_msg "Restarting $DESC" "$NAME" + do_stop + case "$?" in + 0|1) + do_start + case "$?" in + 0) log_end_msg 0 ;; + 1) log_end_msg 1 ;; # Old process is still running + *) log_end_msg 1 ;; # Failed to start + esac + ;; + *) + # Failed to stop + log_end_msg 1 + ;; + esac + ;; + *) + #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 + echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 + exit 3 + ;; +esac + +: diff --git a/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk.sh b/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk.sh new file mode 100755 index 0000000000..915ef98163 --- /dev/null +++ b/tests/auto/network/support/modules/network_test_server/files/ssl/openssl_server_psk.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +PSK="1a2b3c4d5e6f" +SERVERHINT="QtTestServerHint" + +# openssl s_server will try to read from stdin; if it gets EOF, it will quit +# therefore, we can't simply redirect /dev/null as its stdin, +# but we need a small trick + +tail -f /dev/null 2> /dev/null < /dev/null | openssl s_server -quiet -nocert -psk "$PSK" -psk_hint "$SERVERHINT" > /tmp/logopenssl 2>&1 & diff --git a/tests/auto/network/support/modules/network_test_server/manifests/init.pp b/tests/auto/network/support/modules/network_test_server/manifests/init.pp index c3b87d2607..3d1baec5bb 100644 --- a/tests/auto/network/support/modules/network_test_server/manifests/init.pp +++ b/tests/auto/network/support/modules/network_test_server/manifests/init.pp @@ -15,6 +15,7 @@ class network_test_server { include network_test_server::samba include network_test_server::tmpreaper include network_test_server::sshd + include network_test_server::openssl_server_psk user { 'qt-test-server': ensure => present, diff --git a/tests/auto/network/support/modules/network_test_server/manifests/openssl_server_psk.pp b/tests/auto/network/support/modules/network_test_server/manifests/openssl_server_psk.pp new file mode 100644 index 0000000000..20288660a0 --- /dev/null +++ b/tests/auto/network/support/modules/network_test_server/manifests/openssl_server_psk.pp @@ -0,0 +1,25 @@ +class network_test_server::openssl_server_psk { + + file { + "/etc/init.d/openssl_server_psk": + source => "puppet:///modules/network_test_server/ssl/openssl_server_psk", + mode => 0755, + ensure => present, + ; + "/home/qt-test-server/openssl_server_psk.sh": + source => "puppet:///modules/network_test_server/ssl/openssl_server_psk.sh", + mode => 0755, + ensure => present, + ; + } + + service { + "openssl_server_psk": + enable => true, + ensure => running, + require => File["/home/qt-test-server/openssl_server_psk.sh"] + ; + } + +} + |