diff options
Diffstat (limited to 'tests/testserver')
37 files changed, 1009 insertions, 0 deletions
diff --git a/tests/testserver/apache2/apache2.sh b/tests/testserver/apache2/apache2.sh new file mode 100755 index 0000000000..4b0c74e2c4 --- /dev/null +++ b/tests/testserver/apache2/apache2.sh @@ -0,0 +1,77 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package apache2 + +# add users +useradd httptest; echo "httptest:httptest" | chpasswd + +# enable apache2 module +/usr/sbin/a2enmod ssl dav_fs headers deflate auth_digest cgi + +# enable apache2 config +cp $TESTDATA/{main,security,ssl,dav}.conf /etc/apache2/conf-available/ +/usr/sbin/a2enconf main security ssl dav + +# install configurations and test data +cp $TESTDATA/deflate.conf /etc/apache2/mods-available/ +mkdir -p -m 1777 /home/writeables/dav # dav.conf +a2dissite '*' # disable all of the default apache2 sites + +# Populate the web-site: +su $USER -c "cp -r $TESTDATA/www ~/www" + +# tst_QNetworkReply::getFromHttp(success-internal) +su $USER -c "cp rfc3252.txt ~/www/htdocs/"; rm rfc3252.txt + +# tst_QNetworkReply::synchronousRequest_data() +su $USER -c "mkdir -p ~/www/htdocs/deflate/" +su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/deflate/" + +# tst_QNetworkReply::headFromHttp(with-authentication) +su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/rfcs-auth/" + +# Duplicate rfc3252.txt 20 times for bigfile tests: +su $USER -c "seq 20 | xargs -i cat ~/www/htdocs/rfc3252.txt >> ~/www/htdocs/bigfile" + +# tst_QNetworkReply::postToHttp(empty) +su $USER -c "ln -s ~/www/htdocs/protected/cgi-bin/md5sum.cgi ~/www/cgi-bin/" + +# tst_QNetworkReply::lastModifiedHeaderForHttp() expects this time-stamp: +touch -d "2007-05-22 12:04:57 GMT" /home/$USER/www/htdocs/fluke.gif + +# Create 10MB file for use by tst_Q*::downloadBigFile and interruption tests: +su $USER -c "/bin/dd if=/dev/zero of=~/www/htdocs/mediumfile bs=1 count=0 seek=10000000" + +# enable service with installed configurations +service apache2 restart diff --git a/tests/testserver/apache2/testdata/dav.conf b/tests/testserver/apache2/testdata/dav.conf new file mode 100644 index 0000000000..c207c2734b --- /dev/null +++ b/tests/testserver/apache2/testdata/dav.conf @@ -0,0 +1,7 @@ +Alias /dav /home/writeables/dav +<Location /dav> + DAV On + order allow,deny + allow from all + Require all granted +</Location> diff --git a/tests/testserver/apache2/testdata/deflate.conf b/tests/testserver/apache2/testdata/deflate.conf new file mode 100644 index 0000000000..6a15701d49 --- /dev/null +++ b/tests/testserver/apache2/testdata/deflate.conf @@ -0,0 +1,5 @@ +# The default configuration will turn on DEFLATE for files served up +# from everywhere. +# +# For testing purposes, we want DEFLATE off by default, and on only for +# specific paths (which is set elsewhere). diff --git a/tests/testserver/apache2/testdata/main.conf b/tests/testserver/apache2/testdata/main.conf new file mode 100644 index 0000000000..f3b13bb571 --- /dev/null +++ b/tests/testserver/apache2/testdata/main.conf @@ -0,0 +1,56 @@ +ServerName apache2.test-net.qt.local:80 + +NameVirtualHost *:443 + +<VirtualHost *:80> +</VirtualHost> + +<VirtualHost *:443> +SSLEngine On +CustomLog /var/log/apache2/ssl_access.log combined +ErrorLog /var/log/apache2/ssl_error.log +</VirtualHost> + +# default ubuntu config turns off SSLv2 because it is deprecated. +# Turn it back on so we can test it. +SSLProtocol all + +DocumentRoot /home/qt-test-server/www/htdocs +ScriptAlias /qtest/cgi-bin/ "/home/qt-test-server/www/cgi-bin/" +ScriptAlias /qtest/protected/cgi-bin/ "/home/qt-test-server/www/htdocs/protected/cgi-bin/" +Alias /qtest "/home/qt-test-server/www/htdocs/" + +<Directory "/home/qt-test-server/www/htdocs"> + Require all granted +</Directory> + +<Directory "/home/qt-test-server/www/htdocs/rfcs-auth"> + AuthType Basic + AuthName "Restricted Files" + AuthUserFile /home/qt-test-server/passwords + Require user httptest +</Directory> + +<Directory "/home/qt-test-server/www/htdocs/auth-digest"> + AuthType Digest + AuthName "Digest testing" + AuthDigestProvider file + AuthUserFile /home/qt-test-server/www/htdocs/digest-authfile + Require user httptest +</Directory> + +<Directory "/home/qt-test-server/www/htdocs/deflate"> + AddOutputFilterByType DEFLATE text/html text/plain text/xml + Header append Vary User-Agent env=!dont-vary +</Directory> + +<Directory "/home/qt-test-server/www/cgi-bin"> + Options +ExecCGI -Includes + AddHandler cgi-script .cgi .pl + Require all granted +</Directory> + + +<Directory "/home/qt-test-server/www/htdocs/protected/"> + AllowOverride AuthConfig Options +</Directory> diff --git a/tests/testserver/apache2/testdata/security.conf b/tests/testserver/apache2/testdata/security.conf new file mode 100644 index 0000000000..30a8ee3765 --- /dev/null +++ b/tests/testserver/apache2/testdata/security.conf @@ -0,0 +1,51 @@ +# +# Disable access to the entire file system except for the directories that +# are explicitly allowed later. +# +# This currently breaks the configurations that come with some web application +# Debian packages. It will be made the default for the release after lenny. +# +#<Directory /> +# AllowOverride None +# Order Deny,Allow +# Deny from all +#</Directory> + + +# Changing the following options will not really affect the security of the +# server, but might make attacks slightly more difficult in some cases. + +# +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minimal | Minor | Major | Prod +# where Full conveys the most information, and Prod the least. +# +#ServerTokens Minimal +ServerTokens OS +#ServerTokens Full + +# +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +# +#ServerSignature Off +ServerSignature On + +# +# Allow TRACE method +# +# Set to "extended" to also reflect the request body (only for testing and +# diagnostic purposes). +# +# Set to one of: On | Off | extended +# +#TraceEnable Off +TraceEnable On + diff --git a/tests/testserver/apache2/testdata/ssl.conf b/tests/testserver/apache2/testdata/ssl.conf new file mode 100644 index 0000000000..d6bbaf0da0 --- /dev/null +++ b/tests/testserver/apache2/testdata/ssl.conf @@ -0,0 +1,2 @@ +SSLCertificateFile /home/qt-test-server/ssl-certs/qt-test-server-cert.pem +SSLCertificateKeyFile /home/qt-test-server/ssl-certs/private/qt-test-server-key.pem diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi new file mode 100755 index 0000000000..16315a3db6 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi @@ -0,0 +1,11 @@ +#!/usr/bin/perl + +if ($ENV{'REQUEST_METHOD'} eq "GET") { + $request = $ENV{'QUERY_STRING'}; +} elsif ($ENV{'REQUEST_METHOD'} eq "POST") { + read(STDIN, $request, $ENV{'CONTENT_LENGTH'}) || die "Could not get query\n"; +} + +print "Content-type: text/plain\n\n"; +print $request; + diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/get-cookie.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/get-cookie.cgi new file mode 100755 index 0000000000..59f40ac78b --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/get-cookie.cgi @@ -0,0 +1,5 @@ +#!/bin/sh + +echo "Content-Type: text/plain" +echo +echo "$HTTP_COOKIE" diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/http-delete.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/http-delete.cgi new file mode 100755 index 0000000000..18000c9f4c --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/http-delete.cgi @@ -0,0 +1,22 @@ +#!/usr/bin/perl + +use CGI; + +if ($ENV{'REQUEST_METHOD'} eq "DELETE") { + $queryString = $ENV{'QUERY_STRING'}; + if ($queryString eq "200-ok") { + $returnCode = 200; + } elsif ($queryString eq "202-accepted") { + $returnCode = 202; + } elsif ($queryString eq "204-no-content") { + $returnCode = 204; + } else { + $returnCode = 404; + } +} else { + # 405 = Method Not Allowed + $returnCode = 405; +} + +$q = new CGI; +print $q->header(-status=>$returnCode); diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/http-unknown-authentication-method.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/http-unknown-authentication-method.cgi new file mode 100755 index 0000000000..ce47e8384c --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/http-unknown-authentication-method.cgi @@ -0,0 +1,17 @@ +#!/usr/bin/perl + +use CGI; + +$queryString = $ENV{'QUERY_STRING'}; +my $message; +if ($queryString eq "407-proxy-authorization-required") { + $status = 407; +} else { + $status = 401; +} + +$q = new CGI; +print $q->header(-status=>$status, + -type=>"text/plain", + -WWW_Authenticate=>'WSSE realm="Test", profile="TestProfile"'), + "authorization required"; diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires500.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires500.cgi new file mode 100755 index 0000000000..66a3741641 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/httpcachetest_expires500.cgi @@ -0,0 +1,12 @@ +#!/bin/bash +if [ "${HTTP_IF_MODIFIED_SINCE}" ] +then + echo "Status: 500" + echo "" + exit; +fi + +echo "Expires: Mon, 30 Oct 2028 14:19:41 GMT" +echo "Content-type: text/html"; +echo "" +echo "Hello World!" diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/multipart.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/multipart.cgi new file mode 100755 index 0000000000..6973875cc9 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/multipart.cgi @@ -0,0 +1,42 @@ +#!/usr/bin/perl + +use CGI; +use Digest::MD5 qw(md5_hex); + +$q = new CGI; +print $q->header(); + +$contentType = $ENV{"CONTENT_TYPE"}; +print "content type: $contentType\n"; + +if ($contentType =~ /^multipart\/form-data/) { + foreach my $key ($q->param) { + foreach my $value ($q->param($key)) { + if ($key =~ /text/) { + $retValue = $value; + } else { + $retValue = md5_hex($value); + } + print "key: $key, value: $retValue\n"; + } + } +} else { + #$contentLength = $ENV{"CONTENT_LENGTH"}; + #print "content length: $contentLength\r\n"; + + $data = $q->param('POSTDATA'); + $data =~ s/--\S*--$//; # remove ending boundary + @parts = split(/--\S*\r\n/, $data); + shift(@parts); + foreach (@parts) { + #print "raw: $_"; + ($header, $content) = split("\r\n\r\n"); + @headerFields = split("\r\n", $header); + foreach (@headerFields) { + ($fieldName, $value) = split(": "); + print "header: $fieldName, value: '$value'\n"; + } + $content =~ s/\r\n//; + print "content: $content\n\n"; + } +} diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/set-cookie.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/set-cookie.cgi new file mode 100755 index 0000000000..dc463f00f3 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/cgi-bin/set-cookie.cgi @@ -0,0 +1,9 @@ +#!/bin/sh + +echo "Content-type: text/plain" +while read line; do + echo "Set-Cookie: $line" +done + +echo +echo "Success" diff --git a/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html b/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html new file mode 100644 index 0000000000..fa96496aa0 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html @@ -0,0 +1 @@ +digest authentication successful diff --git a/tests/testserver/apache2/testdata/www/htdocs/digest-authfile b/tests/testserver/apache2/testdata/www/htdocs/digest-authfile new file mode 100644 index 0000000000..99963901ce --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/digest-authfile @@ -0,0 +1 @@ +httptest:Digest testing:5f68f4bc3cd2873a3d547558fe7d9782 diff --git a/tests/testserver/apache2/testdata/www/htdocs/fluke.gif b/tests/testserver/apache2/testdata/www/htdocs/fluke.gif Binary files differnew file mode 100644 index 0000000000..6060cbd4d7 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/fluke.gif diff --git a/tests/testserver/apache2/testdata/www/htdocs/index.html b/tests/testserver/apache2/testdata/www/htdocs/index.html new file mode 100644 index 0000000000..abc1df188d --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/index.html @@ -0,0 +1,3 @@ +<h1>Welcome to qt-test-server</h1> +<img src="fluke.gif" alt="fluke"> +<p>This is a network test server. It serves as a caching ftp and http proxy, transparent http/socks5 proxy, imap, ftp and http server, and more.</p> diff --git a/tests/testserver/apache2/testdata/www/htdocs/protected/.htaccess b/tests/testserver/apache2/testdata/www/htdocs/protected/.htaccess new file mode 100644 index 0000000000..c465494167 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/protected/.htaccess @@ -0,0 +1,5 @@ +Require valid-user +AuthUserFile /home/qt-test-server/passwords +AuthType basic +AuthName "password-protected area" +Options Indexes diff --git a/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi b/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi new file mode 100755 index 0000000000..e580462b85 --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi @@ -0,0 +1,6 @@ +#!/bin/sh + +echo "Content-type: text/plain"; +echo "Content-length: 33" +echo +md5sum | cut -f 1 -d " " diff --git a/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html b/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html new file mode 100644 index 0000000000..472e6ce55d --- /dev/null +++ b/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html @@ -0,0 +1 @@ +you found the secret diff --git a/tests/testserver/common/ssl.sh b/tests/testserver/common/ssl.sh new file mode 100755 index 0000000000..8a4728ad4d --- /dev/null +++ b/tests/testserver/common/ssl.sh @@ -0,0 +1,39 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package ssl + +# install ssl_certs and test data +su $USER -c "mkdir -p -m 700 ~/ssl-certs/private" +su $USER -c "cp $CONFIG/ssl/qt-test-server-cert.pem ~/ssl-certs/" +su $USER -c "cp $CONFIG/ssl/private/qt-test-server-key.pem ~/ssl-certs/private/" diff --git a/tests/testserver/common/startup.sh b/tests/testserver/common/startup.sh new file mode 100755 index 0000000000..84d4003f86 --- /dev/null +++ b/tests/testserver/common/startup.sh @@ -0,0 +1,57 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# export variables +export USER=qt-test-server +export PASS=password +export CONFIG=common/testdata +export TESTDATA=service/testdata + +# add users +useradd -m -s /bin/bash $USER; echo "$USER:$PASS" | chpasswd + +# install configurations and test data +su $USER -c "cp $CONFIG/system/passwords ~/" + +# modules initialization (apache2.sh, ftp-proxy.sh ...) +for RUN_CMD +do $RUN_CMD +done + +# start multicast DNS service discovery (mDNS) +sed -i "s,#domain-name=local,domain-name=test-net.qt.local," /etc/avahi/avahi-daemon.conf +service dbus restart +service avahi-daemon restart + +# keep-alive in docker detach mode +sleep infinity diff --git a/tests/testserver/common/testdata/ssl/private/qt-test-server-key.pem b/tests/testserver/common/testdata/ssl/private/qt-test-server-key.pem new file mode 100644 index 0000000000..8b7ce5811a --- /dev/null +++ b/tests/testserver/common/testdata/ssl/private/qt-test-server-key.pem @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXgIBAAKBgQDNqttv1jTJp/HAvuRBGBniAski5qfVugMunih69F8ad193qRE7 +j37wLsae6zrZEtfBDFHoJFI/I8NCDBHG8hyhQv60wmmDrfdwsRgVzCAoYjDwLBXm +Mxmvw+scwJH3EWiUUPhJNwgy1z5136O8aQAV3s2HD1wCa4LIAX1q8B3ccwIDAQAB +AoGAGiDou+6UykHB3uDhkruDHkmIUBzJmceF+/gv4F8Hbg9YW5VpEQ4L7Guk5C+y +TD2ul2H/TeS/ZjIe7lcmMwYzSLcyeKfaiaV1EhPGjIdvB4ysTN79pfWXQtlpt/Z9 +I/EOoW9XosJ/EOFdpgV0MC9QMTQKMyS0qQLwhBsoAW4DcEECQQDmrWEPNprbEDIH +Sm+KlMH6rdybIvzR3IPlYE6kMjQIWbUmGNxSUT7B/UDh2QeaTT54Rb1Ygnq7gVjC +RHU3wnGxAkEA5D6jI/E/xtQSq0KKVpbOxN1dIo0MVPbO/hI7/pO2DdZIM0O4GL55 +ks83O5ZDTfrVy2Ys/9lqbbq+5FSs+NZ1YwJBANzAXRsO+YDcbdP2Uun+0+fOjEhW +YjV/XyWaVYfil1LKboXn0qhgIbvJXVcEt7bdZwP4UWwracKY1NUMaFSVGvECQQC/ +L3iX8szpT1sT+XjHbytj28jX2C4sPVDFoaB/bltg280+o8rhbyuGvewWDZfzCdlr +tvqalROBNpwPxp3dEkbhAkEAl7N7/7hWbw7Xv69ww7i0jcPduukbtbEY1DTmARhR +rOF5AiztOAe+R94iLzkj63ZU0LcoSAixehp2tdkdtTI4CQ== +-----END RSA PRIVATE KEY----- diff --git a/tests/testserver/common/testdata/ssl/qt-test-server-cert.pem b/tests/testserver/common/testdata/ssl/qt-test-server-cert.pem new file mode 100644 index 0000000000..43c8794ce2 --- /dev/null +++ b/tests/testserver/common/testdata/ssl/qt-test-server-cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIIClTCCAf4CCQC2xMhNhwvATDANBgkqhkiG9w0BAQQFADCBjjELMAkGA1UEChMC +UXQxGTAXBgNVBAsTEENvcmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5v +Ym9keS5xdC5pbzENMAsGA1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UE +BhMCTk8xHDAaBgNVBAMUEyoudGVzdC1uZXQucXQubG9jYWwwHhcNMTgwNzAxMTgz +NjI3WhcNNDgwNjIzMTgzNjI3WjCBjjELMAkGA1UEChMCUXQxGTAXBgNVBAsTEENv +cmUgQW5kIE5ldHdvcmsxGzAZBgkqhkiG9w0BCQEWDG5vYm9keS5xdC5pbzENMAsG +A1UEBxMET3NsbzENMAsGA1UECBMET3NsbzELMAkGA1UEBhMCTk8xHDAaBgNVBAMU +EyoudGVzdC1uZXQucXQubG9jYWwwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +AM2q22/WNMmn8cC+5EEYGeICySLmp9W6Ay6eKHr0Xxp3X3epETuPfvAuxp7rOtkS +18EMUegkUj8jw0IMEcbyHKFC/rTCaYOt93CxGBXMIChiMPAsFeYzGa/D6xzAkfcR +aJRQ+Ek3CDLXPnXfo7xpABXezYcPXAJrgsgBfWrwHdxzAgMBAAEwDQYJKoZIhvcN +AQEEBQADgYEAZu/lQPy8PXeyyYGamOVms/FZKJ48BH1y8KC3BeBU5FYnhvgG7pz8 +Wz9JKvt2t/r45wQeAkNL6HnGUBhPJsHMjPHl5KktqN+db3D+FQygBeS2V1+zmC0X +UZNRE4aWiHvt1Lq+pTx89SOMOpfqWfh4qTQKiE5jC2V4DeCNQ3u7uI8= +-----END CERTIFICATE----- diff --git a/tests/testserver/common/testdata/system/passwords b/tests/testserver/common/testdata/system/passwords new file mode 100644 index 0000000000..4e911b3f0e --- /dev/null +++ b/tests/testserver/common/testdata/system/passwords @@ -0,0 +1,12 @@ +# user: foo; passwd: bar +foo:bab.5ZXQdbvEo + +# user: qsockstest; passwd: qsockstest +#qsockstest:S7oOqMpoG6aTk + +# user: qsockstest; passwd: password +qsockstest:Cd3Lv2aD0aiBs + +#user httptest password httptest +httptest:v2fwkDMgrRjRA +# added by mgoetz for tst_qnetworkreply ioPostToHttpFromSocket diff --git a/tests/testserver/danted/danted.sh b/tests/testserver/danted/danted.sh new file mode 100755 index 0000000000..bf3d154f33 --- /dev/null +++ b/tests/testserver/danted/danted.sh @@ -0,0 +1,44 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package dante-server + +# add users +useradd -d /dev/null -s /bin/false qsockstest; echo "qsockstest:$PASS" | chpasswd + +# install configurations and test data +cp $TESTDATA/danted{,-authenticating}.conf /etc/ + +# enable service with installed configurations +service danted start +service danted-authenticating start diff --git a/tests/testserver/danted/testdata/danted-authenticating.conf b/tests/testserver/danted/testdata/danted-authenticating.conf new file mode 100644 index 0000000000..ccb4acc801 --- /dev/null +++ b/tests/testserver/danted/testdata/danted-authenticating.conf @@ -0,0 +1,19 @@ +# A sample danted-authenticating.conf +# See: https://www.inet.no/dante/doc/1.4.x/config/ +logoutput: /var/log/sockd-authenticating.log +internal: eth0 port = 1081 +external: eth0 +method: username +user.privileged: root +user.notprivileged: nobody +user.libwrap: nobody + +client pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 + log: error connect disconnect +} + +pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 + log: error connect disconnect +} diff --git a/tests/testserver/danted/testdata/danted.conf b/tests/testserver/danted/testdata/danted.conf new file mode 100644 index 0000000000..bd0e6a8343 --- /dev/null +++ b/tests/testserver/danted/testdata/danted.conf @@ -0,0 +1,19 @@ +# A sample danted.conf +# See: https://www.inet.no/dante/doc/1.4.x/config/ +logoutput: /var/log/sockd.log +internal: eth0 port = 1080 +external: eth0 +method: username none +user.privileged: proxy +user.notprivileged: nobody +user.libwrap: nobody + +client pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 + log: error connect disconnect +} + +pass { + from: 0.0.0.0/0 to: 0.0.0.0/0 + log: error connect disconnect +} diff --git a/tests/testserver/docker-compose.yml b/tests/testserver/docker-compose.yml new file mode 100644 index 0000000000..a151d6bfb0 --- /dev/null +++ b/tests/testserver/docker-compose.yml @@ -0,0 +1,83 @@ +version: '3.4' + +# The tag of images is used by docker compose file to launch the corresponding +# docker containers. The value of tag comes from the provisioning script +# (coin/provisioning/.../testserver/docker_testserver.sh). The script gets SHA-1 +# of each server context as the tag of docker images. If one of the server +# contexts gets changes, please make sure to update this compose file as well. +# You can run command 'docker images' to list all the tag of test server images. +# For example: +# REPOSITORY TAG IMAGE ID +# qt-test-server-apache2 e2a70c8b169c204e762b375885bd3a26cc40ba48 2ad5c8720317 + +services: + apache2: + image: qt-test-server-apache2:cc9ea678b92bdda33acb9fa0159bb4ad0f3cd947 + container_name: qt-test-server-apache2 + domainname: test-net.qt.local + hostname: apache2 + volumes: + - ./common:/common:ro + - ./apache2:/service:ro + entrypoint: common/startup.sh + command: [common/ssl.sh, service/apache2.sh] + + squid: + image: qt-test-server-squid:577d99307eea9a8cccfec944d25be2bce2fe99cc + container_name: qt-test-server-squid + domainname: test-net.qt.local + hostname: squid + depends_on: + - apache2 + external_links: + - apache2:apache2.test-net.qt.local + volumes: + - ./common:/common:ro + - ./squid:/service:ro + entrypoint: common/startup.sh + command: service/squid.sh + + vsftpd: + image: qt-test-server-vsftpd:18896604c7e90b543e56d80c8a8aabdb65a590d0 + container_name: qt-test-server-vsftpd + domainname: test-net.qt.local + hostname: vsftpd + volumes: + - ./common:/common:ro + - ./vsftpd:/service:ro + entrypoint: common/startup.sh + command: service/vsftpd.sh + + ftp-proxy: + image: qt-test-server-ftp-proxy:2c6c8f1ab6a364b540c43d705fb6f15a585cb2af + container_name: qt-test-server-ftp-proxy + domainname: test-net.qt.local + hostname: ftp-proxy + depends_on: + - vsftpd + external_links: + - vsftpd:vsftpd.test-net.qt.local + volumes: + - ./common:/common:ro + - ./ftp-proxy:/service:ro + entrypoint: common/startup.sh + command: service/ftp-proxy.sh + + danted: + image: qt-test-server-danted:327dd56c3c35db85b26fac93213a5a1918475bc7 + container_name: qt-test-server-danted + domainname: test-net.qt.local + hostname: danted + depends_on: + - apache2 + - vsftpd + - ftp-proxy + external_links: + - apache2:apache2.test-net.qt.local + - vsftpd:vsftpd.test-net.qt.local + - ftp-proxy:ftp-proxy.test-net.qt.local + volumes: + - ./common:/common:ro + - ./danted:/service:ro + entrypoint: common/startup.sh + command: service/danted.sh diff --git a/tests/testserver/ftp-proxy/ftp-proxy.sh b/tests/testserver/ftp-proxy/ftp-proxy.sh new file mode 100755 index 0000000000..087a7b7bcc --- /dev/null +++ b/tests/testserver/ftp-proxy/ftp-proxy.sh @@ -0,0 +1,40 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package ftp-proxy + +# install configurations and test data +sed -i 's/# AllowMagicUser\tno/AllowMagicUser\tyes/' /etc/proxy-suite/ftp-proxy.conf + +# enable service with installed configurations +ftp-proxy -d diff --git a/tests/testserver/squid/squid.sh b/tests/testserver/squid/squid.sh new file mode 100755 index 0000000000..8e413f2f14 --- /dev/null +++ b/tests/testserver/squid/squid.sh @@ -0,0 +1,46 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package squid + +# install configurations and test data +cp $TESTDATA/squid{,-authenticating-ntlm}.conf /etc/squid/ +sed -e 's,NAME=squid,NAME=squid-authenticating-ntlm,' \ + -e 's,CONFIG=/etc/squid/squid.conf,CONFIG=/etc/squid/squid-authenticating-ntlm.conf,' \ + -e 's,SQUID_ARGS="-YC -f $CONFIG",SQUID_ARGS="-D -YC -f $CONFIG",' \ + /etc/init.d/squid >/etc/init.d/squid-authenticating-ntlm +chmod +x /etc/init.d/squid-authenticating-ntlm + +# enable service with installed configurations +service squid start +service squid-authenticating-ntlm start diff --git a/tests/testserver/squid/testdata/squid-authenticating-ntlm.conf b/tests/testserver/squid/testdata/squid-authenticating-ntlm.conf new file mode 100644 index 0000000000..55a74498e9 --- /dev/null +++ b/tests/testserver/squid/testdata/squid-authenticating-ntlm.conf @@ -0,0 +1,41 @@ +pid_filename /var/run/squid-authenticating-ntlm.pid +access_log /var/log/squid/access-authenticating-ntlm.log +cache_log /var/log/squid/cache-authenticating-ntlm.log +cache_store_log /var/log/squid/store-authenticating-ntlm.log +http_port 3130 +hierarchy_stoplist cgi-bin ? +acl QUERY urlpath_regex cgi-bin \? +no_cache deny QUERY +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern . 0 20% 4320 +acl port3130 myport 3130 +acl manager proto cache_object +acl localhost src 127.0.0.1/255.255.255.255 +acl to_localhost dst 127.0.0.0/8 +acl SSL_ports port 443 563 +acl Safe_ports port 80 # http +acl Safe_ports port 21 # ftp +acl Safe_ports port 443 563 # https, snews +acl Safe_ports port 70 # gopher +acl Safe_ports port 210 # wais +acl Safe_ports port 1025-65535 # unregistered ports +acl Safe_ports port 280 # http-mgmt +acl Safe_ports port 488 # gss-http +acl Safe_ports port 591 # filemaker +acl Safe_ports port 777 # multiling http +acl CONNECT method CONNECT +http_access allow manager localhost +http_access deny manager +http_access allow localhost + + +# port 3130: ntlm auth +auth_param ntlm program /usr/lib/squid/ntlm_smb_lm_auth --debuglevel=5 --logfile=/var/log/ntlm --log-basename=/var/log/ntlm --helper-protocol=squid-2.5-ntlmssp +auth_param ntlm children 2 +acl ntlm_users proxy_auth REQUIRED +http_access allow port3130 ntlm_users +http_reply_access allow port3130 ntlm_users + +icp_access allow all +coredump_dir /var/cache/squid diff --git a/tests/testserver/squid/testdata/squid.conf b/tests/testserver/squid/testdata/squid.conf new file mode 100644 index 0000000000..da1b13af8c --- /dev/null +++ b/tests/testserver/squid/testdata/squid.conf @@ -0,0 +1,46 @@ +http_port 3128 +http_port 3129 +hierarchy_stoplist cgi-bin ? +acl QUERY urlpath_regex cgi-bin \? +no_cache deny QUERY +refresh_pattern ^ftp: 1440 20% 10080 +refresh_pattern ^gopher: 1440 0% 1440 +refresh_pattern . 0 20% 4320 +acl port3128 myport 3128 +acl port3129 myport 3129 +acl manager proto cache_object +acl localhost src 127.0.0.1/255.255.255.255 +acl to_localhost dst 127.0.0.0/8 +acl SSL_ports port 443 563 +acl Safe_ports port 80 # http +acl Safe_ports port 21 # ftp +acl Safe_ports port 443 563 # https, snews +acl Safe_ports port 70 # gopher +acl Safe_ports port 210 # wais +acl Safe_ports port 1025-65535 # unregistered ports +acl Safe_ports port 280 # http-mgmt +acl Safe_ports port 488 # gss-http +acl Safe_ports port 591 # filemaker +acl Safe_ports port 777 # multiling http +acl CONNECT method CONNECT +http_access allow manager localhost +http_access deny manager +http_access allow localhost + + +# port 3128: no auth required +http_access allow port3128 +http_reply_access allow port3128 + +# port 3129: basic auth +auth_param basic program /usr/lib/squid/basic_ncsa_auth /home/qt-test-server/passwords +auth_param basic children 5 +auth_param basic realm Squid proxy-caching web server +auth_param basic credentialsttl 2 hours +auth_param basic casesensitive off +acl ncsa_users proxy_auth REQUIRED +http_access allow port3129 ncsa_users +http_reply_access allow port3129 ncsa_users + +icp_access allow all +coredump_dir /var/cache/squid diff --git a/tests/testserver/vsftpd/testdata/ftp/pub/file-not-readable.txt b/tests/testserver/vsftpd/testdata/ftp/pub/file-not-readable.txt new file mode 100644 index 0000000000..235fa4d28b --- /dev/null +++ b/tests/testserver/vsftpd/testdata/ftp/pub/file-not-readable.txt @@ -0,0 +1 @@ +If you can read this, you are too close. diff --git a/tests/testserver/vsftpd/testdata/vsftpd.conf b/tests/testserver/vsftpd/testdata/vsftpd.conf new file mode 100644 index 0000000000..6bdb186c9f --- /dev/null +++ b/tests/testserver/vsftpd/testdata/vsftpd.conf @@ -0,0 +1,112 @@ +# Allow anonymous FTP? (Beware - allowed by default if you comment this out). +anonymous_enable=YES +# +# Uncomment this to allow local users to log in. +local_enable=YES +# +# Uncomment this to enable any form of FTP write command. +write_enable=YES +# +# Default umask for local users is 077. You may wish to change this to 022, +# if your users expect that (022 is used by most other ftpd's) +local_umask=022 +# +# Uncomment this to allow the anonymous FTP user to upload files. This only +# has an effect if the above global write enable is activated. Also, you will +# obviously need to create a directory writable by the FTP user. +anon_upload_enable=YES +anon_umask=022 +# +# Uncomment this if you want the anonymous FTP user to be able to create +# new directories. +anon_mkdir_write_enable=YES +anon_other_write_enable=YES +anon_world_readable_only=YES +# +# Activate directory messages - messages given to remote users when they +# go into a certain directory. +dirmessage_enable=YES +# +# Activate logging of uploads/downloads. +xferlog_enable=YES +# +# Make sure PORT transfer connections originate from port 20 (ftp-data). +connect_from_port_20=YES +# +# If you want, you can arrange for uploaded anonymous files to be owned by +# a different user. Note! Using "root" for uploaded files is not +# recommended! +#chown_uploads=YES +#chown_username=ftp +#chown_groupname=ftp +# +# You may override where the log file goes if you like. The default is shown +# below. +#xferlog_file=/var/log/vsftpd.log +# +# If you want, you can have your log file in standard ftpd xferlog format +xferlog_std_format=YES +# +# You may change the default value for timing out an idle session. +#idle_session_timeout=600 +# +# You may change the default value for timing out a data connection. +#data_connection_timeout=120 +# +# It is recommended that you define on your system a unique user which the +# ftp server can use as a totally isolated and unprivileged user. +#nopriv_user=ftpsecure +# +# Enable this and the server will recognize asynchronous ABOR requests. Not +# recommended for security (the code is non-trivial). Not enabling it, +# however, may confuse older FTP clients. +#async_abor_enable=YES +# +# By default the server will pretend to allow ASCII mode but in fact ignore +# the request. Turn on the below options to have the server actually do ASCII +# mangling on files when in ASCII mode. +# Beware that on some FTP servers, ASCII support allows a denial of service +# attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd +# predicted this attack and has always been safe, reporting the size of the +# raw file. +# ASCII mangling is a horrible feature of the protocol. +ascii_upload_enable=YES +ascii_download_enable=YES +# +# You may fully customize the login banner string: +#ftpd_banner=Welcome to blah FTP service. +# +# You may specify a file of disallowed anonymous e-mail addresses. Apparently +# useful for combatting certain DoS attacks. +#deny_email_enable=YES +# (default follows) +#banned_email_file=/etc/vsftpd/banned_emails +# +# You may specify an explicit list of local users to chroot() to their home +# directory. If chroot_local_user is YES, then this list becomes a list of +# users to NOT chroot(). +#chroot_list_enable=YES +# (default follows) +#chroot_list_file=/etc/vsftpd/chroot_list +# +# You may activate the "-R" option to the builtin ls. This is disabled by +# default to avoid remote users being able to cause excessive I/O on large +# sites. However, some broken FTP clients such as "ncftp" and "mirror" assume +# the presence of the "-R" option, so there is a strong case for enabling it. +ls_recurse_enable=YES + +pam_service_name=vsftpd +userlist_enable=YES +#enable for standalone mode +listen=YES +tcp_wrappers=YES + +# Enabling SFTP +#ssl_enable=YES +#allow_anon_ssl=YES +#force_local_data_ssl=NO +#force_local_logins_ssl=NO +#ssl_tlsv1=YES +#ssl_sslv2=NO +#ssl_sslv3=NO +#rsa_cert_file=/etc/vsftpd/vsftpd.pem diff --git a/tests/testserver/vsftpd/testdata/vsftpd.user_list b/tests/testserver/vsftpd/testdata/vsftpd.user_list new file mode 100644 index 0000000000..d283e3d260 --- /dev/null +++ b/tests/testserver/vsftpd/testdata/vsftpd.user_list @@ -0,0 +1,20 @@ +# vsftpd userlist +# If userlist_deny=NO, only allow users in this file +# If userlist_deny=YES (default), never allow users in this file, and +# do not even prompt for a password. +# Note that the default vsftpd pam config also checks /etc/vsftpd.ftpusers +# for users that are denied. +root +bin +daemon +adm +lp +sync +shutdown +halt +mail +news +uucp +operator +games +nobody diff --git a/tests/testserver/vsftpd/vsftpd.sh b/tests/testserver/vsftpd/vsftpd.sh new file mode 100755 index 0000000000..1ba1a8c347 --- /dev/null +++ b/tests/testserver/vsftpd/vsftpd.sh @@ -0,0 +1,66 @@ +#!/usr/bin/env bash + +############################################################################# +## +## Copyright (C) 2018 The Qt Company Ltd. +## Contact: https://www.qt.io/licensing/ +## +## This file is part of the test suite of the Qt Toolkit. +## +## $QT_BEGIN_LICENSE:GPL$ +## Commercial License Usage +## Licensees holding valid commercial Qt licenses may use this file in +## accordance with the commercial license agreement provided with the +## Software or, alternatively, in accordance with the terms contained in +## a written agreement between you and The Qt Company. For licensing terms +## and conditions see https://www.qt.io/terms-conditions. For further +## information use the contact form at https://www.qt.io/contact-us. +## +## GNU General Public License Usage +## Alternatively, this file may be used under the terms of the GNU +## General Public License version 3 or (at your option) any later version +## approved by the KDE Free Qt Foundation. The licenses are as published by +## the Free Software Foundation and appearing in the file LICENSE.GPL3 +## included in the packaging of this file. Please review the following +## information to ensure the GNU General Public License requirements will +## be met: https://www.gnu.org/licenses/gpl-3.0.html. +## +## $QT_END_LICENSE$ +## +############################################################################# + +set -ex + +# package vsftpd + +# add users +usermod -d "/home/$USER/ftp/" ftp #existing user +useradd -d "/home/$USER/ftp" -s /bin/bash ftptest; echo "ftptest:$PASS" | chpasswd + +# install configurations and test data +cp $TESTDATA/vsftpd.{conf,user_list} /etc/ + +# Resolve error message "vsftpd failed - probably invalid config" during boot +command='start-stop-daemon --start --background -m --oknodo --pidfile /var/run/vsftpd/vsftpd.pid' +command+=' --exec ${DAEMON}' +sed -i "s,$command.*$,$command; sleep 1," /etc/init.d/vsftpd + +# Populate the FTP sites: +su $USER -c "cp -r $TESTDATA/ftp ~/ftp" +ln -s /home/$USER/ftp /var/ftp + +# tst_QNetworkReply::getFromFtp_data() +su $USER -c "mkdir -p ~/ftp/qtest/" +su $USER -c "cp rfc3252.txt ~/ftp/qtest/"; rm rfc3252.txt + +# Duplicate rfc3252.txt 20 times for bigfile tests: +su $USER -c "seq 20 | xargs -i cat ~/ftp/qtest/rfc3252.txt >> ~/ftp/qtest/bigfile" + +# tst_QNetworkReply::getErrors_data(), testdata with special permissions +su $USER -c "chmod 0600 ~/ftp/pub/file-not-readable.txt" + +# Shared FTP folder (sticky bit) +su $USER -c "mkdir -p -m 1777 ~/ftp/qtest/upload" # FTP incoming dir + +# enable service with installed configurations +service vsftpd restart |