From 9e24b43cb962d7d0035154a546ef281d0a786162 Mon Sep 17 00:00:00 2001
From: Ryan Chu <ryan.chu@qt.io>
Date: Wed, 28 Feb 2018 16:48:38 +0100
Subject: Docker-based test servers for network-related Qt autotests
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The existing network test server has some limitations. Most notably, it
is not accessible by every Qt developer. Also, some services don't allow
simultaneous access, which causes flaky test results.

Instead of centralizing all the services to one physical machine, the
idea is to build up several dedicated servers inside separate Docker
containers.

1. Create testserver.pri and integrate it into the make check command of
   Qt Test.

2. Define QT_TEST_SERVER flag for changing test parameters at compile
   time.

Task-number: QTQAINFRA-1686
Change-Id: I0422ddb97eb8c11b4818771454851d19671253b1
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@qt.io>
Reviewed-by: Ryan Chu <ryan.chu@qt.io>
---
 tests/testserver/apache2/apache2.sh                |  77 +++++++++++++++++++++
 tests/testserver/apache2/testdata/dav.conf         |   7 ++
 tests/testserver/apache2/testdata/deflate.conf     |   5 ++
 tests/testserver/apache2/testdata/main.conf        |  56 +++++++++++++++
 tests/testserver/apache2/testdata/security.conf    |  51 ++++++++++++++
 tests/testserver/apache2/testdata/ssl.conf         |   2 +
 .../apache2/testdata/www/cgi-bin/echo.cgi          |  11 +++
 .../testdata/www/htdocs/auth-digest/index.html     |   1 +
 .../apache2/testdata/www/htdocs/digest-authfile    |   1 +
 .../apache2/testdata/www/htdocs/fluke.gif          | Bin 0 -> 27906 bytes
 .../apache2/testdata/www/htdocs/index.html         |   3 +
 .../www/htdocs/protected/cgi-bin/md5sum.cgi        |   6 ++
 .../testdata/www/htdocs/rfcs-auth/index.html       |   1 +
 13 files changed, 221 insertions(+)
 create mode 100755 tests/testserver/apache2/apache2.sh
 create mode 100644 tests/testserver/apache2/testdata/dav.conf
 create mode 100644 tests/testserver/apache2/testdata/deflate.conf
 create mode 100644 tests/testserver/apache2/testdata/main.conf
 create mode 100644 tests/testserver/apache2/testdata/security.conf
 create mode 100644 tests/testserver/apache2/testdata/ssl.conf
 create mode 100755 tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi
 create mode 100644 tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html
 create mode 100644 tests/testserver/apache2/testdata/www/htdocs/digest-authfile
 create mode 100644 tests/testserver/apache2/testdata/www/htdocs/fluke.gif
 create mode 100644 tests/testserver/apache2/testdata/www/htdocs/index.html
 create mode 100755 tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi
 create mode 100644 tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html

(limited to 'tests/testserver/apache2')

diff --git a/tests/testserver/apache2/apache2.sh b/tests/testserver/apache2/apache2.sh
new file mode 100755
index 0000000000..4b0c74e2c4
--- /dev/null
+++ b/tests/testserver/apache2/apache2.sh
@@ -0,0 +1,77 @@
+#!/usr/bin/env bash
+
+#############################################################################
+##
+## Copyright (C) 2018 The Qt Company Ltd.
+## Contact: https://www.qt.io/licensing/
+##
+## This file is part of the test suite of the Qt Toolkit.
+##
+## $QT_BEGIN_LICENSE:GPL$
+## Commercial License Usage
+## Licensees holding valid commercial Qt licenses may use this file in
+## accordance with the commercial license agreement provided with the
+## Software or, alternatively, in accordance with the terms contained in
+## a written agreement between you and The Qt Company. For licensing terms
+## and conditions see https://www.qt.io/terms-conditions. For further
+## information use the contact form at https://www.qt.io/contact-us.
+##
+## GNU General Public License Usage
+## Alternatively, this file may be used under the terms of the GNU
+## General Public License version 3 or (at your option) any later version
+## approved by the KDE Free Qt Foundation. The licenses are as published by
+## the Free Software Foundation and appearing in the file LICENSE.GPL3
+## included in the packaging of this file. Please review the following
+## information to ensure the GNU General Public License requirements will
+## be met: https://www.gnu.org/licenses/gpl-3.0.html.
+##
+## $QT_END_LICENSE$
+##
+#############################################################################
+
+set -ex
+
+# package apache2
+
+# add users
+useradd httptest; echo "httptest:httptest" | chpasswd
+
+# enable apache2 module
+/usr/sbin/a2enmod ssl dav_fs headers deflate auth_digest cgi
+
+# enable apache2 config
+cp $TESTDATA/{main,security,ssl,dav}.conf /etc/apache2/conf-available/
+/usr/sbin/a2enconf main security ssl dav
+
+# install configurations and test data
+cp $TESTDATA/deflate.conf /etc/apache2/mods-available/
+mkdir -p -m 1777 /home/writeables/dav # dav.conf
+a2dissite '*' # disable all of the default apache2 sites
+
+# Populate the web-site:
+su $USER -c "cp -r $TESTDATA/www ~/www"
+
+# tst_QNetworkReply::getFromHttp(success-internal)
+su $USER -c "cp rfc3252.txt ~/www/htdocs/"; rm rfc3252.txt
+
+# tst_QNetworkReply::synchronousRequest_data()
+su $USER -c "mkdir -p ~/www/htdocs/deflate/"
+su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/deflate/"
+
+# tst_QNetworkReply::headFromHttp(with-authentication)
+su $USER -c "ln -s ~/www/htdocs/rfc3252.txt ~/www/htdocs/rfcs-auth/"
+
+# Duplicate rfc3252.txt 20 times for bigfile tests:
+su $USER -c "seq 20 | xargs -i cat ~/www/htdocs/rfc3252.txt >> ~/www/htdocs/bigfile"
+
+# tst_QNetworkReply::postToHttp(empty)
+su $USER -c "ln -s ~/www/htdocs/protected/cgi-bin/md5sum.cgi ~/www/cgi-bin/"
+
+# tst_QNetworkReply::lastModifiedHeaderForHttp() expects this time-stamp:
+touch -d "2007-05-22 12:04:57 GMT" /home/$USER/www/htdocs/fluke.gif
+
+# Create 10MB file for use by tst_Q*::downloadBigFile and interruption tests:
+su $USER -c "/bin/dd if=/dev/zero of=~/www/htdocs/mediumfile bs=1 count=0 seek=10000000"
+
+# enable service with installed configurations
+service apache2 restart
diff --git a/tests/testserver/apache2/testdata/dav.conf b/tests/testserver/apache2/testdata/dav.conf
new file mode 100644
index 0000000000..c207c2734b
--- /dev/null
+++ b/tests/testserver/apache2/testdata/dav.conf
@@ -0,0 +1,7 @@
+Alias /dav /home/writeables/dav
+<Location /dav>
+    DAV On
+    order allow,deny
+    allow from all
+    Require all granted
+</Location>
diff --git a/tests/testserver/apache2/testdata/deflate.conf b/tests/testserver/apache2/testdata/deflate.conf
new file mode 100644
index 0000000000..6a15701d49
--- /dev/null
+++ b/tests/testserver/apache2/testdata/deflate.conf
@@ -0,0 +1,5 @@
+# The default configuration will turn on DEFLATE for files served up
+# from everywhere.
+#
+# For testing purposes, we want DEFLATE off by default, and on only for
+# specific paths (which is set elsewhere).
diff --git a/tests/testserver/apache2/testdata/main.conf b/tests/testserver/apache2/testdata/main.conf
new file mode 100644
index 0000000000..5cfa544623
--- /dev/null
+++ b/tests/testserver/apache2/testdata/main.conf
@@ -0,0 +1,56 @@
+ServerName apache2.test-net.qt:80
+
+NameVirtualHost *:443
+
+<VirtualHost *:80>
+</VirtualHost>
+
+<VirtualHost *:443>
+SSLEngine On
+CustomLog /var/log/apache2/ssl_access.log combined
+ErrorLog /var/log/apache2/ssl_error.log
+</VirtualHost>
+
+# default ubuntu config turns off SSLv2 because it is deprecated.
+# Turn it back on so we can test it.
+SSLProtocol all
+
+DocumentRoot /home/qt-test-server/www/htdocs
+ScriptAlias /qtest/cgi-bin/ "/home/qt-test-server/www/cgi-bin/"
+ScriptAlias /qtest/protected/cgi-bin/ "/home/qt-test-server/www/htdocs/protected/cgi-bin/"
+Alias /qtest "/home/qt-test-server/www/htdocs/"
+
+<Directory "/home/qt-test-server/www/htdocs">
+    Require all granted
+</Directory>
+
+<Directory "/home/qt-test-server/www/htdocs/rfcs-auth">
+    AuthType Basic
+    AuthName "Restricted Files"
+    AuthUserFile /home/qt-test-server/passwords
+    Require user httptest
+</Directory>
+
+<Directory "/home/qt-test-server/www/htdocs/auth-digest">
+    AuthType Digest
+    AuthName "Digest testing"
+    AuthDigestProvider file
+    AuthUserFile /home/qt-test-server/www/htdocs/digest-authfile
+    Require user httptest
+</Directory>
+
+<Directory "/home/qt-test-server/www/htdocs/deflate">
+    AddOutputFilterByType DEFLATE text/html text/plain text/xml
+    Header append Vary User-Agent env=!dont-vary
+</Directory>
+
+<Directory "/home/qt-test-server/www/cgi-bin">
+    Options +ExecCGI -Includes
+    AddHandler cgi-script .cgi .pl
+    Require all granted
+</Directory>
+
+
+<Directory "/home/qt-test-server/www/htdocs/protected/">
+    AllowOverride AuthConfig Options
+</Directory>
diff --git a/tests/testserver/apache2/testdata/security.conf b/tests/testserver/apache2/testdata/security.conf
new file mode 100644
index 0000000000..30a8ee3765
--- /dev/null
+++ b/tests/testserver/apache2/testdata/security.conf
@@ -0,0 +1,51 @@
+#
+# Disable access to the entire file system except for the directories that
+# are explicitly allowed later.
+#
+# This currently breaks the configurations that come with some web application
+# Debian packages. It will be made the default for the release after lenny.
+#
+#<Directory />
+#    AllowOverride None
+#    Order Deny,Allow
+#    Deny from all
+#</Directory>
+
+
+# Changing the following options will not really affect the security of the
+# server, but might make attacks slightly more difficult in some cases.
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of:  Full | OS | Minimal | Minor | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#
+#ServerTokens Minimal
+ServerTokens OS
+#ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of:  On | Off | EMail
+#
+#ServerSignature Off
+ServerSignature On
+
+#
+# Allow TRACE method
+#
+# Set to "extended" to also reflect the request body (only for testing and
+# diagnostic purposes).
+#
+# Set to one of:  On | Off | extended
+#
+#TraceEnable Off
+TraceEnable On
+
diff --git a/tests/testserver/apache2/testdata/ssl.conf b/tests/testserver/apache2/testdata/ssl.conf
new file mode 100644
index 0000000000..d6bbaf0da0
--- /dev/null
+++ b/tests/testserver/apache2/testdata/ssl.conf
@@ -0,0 +1,2 @@
+SSLCertificateFile /home/qt-test-server/ssl-certs/qt-test-server-cert.pem
+SSLCertificateKeyFile /home/qt-test-server/ssl-certs/private/qt-test-server-key.pem
diff --git a/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi b/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi
new file mode 100755
index 0000000000..16315a3db6
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/cgi-bin/echo.cgi
@@ -0,0 +1,11 @@
+#!/usr/bin/perl
+
+if ($ENV{'REQUEST_METHOD'} eq "GET") {
+    $request = $ENV{'QUERY_STRING'};
+} elsif ($ENV{'REQUEST_METHOD'} eq "POST") {
+    read(STDIN, $request, $ENV{'CONTENT_LENGTH'}) || die "Could not get query\n";
+}
+
+print "Content-type: text/plain\n\n";
+print $request;
+
diff --git a/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html b/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html
new file mode 100644
index 0000000000..fa96496aa0
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/htdocs/auth-digest/index.html
@@ -0,0 +1 @@
+digest authentication successful
diff --git a/tests/testserver/apache2/testdata/www/htdocs/digest-authfile b/tests/testserver/apache2/testdata/www/htdocs/digest-authfile
new file mode 100644
index 0000000000..99963901ce
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/htdocs/digest-authfile
@@ -0,0 +1 @@
+httptest:Digest testing:5f68f4bc3cd2873a3d547558fe7d9782
diff --git a/tests/testserver/apache2/testdata/www/htdocs/fluke.gif b/tests/testserver/apache2/testdata/www/htdocs/fluke.gif
new file mode 100644
index 0000000000..6060cbd4d7
Binary files /dev/null and b/tests/testserver/apache2/testdata/www/htdocs/fluke.gif differ
diff --git a/tests/testserver/apache2/testdata/www/htdocs/index.html b/tests/testserver/apache2/testdata/www/htdocs/index.html
new file mode 100644
index 0000000000..abc1df188d
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/htdocs/index.html
@@ -0,0 +1,3 @@
+<h1>Welcome to qt-test-server</h1>
+<img src="fluke.gif" alt="fluke">
+<p>This is a network test server. It serves as a caching ftp and http proxy, transparent http/socks5 proxy, imap, ftp and http server, and more.</p>
diff --git a/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi b/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi
new file mode 100755
index 0000000000..e580462b85
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/htdocs/protected/cgi-bin/md5sum.cgi
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+echo "Content-type: text/plain";
+echo "Content-length: 33"
+echo
+md5sum | cut -f 1 -d " "
diff --git a/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html b/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html
new file mode 100644
index 0000000000..472e6ce55d
--- /dev/null
+++ b/tests/testserver/apache2/testdata/www/htdocs/rfcs-auth/index.html
@@ -0,0 +1 @@
+you found the secret
-- 
cgit v1.2.3