diff options
| author | Gordon Sim <gsim@apache.org> | 2011-10-20 19:40:34 +0000 |
|---|---|---|
| committer | Gordon Sim <gsim@apache.org> | 2011-10-20 19:40:34 +0000 |
| commit | 322aa81b9fa8a358529421fc30b5a7846c11eceb (patch) | |
| tree | e6c964011fdef6d22ac28dc93bd6fdeec6fef931 /cpp/src/tests/ssl_test | |
| parent | 7c15007ed8206722793bc843d47d5655fcf66343 (diff) | |
| download | qpid-python-322aa81b9fa8a358529421fc30b5a7846c11eceb.tar.gz | |
QPID-3514: Allow SSL and non-SSL connections on the same port. Applied patch from Zane Bitter and added simple test case.
git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@1187011 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'cpp/src/tests/ssl_test')
| -rwxr-xr-x | cpp/src/tests/ssl_test | 30 |
1 files changed, 20 insertions, 10 deletions
diff --git a/cpp/src/tests/ssl_test b/cpp/src/tests/ssl_test index 2a56c0b80e..6c056f4288 100755 --- a/cpp/src/tests/ssl_test +++ b/cpp/src/tests/ssl_test @@ -47,13 +47,13 @@ delete_certs() { fi } -COMMON_OPTS="--daemon --no-data-dir --no-module-dir --config $CONFIG --load-module $SSL_LIB --ssl-cert-db $CERT_DIR --ssl-cert-password-file $CERT_PW_FILE --ssl-cert-name $TEST_HOSTNAME --require-encryption" +COMMON_OPTS="--daemon --no-data-dir --no-module-dir --config $CONFIG --load-module $SSL_LIB --ssl-cert-db $CERT_DIR --ssl-cert-password-file $CERT_PW_FILE --ssl-cert-name $TEST_HOSTNAME" start_broker() { # $1 = extra opts - ../qpidd --transport ssl --port 0 --ssl-port 0 $COMMON_OPTS --auth no $1; + ../qpidd --transport ssl --port 0 --ssl-port 0 $COMMON_OPTS --require-encryption --auth no $1; } start_authenticating_broker() { - ../qpidd --transport ssl --port 0 --ssl-port 0 $COMMON_OPTS --ssl-sasl-no-dict --ssl-require-client-authentication --auth yes; + ../qpidd --transport ssl --port 0 --ssl-port 0 $COMMON_OPTS --require-encryption --ssl-sasl-no-dict --ssl-require-client-authentication --auth yes; } stop_brokers() { @@ -68,6 +68,13 @@ cleanup() { delete_certs } +pick_port() { + # We need a fixed port to set --cluster-url. Use qpidd to pick a free port. + PICK=`../qpidd --no-module-dir -dp0` + ../qpidd --no-module-dir -qp $PICK + echo $PICK +} + CERTUTIL=$(type -p certutil) if [[ !(-x $CERTUTIL) ]] ; then echo "No certutil, skipping ssl test"; @@ -113,19 +120,22 @@ test "$MSG3" = "" || { echo "receive succeeded without valid ssl cert '$MSG3' != stop_brokers +#Test multiplexed connection where SSL and plain TCP are served by the same port +PORT=`pick_port`; ../qpidd --port $PORT --ssl-port $PORT $COMMON_OPTS --transport ssl --auth no +echo "Running multiplexed SSL/TCP test on $PORT" + +./qpid-perftest --count ${COUNT} --port ${PORT} -P ssl -b $TEST_HOSTNAME --summary || { echo "SSL on multiplexed connection failed!"; exit 1; } +./qpid-perftest --count ${COUNT} --port ${PORT} -P tcp -b $TEST_HOSTNAME --summary || { echo "Plain TCP on multiplexed connection failed!"; exit 1; } + +stop_brokers + test -z $CLUSTER_LIB && exit 0 # Exit if cluster not supported. ## Test failover in a cluster using SSL only . $srcdir/ais_check # Will exit if clustering not enabled. -pick_port() { - # We need a fixed port to set --cluster-url. Use qpidd to pick a free port. - PICK=`../qpidd --no-module-dir -dp0` - ../qpidd --no-module-dir -qp $PICK - echo $PICK -} ssl_cluster_broker() { # $1 = port - ../qpidd $COMMON_OPTS --auth no --load-module $CLUSTER_LIB --cluster-name ssl_test.$HOSTNAME.$$ --cluster-url amqp:ssl:$TEST_HOSTNAME:$1 --port 0 --ssl-port $1 --transport ssl > /dev/null + ../qpidd $COMMON_OPTS --require-encryption --auth no --load-module $CLUSTER_LIB --cluster-name ssl_test.$HOSTNAME.$$ --cluster-url amqp:ssl:$TEST_HOSTNAME:$1 --port 0 --ssl-port $1 --transport ssl > /dev/null # Wait for broker to be ready qpid-ping -Pssl -b $TEST_HOSTNAME -qp $1 || { echo "Cannot connect to broker on $1"; exit 1; } echo "Running SSL cluster broker on port $1" |