craftui/craftui_test.sh - vendor/google/platform - Git at Google

 #! /bin/sh

 # some unit tests for the craft UI

 # save stdout to 3, dup stdout to a file
 log=.testlog.$$
 ln -sf LOG $log
 exec 3>&1
 exec >$log 2>&1

 failcount=0
 passcount=0

 fail() {
   echo "FAIL: $*" >&3
   echo "FAIL: $*"
   ((failcount++))
 }

 pass() {
   echo "PASS: $*" >&3
   echo "PASS: $*"
   ((passcount++))
 }

 testname() {
   test="$*"
   echo ""
   echo "---------------------------------------------------------"
   echo "starting test '$test'"
 }

 check_success() {
   status=$?
   echo "check_success: last return code was $status, wanted 0"
   if [ $status = 0 ]; then
     pass $test
   else
     fail $test
   fi
 }

 check_failure() {
   status=$?
   echo "check_failure: last return code was $status, wanted not-0"
   if [ $status != 0 ]; then
     pass $test
   else
     fail $test
   fi
 }

 onexit() {
   testname "process not running at exit"
   kill -0 $pid1
   check_failure

   testname "end of script reached"
   test "$eos" = 1
   check_success

   exec 1>&3
   echo "SUMMARY: pass=$passcount fail=$failcount"
   if [ $failcount -eq 0 ]; then
     echo "SUCCESS: $passcount tests passed."
   else
     echo "FAILURE: $failcount tests failed."
     echo "details follow:"
     cat $log
   fi
   rm -f $log

   exit $failcount
 }

 run_tests() {
   local http https url curl n arg curl_arg

   http=8888
   https=8889
   curl_ca="--cacert tmp-certs/rootCA.pem"

   testname "server not running"
   curl -s http://localhost:8888/
   check_failure

   # add a signed cert (using our fake CA)
   sh HOW.cert
   for n in sim1 sim2; do
     chmod 750 $n/tmp/ssl/*
     cp tmp-certs/localhost.pem $n/tmp/ssl/certs/craftui.pem
     cp tmp-certs/localhost.key $n/tmp/ssl/private/craftui.key
   done

   ./craftui &
   pid1=$!
   ./craftui -2 &
   pid2=$!

   testname "process running"
   kill -0 $pid1
   check_success

   sleep 1

   curl_noca="curl -v -s -m 1"
   curl="$curl_noca $curl_ca"

   # verify localhost works
   testname https localhost
   $curl https://localhost:$https/status |& grep 'WWW-Authenticate: Digest'
   check_success

   # but needs --cacert
   testname https localhost without CA
   $curl_noca https://localhost:$https/status |&
     grep 'unable to get local issuer certificate'
   check_success

   # and 127.0.0.1 fails due to cert name mismatch
   testname https 127.0.0.1
   $curl https://127.0.0.1:$https/status |&
     grep "certificate subject name 'localhost' does not match target host name"
   check_success

   for url in http://localhost:$http https://localhost:$https; do

     testname "404 not found ($url)"
     $curl $url/notexist |& grep '404: Not Found'
     check_success

     baduser_auth="--digest --user root:admin"
     badpass_auth="--digest --user guest:admin"

     for auth in "" "$baduser_auth" "$badpass_auth"; do
       for n in status config content.json; do
         testname "page $n bad auth ($url, $auth)"
         $curl $auth $url/$n |& grep 'WWW-Authenticate: Digest'
         check_success
       done
     done

     admin_auth="--digest --user admin:admin"
     guest_auth="--digest --user guest:guest"

     # should fail with guest_auth
     for auth in "$admin_auth"; do
       testname "config web page ($url, $auth)"
       $curl $auth $url/config |& grep 'WWW-Authenticate: Digest'
       check_success
     done

     # should work with no auth
     for auth in ""; do
       testname "welcome web page ($url)"
       $curl $url/ |& grep welcome.thtml
       check_success
     done

     # should work with guest_auth
     for auth in "$guest_auth"; do
       testname "status web page ($url, $auth)"
       $curl $auth $url/status |& grep status.thtml
       check_success

       testname "json ($url, $auth)"
       $curl $auth $url/content.json |& grep '"platform": "GFCH100"'
       check_success
     done

     # should work with admin_auth
     for auth in "$admin_auth"; do
       testname "status web page ($url, $auth)"
       $curl $auth $url/status |& grep status.thtml
       check_success

       testname "config web page ($url, $auth)"
       $curl $auth $url/config |& grep config.thtml
       check_success

       testname "json ($url, $auth)"
       $curl $auth $url/content.json |& grep '"platform": "GFCH100"'
       check_success
     done

     testname "bad json to config page ($url)"
     $curl $admin_auth -d 'duck' $url/content.json | grep "json format error"
     check_success

     testname "good json config ($url)"
     d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
     $curl $admin_auth -d $d $url/content.json |& grep '"error": 0}'
     check_success

     testname "good json config, bad value ($url)"
     d='{"config":[{"peer_ipaddr":"192.168.99.99/240"}]}'
     $curl $admin_auth -d $d $url/content.json |& grep '"error": 1}'
     check_success

     testname "good json config, guest access ($url)"
     d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
     $curl $guest_auth -d $d $url/content.json |& grep '401 Unauthorized'
     check_success

     testname "good json config, no auth ($url)"
     d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
     $curl -d $d $url/content.json |& grep '401 Unauthorized'
     check_success

     testname "password is base64 ($url)"
     admin=$(echo -n admin | base64)
     new=$(echo -n ducky | base64)
     d='{ "config": [ { "password_guest": {
           "admin": "'"$admin"'",
           "new": "'"$new"'",
           "confirm": "'"$new"'"
         } } ] }'
     $curl $admin_auth -d "$d" $url/content.json |& grep '"error": 0}'
     check_success

     # TODO(edjames): duckduck does not fail.  Need to catch that.
     testname "password not base64 ($url)"
     new=ducky
     d='{ "config": [ { "password_guest": {
           "admin": "'"$admin"'",
           "new": "'"$new"'",
           "confirm": "'"$new"'"
         } } ] }'
     $curl $admin_auth -d "$d" $url/content.json |& grep '"error": 1}'
     check_success

     testname proxy read from peer
     $curl $admin_auth $url/content.json'?peer=1' |& grep '"platform": "GFCH100"'
     check_success

     testname proxy write to peer
     d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
     $curl $admin_auth -d $d $url/content.json'?peer=1' |& grep '"error": 0}'
     check_success

     testname rxslicer
     $curl $admin_auth $url/rxslicer.png | file - | grep "PNG image data, 400 x 400"
     check_success

   done

   # verify insecure message is hidden on https and not on http
   for peer in '' '?peer=1'; do
     testname http warning $peer
     $curl http://localhost:$http$peer |& grep 'hidden_on_https value=""'
     check_success

     testname no https warning $peer
     $curl https://localhost:$https$peer |& grep 'hidden_on_https value="hidden"'
     check_success
   done

   testname "process still running at end of test sequence"
   kill -0 $pid1
   check_success

   # cleanup
   t0=$(date +%s)
   kill $pid1
   kill $pid2
   wait
   t1=$(date +%s)
   dt=$((t1 - t0))

   testname "process stopped on TERM reasonably fast"
   echo "process stopped in $dt seconds"
   test "$dt" -lt 3
   check_success
 }

 #
 # main()
 #
 trap onexit 0 1 2 3

 # sanity tests
 testname true
 true
 check_success

 testname false
 false
 check_failure

 # run test suite
 run_tests

 # If there's a syntax error in this script, trap 0 will call onexit,
 # so indicate we really hit the end of the script.
 eos=1
 # end of script, add more tests before this section
	#! /bin/sh

	# some unit tests for the craft UI

	# save stdout to 3, dup stdout to a file
	log=.testlog.$$
	ln -sf LOG $log
	exec 3>&1
	exec >$log 2>&1

	failcount=0
	passcount=0

	fail() {
	echo "FAIL: $*" >&3
	echo "FAIL: $*"
	((failcount++))
	}

	pass() {
	echo "PASS: $*" >&3
	echo "PASS: $*"
	((passcount++))
	}

	testname() {
	test="$*"
	echo ""
	echo "---------------------------------------------------------"
	echo "starting test '$test'"
	}

	check_success() {
	status=$?
	echo "check_success: last return code was $status, wanted 0"
	if [ $status = 0 ]; then
	pass $test
	else
	fail $test
	fi
	}

	check_failure() {
	status=$?
	echo "check_failure: last return code was $status, wanted not-0"
	if [ $status != 0 ]; then
	pass $test
	else
	fail $test
	fi
	}

	onexit() {
	testname "process not running at exit"
	kill -0 $pid1
	check_failure

	testname "end of script reached"
	test "$eos" = 1
	check_success

	exec 1>&3
	echo "SUMMARY: pass=$passcount fail=$failcount"
	if [ $failcount -eq 0 ]; then
	echo "SUCCESS: $passcount tests passed."
	else
	echo "FAILURE: $failcount tests failed."
	echo "details follow:"
	cat $log
	fi
	rm -f $log

	exit $failcount
	}

	run_tests() {
	local http https url curl n arg curl_arg

	http=8888
	https=8889
	curl_ca="--cacert tmp-certs/rootCA.pem"

	testname "server not running"
	curl -s http://localhost:8888/
	check_failure

	# add a signed cert (using our fake CA)
	sh HOW.cert
	for n in sim1 sim2; do
	chmod 750 $n/tmp/ssl/*
	cp tmp-certs/localhost.pem $n/tmp/ssl/certs/craftui.pem
	cp tmp-certs/localhost.key $n/tmp/ssl/private/craftui.key
	done

	./craftui &
	pid1=$!
	./craftui -2 &
	pid2=$!

	testname "process running"
	kill -0 $pid1
	check_success

	sleep 1

	curl_noca="curl -v -s -m 1"
	curl="$curl_noca $curl_ca"

	# verify localhost works
	testname https localhost
	$curl https://localhost:$https/status \|& grep 'WWW-Authenticate: Digest'
	check_success

	# but needs --cacert
	testname https localhost without CA
	$curl_noca https://localhost:$https/status \|&
	grep 'unable to get local issuer certificate'
	check_success

	# and 127.0.0.1 fails due to cert name mismatch
	testname https 127.0.0.1
	$curl https://127.0.0.1:$https/status \|&
	grep "certificate subject name 'localhost' does not match target host name"
	check_success

	for url in http://localhost:$http https://localhost:$https; do

	testname "404 not found ($url)"
	$curl $url/notexist \|& grep '404: Not Found'
	check_success

	baduser_auth="--digest --user root:admin"
	badpass_auth="--digest --user guest:admin"

	for auth in "" "$baduser_auth" "$badpass_auth"; do
	for n in status config content.json; do
	testname "page $n bad auth ($url, $auth)"
	$curl $auth $url/$n \|& grep 'WWW-Authenticate: Digest'
	check_success
	done
	done

	admin_auth="--digest --user admin:admin"
	guest_auth="--digest --user guest:guest"

	# should fail with guest_auth
	for auth in "$admin_auth"; do
	testname "config web page ($url, $auth)"
	$curl $auth $url/config \|& grep 'WWW-Authenticate: Digest'
	check_success
	done

	# should work with no auth
	for auth in ""; do
	testname "welcome web page ($url)"
	$curl $url/ \|& grep welcome.thtml
	check_success
	done

	# should work with guest_auth
	for auth in "$guest_auth"; do
	testname "status web page ($url, $auth)"
	$curl $auth $url/status \|& grep status.thtml
	check_success

	testname "json ($url, $auth)"
	$curl $auth $url/content.json \|& grep '"platform": "GFCH100"'
	check_success
	done

	# should work with admin_auth
	for auth in "$admin_auth"; do
	testname "status web page ($url, $auth)"
	$curl $auth $url/status \|& grep status.thtml
	check_success

	testname "config web page ($url, $auth)"
	$curl $auth $url/config \|& grep config.thtml
	check_success

	testname "json ($url, $auth)"
	$curl $auth $url/content.json \|& grep '"platform": "GFCH100"'
	check_success
	done

	testname "bad json to config page ($url)"
	$curl $admin_auth -d 'duck' $url/content.json \| grep "json format error"
	check_success

	testname "good json config ($url)"
	d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
	$curl $admin_auth -d $d $url/content.json \|& grep '"error": 0}'
	check_success

	testname "good json config, bad value ($url)"
	d='{"config":[{"peer_ipaddr":"192.168.99.99/240"}]}'
	$curl $admin_auth -d $d $url/content.json \|& grep '"error": 1}'
	check_success

	testname "good json config, guest access ($url)"
	d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
	$curl $guest_auth -d $d $url/content.json \|& grep '401 Unauthorized'
	check_success

	testname "good json config, no auth ($url)"
	d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
	$curl -d $d $url/content.json \|& grep '401 Unauthorized'
	check_success

	testname "password is base64 ($url)"
	admin=$(echo -n admin \| base64)
	new=$(echo -n ducky \| base64)
	d='{ "config": [ { "password_guest": {
	"admin": "'"$admin"'",
	"new": "'"$new"'",
	"confirm": "'"$new"'"
	} } ] }'
	$curl $admin_auth -d "$d" $url/content.json \|& grep '"error": 0}'
	check_success

	# TODO(edjames): duckduck does not fail. Need to catch that.
	testname "password not base64 ($url)"
	new=ducky
	d='{ "config": [ { "password_guest": {
	"admin": "'"$admin"'",
	"new": "'"$new"'",
	"confirm": "'"$new"'"
	} } ] }'
	$curl $admin_auth -d "$d" $url/content.json \|& grep '"error": 1}'
	check_success

	testname proxy read from peer
	$curl $admin_auth $url/content.json'?peer=1' \|& grep '"platform": "GFCH100"'
	check_success

	testname proxy write to peer
	d='{"config":[{"peer_ipaddr":"192.168.99.99/24"}]}'
	$curl $admin_auth -d $d $url/content.json'?peer=1' \|& grep '"error": 0}'
	check_success

	testname rxslicer
	$curl $admin_auth $url/rxslicer.png \| file - \| grep "PNG image data, 400 x 400"
	check_success

	done

	# verify insecure message is hidden on https and not on http
	for peer in '' '?peer=1'; do
	testname http warning $peer
	$curl http://localhost:$http$peer \|& grep 'hidden_on_https value=""'
	check_success

	testname no https warning $peer
	$curl https://localhost:$https$peer \|& grep 'hidden_on_https value="hidden"'
	check_success
	done

	testname "process still running at end of test sequence"
	kill -0 $pid1
	check_success

	# cleanup
	t0=$(date +%s)
	kill $pid1
	kill $pid2
	wait
	t1=$(date +%s)
	dt=$((t1 - t0))

	testname "process stopped on TERM reasonably fast"
	echo "process stopped in $dt seconds"
	test "$dt" -lt 3
	check_success
	}

	#
	# main()
	#
	trap onexit 0 1 2 3

	# sanity tests
	testname true
	true
	check_success

	testname false
	false
	check_failure

	# run test suite
	run_tests

	# If there's a syntax error in this script, trap 0 will call onexit,
	# so indicate we really hit the end of the script.
	eos=1
	# end of script, add more tests before this section