diff --git a/docker-compose/docker-compose.yml b/docker-compose/docker-compose.yml index cc3a25f..eeca97b 100644 --- a/docker-compose/docker-compose.yml +++ b/docker-compose/docker-compose.yml @@ -1,93 +1,117 @@ -#for ssl self test -version: '2.1' -services: - - badssl_test: - image: "badssl:ssl-self-test" - container_name: "badssl_ssl_self_test" - tty: true - networks: - vlan_ssl_net: - ipv4_address: 192.168.253.130 - ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010 - volumes: - - /root/.badssl_self_test_cert_dict:/root/cert_dict - command: > - bash -c "cp /root/cert_dict/certs -rf /badssl.com - && cp /root/cert_dict/common -rf /badssl.com - && make inside-docker - && nginx - && tail -f /dev/null" - - wpr_test: - image: "golang:wpr-alpine" - container_name: "wpr_ssl_self_test" - tty: true - networks: - vlan_ssl_net: - ipv4_address: 192.168.253.131 - ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1011 - volumes: - - /root/.go_wpr_test:/root/go_wpr_test - command: - - /bin/sh - - -c - - | - /root/wpr/wpr replay --http_port=80 --https_port=443 --host=0.0.0.0 --quiet_mode /root/wpr/archive.wprgo - tail -f /dev/null - - ssl_unittest: - image: "python:unittest-alpine" - container_name: "unittest_ssl_self_test" - depends_on: - - badssl_test - - wpr_test - tty: true - networks: - vlan_unittest_net: - ipv4_address: 192.168.253.3 - ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012 - volumes: - - /root/.unittest_self_test_cafile_dict:/root/cafile_dict - command: - - /bin/sh - - -c - - | - cp -rf /root/cafile_dict/ca-root.crt /usr/local/share/ca-certificates - update-ca-certificates - cat /root/unittest/badssl.test.hosts >> /etc/hosts - python /root/unittest/unittest_self.py - tail -f /dev/null - - - -networks: - vlan_ssl_net: - name: vlan_ssl_self_test_net - driver: macvlan - enable_ipv6: true - driver_opts: - parent: enp1s1 - ipam: - config: - - subnet: 192.168.253.0/24 - ip_range: 192.168.253.128/25 - gateway: 192.168.253.129 - - subnet: fd00:a1bf:2c3d:ef5a::/63 - ip_range: fd00:a1bf:2c3d:ef5a::/64 - gateway: fd00:a1bf:2c3d:ef5a::1010 - - vlan_unittest_net: - name: vlan_unittest_self_test_net - driver: macvlan - enable_ipv6: true - driver_opts: - parent: ens1f1 - ipam: - config: - - subnet: 192.168.253.0/24 - ip_range: 192.168.253.0/25 - gateway: 192.168.253.1 - - subnet: fd00:a1bf:2c3d:ef5a::/63 - ip_range: fd00:a1bf:2c3d:ef5b::/64 - gateway: fd00:a1bf:2c3d:ef5a::1011 +#for ssl self test +version: '2.2' +services: + + badssl_test: + image: "badssl:ssl-self-test" + container_name: "badssl_ssl_self_test" + tty: true + privileged: true + networks: + vlan_ssl_net: + ipv4_address: 192.168.253.130 + ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1010 + bridge_net: + ipv4_address: 172.31.254.2 + volumes: + - /root/.badssl_self_test_cert_dict:/badssl.com/unittest_certs + - /etc/localtime:/etc/localtime:ro + command: > + bash -c "make clean-certs + && make certs-test + && make inside-docker + && cp -r /badssl.com/certs /badssl.com/unittest_certs + && nginx + && tail -f /dev/null" + + wpr_test: + image: "golang:wpr-alpine" + container_name: "wpr_ssl_self_test" + tty: true + privileged: true + networks: + vlan_ssl_net: + ipv4_address: 192.168.253.131 + ipv6_address: fd00:a1bf:2c3d:ef5a:1e2f:3d4c:56ab:1011 + bridge_net: + ipv4_address: 172.31.254.3 + volumes: + - /root/.go_wpr_test:/root/go_wpr_test + - /etc/localtime:/etc/localtime:ro + command: + - /bin/sh + - -c + - | + /root/wpr/wpr replay --http_port=80 --https_port=443 --host=0.0.0.0 --quiet_mode /root/wpr/archive.wprgo & + tail -f /dev/null + + ssl_unittest: + image: "python:unittest-alpine" + container_name: "unittest_ssl_self_test" + depends_on: + - badssl_test + - wpr_test + tty: true + privileged: true + networks: + vlan_unittest_net: + ipv4_address: 192.168.253.3 + ipv6_address: fd00:a1bf:2c3d:ef5b:6e7f:8d9c:abfe:1012 + bridge_net: + ipv4_address: 172.31.254.4 + volumes: + - /root/.badssl_self_test_cert_dict:/root/cafile_dict + - /etc/localtime:/etc/localtime:ro + command: + - /bin/sh + - -c + - | + /root/unittest/wait-for 172.31.254.2:443 -t 60 -- echo "badssl is up" + /root/unittest/wait-for 172.31.254.3:443 -t 60 -- echo "wpr is up" + cp -rf /root/cafile_dict/certs/sets/current/gen/crt/ca-root.crt /usr/local/share/ca-certificates + update-ca-certificates + cat /root/unittest/badssl.test.hosts >> /etc/hosts + python /root/unittest/unittest_self.py + tail -f /dev/null + + + +networks: + bridge_net: + name: bridge_ssl_self_test_net + driver: bridge + ipam: + config: + - subnet: 172.31.254.0/24 + gateway: 172.31.254.1 + + + vlan_ssl_net: + name: vlan_ssl_self_test_net + driver: macvlan + enable_ipv6: true + driver_opts: + parent: enp1s1 + ipam: + config: + - subnet: 192.168.253.0/24 + ip_range: 192.168.253.128/25 + gateway: 192.168.253.129 + - subnet: fd00:a1bf:2c3d:ef5a::/63 + ip_range: fd00:a1bf:2c3d:ef5a::/64 + gateway: fd00:a1bf:2c3d:ef5a::1010 + + vlan_unittest_net: + name: vlan_unittest_self_test_net + driver: macvlan + enable_ipv6: true + driver_opts: + parent: ens1f1 + ipam: + config: + - subnet: 192.168.253.0/24 + ip_range: 192.168.253.0/25 + gateway: 192.168.253.1 + - subnet: fd00:a1bf:2c3d:ef5a::/63 + ip_range: fd00:a1bf:2c3d:ef5b::/64 + gateway: fd00:a1bf:2c3d:ef5a::1011 diff --git a/unittest_python/unittest/wait-for b/unittest_python/unittest/wait-for new file mode 100755 index 0000000..ddfc39e --- /dev/null +++ b/unittest_python/unittest/wait-for @@ -0,0 +1,79 @@ +#!/bin/sh + +TIMEOUT=15 +QUIET=0 + +echoerr() { + if [ "$QUIET" -ne 1 ]; then printf "%s\n" "$*" 1>&2; fi +} + +usage() { + exitcode="$1" + cat << USAGE >&2 +Usage: + $cmdname host:port [-t timeout] [-- command args] + -q | --quiet Do not output any status messages + -t TIMEOUT | --timeout=timeout Timeout in seconds, zero for no timeout + -- COMMAND ARGS Execute command with args after the test finishes +USAGE + exit "$exitcode" +} + +wait_for() { + for i in `seq $TIMEOUT` ; do + nc -z "$HOST" "$PORT" > /dev/null 2>&1 + + result=$? + if [ $result -eq 0 ] ; then + if [ $# -gt 0 ] ; then + exec "$@" + fi + exit 0 + fi + sleep 1 + done + echo "Operation timed out" >&2 + exit 1 +} + +while [ $# -gt 0 ] +do + case "$1" in + *:* ) + HOST=$(printf "%s\n" "$1"| cut -d : -f 1) + PORT=$(printf "%s\n" "$1"| cut -d : -f 2) + shift 1 + ;; + -q | --quiet) + QUIET=1 + shift 1 + ;; + -t) + TIMEOUT="$2" + if [ "$TIMEOUT" = "" ]; then break; fi + shift 2 + ;; + --timeout=*) + TIMEOUT="${1#*=}" + shift 1 + ;; + --) + shift + break + ;; + --help) + usage 0 + ;; + *) + echoerr "Unknown argument: $1" + usage 1 + ;; + esac +done + +if [ "$HOST" = "" -o "$PORT" = "" ]; then + echoerr "Error: you need to provide a host and port to test." + usage 2 +fi + +wait_for "$@"