From fbd29dd60a195a5c252ba1d28366d52d60447560 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Sat, 15 Jun 2013 15:45:22 +0200 Subject: add a simple webserver for our testcases APT needs to acquire data in a secure fashion over an inherently unsecure way, known as the internet, while communicating with unreliable partners, known as webservers and proxies. For your integration tests we so far relied on 'normal' webservers, but all of them have certain quirks and none is able to provide us with all quirks which can be observed in the wild and we therefore have to test with, so this webserver isn't trying to be fast, secure or feature complete, but to provide all the quirks we need in a consistent way. This webserver also makes the APT project self-contained, as it is now able to generate, serve as well as acquire package indexes. ;) Git-Dch: Ignore --- test/integration/framework | 19 +- test/interactive-helper/aptwebserver.cc | 343 ++++++++++++++++++++++++++++++++ test/interactive-helper/makefile | 7 + 3 files changed, 363 insertions(+), 6 deletions(-) create mode 100644 test/interactive-helper/aptwebserver.cc (limited to 'test') diff --git a/test/integration/framework b/test/integration/framework index 5c50498a2..9db4a1017 100644 --- a/test/integration/framework +++ b/test/integration/framework @@ -718,12 +718,20 @@ signreleasefiles() { } changetowebserver() { - if which weborf > /dev/null; then - weborf -xb aptarchive/ 2>&1 > /dev/null & + local LOG='/dev/null' + if test -x ${BUILDDIRECTORY}/aptwebserver; then + cd aptarchive + LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/aptwebserver "$@" >$LOG 2>&1 & + addtrap "kill $!;" + cd - > /dev/null + elif [ $# -gt 0 ]; then + msgdie 'Need the aptwebserver when passing arguments for the webserver' + elif which weborf > /dev/null; then + weborf -xb aptarchive/ >$LOG 2>&1 & addtrap "kill $!;" elif which gatling > /dev/null; then cd aptarchive - gatling -p 8080 -F -S 2>&1 > /dev/null & + gatling -p 8080 -F -S >$LOG 2>&1 & addtrap "kill $!;" cd - > /dev/null elif which lighttpd > /dev/null; then @@ -731,11 +739,10 @@ changetowebserver() { server.port = 8080 server.stat-cache-engine = \"disable\"" > lighttpd.conf lighttpd -t -f lighttpd.conf >/dev/null || msgdie 'Can not change to webserver: our lighttpd config is invalid' - lighttpd -D -f lighttpd.conf 2>/dev/null >/dev/null & + lighttpd -D -f lighttpd.conf >$LOG 2>&1 & addtrap "kill $!;" else - msgdie 'You have to install weborf or lighttpd first' - return 1 + msgdie 'You have to build aptwerbserver or install a webserver' fi local APTARCHIVE="file://$(readlink -f ./aptarchive)" for LIST in $(find rootdir/etc/apt/sources.list.d/ -name 'apt-test-*.list'); do diff --git a/test/interactive-helper/aptwebserver.cc b/test/interactive-helper/aptwebserver.cc new file mode 100644 index 000000000..98bbde21b --- /dev/null +++ b/test/interactive-helper/aptwebserver.cc @@ -0,0 +1,343 @@ +#include + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include + +char const * const httpcodeToStr(int const httpcode) /*{{{*/ +{ + switch (httpcode) + { + // Informational 1xx + case 100: return "100 Continue"; + case 101: return "101 Switching Protocols"; + // Successful 2xx + case 200: return "200 OK"; + case 201: return "201 Created"; + case 202: return "202 Accepted"; + case 203: return "203 Non-Authoritative Information"; + case 204: return "204 No Content"; + case 205: return "205 Reset Content"; + case 206: return "206 Partial Content"; + // Redirections 3xx + case 300: return "300 Multiple Choices"; + case 301: return "301 Moved Permanently"; + case 302: return "302 Found"; + case 303: return "303 See Other"; + case 304: return "304 Not Modified"; + case 305: return "304 Use Proxy"; + case 307: return "307 Temporary Redirect"; + // Client errors 4xx + case 400: return "400 Bad Request"; + case 401: return "401 Unauthorized"; + case 402: return "402 Payment Required"; + case 403: return "403 Forbidden"; + case 404: return "404 Not Found"; + case 405: return "405 Method Not Allowed"; + case 406: return "406 Not Acceptable"; + case 407: return "407 Proxy Authentication Required"; + case 408: return "408 Request Time-out"; + case 409: return "409 Conflict"; + case 410: return "410 Gone"; + case 411: return "411 Length Required"; + case 412: return "412 Precondition Failed"; + case 413: return "413 Request Entity Too Large"; + case 414: return "414 Request-URI Too Large"; + case 415: return "415 Unsupported Media Type"; + case 416: return "416 Requested range not satisfiable"; + case 417: return "417 Expectation Failed"; + case 418: return "418 I'm a teapot"; + // Server error 5xx + case 500: return "500 Internal Server Error"; + case 501: return "501 Not Implemented"; + case 502: return "502 Bad Gateway"; + case 503: return "503 Service Unavailable"; + case 504: return "504 Gateway Time-out"; + case 505: return "505 HTTP Version not supported"; + } + return NULL; +} + /*}}}*/ +void addFileHeaders(std::list &headers, FileFd &data) /*{{{*/ +{ + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.FileSize(); + headers.push_back(contentlength.str()); + + std::string lastmodified("Last-Modified: "); + lastmodified.append(TimeRFC1123(data.ModificationTime())); + headers.push_back(lastmodified); +} + /*}}}*/ +void addDataHeaders(std::list &headers, std::string &data) /*{{{*/ +{ + std::ostringstream contentlength; + contentlength << "Content-Length: " << data.size(); + headers.push_back(contentlength.str()); +} + /*}}}*/ +bool sendHead(int const client, int const httpcode, std::list &headers)/*{{{*/ +{ + std::string response("HTTP/1.1 "); + response.append(httpcodeToStr(httpcode)); + headers.push_front(response); + + headers.push_back("Server: APT webserver"); + + std::string date("Date: "); + date.append(TimeRFC1123(time(NULL))); + headers.push_back(date); + + std::clog << ">>> RESPONSE >>>" << std::endl; + bool Success = true; + for (std::list::const_iterator h = headers.begin(); + Success == true && h != headers.end(); ++h) + { + Success &= FileFd::Write(client, h->c_str(), h->size()); + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + std::clog << *h << std::endl; + } + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + std::clog << "<<<<<<<<<<<<<<<<" << std::endl; + return Success; +} + /*}}}*/ +bool sendFile(int const client, FileFd &data) /*{{{*/ +{ + bool Success = true; + char buffer[500]; + unsigned long long actual = 0; + while ((Success &= data.Read(buffer, sizeof(buffer), &actual)) == true) + { + if (actual == 0) + break; + if (Success == true) + Success &= FileFd::Write(client, buffer, actual); + } + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + return Success; +} + /*}}}*/ +bool sendData(int const client, std::string const &data) /*{{{*/ +{ + bool Success = true; + Success &= FileFd::Write(client, data.c_str(), data.size()); + if (Success == true) + Success &= FileFd::Write(client, "\r\n", 2); + return Success; +} + /*}}}*/ +void sendError(int const client, int const httpcode, std::string const &request,/*{{{*/ + bool content, std::string const &error = "") +{ + std::list headers; + std::string response(""); + response.append(httpcodeToStr(httpcode)).append(""); + response.append("

").append(httpcodeToStr(httpcode)).append("

"); + if (error.empty() == false) + response.append("

Error: ").append(error).append("

"); + response.append("This error is a result of the request:
");
+   response.append(request).append("
"); + addDataHeaders(headers, response); + sendHead(client, httpcode, headers); + if (content == true) + sendData(client, response); +} + /*}}}*/ +bool parseFirstLine(int const client, std::string const &request, /*{{{*/ + std::string &filename, bool &sendContent, + bool &closeConnection) +{ + if (strncmp(request.c_str(), "HEAD ", 5) == 0) + sendContent = false; + if (strncmp(request.c_str(), "GET ", 4) != 0) + { + sendError(client, 501, request, true); + return false; + } + + size_t const lineend = request.find('\n'); + size_t filestart = request.find(' '); + for (; request[filestart] == ' '; ++filestart); + size_t fileend = request.rfind(' ', lineend); + if (lineend == std::string::npos || filestart == std::string::npos || + fileend == std::string::npos || filestart == fileend) + { + sendError(client, 500, request, sendContent, "Filename can't be extracted"); + return false; + } + + size_t httpstart = fileend; + for (; request[httpstart] == ' '; ++httpstart); + if (strncmp(request.c_str() + httpstart, "HTTP/1.1\r", 9) == 0) + closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "Keep-Alive") != 0; + else if (strncmp(request.c_str() + httpstart, "HTTP/1.0\r", 9) == 0) + closeConnection = strcasecmp(LookupTag(request, "Connection", "Keep-Alive").c_str(), "close") == 0; + else + { + sendError(client, 500, request, sendContent, "Not a HTTP/1.{0,1} request"); + return false; + } + + filename = request.substr(filestart, fileend - filestart); + if (filename.find(' ') != std::string::npos) + { + sendError(client, 500, request, sendContent, "Filename contains an unencoded space"); + return false; + } + filename = DeQuoteString(filename); + + // this is not a secure server, but at least prevent the obvious … + if (filename.empty() == true || filename[0] != '/' || + strncmp(filename.c_str(), "//", 2) == 0 || + filename.find_first_of("\r\n\t\f\v") != std::string::npos || + filename.find("/../") != std::string::npos) + { + sendError(client, 400, request, sendContent, "Filename contains illegal character (sequence)"); + return false; + } + + // nuke the first character which is a / as we assured above + filename.erase(0, 1); + if (filename.empty() == true) + filename = "."; + return true; +} + /*}}}*/ +int main(int const argc, const char * argv[]) +{ + CommandLine::Args Args[] = { + {0, "port", "aptwebserver::port", CommandLine::HasArg}, + {'c',"config-file",0,CommandLine::ConfigFile}, + {'o',"option",0,CommandLine::ArbItem}, + {0,0,0,0} + }; + + CommandLine CmdL(Args, _config); + if(CmdL.Parse(argc,argv) == false) + { + _error->DumpErrors(); + exit(1); + } + + // create socket, bind and listen to it {{{ + // ignore SIGPIPE, this can happen on write() if the socket closes connection + signal(SIGPIPE, SIG_IGN); + int sock = socket(AF_INET6, SOCK_STREAM, 0); + if(sock < 0) + { + _error->Errno("aptwerbserver", "Couldn't create socket"); + _error->DumpErrors(std::cerr); + return 1; + } + + int const port = _config->FindI("aptwebserver::port", 8080); + + // ensure that we accept all connections: v4 or v6 + int const iponly = 0; + setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &iponly, sizeof(iponly)); + // to not linger on an address + int const enable = 1; + setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &enable, sizeof(enable)); + + struct sockaddr_in6 locAddr; + memset(&locAddr, 0, sizeof(locAddr)); + locAddr.sin6_family = AF_INET6; + locAddr.sin6_port = htons(port); + locAddr.sin6_addr = in6addr_any; + + if (bind(sock, (struct sockaddr*) &locAddr, sizeof(locAddr)) < 0) + { + _error->Errno("aptwerbserver", "Couldn't bind"); + _error->DumpErrors(std::cerr); + return 2; + } + + std::clog << "Serving ANY file on port: " << port << std::endl; + + listen(sock, 1); + /*}}}*/ + + std::vector messages; + int client; + while ((client = accept(sock, NULL, NULL)) != -1) + { + std::clog << "ACCEPT client " << client + << " on socket " << sock << std::endl; + + while (ReadMessages(client, messages)) + { + bool closeConnection = false; + for (std::vector::const_iterator m = messages.begin(); + m != messages.end() && closeConnection == false; ++m) { + std::clog << ">>> REQUEST >>>>" << std::endl << *m + << std::endl << "<<<<<<<<<<<<<<<<" << std::endl; + std::list headers; + std::string filename; + bool sendContent = true; + if (parseFirstLine(client, *m, filename, sendContent, closeConnection) == false) + continue; + + std::string host = LookupTag(*m, "Host", ""); + if (host.empty() == true) + { + // RFC 2616 §14.23 requires Host + sendError(client, 400, *m, sendContent, "Host header is required"); + continue; + } + + if (RealFileExists(filename) == true) + { + FileFd data(filename, FileFd::ReadOnly); + std::string condition = LookupTag(*m, "If-Modified-Since", ""); + if (condition.empty() == false) + { + time_t cache; + if (RFC1123StrToTime(condition.c_str(), cache) == true && + cache >= data.ModificationTime()) + { + sendHead(client, 304, headers); + continue; + } + } + + addFileHeaders(headers, data); + sendHead(client, 200, headers); + if (sendContent == true) + sendFile(client, data); + } + else + sendError(client, 404, *m, sendContent); + } + _error->DumpErrors(std::cerr); + messages.clear(); + if (closeConnection == true) + break; + } + + std::clog << "CLOSE client " << client + << " on socket " << sock << std::endl; + close(client); + } + return 0; +} diff --git a/test/interactive-helper/makefile b/test/interactive-helper/makefile index fa4f5fecb..f43df97e3 100644 --- a/test/interactive-helper/makefile +++ b/test/interactive-helper/makefile @@ -38,3 +38,10 @@ include $(PROGRAM_H) #SLIBS = -lapt-pkg -lrpm #SOURCE = rpmver.cc #include $(PROGRAM_H) + +# Program for testing udevcdrom +PROGRAM=aptwebserver +SLIBS = -lapt-pkg +LIB_MAKES = apt-pkg/makefile +SOURCE = aptwebserver.cc +include $(PROGRAM_H) -- cgit v1.2.3