github.com/go-graphite/carbonapi@v0.17.0/cmd/carbonapi/config_tests/004-https.sh

github.com/go-graphite/carbonapi@v0.17.0/cmd/carbonapi/config_tests/004-https.sh (about)

     1  #!/usr/bin/env bash
     2  
     3  CURL_VERSION=$(curl --version | head -n 1 | awk '{print $2}')
     4  
     5  CURL_MAJOR_V=$(cut -d. -f 1 <<< "${CURL_VERSION}")
     6  CURL_MINOR_V=$(cut -d. -f 2 <<< "${CURL_VERSION}")
     7  
     8  if [[ ${CURL_MAJOR_V} -le 7 ]]; then
     9  	if [[ ${CURL_MAJOR_V} -lt 7 ]] || [[ ${CURL_MINOR_V} -lt 54 ]]; then
    10  		echo "curl >= 7.54 is required"
    11  		exit 2
    12  	fi
    13  fi
    14  
    15  set -e
    16  
    17  source "$(dirname "${0}")/common.sh"
    18  
    19  TEST_DIR=$(dirname "${0}")
    20  TEST_NAME=$(basename "${0}")
    21  STATUS=0
    22  echo "${TEST_NAME/.sh/.yaml}"
    23  
    24  EXPECTED_LISTENERS=(
    25  	"127.0.0.1:8082"
    26  )
    27  
    28  trap "cleanup" SIGINT SIGTERM EXIT INT QUIT TERM EXIT
    29  echo "carbonapi -config \"${TEST_DIR}/${TEST_NAME/.sh/.yaml}\" &"
    30  ./carbonapi -config "${TEST_DIR}/${TEST_NAME/.sh/.yaml}" &
    31  sleep 2
    32  
    33  LISTENERS=$(get_listeners "carbonapi")
    34  
    35  set +e
    36  
    37  cnt=0
    38  for l in ${LISTENERS}; do
    39  	cnt=$((cnt+1))
    40  	found=0
    41  	for el in ${EXPECTED_LISTENERS[@]}; do
    42  		if [[ "${el}" == "${l}" ]]; then
    43  			found=1
    44  			break
    45  		fi
    46  	done
    47  	if [[ ${found} -eq 0 ]]; then
    48  		echo "Listener ${l} is not expected"
    49  		STATUS=1
    50  	fi
    51  done
    52  
    53  if [[ ${cnt} -ne ${#EXPECTED_LISTENERS[@]} ]]; then
    54  	echo "Expected listener count mismatch, got ${cnt}, expected ${#EXPECTED_LISTENERS[@]}"
    55  	STATUS=1
    56  fi
    57  
    58  if [[ ${STATUS} -ne 0 ]]; then
    59  	echo "${TEST_NAME} FAIL"
    60  	kill %1
    61  	wait
    62  	exit ${STATUS}
    63  fi
    64  
    65  # CURL should fail as server runs in tls 1.3 only mode
    66  OUT=$(curl --tlsv1.2 --tls-max 1.2 -kvvI https://127.0.0.1:8082 2>&1)
    67  CURL_STATUS=${?}
    68  if [[ ${CURL_STATUS} -eq 0 ]]; then
    69  	echo "${OUT}"
    70  	echo "${TEST_NAME} FAIL"
    71  	STATUS=1
    72  	kill %1
    73  	wait
    74  	exit ${STATUS}
    75  fi
    76  
    77  # CURL should succeed as server both supports tls 1.3
    78  OUT=$(curl --tlsv1.3 -kvvI https://127.0.0.1:8082 2>&1)
    79  CURL_STATUS=${?}
    80  if [[ ${CURL_STATUS} -ne 0 ]]; then
    81    echo "${OUT}"
    82    STATUS=1
    83    if [[ ${CURL_STATUS} -eq 4 ]] && [[ ${_RUNNING_OS} == "Darwin" ]]; then
    84      echo "tls1.3 not supported on OSX in brew version of curl, assuming it's ok"
    85      echo "${TEST_NAME} OK"
    86      STATUS=0
    87    else
    88      echo "${TEST_NAME} FAIL"
    89    fi
    90    kill %1
    91    wait
    92    exit ${STATUS}
    93  fi
    94  
    95  EXPECTED_CURL_OUTPUT=(
    96  	"connection using TLSv1.3"
    97  	"subject: CN=carbonapi-test1"
    98  	"HTTP/2 200"
    99  )
   100  
   101  OLD_IFS="${IFS}"
   102  IFS=$'\n'
   103  for t in ${EXPECTED_CURL_OUTPUT[@]}; do
   104  	IFS="${OLD_IFS}"
   105  	grep -q "${t}" <<< "${OUT}"
   106  	if [[ ${?} -ne 0 ]]; then
   107  		echo
   108  		echo "Test for '${t}' in output failed"
   109  		echo "${OUT}"
   110  		echo "${TEST_NAME} FAIL"
   111  		STATUS=1
   112  	fi
   113  done
   114  IFS="${OLD_IFS}"
   115  
   116  kill %1
   117  wait
   118  
   119  if [[ ${STATUS} -eq 0 ]]; then
   120  	echo "${TEST_NAME} OK"
   121  else
   122  	echo "${TEST_NAME} FAIL"
   123  fi
   124  
   125  exit ${STATUS}