Added unit tests for SSL.

server/modules/protocol/CMakeLists.txt

@@ -17,6 +17,7 @@ install(TARGETS HTTPD DESTINATION ${MAXSCALE_LIBDIR})
 if(BUILD_TESTS)
   add_library(testprotocol SHARED testprotocol.c)
   install(TARGETS testprotocol DESTINATION ${MAXSCALE_LIBDIR})
+  add_subdirectory(test)
 endif()
 
 add_library(maxscaled SHARED maxscaled.c)

server/modules/protocol/test/CMakeLists.txt

@@ -0,0 +1,10 @@
+configure_file(test_ssl.sh ${CMAKE_CURRENT_BINARY_DIR}/test_ssl.sh @ONLY)
+configure_file(no_ca.cnf ${CMAKE_CURRENT_BINARY_DIR}/no_ca.cnf @ONLY)
+configure_file(no_server_cert.cnf ${CMAKE_CURRENT_BINARY_DIR}/no_server_cert.cnf @ONLY)
+configure_file(no_server_key.cnf ${CMAKE_CURRENT_BINARY_DIR}/no_server_key.cnf @ONLY)
+configure_file(bad_ca.cnf ${CMAKE_CURRENT_BINARY_DIR}/bad_ca.cnf @ONLY)
+configure_file(bad_cert.cnf ${CMAKE_CURRENT_BINARY_DIR}/bad_cert.cnf @ONLY)
+configure_file(bad_key.cnf ${CMAKE_CURRENT_BINARY_DIR}/bad_key.cnf @ONLY)
+configure_file(bad_ssl.cnf ${CMAKE_CURRENT_BINARY_DIR}/bad_ssl.cnf @ONLY)
+configure_file(ok.cnf ${CMAKE_CURRENT_BINARY_DIR}/ok.cnf @ONLY)
+add_test(NAME SSLTest COMMAND ${CMAKE_CURRENT_BINARY_DIR}/test_ssl.sh)

server/modules/protocol/test/bad_ca.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=This is not a value
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/bad_cert.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=This is not a value
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/bad_key.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=This is not a value
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/bad_ssl.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=testing
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/no_ca.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+#ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/no_server_cert.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+#ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/no_server_key.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+#ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/ok.cnf

@@ -0,0 +1,28 @@
+[maxscale]
+threads=1
+logdir=@CMAKE_CURRENT_BINARY_DIR@
+datadir=@CMAKE_CURRENT_BINARY_DIR@
+piddir=@CMAKE_CURRENT_BINARY_DIR@
+cachedir=@CMAKE_CURRENT_BINARY_DIR@
+
+[Testservice]
+type=service
+router=readconnroute
+servers=server1
+user=user
+passwd=pwd
+ssl=enabled
+ssl_ca_cert=@CMAKE_CURRENT_BINARY_DIR@/ca
+ssl_cert=@CMAKE_CURRENT_BINARY_DIR@/server-cert
+ssl_key=@CMAKE_CURRENT_BINARY_DIR@/server-key
+
+[Testlistener]
+type=listener
+service=Testservice
+protocol=MySQLBackend
+port=12345
+
+[server1]
+type=server
+address=127.0.0.1
+port=4321

server/modules/protocol/test/test_ssl.sh

@@ -0,0 +1,76 @@
+#!/usr/bin/env bash
+
+function create_certs()
+{
+    echo "CA cert" > @CMAKE_CURRENT_BINARY_DIR@/ca.pem
+    echo "Server Certificate" > @CMAKE_CURRENT_BINARY_DIR@/server-cert.pem
+    echo "Server Key" > @CMAKE_CURRENT_BINARY_DIR@/server-key.pem
+}
+
+function start_maxscale ()
+{
+    local result=$(@CMAKE_INSTALL_PREFIX@/@MAXSCALE_BINDIR@/maxscale -d -f $1 &> $1.log;echo $?)
+    if [[ $result == "0" ]]
+    then
+        echo "Error: $1 exited with status $result!"
+        exit 1
+    fi
+}
+
+# No CA defined
+printf "Testing No CA defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/no_ca.cnf
+echo " OK"
+
+# No cert defined
+printf "Testing No cert defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/no_cert.cnf
+echo " OK"
+
+# No key defined
+printf "Testing No key defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/no_key.cnf
+echo " OK"
+
+# Bad SSL value
+printf "Testing Bad SSL defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/bad_ssl.cnf
+echo " OK"
+
+# Bad CA defined
+printf "Testing Bad CA defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/bad_ca.cnf
+echo " OK"
+
+# Bad cert defined
+printf "Testing Bad cert defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/bad_cert.cnf
+echo " OK"
+
+# Bad key defined
+printf "Testing Bad key defined"
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/bad_key.cnf
+echo " OK"
+
+# No CA file
+printf "Testing No CA file"
+create_certs
+rm @CMAKE_CURRENT_BINARY_DIR@/ca.pem
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/ok.cnf
+echo " OK"
+
+# No cert file
+printf "Testing No cert file"
+create_certs
+rm @CMAKE_CURRENT_BINARY_DIR@/server-cert.pem
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/ok.cnf
+echo " OK"
+
+# No key file
+printf "Testing No key file"
+create_certs
+rm @CMAKE_CURRENT_BINARY_DIR@/server-key.pem
+start_maxscale @CMAKE_CURRENT_BINARY_DIR@/ok.cnf
+echo " OK"
+
+exit 0