hcq/MaxScale
hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add tests with backend SSL

Browse Source 
A 'BACKEND_SSL' label added. If test has this label
Testconnection() configures backend servers to
require SSL
This commit is contained in:
Timofey Turenko 2019-09-13 14:12:49 +03:00
parent 8b43adada7
commit bdfd7341e7
5 changed files with 57 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
maxscale-system-test/CMakeLists.txt
View File

@ -569,7 +569,7 @@ add_test_executable(mxs922_restart.cpp mxs922_restart mxs922 LABELS maxscale REP
add_test_executable(mxs922_scaling.cpp mxs922_scaling mxs922_base LABELS maxscale REPL_BACKEND)
# Dynamic listener SSL test
add_test_executable(mxs922_listener_ssl.cpp mxs922_listener_ssl mxs922_base LABELS maxscale REPL_BACKEND)
add_test_executable(mxs922_listener_ssl.cpp mxs922_listener_ssl mxs922_base LABELS maxscale BACKEND_SSL REPL_BACKEND)
# Alter routers at runtime
add_test_executable(alter_router.cpp alter_router alter_router LABELS maxscale REPL_BACKEND)
@ -813,7 +813,7 @@ add_test_executable(sharding_load_data.cpp sharding_load_data sharding LABELS sc
add_test_executable(short_sessions.cpp short_sessions replication LABELS readwritesplit readconnroute REPL_BACKEND)
# Do short sessions (open conn, short query, close conn) in the loop, client ssl is ON
add_test_derived(short_sessions_ssl short_sessions ssl LABELS readwritesplit readconnroute REPL_BACKEND)
add_test_derived(short_sessions_ssl short_sessions ssl LABELS readwritesplit readconnroute BACKEND_SSL REPL_BACKEND)
# Regression case for crash if maxadmin 'show monitors' command is issued, but no monitor is not running
add_test_executable(show_monitor_crash.cpp show_monitor_crash show_monitor_crash LABELS maxscale REPL_BACKEND)
@ -853,7 +853,7 @@ add_test_executable(test_hints.cpp test_hints hints2 LABELS hintfilter readwrite
# works only with yum-based distributions
# TODO: make it working with zypper and apt, move part of KDC setup to MDBCI
add_test_executable(kerberos_setup.cpp kerberos_setup kerberos LABELS HEAVY gssapi REPL_BACKEND)
add_test_derived(kerberos_setup_ssl kerberos_setup kerberos_ssl LABELS HEAVY gssapi REPL_BACKEND)
add_test_derived(kerberos_setup_ssl kerberos_setup kerberos_ssl LABELS HEAVY gssapi BACKEND_SSL REPL_BACKEND)
# Configures 'keepalived' on two Maxscale machines and tried failover
add_test_executable(keepalived.cpp keepalived keepalived LABELS REPL_BACKEND TWO_MAXSCALES)
@ -1014,6 +1014,16 @@ add_test_executable(mxs2631_ignore_system_tables.cpp mxs2631_ignore_system_table
# END: Normal tests #
############################################
############################################
# BEGIN: backend SSL tests #
############################################
add_test_derived(sql_queries_ssl sql_queries ssl LABELS readwritesplit REPL_BACKEND BACKEND_SSL)
############################################
# END: backend SSL tests #
############################################
############################################
# BEGIN: binlogrouter and avrorouter tests #
############################################

29
maxscale-system-test/config_operations.cpp
View File

@ -79,12 +79,26 @@ void Config::destroy_server(int num)
void Config::create_server(int num)
{
test_->set_timeout(120);
char ssl_line[200 + 3 * strlen(test_->maxscales->access_homedir[0])] = "";
if (test_->backend_ssl)
{
sprintf(ssl_line,
" --tls-key=/%s/certs/client-key.pem "
" --tls-cert=/%s/certs/client-cert.pem "
" --tls-ca-cert=/%s/certs/ca.pem "
" --tls-version=MAX "
" --tls-cert-verify-depth=9",
test_->maxscales->access_homedir[0],
test_->maxscales->access_homedir[0],
test_->maxscales->access_homedir[0]);
}
test_->maxscales->ssh_node_f(0,
true,
"maxadmin create server server%d %s %d",
"maxctrl create server server%d %s %d %s",
num,
test_->repl->IP[num],
test_->repl->port[num]);
test_->repl->port[num],
ssl_line);
created_servers_.insert(num);
test_->stop_timeout();
}
@ -176,12 +190,15 @@ void Config::create_ssl_listener(Config::Service service)
test_->maxscales->ssh_node_f(0,
true,
"maxadmin create listener %s %s default %d default default default "
"/home/vagrant/certs/server-key.pem "
"/home/vagrant/certs/server-cert.pem "
"/home/vagrant/certs/ca.pem ",
"/%s/certs/server-key.pem "
"/%s/certs/server-cert.pem "
"/%s/certs/ca.pem ",
services[i].service,
services[i].listener,
services[i].port);
services[i].port,
test_->maxscales->access_homedir[0],
test_->maxscales->access_homedir[0],
test_->maxscales->access_homedir[0]);
test_->stop_timeout();
}

7
maxscale-system-test/labels_table.cpp
View File

@ -22,3 +22,10 @@ std::string get_mdbci_lables(const char *labels_string)
}
return mdbci_labels;
}
bool check_label(std::string labels, std::string label)
{
std::string labels_ext = std::string(";") + labels + std::string(";");
std::string label_ext = std::string(";") + label + std::string(";");
return (labels_ext.find(label_ext, 0) != std::string::npos);
}

8
maxscale-system-test/labels_table.h
View File

@ -29,3 +29,11 @@ const labels_table_t labels_table [] __attribute__((unused)) =
* @return Labels string in the 'mdbci up' --labels parameter format
*/
std::string get_mdbci_lables(const char * labels_string);
/**
* @brief check_label Checks if givel lable belogs to current test labels
* @param labels String with all labels of the test
* @param label Labels to find
* @return true if label present
*/
bool check_label(std::string labels, std::string label);

6
maxscale-system-test/testconnections.cpp
View File

@ -299,6 +299,12 @@ TestConnections::TestConnections(int argc, char* argv[])
mdbci_labels = get_mdbci_lables(labels);
if (check_label(std::string(labels), "BACKEND_SSL"))
{
backend_ssl = true;
tprintf("Test has BACKEND_SSL label");
}
std::string delimiter = std::string (",");
size_t pos_start = 0, pos_end, delim_len = delimiter.length();
std::string label;