Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add testing & code coverage reporting #291

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Add testing & code coverage reporting #291

wants to merge 15 commits into from

Conversation

dougnazar
Copy link
Contributor

@dougnazar dougnazar commented Dec 15, 2024
edited
Loading

  • Adds many tests that try to exercise all the functionality that I could think of including
    • IPv4
    • IPv6
    • SSL/TLS
    • timeouts
    • option parsing
    • etc.
  • Adds an option to not chdir("/") on startup to allow relative paths for testing.
  • I re-wrote the testing harness to only bring up the daemon once, and switch config files between various tests. Provided a much better experience if you want to valgrind, etc. Needed to reset config to defaults before reload or it might keep various settings that had been removed. Also choosing to use IPv4 or IPv6 only, or disabling SSL/TLS can now be done via config file.
  • This has been tested on my Linux, OpenBSD & FreeBSD. If there are any other configurations that should be tested please let me know.
  • With both branches combined, I'm now getting over 1000 successful testing iterations. Without ssl_sendall(), it would occasionally fail due to a short SSL_write().

Warning

Note that two of the tests will fail if merged as is. I've been doing most of my testing on top of the #275 branch and there is a slight difference handling results greater than 64k. It's a simple fix, just needs to adjust the sha1 hash if this is to be merged first.
The other is an allowed connect which is expected to fail as we're not clearing the existing ACLs that is also fixed in the other branch.

@dougnazar
Remove unused functions.
2eafd86
@dougnazar
Fix IPv4 long option.
16d6728
@dougnazar
Fix debug display of remote port
4fe6f6d
@dougnazar
Add a startup message and print priority to log file.
ed08d85
@dougnazar
LibreSSL on OpenBSD may get a SIGPIPE if the connection is broken.
a9dcd3c
@dougnazar
Limit to TLSv1.2 to support ADH connections on LIbreSSL.
81e95fa 
TLSv1.3 doesn't support ADH ciphers and LibreSSL does not automatically
fallback like OpenSSL. Both will use a better suite if a certificate is
provided.
@dougnazar
Fix various memory leaks
957c758 
- addrinfo after domain acl check
- putenv embeds the allocation in the environment
- couple strduped config variables
- any more than 2 listen sockets would be skipped
- X.509 certificate if asked to log it
- Don't allocate user unless getpwnam succeeded or we'll overwrite a couple lines later
@dougnazar
Improve error responses
52f7bfe 
- Try to make SSL & non-SSL responses more consistent
- Fix various error messages
- Fix printing sizeof buffer len variable, instead of actual buffer length
- ensure we log cert details if asked
@dougnazar
Rearrange global variables
e01e24b
@dougnazar
Reset configuration to defaults before reloading
442442c
@dougnazar
Add options to change ssl & IPv4 or IPv6 to config file
6d69495 
- ssl_enabled allows disabling SSL support, same as --no-ssl
- address_family allows specifying IPv4, IPv6 or both, like --ipv4 & --ipv6
- --dont-chdir leaves the daemon in the current dir. Very useful for testing.
@dougnazar
Implement ssl_recvall & ssl_sendall
1785181
@dougnazar dougnazar mentioned this pull request Dec 28, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dougnazar