Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix SSL timeout issue (issue 1307) #24

Merged
merged 4 commits into from Jul 19, 2012
Merged

Fix SSL timeout issue (issue 1307) #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
881bedd
ssl: Restore the server default timeout_lapse once SSL negotiation is…
smunaut Jun 15, 2012
2510045
rule_list: Update the timeout when setting per-rule timeout_lapse
smunaut Jun 15, 2012
13012f9
The QA bench was not working over SSL.
alobbs Nov 20, 2011
541f26c
Adding tests for timeout against rules
davidjb Jul 19, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
1 change: 1 addition & 0 deletions cherokee/rule_list.c
View file
Open in desktop
Expand Up @@ -78,6 +78,7 @@ update_connection (cherokee_connection_t *conn,
if (! NULLI_IS_NULL(ret_config->timeout_lapse)) { if (! NULLI_IS_NULL(ret_config->timeout_lapse)) {
conn->timeout_lapse = ret_config->timeout_lapse; conn->timeout_lapse = ret_config->timeout_lapse;
conn->timeout_header = ret_config->timeout_header; conn->timeout_header = ret_config->timeout_header;
cherokee_connection_update_timeout (conn);
} }
} }


Expand Down
2 changes: 2 additions & 0 deletions cherokee/thread.c
View file
Open in desktop
Expand Up @@ -814,6 +814,8 @@ process_active_connections (cherokee_thread_t *thd)
/* Set mode and update timeout /* Set mode and update timeout
*/ */
conn_set_mode (thd, conn, socket_reading); conn_set_mode (thd, conn, socket_reading);

conn->timeout_lapse = srv->timeout;
cherokee_connection_update_timeout (conn); cherokee_connection_update_timeout (conn);


conn->phase = phase_reading_header; conn->phase = phase_reading_header;
Expand Down
95 changes: 95 additions & 0 deletions qa/298-Timeout.py
View file
Open in desktop
@@ -0,0 +1,95 @@
from base import *

DIR = "298-Timeout"
DIR_RULE = "%s-rule" % DIR
CONTENT = "Tests to check whether timeout is applied."

SERVER_TIMEOUT = 5
RULE_TIMEOUT = 3

CONF = """
server!timeout = %(SERVER_TIMEOUT)i
vserver!1!rule!2890!match = directory
vserver!1!rule!2890!match!directory = /%(DIR)s
vserver!1!rule!2890!handler = cgi

vserver!1!rule!2891!match = directory
vserver!1!rule!2891!match!directory = /%(DIR_RULE)s
vserver!1!rule!2891!handler = cgi
vserver!1!rule!2891!timeout = %(RULE_TIMEOUT)i

""" %(globals())

CGI_CODE = """#!/bin/sh

echo "Content-Type: text/plain"
echo
sleep %(runtime)i
echo "%(content)s"
"""


class TestEntry (TestBase):
"""Test for timeout being applied.

If timeout expires, no content after `sleep` in the CGI will
be delivered.
"""

def __init__ (self, dir, filename, runtime, content, expected_timeout):
TestBase.__init__ (self, __file__)
self.request = "GET /%s/%s HTTP/1.0\r\n" % (dir, filename) +\
"Connection: close\r\n"
self.expected_error = 200

if runtime < expected_timeout:
self.expected_content = content
else:
self.forbidden_content = content


class Test (TestCollection):

def __init__ (self):
TestCollection.__init__ (self, __file__)

self.name = "Connection Timeouts Applied"
self.conf = CONF
self.proxy_suitable = True
self.filenames = {DIR: [],
DIR_RULE: []}

def Prepare (self, www):
self.local_dirs = {DIR: self.Mkdir (www, DIR),
DIR_RULE: self.Mkdir (www, DIR_RULE)}

def JustBefore (self, www):
# Create sub-request objects
self.Empty ()

# Create all tests with different runtime lengths
# Instant return and 1 second less than timeout should work,
# but past the timeout should return no content.
for dir, timeout in ((DIR, SERVER_TIMEOUT), (DIR_RULE, RULE_TIMEOUT)):
for script_runtime in (0, timeout-1, timeout+1):
# Write the new script files
filename = 'test-%i-seconds.cgi' % script_runtime
code = CGI_CODE % dict(runtime=script_runtime, content=CONTENT)
self.WriteFile (self.local_dirs[dir], filename, 0755, code)
self.filenames[dir].append(filename)

obj = self.Add (TestEntry (dir,
filename,
runtime=script_runtime,
content=CONTENT,
expected_timeout=timeout))


def JustAfter (self, www):
# Clean up the local files
for dir in self.local_dirs:
for filename in self.filenames[dir]:
fp = os.path.join (self.local_dirs[dir], filename)
os.unlink (fp)
self.filenames = {}

5 changes: 2 additions & 3 deletions qa/conf.py.pre
View file
Open in desktop
Expand Up @@ -17,9 +17,8 @@ LOGGER_ACCESS = "access.log"
LOGGER_ERROR = "error.log" LOGGER_ERROR = "error.log"


# TLS/SSL # TLS/SSL
SSL_CERT_FILE = "/etc/cherokee/ssl/cherokee.pem" SSL_CERT_FILE = "/etc/cherokee/ssl/cherokee.crt"
SSL_CERT_KEY_FILE = "/etc/cherokee/ssl/cherokee.pem" SSL_CERT_KEY_FILE = "/etc/cherokee/ssl/cherokee.key"
SSL_CA_FILE = "/etc/cherokee/ssl/cherokee.pem"


# Misc options # Misc options
SERVER_DELAY = 10 SERVER_DELAY = 10
Expand Down
8 changes: 3 additions & 5 deletions qa/run-tests.py
View file
Open in desktop
Expand Up @@ -217,7 +217,6 @@
server!bind!1!interface = %(listen)s server!bind!1!interface = %(listen)s
server!bind!2!port = %(PORT_TLS)d server!bind!2!port = %(PORT_TLS)d
server!bind!2!tls = 1 server!bind!2!tls = 1
server!bind!2!interface = %(listen)s
server!keepalive = 1 server!keepalive = 1
server!panic_action = %(panic)s server!panic_action = %(panic)s
server!pid_file = %(pid)s server!pid_file = %(pid)s
Expand Down Expand Up @@ -260,10 +259,9 @@
if ssl: if ssl:
CONF_BASE += """ CONF_BASE += """
server!tls = libssl server!tls = libssl
vserver!1!ssl_certificate_file = %s vserver!1!ssl_certificate_file = %(SSL_CERT_FILE)s
vserver!1!ssl_certificate_key_file = %s vserver!1!ssl_certificate_key_file = %(SSL_CERT_KEY_FILE)s
vserver!1!ssl_ca_list_file = %s """ % (globals())
""" % (SSL_CERT_FILE, SSL_CERT_KEY_FILE, SSL_CA_FILE)


if log: if log:
CONF_BASE += """ CONF_BASE += """
Expand Down