Corrections in docu and test.sh

This commit is contained in:
Gerhard Rieger 2017-01-15 12:23:07 +01:00
parent 90401a96f2
commit 72b05700e4
4 changed files with 63 additions and 19 deletions

View file

@ -99,6 +99,9 @@ testing:
A few corrections in test.sh A few corrections in test.sh
DTLS1 test hangs on some distributions. Test is now only performed
with OpenSSL 1.0.2 or higher.
docu: docu:
Corrected source of socat man page to correctly show man references Corrected source of socat man page to correctly show man references
like socket(2); removed obseolete entries from See Also like socket(2); removed obseolete entries from See Also
@ -111,6 +114,8 @@ docu:
Fixed a couple of English spelling and grammar mistakes. Fixed a couple of English spelling and grammar mistakes.
Thanks to Jakub Wild for sending the patches. Thanks to Jakub Wild for sending the patches.
NOEXPAND() was not resolved 2 times.
More minor docu corrections More minor docu corrections
legal: legal:

View file

@ -1503,10 +1503,10 @@ label(OPTION_SHUT_NONE)dit(bf(tt(shut-none)))
connection to not do anything. connection to not do anything.
label(OPTION_SHUT_DOWN)dit(bf(tt(shut-down))) label(OPTION_SHUT_DOWN)dit(bf(tt(shut-down)))
Changes the (address dependent) method of shutting down the write part of a Changes the (address dependent) method of shutting down the write part of a
connection to tt(NOEXPAND(shutdown(fd, SHUT_WR))). Is only useful with sockets. connection to NOEXPAND(shutdown(fd, SHUT_WR)). Is only useful with sockets.
label(OPTION_SHUT_CLOSE)dit(bf(tt(shut-close))) label(OPTION_SHUT_CLOSE)dit(bf(tt(shut-close)))
Changes the (address dependent) method of shutting down the write part of a Changes the (address dependent) method of shutting down the write part of a
connection to tt(NOEXPAND(close(fd))). connection to NOEXPAND(close(fd)).
label(OPTION_SHUT_NULL)dit(bf(tt(shut-null))) label(OPTION_SHUT_NULL)dit(bf(tt(shut-null)))
When one address indicates EOF, socat() will send a zero sized packet to the When one address indicates EOF, socat() will send a zero sized packet to the
write channel of the other address to transfer the EOF condition. This is write channel of the other address to transfer the EOF condition. This is

71
test.sh
View file

@ -47,6 +47,7 @@ _MICROS=$((MICROS+999999)); SECONDs="${_MICROS%??????}"
withroot=0 # perform privileged tests even if not run by root withroot=0 # perform privileged tests even if not run by root
#PATH=$PATH:/opt/freeware/bin #PATH=$PATH:/opt/freeware/bin
#PATH=$PATH:/usr/local/ssl/bin #PATH=$PATH:/usr/local/ssl/bin
PATH=$PATH:/sbin # RHEL6:ip
case "$0" in case "$0" in
*/*) PATH="${0%/*}:$PATH" */*) PATH="${0%/*}:$PATH"
esac esac
@ -4938,7 +4939,7 @@ N=$((N+1))
NAME=READLINE NAME=READLINE
#set -vx #set -vx
case "$TESTS" in case "$TESTS" in
*%$N%*|*%functions%*|*%pty%*|*%$NAME%*) *%$N%*|*%functions%*|*%pty%*|*%readline%*|*%$NAME%*)
TEST="$NAME: readline with password and sigint" TEST="$NAME: readline with password and sigint"
if ! eval $NUMCOND; then :; if ! eval $NUMCOND; then :;
elif ! feat=$(testaddrs readline pty); then elif ! feat=$(testaddrs readline pty); then
@ -11261,7 +11262,6 @@ pid1=$!
sleep 1 sleep 1
echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" & echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" &
pid2=$! pid2=$!
rc2=$!
sleep 2 sleep 2
kill $pid1 $pid2 $pid0 2>/dev/null; wait kill $pid1 $pid2 $pid0 2>/dev/null; wait
if echo -e "$da 1\n$da 2" |diff - $tf >$tdiff; then if echo -e "$da 1\n$da 2" |diff - $tf >$tdiff; then
@ -11297,14 +11297,14 @@ UNIX UNIX $td/test\$N.server -
# care for timing, understand what you want :-) # care for timing, understand what you want :-)
while read KEYW FEAT ADDR IPPORT; do while read KEYW FEAT ADDR IPPORT SHUT; do
if [ -z "$KEYW" ]|| [[ "$KEYW" == \#* ]]; then continue; fi if [ -z "$KEYW" ]|| [[ "$KEYW" == \#* ]]; then continue; fi
PROTO=$KEYW PROTO=$KEYW
proto="$(echo "$PROTO" |tr A-Z a-z)" proto="$(echo "$PROTO" |tr A-Z a-z)"
# test the max-children option on pseudo connected sockets # test the max-children option on pseudo connected sockets
NAME=${KEYW}MAXCHILDREN NAME=${KEYW}MAXCHILDREN
case "$TESTS" in case "$TESTS" in
*%$N%*|*%functions%*|*%maxchildren%*|*%socket%*|*%dgram%*|*%udp%*|*%$NAME%*) *%$N%*|*%functions%*|*%maxchildren%*|*%socket%*|*%$NAME%*)
TEST="$NAME: max-children option" TEST="$NAME: max-children option"
# start a listen process with max-children=1; connect with a client, let it # start a listen process with max-children=1; connect with a client, let it
# send data and then sleep; connect with second client that wants to send # send data and then sleep; connect with second client that wants to send
@ -11327,7 +11327,7 @@ te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
da="test$N $(date) $RANDOM" da="test$N $(date) $RANDOM"
CMD0="$TRACE $SOCAT $opts -U FILE:$tf,o-trunc,o-creat,o-append $PROTO-LISTEN:$tsl,fork,max-children=1" CMD0="$TRACE $SOCAT $opts -U FILE:$tf,o-trunc,o-creat,o-append $PROTO-LISTEN:$tsl,fork,max-children=1"
CMD1="$TRACE $SOCAT $opts -u - $PROTO-CONNECT:$tsc" CMD1="$TRACE $SOCAT $opts -u - $PROTO-CONNECT:$tsc,$SHUT"
printf "test $F_n $TEST... " $N printf "test $F_n $TEST... " $N
$CMD0 >/dev/null 2>"${te}0" & $CMD0 >/dev/null 2>"${te}0" &
pid0=$! pid0=$!
@ -11337,7 +11337,6 @@ pid1=$!
sleep 1 sleep 1
echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" & echo "$da 2" |$CMD1 >"${tf}2" 2>"${te}2" &
pid2=$! pid2=$!
rc2=$!
sleep 1 sleep 1
kill -QUIT $pid1 $pid2 $pid0 2>/dev/null; wait kill -QUIT $pid1 $pid2 $pid0 2>/dev/null; wait
if echo -e "$da 1" |diff - $tf >$tdiff; then if echo -e "$da 1" |diff - $tf >$tdiff; then
@ -11360,9 +11359,15 @@ fi # NUMCOND
esac esac
N=$((N+1)) N=$((N+1))
done <<<" done <<<"
UDP4 UDP 127.0.0.1 PORT UDP4 UDP 127.0.0.1 PORT shut-null
UDP6 UDP 127.0.0.1 PORT UDP6 UDP 127.0.0.1 PORT shut-null
UNIX UNIX $td/test\$N.server -
" "
# debugging this hanging test was difficult - following lessons learned:
# kill <parent> had no effect when child process existed
# strace -f (on Fedora-23) sometimes writes/pads? blocks with \0, overwriting client traces
# using the TRACE feature lets above kill command kill strace, not socat
# care for timing, understand what you want :-)
# socat up to 1.7.2.0 had a bug in xioscan_readline() that could be exploited # socat up to 1.7.2.0 had a bug in xioscan_readline() that could be exploited
@ -11370,12 +11375,16 @@ UDP6 UDP 127.0.0.1 PORT
# problem reported by Johan Thillemann # problem reported by Johan Thillemann
NAME=READLINE_OVFL NAME=READLINE_OVFL
case "$TESTS" in case "$TESTS" in
*%$N%*|*%functions%*|*%bugs%*|*%security%*|*%$NAME%*) *%$N%*|*%functions%*|*%bugs%*|*%security%*|*%readline%*|*%$NAME%*)
TEST="$NAME: test for buffer overflow in readline prompt handling" TEST="$NAME: test for buffer overflow in readline prompt handling"
# address 1 is the readline where write data was handled erroneous # address 1 is the readline where write data was handled erroneous
# address 2 provides data to trigger the buffer overflow # address 2 provides data to trigger the buffer overflow
# when no SIGSEGV or so occurs the test succeeded (bug fixed) # when no SIGSEGV or so occurs the test succeeded (bug fixed)
if ! eval $NUMCOND; then :; else if ! eval $NUMCOND; then :;
elif ! feat=$(testaddrs readline pty); then
$PRINTF "test $F_n $TEST... ${YELLOW}$(echo "$feat"| tr 'a-z' 'A-Z') not available${NORMAL}\n" $N
numCANT=$((numCANT+1))
else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
ti="$td/test$N.data" ti="$td/test$N.data"
@ -11579,7 +11588,11 @@ TEST="$NAME: test OPENSSL-CONNECT with bind option"
# have a simple SSL server that just echoes data. # have a simple SSL server that just echoes data.
# connect with socat using OPENSSL-CONNECT with bind, send data and check if the # connect with socat using OPENSSL-CONNECT with bind, send data and check if the
# reply is identical. # reply is identical.
if ! eval $NUMCOND; then :; else if ! eval $NUMCOND; then :;
elif ! testaddrs openssl >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N
numCANT=$((numCANT+1))
else
tf0="$td/test$N.0.stdout" tf0="$td/test$N.0.stdout"
te0="$td/test$N.0.stderr" te0="$td/test$N.0.stderr"
tf1="$td/test$N.1.stdout" tf1="$td/test$N.1.stdout"
@ -11687,9 +11700,10 @@ TEST="$NAME: $SSLDIST sets env SOCAT_${SSLDIST}_${MODULE}_${FIELD}"
# code extracts and prints the SOCAT related environment vars. # code extracts and prints the SOCAT related environment vars.
# outside code then checks if the environment contains the variables correctly # outside code then checks if the environment contains the variables correctly
# describing the desired field. # describing the desired field.
FEAT=$(echo "$ssldist" |tr a-z A-Z)
if ! eval $NUMCOND; then :; if ! eval $NUMCOND; then :;
elif ! feat=$(testaddrs $FEAT); then elif ! testaddrs $FEAT >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}$(echo "$feat" |tr a-z A-Z) not available${NORMAL}\n" $N $PRINTF "test $F_n $TEST... ${YELLOW}$FEAT not available${NORMAL}\n" $N
numCANT=$((numCANT+1)) numCANT=$((numCANT+1))
else else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
@ -12135,7 +12149,11 @@ TEST="$NAME: SYSTEM address does not shutdown its parents addresses"
# when the client recieves its data and terminates without error the test succeeded # when the client recieves its data and terminates without error the test succeeded
# in case of the bug the client issues an error like: # in case of the bug the client issues an error like:
# SSL_connect(): error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac # SSL_connect(): error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed or bad record mac
if ! eval $NUMCOND; then :; else if ! eval $NUMCOND; then :;
elif ! testaddrs openssl >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N
numCANT=$((numCANT+1))
else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
@ -12222,6 +12240,14 @@ esac
PORT=$((PORT+1)) PORT=$((PORT+1))
N=$((N+1)) N=$((N+1))
# the OPENSSL_METHOD_DTLS1 test hangs sometimes, probably depending on the openssl version.
OPENSSL_VERSION="$(openssl version)"
OPENSSL_VERSION="${OPENSSL_VERSION#* }"
OPENSSL_VERSION="${OPENSSL_VERSION%%-*}"
OPENSSL_VERSION_GOOD=1.0.2 # this is just a guess.
# known bad: 1.0.1e
# known good: 1.0.2j
# test if the various SSL methods can be used with OpenSSL # test if the various SSL methods can be used with OpenSSL
for method in SSL3 SSL23 TLS1 TLS1.1 TLS1.2 DTLS1; do for method in SSL3 SSL23 TLS1 TLS1.1 TLS1.2 DTLS1; do
@ -12234,7 +12260,11 @@ TEST="$NAME: test OpenSSL method $method"
# Start a second socat process connecting to the listener using # Start a second socat process connecting to the listener using
# the same method, send some data and catch the reply. # the same method, send some data and catch the reply.
# If the reply is identical to the sent data the test succeeded. # If the reply is identical to the sent data the test succeeded.
if ! eval $NUMCOND; then :; else if ! eval $NUMCOND; then :;
elif ! testaddrs openssl >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N
numCANT=$((numCANT+1))
else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"
@ -12242,6 +12272,10 @@ da="test$N $(date) $RANDOM"
CMD0="$SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,method=$method,cipher=aNULL,verify=0 PIPE" CMD0="$SOCAT $opts OPENSSL-LISTEN:$PORT,reuseaddr,method=$method,cipher=aNULL,verify=0 PIPE"
CMD1="$SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,method=$method,cipher=aNULL,verify=0" CMD1="$SOCAT $opts - OPENSSL-CONNECT:$LOCALHOST:$PORT,method=$method,cipher=aNULL,verify=0"
printf "test $F_n $TEST... " $N printf "test $F_n $TEST... " $N
if [ "$method" = DTLS1 -a "$(echo -e "$OPENSSL_VERSION\n1.0.2" |sort -V |tail -n 1)" = "$OPENSSL_VERSION_GOOD" ]; then
$PRINTF "${YELLOW}might hang, skipping${NORMAL}\n"
numCANT=$((numCANT+1))
else
$CMD0 >/dev/null 2>"${te}0" & $CMD0 >/dev/null 2>"${te}0" &
pid0=$! pid0=$!
waittcp4port $PORT 1 waittcp4port $PORT 1
@ -12264,6 +12298,7 @@ else
numFAIL=$((numFAIL+1)) numFAIL=$((numFAIL+1))
listFAIL="$listFAIL $N" listFAIL="$listFAIL $N"
fi fi
fi # !DTLS1 hang
fi # NUMCOND fi # NUMCOND
;; ;;
esac esac
@ -12563,7 +12598,11 @@ case "$TESTS" in
TEST="$NAME: test OpenSSL ECDHE" TEST="$NAME: test OpenSSL ECDHE"
# generate a ECDHE key, start an OpenSSL server, connect with a client and try to # generate a ECDHE key, start an OpenSSL server, connect with a client and try to
# pass data # pass data
if ! eval $NUMCOND; then :; else if ! eval $NUMCOND; then :;
elif ! testaddrs openssl >/dev/null; then
$PRINTF "test $F_n $TEST... ${YELLOW}OPENSSL not available${NORMAL}\n" $N
numCANT=$((numCANT+1))
else
tf="$td/test$N.stdout" tf="$td/test$N.stdout"
te="$td/test$N.stderr" te="$td/test$N.stderr"
tdiff="$td/test$N.diff" tdiff="$td/test$N.diff"