X-Git-Url: http://www.git.stargrave.org/?a=blobdiff_plain;f=t%2Fhttpd-https.t;h=d42d7c509949ce7137770bb9a8ed488650bac4ef;hb=4eee5af6011cc8cdefb66c9729952c7eff5c0b0b;hp=f6b9806a52c8376c52244bfeaf467718ccecd8f4;hpb=eaa0a245e3e1da46ab6b3a8e0025883b0011fa07;p=public-inbox.git

diff --git a/t/httpd-https.t b/t/httpd-https.t
index f6b9806a..d42d7c50 100644
--- a/t/httpd-https.t
+++ b/t/httpd-https.t
@@ -1,45 +1,27 @@
-# Copyright (C) 2019 all contributors <meta@public-inbox.org>
+# Copyright (C) 2019-2021 all contributors <meta@public-inbox.org>
 # License: AGPL-3.0+ <https://www.gnu.org/licenses/agpl-3.0.txt>
 use strict;
 use warnings;
 use Test::More;
-use File::Temp qw(tempdir);
 use Socket qw(SOCK_STREAM IPPROTO_TCP SOL_SOCKET);
+use PublicInbox::TestCommon;
 # IO::Poll is part of the standard library, but distros may split them off...
-foreach my $mod (qw(IO::Socket::SSL IO::Poll)) {
-	eval "require $mod";
-	plan skip_all => "$mod missing for $0" if $@;
-}
+require_mods(qw(IO::Socket::SSL IO::Poll Plack::Util));
 my $cert = 'certs/server-cert.pem';
 my $key = 'certs/server-key.pem';
 unless (-r $key && -r $cert) {
 	plan skip_all =>
-		"certs/ missing for $0, run ./create-certs.perl in certs/";
+		"certs/ missing for $0, run $^X ./create-certs.perl in certs/";
 }
 use_ok 'PublicInbox::TLS';
 use_ok 'IO::Socket::SSL';
-require './t/common.perl';
 my $psgi = "./t/httpd-corner.psgi";
-my $tmpdir = tempdir('pi-httpd-https-XXXXXX', TMPDIR => 1, CLEANUP => 1);
+my ($tmpdir, $for_destroy) = tmpdir();
 my $err = "$tmpdir/stderr.log";
 my $out = "$tmpdir/stdout.log";
-my $httpd = 'blib/script/public-inbox-httpd';
-my %opts = (
-	LocalAddr => '127.0.0.1',
-	ReuseAddr => 1,
-	Proto => 'tcp',
-	Type => SOCK_STREAM,
-	Listen => 1024,
-);
-my $https = IO::Socket::INET->new(%opts);
-my ($pid, $tail_pid);
-END {
-	foreach ($pid, $tail_pid) {
-		kill 'TERM', $_ if defined $_;
-	}
-};
-my $https_addr = $https->sockhost . ':' . $https->sockport;
-my %opt = ( Proto => 'tcp', PeerAddr => $https_addr, Type => SOCK_STREAM );
+my $https = tcp_server();
+my $td;
+my $https_addr = tcp_host_port($https);
 
 for my $args (
 	[ "-lhttps://$https_addr/?key=$key,cert=$cert" ],
@@ -47,15 +29,9 @@ for my $args (
 	for ($out, $err) {
 		open my $fh, '>', $_ or die "truncate: $!";
 	}
-	if (my $tail_cmd = $ENV{TAIL}) { # don't assume GNU tail
-		$tail_pid = fork;
-		if (defined $tail_pid && $tail_pid == 0) {
-			exec(split(' ', $tail_cmd), $out, $err);
-		}
-	}
-	my $cmd = [ $httpd, '-W0', @$args,
+	my $cmd = [ '-httpd', '-W0', @$args,
 			"--stdout=$out", "--stderr=$err", $psgi ];
-	$pid = spawn_listener(undef, $cmd, [ $https ]);
+	$td = start_script($cmd, undef, { 3 => $https });
 	my %o = (
 		SSL_hostname => 'server.local',
 		SSL_verifycn_name => 'server.local',
@@ -63,7 +39,7 @@ for my $args (
 		SSL_ca_file => 'certs/test-ca.pem',
 	);
 	# start negotiating a slow TLS connection
-	my $slow = IO::Socket::INET->new(%opt, Blocking => 0);
+	my $slow = tcp_connect($https, Blocking => 0);
 	$slow = IO::Socket::SSL->start_SSL($slow, SSL_startHandshake => 0, %o);
 	my @poll = (fileno($slow));
 	my $slow_done = $slow->connect_SSL;
@@ -75,22 +51,23 @@ for my $args (
 	}
 
 	# normal HTTPS
-	my $c = IO::Socket::INET->new(%opt);
+	my $c = tcp_connect($https);
 	IO::Socket::SSL->start_SSL($c, %o);
-	ok($c->print("GET /empty HTTP/1.1\r\n\r\nHost: example.com\r\n\r\n"),
-		'wrote HTTP request');
+	$c->print("GET /url_scheme HTTP/1.1\r\n\r\nHost: example.com\r\n\r\n")
+		or xbail "failed to write HTTP request: $!";
 	my $buf = '';
-	sysread($c, $buf, 2007, length($buf)) until $buf =~ /\r\n\r\n/;
+	sysread($c, $buf, 2007, length($buf)) until $buf =~ /\r\n\r\nhttps?/;
 	like($buf, qr!\AHTTP/1\.1 200!, 'read HTTP response');
+	like($buf, qr!\r\nhttps\z!, "psgi.url_scheme is 'https'");
 
 	# HTTPS with bad hostname
-	$c = IO::Socket::INET->new(%opt);
+	$c = tcp_connect($https);
 	$o{SSL_hostname} = $o{SSL_verifycn_name} = 'server.fail';
 	$c = IO::Socket::SSL->start_SSL($c, %o);
 	is($c, undef, 'HTTPS fails with bad hostname');
 
 	$o{SSL_hostname} = $o{SSL_verifycn_name} = 'server.local';
-	$c = IO::Socket::INET->new(%opt);
+	$c = tcp_connect($https);
 	IO::Socket::SSL->start_SSL($c, %o);
 	ok($c, 'HTTPS succeeds again with valid hostname');
 
@@ -111,7 +88,7 @@ for my $args (
 
 	SKIP: {
 		skip 'TCP_DEFER_ACCEPT is Linux-only', 2 if $^O ne 'linux';
-		my $var = Socket::TCP_DEFER_ACCEPT();
+		my $var = eval { Socket::TCP_DEFER_ACCEPT() } // 9;
 		defined(my $x = getsockopt($https, IPPROTO_TCP, $var)) or die;
 		ok(unpack('i', $x) > 0, 'TCP_DEFER_ACCEPT set on https');
 	};
@@ -121,21 +98,17 @@ for my $args (
 			skip 'accf_data not loaded? kldload accf_data', 2;
 		}
 		require PublicInbox::Daemon;
-		my $var = PublicInbox::Daemon::SO_ACCEPTFILTER();
-		my $x = getsockopt($https, SOL_SOCKET, $var);
+		ok(defined($PublicInbox::Daemon::SO_ACCEPTFILTER),
+			'SO_ACCEPTFILTER defined');
+		my $x = getsockopt($https, SOL_SOCKET,
+				$PublicInbox::Daemon::SO_ACCEPTFILTER);
 		like($x, qr/\Adataready\0+\z/, 'got dataready accf for https');
 	};
 
 	$c = undef;
-	kill('TERM', $pid);
-	is($pid, waitpid($pid, 0), 'httpd exited successfully');
+	$td->kill;
+	$td->join;
 	is($?, 0, 'no error in exited process');
-	$pid = undef;
-	if (defined $tail_pid) {
-		kill 'TERM', $tail_pid;
-		waitpid($tail_pid, 0);
-		$tail_pid = undef;
-	}
 }
 done_testing();
 1;