Commit a03a38e0 authored by Rafael Monnerat's avatar Rafael Monnerat

Update Release Candidate

parents 7537a43c 0b8cc5eb
...@@ -10,4 +10,4 @@ depends_gitfetch = ...@@ -10,4 +10,4 @@ depends_gitfetch =
<= go-git-package <= go-git-package
go.importpath = github.com/mholt/caddy go.importpath = github.com/mholt/caddy
repository = https://lab.nexedi.com/nexedi/caddy.git repository = https://lab.nexedi.com/nexedi/caddy.git
revision = nxd-v0.11.0-3-g12438f6cff8c15f307631151eb064cec579b7605 revision = nxd-v0.11.1-5-gdd393ce3a67e6a773be87185528a00f2e0a9eb26
...@@ -31,8 +31,8 @@ configure-options= ...@@ -31,8 +31,8 @@ configure-options=
--with-http_realip_module --with-http_realip_module
--with-mail --with-mail
--with-mail_ssl_module --with-mail_ssl_module
--with-ld-opt="-L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" --with-ld-opt="-L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
--with-cc-opt="-I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" --with-cc-opt="-I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
[nginx-dav-ext-module] [nginx-dav-ext-module]
recipe = hexagonit.recipe.download recipe = hexagonit.recipe.download
...@@ -52,8 +52,8 @@ configure-options = ...@@ -52,8 +52,8 @@ configure-options =
--with-mail --with-mail
--with-mail_ssl_module --with-mail_ssl_module
--error-log-path=var/log/nginx.error.log --error-log-path=var/log/nginx.error.log
--with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib" --with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
--with-cc-opt="-I ${libexpat:location}/include -I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include" --with-cc-opt="-I ${libexpat:location}/include -I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
--with-http_dav_module --with-http_dav_module
--add-module='${nginx-dav-ext-module:location}' --add-module='${nginx-dav-ext-module:location}'
...@@ -79,8 +79,8 @@ strip-top-level-dir = true ...@@ -79,8 +79,8 @@ strip-top-level-dir = true
configure-options= configure-options=
--with-ipv6 --with-ipv6
--with-http_ssl_module --with-http_ssl_module
--with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib" --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib"
--with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include" --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include"
--add-module=${hexaglobe-nginx-module:location}/sub_module --add-module=${hexaglobe-nginx-module:location}/sub_module
# --add-module=${hexaglobe-nginx-module:location}/nginx-upstream-fair # --add-module=${hexaglobe-nginx-module:location}/nginx-upstream-fair
...@@ -97,8 +97,8 @@ configure-options= ...@@ -97,8 +97,8 @@ configure-options=
--with-http_ssl_module --with-http_ssl_module
--with-http_v2_module --with-http_v2_module
--with-http_gzip_static_module --with-http_gzip_static_module
--with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib" --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib"
--with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include" --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include"
--add-module=${nginx-push-stream-module:location} --add-module=${nginx-push-stream-module:location}
[nginx-push-stream-output] [nginx-push-stream-output]
......
...@@ -35,15 +35,15 @@ recipe = slapos.recipe.cmmi ...@@ -35,15 +35,15 @@ recipe = slapos.recipe.cmmi
url = https://nodejs.org/dist/${:version}/node-${:version}.tar.gz url = https://nodejs.org/dist/${:version}/node-${:version}.tar.gz
configure-options = configure-options =
--shared-openssl --shared-openssl
--shared-openssl-includes=${openssl:location}/include --shared-openssl-includes=${openssl-1.0:location}/include
--shared-openssl-libpath=${openssl:location}/lib --shared-openssl-libpath=${openssl-1.0:location}/lib
environment = environment =
HOME=${buildout:parts-directory}/${:_buildout_section_name_} HOME=${buildout:parts-directory}/${:_buildout_section_name_}
PATH=${gcc:location}/bin:${pkgconfig:location}/bin:${python2.7:location}/bin/:%(PATH)s PATH=${gcc:location}/bin:${pkgconfig:location}/bin:${python2.7:location}/bin/:%(PATH)s
PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig/ PKG_CONFIG_PATH=${openssl-1.0:location}/lib/pkgconfig/
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${gcc:location}/lib -Wl,-rpath=${gcc:location}/lib64 -Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-Wl,-rpath=${gcc:location}/lib -Wl,-rpath=${gcc:location}/lib64 -Wl,-rpath=${openssl-1.0:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
LD_LIBRARY_PATH=${openssl:location}/lib LD_LIBRARY_PATH=${openssl-1.0:location}/lib
[nodejs-8.6.0-output] [nodejs-8.6.0-output]
# Shared binary location to ease migration # Shared binary location to ease migration
......
...@@ -24,6 +24,6 @@ configure-options = ...@@ -24,6 +24,6 @@ configure-options =
--with-tls=openssl --with-tls=openssl
environment = environment =
CPPFLAGS=-I${openssl:location}/include -I${cyrus-sasl:location}/include CPPFLAGS=-I${openssl-1.0:location}/include -I${cyrus-sasl:location}/include
LDFLAGS=-L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${cyrus-sasl:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib LDFLAGS=-L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -L${cyrus-sasl:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib
PATH=${groff:location}/bin:%(PATH)s PATH=${groff:location}/bin:%(PATH)s
...@@ -22,8 +22,8 @@ patch-binary = ${patch:location}/bin/patch ...@@ -22,8 +22,8 @@ patch-binary = ${patch:location}/bin/patch
patches = patches =
${:_profile_base_location_}/no_create_privsep_path.patch#d5b61a2442fffa457cebe4ad1dc68f4e ${:_profile_base_location_}/no_create_privsep_path.patch#d5b61a2442fffa457cebe4ad1dc68f4e
environment = environment =
CPPFLAGS=-I${zlib:location}/include -I${openssl:location}/include CPPFLAGS=-I${zlib:location}/include -I${openssl-1.0:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib
configure-options = configure-options =
--prefix=${buildout:parts-directory}/${:_buildout_section_name_} --prefix=${buildout:parts-directory}/${:_buildout_section_name_}
--exec-prefix=${buildout:parts-directory}/${:_buildout_section_name_} --exec-prefix=${buildout:parts-directory}/${:_buildout_section_name_}
......
...@@ -17,6 +17,45 @@ parts = ...@@ -17,6 +17,45 @@ parts =
[openssl] [openssl]
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
shared = true shared = true
url = https://www.openssl.org/source/openssl-1.1.0j.tar.gz
md5sum = b4ca5b78ae6ae79da80790b30dbedbdc
location = @@LOCATION@@
# 'prefix' option to override --openssldir/--prefix (which is useful
# when combined with INSTALL_PREFIX). Used by slapos.package.git/obs
prefix = ${:location}
certs = ${:location}/etc/ssl/certs
configure-command = ./config
configure-options =
--with-zlib-include=${zlib:location}/include
--with-zlib-lib=${zlib:location}/lib
--openssldir=${:prefix}/etc/ssl
--prefix=${:prefix}
--libdir=lib
shared no-idea no-mdc2 no-rc5 zlib
-Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${:location}/lib
&& make depend
make-options =
SHARED_LDFLAGS='-Wl,-rpath=${:location}/lib -Wl,-rpath=${zlib:location}/lib'
make-targets =
-j1 install_sw install_ssldirs &&
rm -f ${:certs}/* &&
for i in ${ca-certificates:location}/certs/*/*.crt; do
ln -sv $i ${:certs}/`${:location}/bin/openssl x509 -hash -noout -in $i`.0
; done
environment =
PERL=${perl:location}/bin/perl
[openssl-output]
# Shared binary location to ease migration
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command = ${coreutils-output:test} -x ${:openssl}
openssl = ${openssl:location}/bin/openssl
[openssl-1.0]
recipe = slapos.recipe.cmmi
shared = true
url = https://www.openssl.org/source/openssl-1.0.2p.tar.gz url = https://www.openssl.org/source/openssl-1.0.2p.tar.gz
md5sum = ac5eb30bf5798aa14b1ae6d0e7da58df md5sum = ac5eb30bf5798aa14b1ae6d0e7da58df
location = @@LOCATION@@ location = @@LOCATION@@
...@@ -47,11 +86,3 @@ make-targets = ...@@ -47,11 +86,3 @@ make-targets =
; done ; done
environment = environment =
PERL=${perl:location}/bin/perl PERL=${perl:location}/bin/perl
[openssl-output]
# Shared binary location to ease migration
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command = ${coreutils-output:test} -x ${:openssl}
openssl = ${openssl:location}/bin/openssl
...@@ -20,7 +20,7 @@ patches = ...@@ -20,7 +20,7 @@ patches =
${:_profile_base_location_}/noroot.patch#738bcc97b8044c45b58708bdf3a84b8e ${:_profile_base_location_}/noroot.patch#738bcc97b8044c45b58708bdf3a84b8e
${:_profile_base_location_}/skip-libdb-check.patch#f7fdbd8787874b535fee548b0139c0d8 ${:_profile_base_location_}/skip-libdb-check.patch#f7fdbd8787874b535fee548b0139c0d8
configure-command = make configure-command = make
configure-options = makefiles CCARGS='-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl:location}/include -I${cyrus-sasl:location}/include/sasl' AUXLIBS='-L${openssl:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib' configure-options = makefiles CCARGS='-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -DUSE_TLS -DHAS_PCRE -DHAS_DB -I${libdb:location}/include -I${pcre:location}/include -I${openssl-1.0:location}/include -I${cyrus-sasl:location}/include/sasl' AUXLIBS='-L${openssl-1.0:location}/lib -L${pcre:location}/lib -L${libdb:location}/lib -L${cyrus-sasl:location}/lib -lssl -lpcre -ldb -lcrypto -lsasl2 -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${libdb:location}/lib -Wl,-rpath=${cyrus-sasl:location}/lib'
make-targets = non-interactive-package install_root=${:location} make-targets = non-interactive-package install_root=${:location}
environment = environment =
PATH=${patch:location}/bin:%(PATH)s PATH=${patch:location}/bin:%(PATH)s
...@@ -24,6 +24,9 @@ recipe = collective.recipe.grp ...@@ -24,6 +24,9 @@ recipe = collective.recipe.grp
recipe = slapos.recipe.cmmi recipe = slapos.recipe.cmmi
md5sum = 13270911c42aac842435f18205546a1b md5sum = 13270911c42aac842435f18205546a1b
url = ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.6.tar.gz url = ftp://ftp.proftpd.org/distrib/source/proftpd-1.3.6.tar.gz
# 1.3.6 is not compatible with openssl 1.1.x
# https://github.com/proftpd/proftpd/issues/674
# (fix is in master, we are waiting for next release)
configure-options = configure-options =
--enable-openssl --enable-openssl
--enable-nls --enable-nls
...@@ -36,8 +39,8 @@ environment = ...@@ -36,8 +39,8 @@ environment =
LDFLAGS=${:ldflags} LDFLAGS=${:ldflags}
install_user=${proftpd-environment:USER} install_user=${proftpd-environment:USER}
install_group=${proftpd-grp:GROUP} install_group=${proftpd-grp:GROUP}
cppflags=-I${zlib:location}/include -I${openssl:location}/include cppflags=-I${zlib:location}/include -I${openssl-1.0:location}/include
ldflags=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib ldflags=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib
patch-binary = ${patch:location}/bin/patch patch-binary = ${patch:location}/bin/patch
patch-options = -p1 patch-options = -p1
patches = patches =
......
# Command line tool to test QUIC protocol
# This is compiled version provided by Lucas Clemente (thanks!), which
# drastically simplifies https://www.chromium.org/quic/playing-with-quic
# approach, which requires big chunks of Chromium compilation environment
[buildout]
extends =
# running
../nss/buildout.cfg
../nspr/buildout.cfg
../glib/buildout.cfg
../pcre/buildout.cfg
../libffi/buildout.cfg
../zlib/buildout.cfg
../libuuid/buildout.cfg
# compilation
../git/buildout.cfg
parts =
quic_client-bin
[quic_client-bin]
recipe = slapos.recipe.build
url = https://github.com/lucas-clemente/quic-clients/archive/557cb1f99f591614d474e182b50cfee9334e0ffd.zip
md5sum = e2c78f4f7fb6ed03f6eec25b5e54fed3
slapos_promise =
file:quic_client
file:client-linux-debug
library =
${nss:location}/lib
${nspr:location}/lib
${glib:location}/lib
${pcre:location}/lib
${libffi:location}/lib
${zlib:location}/lib
${libuuid:location}/lib
script =
import glob
location = %(location)r
self.failIfPathExists(location)
url = self.options['url']
md5sum = self.options['md5sum']
extract_dir = self.extract(self.download(url, md5sum))
os.mkdir(location)
source_file = glob.glob(os.path.join(extract_dir, '*', 'client-linux-debug'))[0]
shutil.copy(source_file, location)
wrapper_path = os.path.join(location, 'quic_client')
with open(wrapper_path, 'w') as f:
f.write("""#!/bin/sh -e
export LD_LIBRARY_PATH={}
exec {}/client-linux-debug "$@"
""".format(
':'.join(self.options['library'].split()),
location
))
os.fchmod(f.fileno(), 0o755)
...@@ -15,7 +15,7 @@ md5sum = 4f8e76c9c6567aee1d66aba49f76a58b ...@@ -15,7 +15,7 @@ md5sum = 4f8e76c9c6567aee1d66aba49f76a58b
configure-options = configure-options =
--with-apr=${apache:location}/bin/apr-1-config --with-apr=${apache:location}/bin/apr-1-config
--with-apr-util=${apache:location}/bin/apu-1-config --with-apr-util=${apache:location}/bin/apu-1-config
--with-openssl=${openssl:location} --with-openssl=${openssl-1.0:location}
environment = environment =
CFLAGS=-I${zlib:location}/include -I${libuuid:location}/include CFLAGS=-I${zlib:location}/include -I${libuuid:location}/include
LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib LDFLAGS=-L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib
...@@ -5,7 +5,6 @@ extends = ...@@ -5,7 +5,6 @@ extends =
../git/buildout.cfg ../git/buildout.cfg
../libtool/buildout.cfg ../libtool/buildout.cfg
../m4/buildout.cfg ../m4/buildout.cfg
../openssl/buildout.cfg
../patch/buildout.cfg ../patch/buildout.cfg
../zlib/buildout.cfg ../zlib/buildout.cfg
...@@ -24,9 +23,8 @@ path = ${shellinabox-git-repository:location} ...@@ -24,9 +23,8 @@ path = ${shellinabox-git-repository:location}
configure-command = configure-command =
${libtool:location}/bin/libtoolize ${libtool:location}/bin/libtoolize
${autoconf:location}/bin/autoreconf -vif ${autoconf:location}/bin/autoreconf -vif
./configure ./configure --disable-ssl
environment = environment =
PATH=${autoconf:location}/bin:${automake:location}/bin:${git:location}/bin:${libtool:location}/bin:${m4:location}/bin:%(PATH)s PATH=${autoconf:location}/bin:${automake:location}/bin:${git:location}/bin:${libtool:location}/bin:${m4:location}/bin:%(PATH)s
CFLAGS = -I${zlib:location}/include -I${openssl:location}/include CFLAGS = -I${zlib:location}/include
LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib LDFLAGS = -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
PKG_CONFIG_PATH = ${openssl:location}/lib/pkgconfig/ \ No newline at end of file
...@@ -13,7 +13,7 @@ configure-options = ...@@ -13,7 +13,7 @@ configure-options =
--enable-ipv6 --enable-ipv6
--disable-libwrap --disable-libwrap
--disable-fips --disable-fips
--with-ssl=${openssl:location} --with-ssl=${openssl-1.0:location}
environment = environment =
CPPFLAGS=-I${zlib:location}/include CPPFLAGS=-I${zlib:location}/include
LDFLAGS=-Wl,-rpath=${openssl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS=-Wl,-rpath=${openssl-1.0:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
...@@ -53,9 +53,9 @@ configure-options = ...@@ -53,9 +53,9 @@ configure-options =
make-targets = install -j1 make-targets = install -j1
environment = environment =
PATH=${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${patch:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${serf:location}/lib/pkgconfig PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl-1.0:location}/lib/pkgconfig:${serf:location}/lib/pkgconfig
CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include
LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl:location}/lib LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib
[subversion-1.9] [subversion-1.9]
recipe = hexagonit.recipe.cmmi recipe = hexagonit.recipe.cmmi
...@@ -95,6 +95,6 @@ make-targets = ...@@ -95,6 +95,6 @@ make-targets =
environment = environment =
PATH=${pkgconfig:location}/bin:${neon:location}/bin:%(PATH)s PATH=${pkgconfig:location}/bin:${neon:location}/bin:%(PATH)s
PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl:location}/lib/pkgconfig:${neon:location}/lib/pkgconfig PKG_CONFIG_PATH=${apache:location}/lib/pkgconfig:${sqlite3:location}/lib/pkgconfig:${openssl-1.0:location}/lib/pkgconfig:${neon:location}/lib/pkgconfig
CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include CPPFLAGS=-I${libexpat:location}/include -I${libuuid:location}/include
LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${neon:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib LDFLAGS=-L${libexpat:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${sqlite3:location}/lib -Wl,-rpath=${neon:location}/lib -Wl,-rpath=${apache:location}/lib -L${libuuid:location}/lib -Wl,-rpath=${libuuid:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib
...@@ -19,7 +19,7 @@ recipe = slapos.recipe.cmmi ...@@ -19,7 +19,7 @@ recipe = slapos.recipe.cmmi
url = http://apache.claz.org/trafficserver/trafficserver-4.2.3.tar.bz2 url = http://apache.claz.org/trafficserver/trafficserver-4.2.3.tar.bz2
md5sum = 1d06a6e9063ceea3f19dbb84752ec710 md5sum = 1d06a6e9063ceea3f19dbb84752ec710
configure-options = configure-options =
--with-openssl=${openssl:location} --with-openssl=${openssl-1.0:location}
--with-xml=libxml2 --with-xml=libxml2
--with-libxml2=${libxml2:location} --with-libxml2=${libxml2:location}
--with-pcre=${pcre:location} --with-pcre=${pcre:location}
...@@ -32,7 +32,7 @@ configure-options = ...@@ -32,7 +32,7 @@ configure-options =
--enable-experimental-plugins --enable-experimental-plugins
environment = environment =
PATH=${libtool:location}/bin:${make:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s PATH=${libtool:location}/bin:${make:location}/bin:${perl:location}/bin:${pkgconfig:location}/bin:%(PATH)s
LDFLAGS =-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib -L${openssl:location}/lib -Wl,-rpath=${openssl:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib LDFLAGS =-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib -L${openssl-1.0:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -L${tcl:location}/lib -Wl,-rpath=${tcl:location}/lib -L${zlib:location}/lib -Wl,-rpath=${zlib:location}/lib
make-target = make-target =
check check
install install
...@@ -2,8 +2,6 @@ Generally things to be done with ``caddy-frontend``: ...@@ -2,8 +2,6 @@ Generally things to be done with ``caddy-frontend``:
* return warning on not implemented keys (from ``apache-frontend`` perspective) in master and slave request * return warning on not implemented keys (from ``apache-frontend`` perspective) in master and slave request
* tests: add assertion with results of promises in etc/promise for each partition * tests: add assertion with results of promises in etc/promise for each partition
* tests: compare python objects where possible instead of instead of strings (eg. load ``rejected-slave-dict``)
* tests: swich to `cryptography <https://pypi.org/project/cryptography/>`_ for certificate management
* README: cleanup the documentation, explain various specifics * README: cleanup the documentation, explain various specifics
* check the whole frontend slave snippet with ``caddy -validate`` during buildout run, and reject if does not pass validation * check the whole frontend slave snippet with ``caddy -validate`` during buildout run, and reject if does not pass validation
* ``apache-ca-certificate`` shall be merged with ``apache-certificate`` * ``apache-ca-certificate`` shall be merged with ``apache-certificate``
...@@ -15,7 +13,6 @@ Generally things to be done with ``caddy-frontend``: ...@@ -15,7 +13,6 @@ Generally things to be done with ``caddy-frontend``:
* ``type:eventsource``: * ``type:eventsource``:
* **Jérome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?* * **Jérome Perrin**: *For event source, if I understand https://github.com/mholt/caddy/issues/1355 correctly, we could use caddy as a proxy in front of nginx-push-stream . If we have a "central shared" caddy instance, can it handle keeping connections opens for many clients ?*
* ``ssl_proxy_ca_crt`` for ``ssl_proxy_verify``, this is related to bug `#1550 <https://github.com/mholt/caddy/issues/1550>`_, proposed solution `just adding your CA to the system's trust store`
* ``check-error-on-caddy-log`` like ``check-error-on-apache-log`` * ``check-error-on-caddy-log`` like ``check-error-on-apache-log``
* cover test suite like resilient tests for KVM and prove it works the same way as Caddy * cover test suite like resilient tests for KVM and prove it works the same way as Caddy
* have ``caddy-frontend`` specific parameters, with backward compatibility to ``apache-frontend`` ones: * have ``caddy-frontend`` specific parameters, with backward compatibility to ``apache-frontend`` ones:
......
...@@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b ...@@ -22,7 +22,7 @@ md5sum = c801b7f9f11f0965677c22e6bbe9281b
[template-apache-frontend] [template-apache-frontend]
filename = instance-apache-frontend.cfg.in filename = instance-apache-frontend.cfg.in
md5sum = ab1795f92e32655d05c662c965d2b1f5 md5sum = db61a7c0aadba180b7aec6056d2c0019
[template-apache-replicate] [template-apache-replicate]
filename = instance-apache-replicate.cfg.in filename = instance-apache-replicate.cfg.in
...@@ -30,7 +30,7 @@ md5sum = 6a86edb96b171fbd0a59d0adc9cc906b ...@@ -30,7 +30,7 @@ md5sum = 6a86edb96b171fbd0a59d0adc9cc906b
[template-slave-list] [template-slave-list]
filename = templates/apache-custom-slave-list.cfg.in filename = templates/apache-custom-slave-list.cfg.in
md5sum = b30bcd11c545d86c30d05db9cecb4f80 md5sum = 434e00cbfee2f9c002b2a83084a48b4a
[template-slave-configuration] [template-slave-configuration]
filename = templates/custom-virtualhost.conf.in filename = templates/custom-virtualhost.conf.in
...@@ -42,11 +42,7 @@ md5sum = 01efde8febafcff6dde2ebb43e75a9e4 ...@@ -42,11 +42,7 @@ md5sum = 01efde8febafcff6dde2ebb43e75a9e4
[template-caddy-frontend-configuration] [template-caddy-frontend-configuration]
filename = templates/Caddyfile.in filename = templates/Caddyfile.in
md5sum = 7c987ad75fcce6f5b925c7696ff41971 md5sum = 0134a1586f15cd5665069d6d81a505be
[template-custom-slave-list]
filename = templates/apache-custom-slave-list.cfg.in
md5sum = b30bcd11c545d86c30d05db9cecb4f80
[caddy-backend-url-validator] [caddy-backend-url-validator]
filename = templates/caddy-backend-url-validator.in filename = templates/caddy-backend-url-validator.in
...@@ -62,15 +58,15 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b ...@@ -62,15 +58,15 @@ md5sum = f20d6c3d2d94fb685f8d26dfca1e822b
[template-default-slave-virtualhost] [template-default-slave-virtualhost]
filename = templates/default-virtualhost.conf.in filename = templates/default-virtualhost.conf.in
md5sum = 73bc8abae6aadc3ce55662c3d821b363 md5sum = b7879a40ed7f8a49b764c82e7283811f
[template-cached-slave-virtualhost] [template-cached-slave-virtualhost]
filename = templates/cached-virtualhost.conf.in filename = templates/cached-virtualhost.conf.in
md5sum = 7cbcadc295860821ac9d3aaa3cca72c5 md5sum = c64f8ac7ec439460877ce5a5c5ccf1f7
[template-log-access] [template-log-access]
filename = templates/template-log-access.conf.in filename = templates/template-log-access.conf.in
md5sum = f2a74f88c7248f199011fa9ec6182f73 md5sum = 122b05829ecc4c0ad4e47e7d1c21166b
[template-empty] [template-empty]
filename = templates/empty.in filename = templates/empty.in
...@@ -104,9 +100,13 @@ md5sum = 2b765db72191197122554df17ad471d1 ...@@ -104,9 +100,13 @@ md5sum = 2b765db72191197122554df17ad471d1
filename = templates/apache-lazy-script-call.sh.in filename = templates/apache-lazy-script-call.sh.in
md5sum = ebe5d3d19923eb812a40019cb11276d8 md5sum = ebe5d3d19923eb812a40019cb11276d8
[template-caddy-graceful-script] [template-graceful-script]
filename = templates/caddy-graceful-script.sh.in filename = templates/graceful-script.sh.in
md5sum = 455f8765a3afd39fb78562fb9e326c42 md5sum = 31dd34de4c40a1d814bcbef482c757cc
[template-validate-script]
filename = templates/validate-script.sh.in
md5sum = 4c80ba3727c397f8d5b12cf1888cf959
[caddyprofiledeps-setup] [caddyprofiledeps-setup]
filename = setup.py filename = setup.py
......
...@@ -88,11 +88,13 @@ gzip = ${gzip:location} ...@@ -88,11 +88,13 @@ gzip = ${gzip:location}
logrotate = ${logrotate:location} logrotate = ${logrotate:location}
openssl = ${openssl:location} openssl = ${openssl:location}
trafficserver = ${trafficserver:location} trafficserver = ${trafficserver:location}
sha256sum = ${coreutils:location}/bin/sha256sum
monitor_template = ${monitor-template:output} monitor_template = ${monitor-template:output}
template_cached_slave_virtualhost = ${template-cached-slave-virtualhost:target} template_cached_slave_virtualhost = ${template-cached-slave-virtualhost:target}
template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target} template_caddy_frontend_configuration = ${template-caddy-frontend-configuration:target}
template_caddy_graceful_script = ${template-caddy-graceful-script:target} template_graceful_script = ${template-graceful-script:target}
template_validate_script = ${template-validate-script:target}
template_caddy_lazy_script_call = ${template-caddy-lazy-script-call:target} template_caddy_lazy_script_call = ${template-caddy-lazy-script-call:target}
template_default_slave_virtualhost = ${template-default-slave-virtualhost:target} template_default_slave_virtualhost = ${template-default-slave-virtualhost:target}
template_empty = ${template-empty:target} template_empty = ${template-empty:target}
...@@ -172,10 +174,6 @@ filename = replicate-publish-slave-information.cfg.in ...@@ -172,10 +174,6 @@ filename = replicate-publish-slave-information.cfg.in
<=download-template <=download-template
filename = Caddyfile.in filename = Caddyfile.in
[template-custom-slave-list]
<=download-template
filename = caddy-default-slave-list.cfg.in
[template-not-found-html] [template-not-found-html]
<=download-template <=download-template
filename = notfound.html filename = notfound.html
...@@ -223,9 +221,13 @@ mode = 0644 ...@@ -223,9 +221,13 @@ mode = 0644
<=download-template <=download-template
filename = apache-lazy-script-call.sh.in filename = apache-lazy-script-call.sh.in
[template-caddy-graceful-script] [template-graceful-script]
<=download-template
filename = graceful-script.sh.in
[template-validate-script]
<=download-template <=download-template
filename = caddy-graceful-script.sh.in filename = validate-script.sh.in
[template-nginx-eventsource-slave-virtualhost] [template-nginx-eventsource-slave-virtualhost]
<=download-template <=download-template
......
...@@ -86,6 +86,9 @@ ca-dir = ${:srv}/ssl ...@@ -86,6 +86,9 @@ ca-dir = ${:srv}/ssl
varnginx = ${:var}/nginx varnginx = ${:var}/nginx
frontend_cluster = ${:var}/frontend_cluster
nginx_cluster = ${:var}/nginx_cluster
[switch-caddy-softwaretype] [switch-caddy-softwaretype]
recipe = slapos.cookbook:softwaretype recipe = slapos.cookbook:softwaretype
single-default = ${dynamic-custom-personal-template-slave-list:rendered} single-default = ${dynamic-custom-personal-template-slave-list:rendered}
...@@ -94,10 +97,36 @@ single-custom-personal = ${dynamic-custom-personal-template-slave-list:rendered} ...@@ -94,10 +97,36 @@ single-custom-personal = ${dynamic-custom-personal-template-slave-list:rendered}
[frontend-configuration] [frontend-configuration]
template-log-access = {{ parameter_dict['template_log_access'] }} template-log-access = {{ parameter_dict['template_log_access'] }}
log-access-configuration = ${directory:etc}/log-access.conf log-access-configuration = ${directory:etc}/log-access.conf
ip-access-certificate = ${self-signed-ip-access:certificate}
ip-access-key = ${self-signed-ip-access:key}
caddy-directory = {{ parameter_dict['caddy_location'] }} caddy-directory = {{ parameter_dict['caddy_location'] }}
caddy-ipv6 = {{ instance_parameter['ipv6-random'] }} caddy-ipv6 = {{ instance_parameter['ipv6-random'] }}
caddy-https-port = ${configuration:port} caddy-https-port = ${configuration:port}
[self-signed-ip-access]
# Self Signed certificate for HTTPS IP accesses to the frontend
recipe = plone.recipe.command
update-command = ${:command}
ipv6 = ${slap-network-information:global-ipv6}
ipv4 = {{instance_parameter['ipv4-random']}}
key = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.key
certificate = ${caddy-directory:vh-ssl}/ip-access-${:ipv6}-${:ipv4}.crt
stop-on-error = True
command =
[ -f ${:key} ] && [ -f ${:certificate} ] && exit 0
rm -f ${:key} ${:certificate}
/bin/bash -c ' \
{{ parameter_dict['openssl'] }}/bin/openssl req \
-new -newkey rsa:2048 -sha256 \
-nodes -x509 -days 36500 \
-keyout ${:key} \
-subj "/CN=Self Signed IP Access" \
-reqexts SAN \
-extensions SAN \
-config <(cat {{ parameter_dict['openssl'] }}/etc/ssl/openssl.cnf \
<(printf "\n[SAN]\nsubjectAltName=IP:${:ipv6},IP:${:ipv4}")) \
-out ${:certificate}'
[jinja2-template-base] [jinja2-template-base]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
rendered = ${buildout:directory}/${:filename} rendered = ${buildout:directory}/${:filename}
...@@ -224,9 +253,11 @@ extra-context = ...@@ -224,9 +253,11 @@ extra-context =
[caddy-wrapper] [caddy-wrapper]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
environment =
CADDYPATH=${directory:frontend_cluster}
command-line = {{ parameter_dict['caddy'] }} command-line = {{ parameter_dict['caddy'] }}
-conf ${dynamic-caddy-frontend-template:rendered} -conf ${dynamic-caddy-frontend-template:rendered}
-log ${caddy-configuration:error-log} -log stdout
-http2=true -http2=true
{% if instance_parameter['configuration.enable-quic'].lower() in TRUE_VALUES %} {% if instance_parameter['configuration.enable-quic'].lower() in TRUE_VALUES %}
-quic -quic
...@@ -267,7 +298,7 @@ frontend-configuration = ${directory:etc}/Caddyfile ...@@ -267,7 +298,7 @@ frontend-configuration = ${directory:etc}/Caddyfile
access-log = ${directory:log}/frontend-access.log access-log = ${directory:log}/frontend-access.log
error-log = ${directory:log}/frontend-error.log error-log = ${directory:log}/frontend-error.log
pid-file = ${directory:run}/httpd.pid pid-file = ${directory:run}/httpd.pid
frontend-configuration-verification = ${caddy-wrapper:wrapper-path} -validate > /dev/null frontend-configuration-verification = ${frontend-caddy-validate:rendered}
frontend-graceful-command = ${:frontend-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat ${:pid-file}); fi frontend-graceful-command = ${:frontend-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat ${:pid-file}); fi
not-found-file = ${caddy-directory:document-root}/notfound.html not-found-file = ${caddy-directory:document-root}/notfound.html
# Communication with ATS # Communication with ATS
...@@ -277,7 +308,7 @@ ssl-cache-through-port = 26012 ...@@ -277,7 +308,7 @@ ssl-cache-through-port = 26012
[configtest] [configtest]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
command-line = ${caddy-wrapper:wrapper-path} -validate command-line = ${frontend-caddy-validate:rendered}
wrapper-path = ${directory:bin}/caddy-configtest wrapper-path = ${directory:bin}/caddy-configtest
[certificate-authority] [certificate-authority]
...@@ -501,24 +532,59 @@ mode = 700 ...@@ -501,24 +532,59 @@ mode = 700
### End of ATS sections ### End of ATS sections
### Caddy Graceful and promises ### Caddy Graceful and promises
[frontend-caddy-graceful-bin] [frontend-caddy-graceful]
< = jinja2-template-base < = jinja2-template-base
template = {{ parameter_dict['template_wrapper'] }} template = {{ parameter_dict['template_graceful_script'] }}
rendered = ${directory:bin}/frontend-caddy-safe-graceful rendered = ${directory:etc-run}/frontend-caddy-safe-graceful
mode = 0700 mode = 0700
path_list = ${caddy-configuration:frontend-configuration} ${frontend-configuration:log-access-configuration} ${caddy-directory:slave-configuration}/*.conf ${caddy-directory:slave-with-cache-configuration}/*.conf ${caddy-directory:vh-ssl}/*.key ${caddy-directory:vh-ssl}/*.crt ${caddy-directory:vh-ssl}/*.proxy_ca_crt
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/caddy_graceful_signature
extra-context = extra-context =
key content caddy-configuration:frontend-graceful-command key graceful_reload_command caddy-configuration:frontend-graceful-command
key path_list :path_list
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-caddy-graceful] [frontend-nginx-graceful]
< = jinja2-template-base < = jinja2-template-base
template = {{ parameter_dict['template_caddy_graceful_script'] }} template = {{ parameter_dict['template_graceful_script'] }}
rendered = ${directory:etc-run}/frontend-caddy-safe-graceful rendered = ${directory:etc-run}/frontend-nginx-safe-graceful
mode = 0700
path_list = ${dynamic-nginx-frontend-template:rendered} ${caddy-directory:nginx-slave-configuration}/*.conf
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/nginx_graceful_signature
extra-context =
key graceful_reload_command nginx-configuration:nginx-graceful-command
key path_list :path_list
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-caddy-validate]
< = jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/frontend-caddy-validate
mode = 0700
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/caddy_validate_signature
extra-context =
key wrapper caddy-wrapper:wrapper-path
key path_list frontend-caddy-graceful:path_list
key sha256sum :sha256sum
key signature_file :signature_file
[frontend-nginx-validate]
< = jinja2-template-base
template = {{ parameter_dict['template_validate_script'] }}
rendered = ${directory:bin}/frontend-nginx-validate
mode = 0700 mode = 0700
sha256sum = {{ parameter_dict['sha256sum'] }}
signature_file = ${directory:run}/nginx_validate_signature
extra-context = extra-context =
key directory_run directory:run key wrapper nginx-wrapper:wrapper-path
key directory_etc directory:etc key path_list frontend-nginx-graceful:path_list
key directory_bin directory:bin key sha256sum :sha256sum
key caddy_graceful_reload_command caddy-configuration:frontend-graceful-command key signature_file :signature_file
[frontend-caddy-lazy-graceful] [frontend-caddy-lazy-graceful]
< = jinja2-template-base < = jinja2-template-base
...@@ -534,12 +600,9 @@ extra-context = ...@@ -534,12 +600,9 @@ extra-context =
# Promises checking configuration: # Promises checking configuration:
[promise-frontend-caddy-configuration] [promise-frontend-caddy-configuration]
< = jinja2-template-base recipe = slapos.cookbook:wrapper
template = {{ parameter_dict['template_wrapper'] }} command-line = ${caddy-configuration:frontend-configuration-verification}
rendered = ${directory:promise}/frontend-caddy-configuration-promise wrapper-path = ${directory:promise}/frontend-caddy-configuration-promise
mode = 0700
extra-context =
key content caddy-configuration:frontend-configuration-verification
[promise-caddy-frontend-v4-https] [promise-caddy-frontend-v4-https]
recipe = slapos.cookbook:check_port_listening recipe = slapos.cookbook:check_port_listening
...@@ -648,9 +711,11 @@ curl_path = {{ parameter_dict['curl'] }}/bin/curl ...@@ -648,9 +711,11 @@ curl_path = {{ parameter_dict['curl'] }}/bin/curl
# #
[nginx-wrapper] [nginx-wrapper]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
environment =
CADDYPATH=${directory:nginx_cluster}
command-line = {{ parameter_dict['caddy'] }} command-line = {{ parameter_dict['caddy'] }}
-conf ${dynamic-nginx-frontend-template:rendered} -conf ${dynamic-nginx-frontend-template:rendered}
-log ${nginx-configuration:error_log} -log stdout
-http2=true -http2=true
-grace {{ instance_parameter['configuration.mpm-graceful-shutdown-timeout'] }}s -grace {{ instance_parameter['configuration.mpm-graceful-shutdown-timeout'] }}s
-disable-http-challenge -disable-http-challenge
...@@ -690,26 +755,15 @@ worker_processes = 4 ...@@ -690,26 +755,15 @@ worker_processes = 4
worker_connections = 1024 worker_connections = 1024
slave-configuration-directory = ${caddy-directory:nginx-slave-configuration} slave-configuration-directory = ${caddy-directory:nginx-slave-configuration}
pid-file = ${directory:run}/nginx.pid pid-file = ${directory:run}/nginx.pid
nginx-graceful-command = ${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -HUP $(cat ${:pid-file}); fi nginx-graceful-command = ${:nginx-configuration-verification}; if [ $? -eq 0 ]; then kill -USR1 $(cat ${:pid-file}); fi
nginx-configuration-verification = ${nginx-wrapper:wrapper-path} -validate nginx-configuration-verification = ${frontend-nginx-validate:rendered}
ssl_certificate = ${ca-frontend:cert-file} ssl_certificate = ${ca-frontend:cert-file}
ssl_key = ${ca-frontend:key-file} ssl_key = ${ca-frontend:key-file}
[frontend-nginx-graceful]
< = jinja2-template-base
template = {{ parameter_dict['template_wrapper'] }}
rendered = ${directory:etc-run}/frontend-nginx-safe-graceful
mode = 0700
extra-context =
key content nginx-configuration:nginx-graceful-command
[promise-nginx-configuration] [promise-nginx-configuration]
< = jinja2-template-base recipe = slapos.cookbook:wrapper
template = {{ parameter_dict['template_wrapper'] }} command-line = ${nginx-configuration:nginx-configuration-verification}
rendered = ${directory:promise}/nginx-configuration-promise wrapper-path = ${directory:promise}/nginx-configuration-promise
mode = 0700
extra-context =
key content nginx-configuration:nginx-configuration-verification
[promise-nginx-frontend-v4-https] [promise-nginx-frontend-v4-https]
recipe = slapos.cookbook:check_port_listening recipe = slapos.cookbook:check_port_listening
......
...@@ -131,12 +131,12 @@ ...@@ -131,12 +131,12 @@
}, },
"ssl-proxy-verify": { "ssl-proxy-verify": {
"default": "false", "default": "false",
"description": "[NOT Implemented] If set to true, Backend SSL Certificates will be checked and frontend will refuse to proxy if certificate is invalid", "description": "If set to true, Backend SSL Certificates will be checked and frontend will refuse to proxy if certificate is invalid",
"enum": [ "enum": [
"false", "false",
"true" "true"
], ],
"title": "[NOT Implemented] Verify Backend Certificates", "title": "Verify Backend Certificates",
"type": "string" "type": "string"
}, },
"ssl_ca_crt": { "ssl_ca_crt": {
...@@ -162,8 +162,8 @@ ...@@ -162,8 +162,8 @@
}, },
"ssl_proxy_ca_crt": { "ssl_proxy_ca_crt": {
"default": "", "default": "",
"description": "[NOT Implemented] Content of the SSL Certificate Authority file of the backend (to be used with ssl-proxy-verify)", "description": "Content of the SSL Certificate Authority file of the backend (to be used with ssl-proxy-verify)",
"title": "[NOT Implemented] SSL Backend Authority's Certificate", "title": "SSL Backend Authority's Certificate",
"type": "string" "type": "string"
}, },
"type": { "type": {
......
...@@ -32,7 +32,7 @@ ...@@ -32,7 +32,7 @@
}, },
"request-error-list": { "request-error-list": {
"description": "In case if slave has been rejected by master or has error in the request, the list contains information about each problem", "description": "In case if slave has been rejected by master or has error in the request, the list contains information about each problem",
"type": "string" "type": "array"
} }
}, },
"type": "object" "type": "object"
......
...@@ -30,7 +30,7 @@ import {{ slave_with_cache_configuration_directory }}/*.conf ...@@ -30,7 +30,7 @@ import {{ slave_with_cache_configuration_directory }}/*.conf
# Access to server-status Caddy-style # Access to server-status Caddy-style
https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status { https://[{{ global_ipv6 }}]:{{ https_port }}/server-status, https://{{ local_ipv4 }}:{{ https_port }}/server-status {
tls {{ login_certificate }} {{ login_key }} tls {{ frontend_configuration['ip-access-certificate'] }} {{ frontend_configuration['ip-access-key'] }}
# Compress the output # Compress the output
gzip gzip
bind {{ local_ipv4 }} bind {{ local_ipv4 }}
......
...@@ -379,8 +379,8 @@ local_ipv4 = {{ dumps(local_ipv4) }} ...@@ -379,8 +379,8 @@ local_ipv4 = {{ dumps(local_ipv4) }}
global_ipv6 = {{ dumps(global_ipv6) }} global_ipv6 = {{ dumps(global_ipv6) }}
https_port = {{ dumps(https_port) }} https_port = {{ dumps(https_port) }}
http_port = {{ dumps(http_port) }} http_port = {{ dumps(http_port) }}
login_certificate = {{ dumps(login_certificate) }} ip_access_certificate = {{ frontend_configuration.get('ip-access-certificate') }}
login_key = {{ dumps(login_key) }} ip_access_key = {{ frontend_configuration.get('ip-access-key') }}
access_log = {{ dumps(access_log) }} access_log = {{ dumps(access_log) }}
error_log = {{ dumps(error_log) }} error_log = {{ dumps(error_log) }}
not_found_file = {{ dumps(not_found_file) }} not_found_file = {{ dumps(not_found_file) }}
...@@ -394,6 +394,7 @@ extra-context = ...@@ -394,6 +394,7 @@ extra-context =
section slave_password slave-password section slave_password slave-password
section parameter_dict caddy-log-access-parameters section parameter_dict caddy-log-access-parameters
{# Publish information for the instance #} {# Publish information for the instance #}
[publish-caddy-information] [publish-caddy-information]
recipe = slapos.cookbook:publish.serialised recipe = slapos.cookbook:publish.serialised
......
...@@ -19,9 +19,6 @@ ...@@ -19,9 +19,6 @@
bind {{ slave_parameter['local_ipv4'] }} bind {{ slave_parameter['local_ipv4'] }}
# Compress the output # Compress the output
gzip gzip
{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %}
status 501 /
{%- endif %}
# Rewrite part # Rewrite part
proxy / {{ slave_parameter.get('backend_url', '') }} { proxy / {{ slave_parameter.get('backend_url', '') }} {
# As backend is trusting REMOTE_USER header unset it always # As backend is trusting REMOTE_USER header unset it always
...@@ -30,7 +27,8 @@ ...@@ -30,7 +27,8 @@
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {%- endif %}
{%- else %} {%- else %}
insecure_skip_verify insecure_skip_verify
...@@ -43,16 +41,14 @@ ...@@ -43,16 +41,14 @@
bind {{ slave_parameter['local_ipv4'] }} bind {{ slave_parameter['local_ipv4'] }}
# Compress the output # Compress the output
gzip gzip
{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %}
status 501 /
{%- endif %}
proxy / {{ slave_parameter.get('https_backend_url', '') }} { proxy / {{ slave_parameter.get('https_backend_url', '') }} {
# As backend is trusting REMOTE_USER header unset it always # As backend is trusting REMOTE_USER header unset it always
header_upstream -REMOTE_USER header_upstream -REMOTE_USER
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {%- endif %}
{%- else %} {%- else %}
insecure_skip_verify insecure_skip_verify
......
#!/bin/sh
RUN_DIR={{ directory_run }}
ETC_DIR={{ directory_etc }}
BIN_DIR={{ directory_bin }}
CADDY_SIGNATURE_FILE=$RUN_DIR/caddy_configuration.signature
NCADDY_SIGNATURE_FILE=$RUN_DIR/ncaddy_configuration.signature
touch $CADDY_SIGNATURE_FILE
sha256sum $ETC_DIR/Caddyfile $ETC_DIR/log-access.conf $ETC_DIR/caddy-*.d/*.conf $ETC_DIR/caddy-*.d/ssl/*.*key $ETC_DIR/caddy-*.d/ssl/*.*crt* | sort -k 66 > $NCADDY_SIGNATURE_FILE
# If no diff, no restart for now
if diff "$CADDY_SIGNATURE_FILE" "$NCADDY_SIGNATURE_FILE"; then
echo "Nothing Changed, so nothing to reload"
exit 0
fi
echo "Reloading caddy.."
{{ caddy_graceful_reload_command }}
mv "$NCADDY_SIGNATURE_FILE" "$CADDY_SIGNATURE_FILE"
...@@ -30,9 +30,6 @@ ...@@ -30,9 +30,6 @@
bind {{ slave_parameter['local_ipv4'] }} bind {{ slave_parameter['local_ipv4'] }}
# Compress the output # Compress the output
gzip gzip
{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %}
status 501 /
{%- endif %} {#- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter #}
tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} { tls {{ slave_parameter.get('path_to_ssl_crt', slave_parameter.get('login_certificate')) }} {{ slave_parameter.get('path_to_ssl_key', slave_parameter.get('login_key')) }} {
{%- if enable_h2 %} {%- if enable_h2 %}
# Allow HTTP2 # Allow HTTP2
...@@ -79,8 +76,9 @@ ...@@ -79,8 +76,9 @@
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #} {%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #} {%- endif %} {#- if ssl_proxy_verify #}
...@@ -136,8 +134,9 @@ ...@@ -136,8 +134,9 @@
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #} {%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #} {%- endif %} {#- if ssl_proxy_verify #}
...@@ -152,9 +151,6 @@ ...@@ -152,9 +151,6 @@
bind {{ slave_parameter['local_ipv4'] }} bind {{ slave_parameter['local_ipv4'] }}
# Compress the output # Compress the output
gzip gzip
{%- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter %}
status 501 /
{%- endif %} {#- if ssl_proxy_verify and 'ssl_proxy_ca_crt' in slave_parameter #}
log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}" log / {{ slave_parameter.get('access_log') }} "{remote} {>REMOTE_USER} [{when}] \"{method} {uri} {proto}\" {status} {size} \"{>Referer}\" \"{>User-Agent}\" {latency_ms}"
errors {{ slave_parameter.get('error_log') }} errors {{ slave_parameter.get('error_log') }}
...@@ -201,8 +197,9 @@ ...@@ -201,8 +197,9 @@
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #} {%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #} {%- endif %} {#- if ssl_proxy_verify #}
...@@ -252,8 +249,9 @@ ...@@ -252,8 +249,9 @@
transparent transparent
timeout 600s timeout 600s
{%- if ssl_proxy_verify %} {%- if ssl_proxy_verify %}
{%- if 'ssl_proxy_ca_crt' in slave_parameter %} {%- if 'path_to_ssl_proxy_ca_crt' in slave_parameter %}
{%- endif %} {#- if 'ssl_proxy_ca_crt' in slave_parameter #} ca_certificates {{ slave_parameter['path_to_ssl_proxy_ca_crt'] }}
{%- endif %} {#- if 'path_to_ssl_proxy_ca_crt' in slave_parameter #}
{%- else %} {#- if ssl_proxy_verify #} {%- else %} {#- if ssl_proxy_verify #}
insecure_skip_verify insecure_skip_verify
{%- endif %} {#- if ssl_proxy_verify #} {%- endif %} {#- if ssl_proxy_verify #}
......
#!/bin/sh
SIGNATURE_FILE={{ signature_file }}
NSIGNATURE_FILE={{ signature_file }}.tmp
touch $SIGNATURE_FILE
{{ sha256sum }} {{ path_list }} | sort -k 66 > $NSIGNATURE_FILE
# If no diff, no restart for now
if diff "$SIGNATURE_FILE" "$NSIGNATURE_FILE" > /dev/null ; then
echo "Nothing changed, so nothing to reload"
exit 0
fi
echo "Reloading.."
{{ graceful_reload_command }}
mv "$NSIGNATURE_FILE" "$SIGNATURE_FILE"
...@@ -3,7 +3,7 @@ https://[{{ parameter_dict['global_ipv6'] }}]:{{ parameter_dict['https_port'] }} ...@@ -3,7 +3,7 @@ https://[{{ parameter_dict['global_ipv6'] }}]:{{ parameter_dict['https_port'] }}
bind {{ parameter_dict['local_ipv4'] }} bind {{ parameter_dict['local_ipv4'] }}
root {{ directory }}/ root {{ directory }}/
browse browse
tls {{ parameter_dict['login_certificate'] }} {{ parameter_dict['login_key'] }} tls {{ parameter_dict['ip_access_certificate'] }} {{ parameter_dict['ip_access_key'] }}
basicauth "{{ slave }}" {{ slave_password[slave] | trim }} { basicauth "{{ slave }}" {{ slave_password[slave] | trim }} {
"Log Access {{ slave }}" "Log Access {{ slave }}"
/ /
......
#!/bin/sh
set -e
SIGNATURE_FILE={{ signature_file }}
NSIGNATURE_FILE={{ signature_file }}.tmp
SIGNATURE_STATUS={{ signature_file }}.status
touch $SIGNATURE_FILE
{{ sha256sum }} {{ path_list }} | sort -k 66 > $NSIGNATURE_FILE
if diff "$SIGNATURE_FILE" "$NSIGNATURE_FILE" > /dev/null; then
rm -f "$NSIGNATURE_FILE"
else
mv "$NSIGNATURE_FILE" "$SIGNATURE_FILE"
# do not catch errors during validation
set +e
{{ wrapper }} -validate
echo $? > $SIGNATURE_STATUS
set -e
fi
exit `cat $SIGNATURE_STATUS`
-----BEGIN CERTIFICATE-----
MIIDETCCAfkCCQDaYBkI56KXrjANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQGEwJY
WDEOMAwGA1UECAwFU3RhdGUxGTAXBgNVBAoMEFdpbGRjYXJkIFJvb3QgQ0EwHhcN
MTgxMTIxMTAwMzM4WhcNMjgxMTE4MTAwMzM4WjBdMQswCQYDVQQGEwJBVTETMBEG
A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg
THRkMRYwFAYDVQQDDA0qLmV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe
npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM
vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU
aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM
d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e
Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQB4mIEwylSudRONRRMgHDkhMlb8/O2MERYrBmsqatg3eU6/LYZAk/okUI6p
aBkQ3GnUmA+gQnkhk4hffRk7NqtMq3r5MEcWunu61i45sXnsQh9myHEAeGfDw3wz
2rkdXAY2jNeQhTBEsErgwKuN86BTFML9cNg2gTKLBbNC1rSJjoMqcKHxrAcsUBip
bXDQMmNIQkzsc3ml6+17/qfu8+mTZ7J5kEkSbbwRD690LiR6Ltua22GAvuddt53S
ieyOVVxCDlItquuGfuQ3ay8zlyQjYmoPI5AXE5Wv9W4mF7agc+SYe3myL3xlRbC+
RD/fQtvjbf/bt9lkgs9DQoITaYvc
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA1A+TzPOPC3qPLq3KfmFpoa6Iubh1OhNFfH7fvCJQ1czTcFLe
npG4uTjXwcoHbPb6CWq5hfUSY/ucI6mW93gsoW5vsbPFmUFe96fA6uJV17j2IppM
vNHhcNxNbKxpGnStNO5HTW7q1Qk2yvcx4cL/bPCEaNFwBK1O+NeNz0ZDW8dGifYU
aVj+qpVlvTi//j8P4FOwSVYvXdMqGH5WaaTquJPVEGg+704tzUxDbCUXrbCVzFgM
d69sQg0sJQ9MddrsWkQSgcE7cffdC1JdGHCJ/B87iO3pjH2VjFth8EFMcQCn8V8e
Nz0OpkcsZXuFg3L/3EtMV3ZXSlT6GDxaEcNuvQIDAQABAoIBAQCWdkcEUHvaRSd6
k0ztxuhQE6pnO/3RKwNOhibxMdfxGtebBvF1yScsJKzRjysdoU9fhx4DchOOZWQv
2ZCIHfhswhL2HvvA9aUQSzKSde06lr3tZ1WzU6eFkIpO5TXd05Nhzv9AbcapSVRb
RnFaIiVhgnYweQnmB6HU5fx0aQI6BytP34t3rEZqdy+eYqtq1ZgYC7iXQJct08Sy
0syR5boW2fKZZin78I+uOWfhD3uUDz7SnetwIEWuaJ/oYXv2YFqm+68XRSo4yi2G
FlF3CgwecJCaHyEhxMQojlgM61EvEZ0v1FvoMyyQiNmWVSAtbd6BAD5YrdUzk1QO
mzr3LuTxAoGBAPbnNp/0g25IYj857Q++hSjWsyjLLMfX6+hPsOv2ICL46+xU9P4s
EeIe8PGgRvUkXiNZ7LRtipsFOB+qNYHknIRtLICyYXfumJH4+05XawHIPWdZNw1X
762VsiLEHj1nx3tbEpiCApxYJTXat5/3skjibsNjkuV5JAfsiDHPHeOrAoGBANvf
u1GI2mtUDZ1EJbxJUm3pCUg1aw8jL83OC9miTT36m3V/TiZvc6NEbWM5S8xprwJ1
FG+MHchTgG3rZR6UhfK7OPb7jD0r1aVnA30NX3NS1zKfMEp2Ry83w9LJX70JbZsg
ipo09UXSyE1EaeGGIEQ0xqCN/nRiy2KDh4h1gY83AoGAUH50ypU2vB+RGDfUV4uv
ce79HdGPWd/FI0nHzkXBmGU61SOlc6/+bI/V0ZCFUap3nmLUzsXfqEZ9U6V0KFLV
zD6jgZmmOSlqSDy6AYJyenRDwIvPbOQ8WYUyPC9gBHjvCgJY/6tzGnGKQBJ8RwTD
9QsNPVobLADghEzS4ho6Dl0CgYBjCBxIlwk5ujv/j4gnjCbSVlnV6il0QfbwDVQN
DCsaNVv7ygEbEqvU56cVP+NCCH/I7Y7sxwFLD0ETQSjkYyUJtQXtSFNb4fhybTmH
A5TwTmma5VRM1YUuYUGUGRtD+5Egg8GpvxyR/GQ3WQ8PgufZkKO+APaQ2Uad8nwD
HFnkdQKBgG0OlIKuVeLTVhPcQvOmiDEBeAVo1zc4zmA/JLk/euxesEVL9A8xuxsF
ao0pLvpk/EWQGElxNLNJxbn7AB4uXlpsAvV3xBM88pQIuj2paix1CqSlgfR2F2jE
t3470UVZV22ECV8vQK/of2byELrMscLExLgKW1lAIqqZ77BntFO9
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDQzCCAiugAwIBAgIJAOShMXfabB7nMA0GCSqGSIb3DQEBCwUAMDgxCzAJBgNV
BAYTAlhYMQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBD
QTAeFw0xODExMjExMDAxMjVaFw00NjEyMDQxMDAxMjVaMDgxCzAJBgNVBAYTAlhY
MQ4wDAYDVQQIDAVTdGF0ZTEZMBcGA1UECgwQV2lsZGNhcmQgUm9vdCBDQTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKq/9H+MvMt5B0vIC2/uEz25jqxT
Wv36v9/HldZLvEwzOiEd0n53ZZFqVlfOoYyCIoWw1+SPwaAc8Oad8ELfoPUasV65
xWki9F/tesgPZpyTO7vgpQfX5JVWNw28s13BgRkOO95h4t2S2t1K6sckC0M/B0o3
wDs/M+74i6wUTHNNXVRejeNPlj9ZSKyfe8rwvY4aNkvW/TKKbaY1yXpQhbeZfU8j
bk4tv4VOpIIoK7wWnSOcFHMANPqrIhygazI1zdsyySEssQ2TAepUb/zgZgk2IQ61
GT+h7NVIoYZJKcAYlLapsZJV1d3Ec9y57zTpyfbWsQhmKHCasZeZK5gYqXECAwEA
AaNQME4wHQYDVR0OBBYEFLZTKR+QsKR9ivZi4uFssy6sB80XMB8GA1UdIwQYMBaA
FLZTKR+QsKR9ivZi4uFssy6sB80XMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
BQADggEBAI8O1u6LnmBkWw3rPOTp+9DD2l0+tU3e51KZfp98Fm3Lo8qF5spAB+Ue
OiBax9uENzjcHm7T7KdJrQNK6Mmat0VsD1WTR0TK1eBr9+hOh9EE1H5mEmSL0LOs
ABcCW8DlDv9axWMkFEaJjLfYRUQdvUkb3BwlXo2oq8ectk5ZqS1IF873htYStkvc
SvrzFpaMhYUIr2e7bvFEJ8XTz9l4eymdOBg3j89gf9OkmPa3FE6Qf7etTkVyOr1t
7DIuucv2JkWqHnABIWsLgj4bdLWWULASA7FkI0lHxp5/9/OBb7kVlcgQg6c9Wed7
VA9NaSB3jnBubpEbijnekHqPYO0Bf38=
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqr/0f4y8y3kHS8gLb+4TPbmOrFNa/fq/38eV1ku8TDM6IR3S
fndlkWpWV86hjIIihbDX5I/BoBzw5p3wQt+g9RqxXrnFaSL0X+16yA9mnJM7u+Cl
B9fklVY3DbyzXcGBGQ473mHi3ZLa3UrqxyQLQz8HSjfAOz8z7viLrBRMc01dVF6N
40+WP1lIrJ97yvC9jho2S9b9MoptpjXJelCFt5l9TyNuTi2/hU6kgigrvBadI5wU
cwA0+qsiHKBrMjXN2zLJISyxDZMB6lRv/OBmCTYhDrUZP6Hs1UihhkkpwBiUtqmx
klXV3cRz3LnvNOnJ9taxCGYocJqxl5krmBipcQIDAQABAoIBAHOAnbeaUCujlxfg
Hjx8428hki1nxWmAsUKDFAx99sXk8TFtpvH9eis/r2B+WjFd5lRhJ+lohSX17c9S
jy/tbkfe4pSdPbi8+Gnbju693D+WKRYSBBCmLe4G//6+4uZM+zMjucPYm0ofCQYg
o2hKLYQzoo7F37c0LcE9R94DbSOg2tY6HkKNhXoo0KBY424nIlZ82ZvsS7Q+dduB
txbFvzj0cnrYAJv8QIzcedaFGPN7tkLMZ+PS2rXPG/CkPevKgGwjOx+YyKgQk8GU
O+YvMQ9/zhOz4ak76UOZF+a21DrVqsKj0BK90SEq10MUnd1riQJ2z2jD8SSChgb6
rRc4+AECgYEA1NTSkhfxwfgWIjucnWPrtzNLyVqg5Ss+X/XZfN0LNvMje+AZ4wfz
pLAf8cxnewgNqpR1PeUrjoUwcKrHX7M/MhfEhPKo2LyYDsNtNDcRk3JP047FrDnL
beVc7lIfsCzuuQHgnUFhBE+8qP69VsHWBq1iQF2NUdW8HLjxTSuAQFECgYEAzWIR
U/r5QijUE6fcev4FvPBCCF3+c64UEuXV/W4ZURWzOEAcKh9TAHiTKSQ3MDQK7IQY
YtRbgePnA8Tc0Xj0jSxMtWTX1FanxftosRNgsZD1VKnBViwImuOeZHZYq83qPGT9
FNUvGMAEAHevNdSdI2k9RSzrB2Lhei6wEYHJryECgYEAoAOWgYKBID2enoRFHsw2
N5nYe/2ohEQ79DfKGaezO9AXuJXnwJqE4ygMDGaK0qReagaOE0gOtGuM3Nh5Z4lD
lSzrcq1ipvk8NbVWkHBqxXmnbL6l/fPB79EHSqLx8ioGHZC8yF6US4KLrF9CCU1Y
1dJb0VrE2mcgtFOUEFoJZdECgYAsGxVRjaIdvRreJbxJhWfCDW6A0X6lZQrWjBkK
VayGJzzXpZzmxtdSUJJ50VcwuNxnsm5yOtxz5ndj7dDmAy2xa4QFqGRZK0rYT4dK
D7lCKLkmt1XXpZkreho3xNqB+rSEx8M5yBZXIFU7rHgp/UDJq/4GbwECExAM5x3U
hKTFQQKBgQCPGglKFvkRkvYonwDmLRiCjBPnpK5YeL/AYJxeD3V9b8V5Arc9ce9y
PgFgk93RjGlEfLSN0Xbqc6GPIGwg6f5qyHvQ1BpCwupr3lhdsTxwIKbGpAH4Zvmz
4COcrvkF9gAHaIiH97nLy/9h2EawKqKgJv3R0wfdKvRw4iW/4j4aPw==
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDuzCCAqOgAwIBAgIJAOzw6rzXAd+jMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxLTArBgNVBAMMJGN1c3RvbWRvbWFpbnNzbGNydHNzbGtl
eS5leGFtcGxlLmNvbTAeFw0xODA1MTgxMzA2NThaFw0yODA1MTUxMzA2NThaMHQx
CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
cm5ldCBXaWRnaXRzIFB0eSBMdGQxLTArBgNVBAMMJGN1c3RvbWRvbWFpbnNzbGNy
dHNzbGtleS5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQe3WLRuVBPPufClmlOk6Euc3nmycvCkzcwMUD6+zdyAGH0qhHoIHJmiXi6
GcKYgqqa3eaIxvvke2EEphDwYkj6neOVyuX3KukL8ggEUakJ17TEQkS7hIk4dmDT
wjFAMgLz8uN11jqLooo9w/ptD+LUWmm6K9zk49iqqdKuG9Z5v3dm0KMUvsmYGWqN
g31tQWU1Cm2kNu+2iP2FPnx2PWkDq4KTn64U7iJP9DdDEvzNfYcvz8upjR15B+dI
K0ihwDXV5BtfZXDvck+ctCdfS1QxM+x+PboEJKUNoefz/+Q/9T3mlc+KchFG9asL
Q/kbHtdgZzsDGTDEtdDtIrLLQ3MCAwEAAaNQME4wHQYDVR0OBBYEFG6I5Y0feayi
UPznSzRJIMS1blcNMB8GA1UdIwQYMBaAFG6I5Y0feayiUPznSzRJIMS1blcNMAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAKmK75LcaROfjdxQLBFqiP/I
6WB8pBNbAN6nL+dgxeQJNEx7VQXSU/3KF0nIMC35pzf93ZySMq6ujCjxksNA0Pa0
XEH0pmTqOO7Af5wsjIniLqGTRvFCqGbWKEcYDBwKq0svTGfYyPOaBj8z7lt9LURs
WRC1tCrn8T8NkAY/jdGRQZRtLlgk+x2SaeDfQ8F1MtMT8jYSLo4R+c4f+iuDgMWi
JPM5SvYeDEXndWctKGxmP4p2HIp8gJuqYHmP4oxO7Rn/QPti1p68WfNQsRquHYJ4
dR9krkpVeteQ7w8cQA9OkG/m3neiIfFKkosJSGEHctRvRQ0GtbQO6A6nZqk0n6I=
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDkHt1i0blQTz7n
wpZpTpOhLnN55snLwpM3MDFA+vs3cgBh9KoR6CByZol4uhnCmIKqmt3miMb75Hth
BKYQ8GJI+p3jlcrl9yrpC/IIBFGpCde0xEJEu4SJOHZg08IxQDIC8/LjddY6i6KK
PcP6bQ/i1Fppuivc5OPYqqnSrhvWeb93ZtCjFL7JmBlqjYN9bUFlNQptpDbvtoj9
hT58dj1pA6uCk5+uFO4iT/Q3QxL8zX2HL8/LqY0deQfnSCtIocA11eQbX2Vw73JP
nLQnX0tUMTPsfj26BCSlDaHn8//kP/U95pXPinIRRvWrC0P5Gx7XYGc7AxkwxLXQ
7SKyy0NzAgMBAAECggEBAOLv5ZPCSdWgEFdlWFbIycrmOBDETGo9VlDny4f2ZuZg
rgrE6E/KGkVUxlvo32mcaRkp2ajW1wWN5kO86Swex9gMIfhfcyrVecW/kXbyPP6q
AQIe4EIaPh54oiNvZleyok4Xu8EW4Bj8AqX+DjHaP5yLXqqhf7NPrW9FUI57kMwK
DqeHBilgWUxzcjc4LLiEu6UTuB8c2Slj3Ps0K/mVzvPbQ7Xx+RYXzfX+SqjyvDEe
GpaRLoiRJ0KZSoGUgBQSIqgfzR7g6ipKNDvlzsawMpG641vsQ8tSI+l4U5f6MbYZ
pFT+mxL4+N+PQbWN5w3qYWK6Ilh77+0rKfGVrLH7s7kCgYEA/2SXFnUgJUnKpuE0
4buUtPCMw8j+qZsJZ8nmf2BbwIGgp+CFGlO6aG4sfzYulpQuZOsnKRIu5qoE3xQp
MzuqWPZ8eygAubBdddaym3kPRiMAxTXPr+vBFyvti+oFflxaTsTXAfCXD2wM8yKm
Od16xg9co3NED2zt62mtSM6NOiUCgYEA5Kmt1JqL4ymMe9gBZ07Ar7GCfmmqepSb
w9XqgkHDk0ZYizNeQupPQrypfdeLFlKVnlp4DycEA4XzGdFgp1+PkAMSIVDUZZp5
KxWJdQkdScENe1eYAz0vALCWSnUahyMGuNW9Xe/z2mtNLKRYcNDQ2LROJTQjShvw
XSfVQXS597cCgYEAgXG5hn9tAJlLJpQk2njZ4W++2QkJ0msrNDjIJC1xs7u/8vbA
X9yqMX4N/Zg3ush2T15EpfN6ZB0uhObSDw6hw5+C7mUTIQq8BBsCwfx0+maJYGtq
zc6fOqBgMTc2+5nRh/UKyQfpeL6aPa2FNPUF4lcs7AdjKrJaUKRqWOmf+SUCgYAd
ksRkpshIzOraaYlk7w6EqpSR/OCLkgTDQztdNVwyA/sXpcEfLmap3vScze+zJ2Mq
Y9D7RLSEMCLMyAOUIgvTOFJz9JxDt8LMC7EHbfJXw5wWw7FpWdRmZnBJmPOhXqpT
5XDkYVBMg2wrxeWaUadxH4Cr1x5pS0u/AJPYL1yN6QKBgApwfVmCWXS0S1++6KiM
WN+jyvqmF4FS6Ib5TII1/diChY0PCO/UnmVPYg1AIqsdT5ghVreZs7wuHi1LsXQ4
41nBmUnhdaiKCz9qVybXJwvicn/2MlsIi5C4Ox97OHJyCR1iKxf5A2ypfYEuh25V
NZZ4n9p5PhcLev6x3QhuWosT
-----END PRIVATE KEY-----
...@@ -44,6 +44,7 @@ setup(name=name, ...@@ -44,6 +44,7 @@ setup(name=name,
'forcediphttpsadapter', 'forcediphttpsadapter',
'requests-toolbelt', 'requests-toolbelt',
'supervisor', 'supervisor',
'cryptography',
], ],
zip_safe=True, zip_safe=True,
test_suite='test', test_suite='test',
......
...@@ -25,14 +25,6 @@ ...@@ -25,14 +25,6 @@
# #
############################################################################## ##############################################################################
# Note for SSL
# This test comes with certificates and keys. There is even root Certificate
# Authority, for the backends
# Please follow https://datacenteroverlords.com/2012/03/01/\
# creating-your-own-ssl-certificate-authority/
# in order to add more certificates for backend.
# Frontend still uses self-signed certificates.
import glob import glob
import os import os
import requests import requests
...@@ -47,10 +39,21 @@ from BaseHTTPServer import HTTPServer ...@@ -47,10 +39,21 @@ from BaseHTTPServer import HTTPServer
from BaseHTTPServer import BaseHTTPRequestHandler from BaseHTTPServer import BaseHTTPRequestHandler
from forcediphttpsadapter.adapters import ForcedIPHTTPSAdapter from forcediphttpsadapter.adapters import ForcedIPHTTPSAdapter
import time import time
import tempfile
import ipaddress
from utils import SlapOSInstanceTestCase from utils import SlapOSInstanceTestCase
from utils import findFreeTCPPort from utils import findFreeTCPPort
import datetime
from cryptography import x509
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
from cryptography.x509.oid import NameOID
LOCAL_IPV4 = os.environ['LOCAL_IPV4'] LOCAL_IPV4 = os.environ['LOCAL_IPV4']
GLOBAL_IPV6 = os.environ['GLOBAL_IPV6'] GLOBAL_IPV6 = os.environ['GLOBAL_IPV6']
...@@ -73,13 +76,114 @@ if os.environ.get('DEBUG'): ...@@ -73,13 +76,114 @@ if os.environ.get('DEBUG'):
def der2pem(der): def der2pem(der):
certificate, error = subprocess.Popen( certificate = x509.load_der_x509_certificate(der, default_backend())
'openssl x509 -inform der'.split(), stdin=subprocess.PIPE, return certificate.public_bytes(serialization.Encoding.PEM)
stdout=subprocess.PIPE, stderr=subprocess.PIPE
).communicate(der)
if error: def createKey():
raise ValueError(error) key = rsa.generate_private_key(
return certificate public_exponent=65537, key_size=2048, backend=default_backend())
key_pem = key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.TraditionalOpenSSL,
encryption_algorithm=serialization.NoEncryption()
)
return key, key_pem
def createSelfSignedCertificate(name_list):
key, key_pem = createKey()
subject_alternative_name_list = x509.SubjectAlternativeName(
[x509.DNSName(unicode(q)) for q in name_list]
)
subject = issuer = x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, u'Test Self Signed Certificate'),
])
certificate = x509.CertificateBuilder().subject_name(
subject
).issuer_name(
issuer
).add_extension(
subject_alternative_name_list,
critical=False,
).public_key(
key.public_key()
).serial_number(
x509.random_serial_number()
).not_valid_before(
datetime.datetime.utcnow() - datetime.timedelta(days=2)
).not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=5)
).sign(key, hashes.SHA256(), default_backend())
certificate_pem = certificate.public_bytes(serialization.Encoding.PEM)
return key, key_pem, certificate, certificate_pem
def createCSR(common_name, ip=None):
key, key_pem = createKey()
subject_alternative_name_list = []
if ip is not None:
subject_alternative_name_list.append(
x509.IPAddress(ipaddress.ip_address(unicode(ip)))
)
csr = x509.CertificateSigningRequestBuilder().subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)),
]))
if len(subject_alternative_name_list):
csr = csr.add_extension(
x509.SubjectAlternativeName(subject_alternative_name_list),
critical=False
)
csr = csr.sign(key, hashes.SHA256(), default_backend())
csr_pem = csr.public_bytes(serialization.Encoding.PEM)
return key, key_pem, csr, csr_pem
class CertificateAuthority(object):
def __init__(self, common_name):
self.key, self.key_pem = createKey()
public_key = self.key.public_key()
builder = x509.CertificateBuilder()
builder = builder.subject_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)),
]))
builder = builder.issuer_name(x509.Name([
x509.NameAttribute(NameOID.COMMON_NAME, unicode(common_name)),
]))
builder = builder.not_valid_before(
datetime.datetime.utcnow() - datetime.timedelta(days=2))
builder = builder.not_valid_after(
datetime.datetime.utcnow() + datetime.timedelta(days=30))
builder = builder.serial_number(x509.random_serial_number())
builder = builder.public_key(public_key)
builder = builder.add_extension(
x509.BasicConstraints(ca=True, path_length=None), critical=True,
)
self.certificate = builder.sign(
private_key=self.key, algorithm=hashes.SHA256(),
backend=default_backend()
)
self.certificate_pem = self.certificate.public_bytes(
serialization.Encoding.PEM)
def signCSR(self, csr):
builder = x509.CertificateBuilder(
subject_name=csr.subject,
extensions=csr.extensions,
issuer_name=self.certificate.subject,
not_valid_before=datetime.datetime.utcnow() - datetime.timedelta(days=1),
not_valid_after=datetime.datetime.utcnow() + datetime.timedelta(days=30),
serial_number=x509.random_serial_number(),
public_key=csr.public_key(),
)
certificate = builder.sign(
private_key=self.key,
algorithm=hashes.SHA256(),
backend=default_backend()
)
return certificate, certificate.public_bytes(serialization.Encoding.PEM)
def isHTTP2(domain, ip): def isHTTP2(domain, ip):
...@@ -96,6 +200,17 @@ def isHTTP2(domain, ip): ...@@ -96,6 +200,17 @@ def isHTTP2(domain, ip):
return 'Using HTTP2, server supports multi-use' in err return 'Using HTTP2, server supports multi-use' in err
def getQUIC(url, ip, port):
quic_client_command = 'quic_client --disable-certificate-verification '\
'--port=%(port)s --host=%(host)s %(url)s' % dict(
port=port, host=ip, url=url)
try:
return True, subprocess.check_output(
quic_client_command.split(), stderr=subprocess.STDOUT)
except subprocess.CalledProcessError as e:
return False, e.output
class TestDataMixin(object): class TestDataMixin(object):
@staticmethod @staticmethod
def generateHashFromFiles(file_list): def generateHashFromFiles(file_list):
...@@ -233,16 +348,12 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase): ...@@ -233,16 +348,12 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
cls.software_path = os.path.realpath(os.path.join( cls.software_path = os.path.realpath(os.path.join(
cls.computer_partition_root_path, 'software_release')) cls.computer_partition_root_path, 'software_release'))
def assertLogAccessUrlWithPop(self, parameter_dict, reference): def assertLogAccessUrlWithPop(self, parameter_dict):
log_access_url = parameter_dict.pop('log-access-url') log_access_url = parameter_dict.pop('log-access-url')
try:
log_access_url_json = json.loads(log_access_url)
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (log_access_url,))
self.assertTrue(len(log_access_url_json) >= 1) self.assertTrue(len(log_access_url) >= 1)
# check only the first one, as second frontend will be stopped # check only the first one, as second frontend will be stopped
log_access = log_access_url_json[0] log_access = log_access_url[0]
entry = log_access.split(': ') entry = log_access.split(': ')
if len(entry) != 2: if len(entry) != 2:
self.fail('Cannot parse %r' % (log_access,)) self.fail('Cannot parse %r' % (log_access,))
...@@ -266,6 +377,22 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase): ...@@ -266,6 +377,22 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
self.assertTrue(key in j, 'No key %r in %s' % (key, j)) self.assertTrue(key in j, 'No key %r in %s' % (key, j))
self.assertEqual(value, j[key]) self.assertEqual(value, j[key])
def parseParameterDict(self, parameter_dict):
parsed_parameter_dict = {}
for key, value in parameter_dict.items():
if key in [
'rejected-slave-dict',
'request-error-list',
'log-access-url']:
value = json.loads(value)
parsed_parameter_dict[key] = value
return parsed_parameter_dict
def parseConnectionParameterDict(self):
return self.parseParameterDict(
self.computer_partition.getConnectionParameterDict()
)
class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
@classmethod @classmethod
...@@ -279,7 +406,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): ...@@ -279,7 +406,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
} }
def test(self): def test(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
self.assertEqual( self.assertEqual(
{ {
...@@ -288,7 +415,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin): ...@@ -288,7 +415,7 @@ class TestMasterRequest(HttpFrontendTestCase, TestDataMixin):
'accepted-slave-amount': '0', 'accepted-slave-amount': '0',
'rejected-slave-amount': '0', 'rejected-slave-amount': '0',
'slave-amount': '0', 'slave-amount': '0',
'rejected-slave-dict': '{}'}, 'rejected-slave-dict': {}},
parameter_dict parameter_dict
) )
...@@ -312,7 +439,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin): ...@@ -312,7 +439,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin):
} }
def test(self): def test(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
self.assertEqual( self.assertEqual(
...@@ -322,7 +449,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin): ...@@ -322,7 +449,7 @@ class TestMasterRequestDomain(HttpFrontendTestCase, TestDataMixin):
'accepted-slave-amount': '0', 'accepted-slave-amount': '0',
'rejected-slave-amount': '0', 'rejected-slave-amount': '0',
'slave-amount': '0', 'slave-amount': '0',
'rejected-slave-dict': '{}' 'rejected-slave-dict': {}
}, },
parameter_dict parameter_dict
) )
...@@ -353,11 +480,23 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -353,11 +480,23 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
(LOCAL_IPV4, findFreeTCPPort(LOCAL_IPV4)), (LOCAL_IPV4, findFreeTCPPort(LOCAL_IPV4)),
TestHandler) TestHandler)
cls.another_server_ca = CertificateAuthority("Another Server Root CA")
cls.test_server_ca = CertificateAuthority("Test Server Root CA")
key, key_pem, csr, csr_pem = createCSR(
"testserver.example.com", LOCAL_IPV4)
_, cls.test_server_certificate_pem = cls.test_server_ca.signCSR(csr)
cls.test_server_certificate_file = tempfile.NamedTemporaryFile(
delete=False
)
cls.test_server_certificate_file.write(
cls.test_server_certificate_pem + key_pem
)
cls.test_server_certificate_file.close()
server_https.socket = ssl.wrap_socket( server_https.socket = ssl.wrap_socket(
server_https.socket, server_https.socket,
certfile=os.path.join( certfile=cls.test_server_certificate_file.name,
os.path.dirname(os.path.realpath(__file__)),
'testserver.example.com.pem'),
server_side=True) server_side=True)
cls.backend_url = 'http://%s:%s' % server.server_address cls.backend_url = 'http://%s:%s' % server.server_address
...@@ -370,6 +509,10 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -370,6 +509,10 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
@classmethod @classmethod
def stopServerProcess(cls): def stopServerProcess(cls):
if getattr(cls, 'test_server_certificate_file', None) is not None:
os.unlink(cls.test_server_certificate_file.name)
if getattr(cls, 'server_process', None) is None:
return
cls.server_process.terminate() cls.server_process.terminate()
cls.server_https_process.terminate() cls.server_https_process.terminate()
...@@ -398,9 +541,20 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -398,9 +541,20 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
cls.slave_connection_parameter_dict_dict[slave_reference] = \ cls.slave_connection_parameter_dict_dict[slave_reference] = \
slave_instance.getConnectionParameterDict() slave_instance.getConnectionParameterDict()
@classmethod
def createWildcardExampleComCertificate(cls):
_, cls.key_pem, _, cls.certificate_pem = createSelfSignedCertificate(
[
'*.customdomain.example.com',
'*.example.com',
'*.nginx.example.com',
'*.alias1.example.com',
])
@classmethod @classmethod
def setUpClass(cls): def setUpClass(cls):
try: try:
cls.createWildcardExampleComCertificate()
cls.startServerProcess() cls.startServerProcess()
super(SlaveHttpFrontendTestCase, cls).setUpClass() super(SlaveHttpFrontendTestCase, cls).setUpClass()
cls.setUpSlaves() cls.setUpSlaves()
...@@ -489,6 +643,13 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase): ...@@ -489,6 +643,13 @@ class SlaveHttpFrontendTestCase(HttpFrontendTestCase):
def tearDown(self): def tearDown(self):
self.unpatchRequests() self.unpatchRequests()
def parseSlaveParameterDict(self, key):
return self.parseParameterDict(
self.slave_connection_parameter_dict_dict[
key
]
)
class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin): class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
caddy_custom_https = '''# caddy_custom_https_filled_in_accepted caddy_custom_https = '''# caddy_custom_https_filled_in_accepted
...@@ -557,8 +718,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -557,8 +718,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'-frontend-authorized-slave-string': '-frontend-authorized-slave-string':
'_apache_custom_http_s-accepted _caddy_custom_http_s-accepted', '_apache_custom_http_s-accepted _caddy_custom_http_s-accepted',
'port': HTTPS_PORT, 'port': HTTPS_PORT,
...@@ -570,6 +731,16 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -570,6 +731,16 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'mpm-graceful-shutdown-timeout': 2, 'mpm-graceful-shutdown-timeout': 2,
} }
@classmethod
def setUpSlaves(cls):
cls.ca = CertificateAuthority('TestSlave')
_, cls.customdomain_ca_key_pem, csr, _ = createCSR(
'customdomainsslcrtsslkeysslcacrt.example.com')
_, cls.customdomain_ca_certificate_pem = cls.ca.signCSR(csr)
_, cls.customdomain_key_pem, _, cls.customdomain_certificate_pem = \
createSelfSignedCertificate(['customdomainsslcrtsslkey.example.com'])
super(TestSlave, cls).setUpSlaves()
@classmethod @classmethod
def getSlaveParameterDictDict(cls): def getSlaveParameterDictDict(cls):
return { return {
...@@ -602,7 +773,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -602,7 +773,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'ssl-proxy-verify_ssl_proxy_ca_crt': { 'ssl-proxy-verify_ssl_proxy_ca_crt': {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
'ssl-proxy-verify': True, 'ssl-proxy-verify': True,
'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem,
},
'ssl-proxy-verify_ssl_proxy_ca_crt-unverified': {
'url': cls.backend_https_url,
'ssl-proxy-verify': True,
'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem,
}, },
'ssl-proxy-verify-unverified': { 'ssl-proxy-verify-unverified': {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
...@@ -623,31 +799,31 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -623,31 +799,31 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'custom_domain_ssl_crt_ssl_key': { 'custom_domain_ssl_crt_ssl_key': {
'url': cls.backend_url, 'url': cls.backend_url,
'custom_domain': 'customdomainsslcrtsslkey.example.com', 'custom_domain': 'customdomainsslcrtsslkey.example.com',
'ssl_crt': open('customdomainsslcrtsslkey.example.com.crt').read(), 'ssl_crt': cls.customdomain_certificate_pem,
'ssl_key': open('customdomainsslcrtsslkey.example.com.key').read(), 'ssl_key': cls.customdomain_key_pem,
}, },
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt': { 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt': {
'url': cls.backend_url, 'url': cls.backend_url,
'custom_domain': 'customdomainsslcrtsslkeysslcacrt.example.com', 'custom_domain': 'customdomainsslcrtsslkeysslcacrt.example.com',
'ssl_crt': open('CA.wildcard.example.com.crt').read(), 'ssl_crt': cls.customdomain_ca_certificate_pem,
'ssl_key': open('CA.wildcard.example.com.key').read(), 'ssl_key': cls.customdomain_ca_key_pem,
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), 'ssl_ca_crt': cls.ca.certificate_pem,
}, },
'ssl_ca_crt_only': { 'ssl_ca_crt_only': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), 'ssl_ca_crt': cls.ca.certificate_pem,
}, },
'ssl_ca_crt_garbage': { 'ssl_ca_crt_garbage': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': open('CA.wildcard.example.com.crt').read(), 'ssl_crt': cls.customdomain_ca_certificate_pem,
'ssl_key': open('CA.wildcard.example.com.key').read(), 'ssl_key': cls.customdomain_ca_key_pem,
'ssl_ca_crt': 'some garbage', 'ssl_ca_crt': 'some garbage',
}, },
'ssl_ca_crt_does_not_match': { 'ssl_ca_crt_does_not_match': {
'url': cls.backend_url, 'url': cls.backend_url,
'ssl_crt': open('wildcard.example.com.crt').read(), 'ssl_crt': cls.certificate_pem,
'ssl_key': open('wildcard.example.com.key').read(), 'ssl_key': cls.key_pem,
'ssl_ca_crt': open('CA.wildcard.example.com.root.crt').read(), 'ssl_ca_crt': cls.ca.certificate_pem,
}, },
'type-zope': { 'type-zope': {
'url': cls.backend_url, 'url': cls.backend_url,
...@@ -657,7 +833,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -657,7 +833,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
'type': 'zope', 'type': 'zope',
'ssl-proxy-verify': True, 'ssl-proxy-verify': True,
'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem,
},
'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified': {
'url': cls.backend_https_url,
'type': 'zope',
'ssl-proxy-verify': True,
'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem,
}, },
'type-zope-ssl-proxy-verify-unverified': { 'type-zope-ssl-proxy-verify-unverified': {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
...@@ -722,7 +904,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -722,7 +904,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt': { 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt': {
'url': cls.backend_https_url, 'url': cls.backend_https_url,
'enable_cache': True, 'enable_cache': True,
'ssl_proxy_ca_crt': open('testserver.root.ca.crt').read(), 'ssl_proxy_ca_crt': cls.test_server_ca.certificate_pem,
'ssl-proxy-verify': True,
},
'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified': {
'url': cls.backend_https_url,
'enable_cache': True,
'ssl_proxy_ca_crt': cls.another_server_ca.certificate_pem,
'ssl-proxy-verify': True, 'ssl-proxy-verify': True,
}, },
'enable-http2-default': { 'enable-http2-default': {
...@@ -792,21 +980,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -792,21 +980,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0] if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0]
def test_master_partition_state(self): def test_master_partition_state(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
expected_parameter_dict = { expected_parameter_dict = {
'monitor-base-url': None, 'monitor-base-url': None,
'domain': 'example.com', 'domain': 'example.com',
'accepted-slave-amount': '40', 'accepted-slave-amount': '43',
'rejected-slave-amount': '4', 'rejected-slave-amount': '4',
'slave-amount': '44', 'slave-amount': '47',
'rejected-slave-dict': 'rejected-slave-dict': {
'{"_apache_custom_http_s-rejected": ["slave not authorized"], ' "_apache_custom_http_s-rejected": ["slave not authorized"],
'"_caddy_custom_http_s": ["slave not authorized"], ' "_caddy_custom_http_s": ["slave not authorized"],
'"_caddy_custom_http_s-rejected": ["slave not authorized"], ' "_caddy_custom_http_s-rejected": ["slave not authorized"],
'"_ssl_ca_crt_only": ["ssl_ca_crt is present, so ssl_crt and ssl_key ' "_ssl_ca_crt_only": ["ssl_ca_crt is present, so ssl_crt and ssl_key "
'are required"]}' "are required"]}
} }
self.assertEqual( self.assertEqual(
...@@ -871,9 +1059,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -871,9 +1059,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_empty(self): def test_empty(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('empty')
'empty'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'empty')
self.assertEqual( self.assertEqual(
parameter_dict, parameter_dict,
{ {
...@@ -890,7 +1077,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -890,7 +1077,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -933,9 +1120,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -933,9 +1120,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_url(self): def test_url(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('url')
'url'].copy()
self.assertLogAccessUrlWithPop(parameter_dict, 'url') self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual( self.assertEqual(
{ {
'domain': 'url.example.com', 'domain': 'url.example.com',
...@@ -952,7 +1139,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -952,7 +1139,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -995,9 +1182,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -995,9 +1182,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
@skip('Feature postponed') @skip('Feature postponed')
def test_url_ipv6_access(self): def test_url_ipv6_access(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('url')
'url'].copy() self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'url')
self.assertEqual( self.assertEqual(
{ {
'domain': 'url.example.com', 'domain': 'url.example.com',
...@@ -1020,15 +1206,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1020,15 +1206,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result_ipv6.peercert)) der2pem(result_ipv6.peercert))
self.assertEqualResultJson(result_ipv6, 'Path', '/test-path') self.assertEqualResultJson(result_ipv6, 'Path', '/test-path')
def test_type_zope_path(self): def test_type_zope_path(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-zope-path')
'type-zope-path'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope-path')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopepath.example.com', 'domain': 'typezopepath.example.com',
...@@ -1045,7 +1230,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1045,7 +1230,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson( self.assertEqualResultJson(
...@@ -1056,9 +1241,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1056,9 +1241,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_type_zope_default_path(self): def test_type_zope_default_path(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-zope-default-path')
'type-zope-default-path'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope-default-path')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopedefaultpath.example.com', 'domain': 'typezopedefaultpath.example.com',
...@@ -1075,7 +1259,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1075,7 +1259,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], '') parameter_dict['domain'], parameter_dict['public-ipv4'], '')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1085,9 +1269,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1085,9 +1269,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_server_alias(self): def test_server_alias(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('server-alias')
'server-alias'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias')
self.assertEqual( self.assertEqual(
{ {
'domain': 'serveralias.example.com', 'domain': 'serveralias.example.com',
...@@ -1104,7 +1287,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1104,7 +1287,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1113,7 +1296,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1113,7 +1296,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'alias1.example.com', parameter_dict['public-ipv4'], 'test-path') 'alias1.example.com', parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1122,13 +1305,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1122,13 +1305,12 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'alias2.example.com', parameter_dict['public-ipv4'], 'test-path') 'alias2.example.com', parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
def test_server_alias_wildcard(self): def test_server_alias_wildcard(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('server-alias-wildcard')
'server-alias-wildcard'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-wildcard')
self.assertEqual( self.assertEqual(
{ {
'domain': 'serveraliaswildcard.example.com', 'domain': 'serveraliaswildcard.example.com',
...@@ -1145,7 +1327,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1145,7 +1327,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1154,15 +1336,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1154,15 +1336,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'wild.alias1.example.com', parameter_dict['public-ipv4'], 'test-path') 'wild.alias1.example.com', parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_server_alias_duplicated(self): def test_server_alias_duplicated(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('server-alias-duplicated')
'server-alias-duplicated'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-duplicated')
self.assertEqual( self.assertEqual(
{ {
'domain': 'serveraliasduplicated.example.com', 'domain': 'serveraliasduplicated.example.com',
...@@ -1179,7 +1360,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1179,7 +1360,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1188,16 +1369,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1188,16 +1369,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'alias3.example.com', parameter_dict['public-ipv4'], 'test-path') 'alias3.example.com', parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_server_alias_custom_domain_duplicated(self): def test_server_alias_custom_domain_duplicated(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'server-alias_custom_domain-duplicated'] 'server-alias_custom_domain-duplicated')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'server-alias_custom_domain-duplicated')
self.assertEqual( self.assertEqual(
{ {
'domain': 'alias4.example.com', 'domain': 'alias4.example.com',
...@@ -1214,7 +1394,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1214,7 +1394,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1225,10 +1405,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1225,10 +1405,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
raise NotImplementedError(self.id()) raise NotImplementedError(self.id())
def test_ssl_ca_crt(self): def test_ssl_ca_crt(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'custom_domain_ssl_crt_ssl_key_ssl_ca_crt'] 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'custom_domain_ssl_crt_ssl_key_ssl_ca_crt')
self.assertEqual( self.assertEqual(
{ {
'domain': 'customdomainsslcrtsslkeysslcacrt.example.com', 'domain': 'customdomainsslcrtsslkeysslcacrt.example.com',
...@@ -1246,26 +1425,23 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1246,26 +1425,23 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('CA.wildcard.example.com.crt').read(), self.customdomain_ca_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_ssl_ca_crt_only(self): def test_ssl_ca_crt_only(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_only')
'ssl_ca_crt_only']
self.assertEqual( self.assertEqual(
parameter_dict, parameter_dict,
{ {
'request-error-list': '["ssl_ca_crt is present, so ssl_crt and ' 'request-error-list': [
'ssl_key are required"]'} "ssl_ca_crt is present, so ssl_crt and ssl_key are required"]}
) )
def test_ssl_ca_crt_garbage(self): def test_ssl_ca_crt_garbage(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_garbage')
'ssl_ca_crt_garbage'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(
parameter_dict, 'ssl_ca_crt_garbage')
self.assertEqual( self.assertEqual(
{ {
'domain': 'sslcacrtgarbage.example.com', 'domain': 'sslcacrtgarbage.example.com',
...@@ -1279,20 +1455,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1279,20 +1455,13 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict parameter_dict
) )
result = self.fakeHTTPSResult( with self.assertRaises(requests.exceptions.SSLError):
self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
open('CA.wildcard.example.com.crt').read(),
der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
def test_ssl_ca_crt_does_not_match(self): def test_ssl_ca_crt_does_not_match(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('ssl_ca_crt_does_not_match')
'ssl_ca_crt_does_not_match'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(
parameter_dict, 'ssl_ca_crt_does_not_match')
self.assertEqual( self.assertEqual(
{ {
'domain': 'sslcacrtdoesnotmatch.example.com', 'domain': 'sslcacrtdoesnotmatch.example.com',
...@@ -1310,15 +1479,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1310,15 +1479,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_https_only(self): def test_https_only(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('https-only')
'https-only'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'https-only')
self.assertEqual( self.assertEqual(
{ {
'domain': 'httpsonly.example.com', 'domain': 'httpsonly.example.com',
...@@ -1335,7 +1503,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1335,7 +1503,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1349,9 +1517,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1349,9 +1517,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_custom_domain(self): def test_custom_domain(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('custom_domain')
'custom_domain'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain')
self.assertEqual( self.assertEqual(
{ {
'domain': 'customdomain.example.com', 'domain': 'customdomain.example.com',
...@@ -1368,15 +1535,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1368,15 +1535,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_custom_domain_wildcard(self): def test_custom_domain_wildcard(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('custom_domain_wildcard')
'custom_domain_wildcard'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain_wildcard')
self.assertEqual( self.assertEqual(
{ {
'domain': '*.customdomain.example.com', 'domain': '*.customdomain.example.com',
...@@ -1394,15 +1560,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1394,15 +1560,15 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'test-path') 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_custom_domain_ssl_crt_ssl_key(self): def test_custom_domain_ssl_crt_ssl_key(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'custom_domain_ssl_crt_ssl_key'] 'custom_domain_ssl_crt_ssl_key')
self.assertLogAccessUrlWithPop(parameter_dict, 'custom_domain_ssl_crt_key') self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual( self.assertEqual(
{ {
'domain': 'customdomainsslcrtsslkey.example.com', 'domain': 'customdomainsslcrtsslkey.example.com',
...@@ -1419,15 +1585,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1419,15 +1585,14 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('customdomainsslcrtsslkey.example.com.crt').read(), self.customdomain_certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_type_zope(self): def test_type_zope(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-zope')
'type-zope'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-zope')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezope.example.com', 'domain': 'typezope.example.com',
...@@ -1444,7 +1609,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1444,7 +1609,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
try: try:
...@@ -1471,10 +1636,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1471,10 +1636,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_type_zope_virtualhostroot_http_port(self): def test_type_zope_virtualhostroot_http_port(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'type-zope-virtualhostroot-http-port'] 'type-zope-virtualhostroot-http-port')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'type-zope-virtualhostroot-http-port')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopevirtualhostroothttpport.example.com', 'domain': 'typezopevirtualhostroothttpport.example.com',
...@@ -1499,10 +1663,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1499,10 +1663,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_type_zope_virtualhostroot_https_port(self): def test_type_zope_virtualhostroot_https_port(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'type-zope-virtualhostroot-https-port'] 'type-zope-virtualhostroot-https-port')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'type-zope-virtualhostroot-https-port')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopevirtualhostroothttpsport.example.com', 'domain': 'typezopevirtualhostroothttpsport.example.com',
...@@ -1520,7 +1683,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1520,7 +1683,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson( self.assertEqualResultJson(
...@@ -1531,9 +1694,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1531,9 +1694,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_type_notebook(self): def test_type_notebook(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-notebook')
'type-notebook'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-notebook')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typenotebook.nginx.example.com', 'domain': 'typenotebook.nginx.example.com',
...@@ -1551,7 +1713,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1551,7 +1713,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
NGINX_HTTPS_PORT) NGINX_HTTPS_PORT)
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -1573,9 +1735,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1573,9 +1735,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
# Caddy as a proxy in front of nginx-push-stream . If we have a # Caddy as a proxy in front of nginx-push-stream . If we have a
# "central shared" caddy instance, can it handle keeping connections # "central shared" caddy instance, can it handle keeping connections
# opens for many clients ? # opens for many clients ?
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-eventsource')
'type-eventsource'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-eventsource')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typeeventsource.nginx.example.com', 'domain': 'typeeventsource.nginx.example.com',
...@@ -1593,7 +1754,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1593,7 +1754,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
NGINX_HTTPS_PORT) NGINX_HTTPS_PORT)
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1615,9 +1776,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1615,9 +1776,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_type_redirect(self): def test_type_redirect(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('type-redirect')
'type-redirect'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'type-redirect')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typeredirect.example.com', 'domain': 'typeredirect.example.com',
...@@ -1634,7 +1794,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1634,7 +1794,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1642,12 +1802,50 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1642,12 +1802,50 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result.headers['Location'] result.headers['Location']
) )
def test_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self):
parameter_dict = self.parseSlaveParameterDict(
'ssl-proxy-verify_ssl_proxy_ca_crt-unverified')
self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual(
{
'domain': 'sslproxyverifysslproxycacrtunverified.example.com',
'replication_number': '1',
'url': 'http://sslproxyverifysslproxycacrtunverified.example.com',
'site_url':
'http://sslproxyverifysslproxycacrtunverified.example.com',
'secure_access':
'https://sslproxyverifysslproxycacrtunverified.example.com',
'public-ipv4': LOCAL_IPV4,
},
parameter_dict
)
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
self.assertEqual(
httplib.BAD_GATEWAY,
result.status_code
)
result_http = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
httplib.BAD_GATEWAY,
result_http.status_code
)
def test_ssl_proxy_verify_ssl_proxy_ca_crt(self): def test_ssl_proxy_verify_ssl_proxy_ca_crt(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'ssl-proxy-verify_ssl_proxy_ca_crt'] 'ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertEqual( self.assertEqual(
{ {
'domain': 'sslproxyverifysslproxycacrt.example.com', 'domain': 'sslproxyverifysslproxycacrt.example.com',
...@@ -1664,28 +1862,52 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1664,28 +1862,52 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, 'gzip',
result.status_code result.headers['Content-Encoding']
)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result.headers['Set-Cookie']
) )
result_http = self.fakeHTTPResult( result_http = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqualResultJson(result_http, 'Path', '/test-path')
try:
j = result_http.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, 'gzip',
result_http.status_code result_http.headers['Content-Encoding']
)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_http.headers['Set-Cookie']
) )
def test_ssl_proxy_verify_unverified(self): def test_ssl_proxy_verify_unverified(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'ssl-proxy-verify-unverified'] 'ssl-proxy-verify-unverified')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'ssl-proxy-verify-unverified')
self.assertEqual( self.assertEqual(
{ {
'domain': 'sslproxyverifyunverified.example.com', 'domain': 'sslproxyverifyunverified.example.com',
...@@ -1702,7 +1924,40 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1702,7 +1924,40 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert))
self.assertEqual(
httplib.BAD_GATEWAY,
result.status_code
)
def test_enable_cache_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self):
parameter_dict = self.parseSlaveParameterDict(
'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified')
self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual(
{
'domain':
'enablecachesslproxyverifysslproxycacrtunverified.example.com',
'replication_number': '1',
'url':
'http://enablecachesslproxyverifysslproxycacrtunverified.example.com',
'site_url':
'http://enablecachesslproxyverifysslproxycacrtunverified.example.com',
'secure_access':
'https://enablecachesslproxyverifysslproxycacrtunverified.example.com',
'public-ipv4': LOCAL_IPV4,
},
parameter_dict
)
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1710,12 +1965,19 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1710,12 +1965,19 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result.status_code result.status_code
) )
result_http = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
httplib.BAD_GATEWAY,
result_http.status_code
)
def test_enable_cache_ssl_proxy_verify_ssl_proxy_ca_crt(self): def test_enable_cache_ssl_proxy_verify_ssl_proxy_ca_crt(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt'] 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablecachesslproxyverifysslproxycacrt.example.com', 'domain': 'enablecachesslproxyverifysslproxycacrt.example.com',
...@@ -1734,28 +1996,82 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1734,28 +1996,82 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path')
headers = result.headers.copy()
self.assertKeyWithPop('Via', headers)
self.assertKeyWithPop('Server', headers)
self.assertKeyWithPop('Date', headers)
self.assertKeyWithPop('Age', headers)
# drop keys appearing randomly in headers
headers.pop('Transfer-Encoding', None)
headers.pop('Content-Length', None)
headers.pop('Connection', None)
headers.pop('Keep-Alive', None)
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, {'Content-type': 'application/json',
result.status_code 'Set-Cookie': 'secured=value;secure, nonsecured=value',
'Content-Encoding': 'gzip', 'Vary': 'Accept-Encoding'},
headers
) )
result_http = self.fakeHTTPResult( result_direct = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26011)
self.assertEqualResultJson(result_direct, 'Path', '/test-path')
try:
j = result_direct.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result_direct.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, 'gzip',
result_http.status_code result_direct.headers['Content-Encoding']
)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct.headers['Set-Cookie']
)
result_direct_https_backend = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path',
port=26012)
self.assertEqualResultJson(
result_direct_https_backend, 'Path', '/test-path')
try:
j = result_direct_https_backend.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (
result_direct_https_backend.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqual(
'gzip',
result_direct_https_backend.headers['Content-Encoding']
)
self.assertEqual(
'secured=value;secure, nonsecured=value',
result_direct_https_backend.headers['Set-Cookie']
) )
def test_enable_cache_ssl_proxy_verify_unverified(self): def test_enable_cache_ssl_proxy_verify_unverified(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'enable_cache-ssl-proxy-verify-unverified'] 'enable_cache-ssl-proxy-verify-unverified')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'enable_cache-ssl-proxy-verify-unverified')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablecachesslproxyverifyunverified.example.com', 'domain': 'enablecachesslproxyverifyunverified.example.com',
...@@ -1773,7 +2089,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1773,7 +2089,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1781,20 +2097,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1781,20 +2097,21 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
result.status_code result.status_code
) )
def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt(self): def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt_unverified(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt'] 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopesslproxyverifysslproxycacrt.example.com', 'domain': 'typezopesslproxyverifysslproxycacrtunverified.example.com',
'replication_number': '1', 'replication_number': '1',
'url': 'http://typezopesslproxyverifysslproxycacrt.example.com', 'url':
'site_url': 'http://typezopesslproxyverifysslproxycacrt.example.com', 'http://typezopesslproxyverifysslproxycacrtunverified.example.com',
'site_url':
'http://typezopesslproxyverifysslproxycacrtunverified.example.com',
'secure_access': 'secure_access':
'https://typezopesslproxyverifysslproxycacrt.example.com', 'https://typezopesslproxyverifysslproxycacrtunverified.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
}, },
parameter_dict parameter_dict
...@@ -1804,11 +2121,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1804,11 +2121,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, httplib.BAD_GATEWAY,
result.status_code result.status_code
) )
...@@ -1816,16 +2133,65 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1816,16 +2133,65 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
httplib.NOT_IMPLEMENTED, httplib.BAD_GATEWAY,
result_http.status_code result_http.status_code
) )
def test_type_zope_ssl_proxy_verify_ssl_proxy_ca_crt(self):
parameter_dict = self.parseSlaveParameterDict(
'type-zope-ssl-proxy-verify_ssl_proxy_ca_crt')
self.assertLogAccessUrlWithPop(parameter_dict)
self.assertEqual(
{
'domain': 'typezopesslproxyverifysslproxycacrt.example.com',
'replication_number': '1',
'url': 'http://typezopesslproxyverifysslproxycacrt.example.com',
'site_url': 'http://typezopesslproxyverifysslproxycacrt.example.com',
'secure_access':
'https://typezopesslproxyverifysslproxycacrt.example.com',
'public-ipv4': LOCAL_IPV4,
},
parameter_dict
)
result = self.fakeHTTPSResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual(
self.certificate_pem,
der2pem(result.peercert))
try:
j = result.json()
except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,))
self.assertFalse('remote_user' in j['Incoming Headers'].keys())
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/https//'
'typezopesslproxyverifysslproxycacrt.example.com:443/'
'/VirtualHostRoot/test-path'
)
result = self.fakeHTTPResult(
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqualResultJson(
result,
'Path',
'/VirtualHostBase/http//'
'typezopesslproxyverifysslproxycacrt.example.com:80/'
'/VirtualHostRoot/test-path'
)
def test_type_zope_ssl_proxy_verify_unverified(self): def test_type_zope_ssl_proxy_verify_unverified(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'type-zope-ssl-proxy-verify-unverified'] 'type-zope-ssl-proxy-verify-unverified')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'type-zope-ssl-proxy-verify-unverified')
self.assertEqual( self.assertEqual(
{ {
'domain': 'typezopesslproxyverifyunverified.example.com', 'domain': 'typezopesslproxyverifyunverified.example.com',
...@@ -1843,7 +2209,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1843,7 +2209,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -1852,9 +2218,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1852,9 +2218,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_monitor_ipv6_test(self): def test_monitor_ipv6_test(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('monitor-ipv6-test')
'monitor-ipv6-test'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv6-test')
self.assertEqual( self.assertEqual(
{ {
'domain': 'monitoripv6test.example.com', 'domain': 'monitoripv6test.example.com',
...@@ -1871,7 +2236,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1871,7 +2236,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -1895,9 +2260,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1895,9 +2260,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_monitor_ipv4_test(self): def test_monitor_ipv4_test(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('monitor-ipv4-test')
'monitor-ipv4-test'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv4-test')
self.assertEqual( self.assertEqual(
{ {
'domain': 'monitoripv4test.example.com', 'domain': 'monitoripv4test.example.com',
...@@ -1914,7 +2278,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1914,7 +2278,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -1938,9 +2302,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1938,9 +2302,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_re6st_optimal_test(self): def test_re6st_optimal_test(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test')
're6st-optimal-test'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 're6st-optimal-test')
self.assertEqual( self.assertEqual(
{ {
'domain': 're6stoptimaltest.example.com', 'domain': 're6stoptimaltest.example.com',
...@@ -1957,7 +2320,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1957,7 +2320,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -1982,9 +2345,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -1982,9 +2345,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_enable_cache(self): def test_enable_cache(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable_cache')
'enable_cache'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable_cache')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablecache.example.com', 'domain': 'enablecache.example.com',
...@@ -2001,7 +2363,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2001,7 +2363,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2073,10 +2435,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2073,10 +2435,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_enable_cache_disable_no_cache_request(self): def test_enable_cache_disable_no_cache_request(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'enable_cache-disable-no-cache-request'] 'enable_cache-disable-no-cache-request')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'enable_cache-disable-no-cache-request')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablecachedisablenocacherequest.example.com', 'domain': 'enablecachedisablenocacherequest.example.com',
...@@ -2095,7 +2456,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2095,7 +2456,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
headers={'Pragma': 'no-cache', 'Cache-Control': 'something'}) headers={'Pragma': 'no-cache', 'Cache-Control': 'something'})
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2127,10 +2488,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2127,10 +2488,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertFalse('pragma' in j['Incoming Headers'].keys()) self.assertFalse('pragma' in j['Incoming Headers'].keys())
def test_enable_cache_disable_via_header(self): def test_enable_cache_disable_via_header(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'enable_cache-disable-via-header'] 'enable_cache-disable-via-header')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'enable_cache-disable-via-header')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablecachedisableviaheader.example.com', 'domain': 'enablecachedisableviaheader.example.com',
...@@ -2148,7 +2508,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2148,7 +2508,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2173,9 +2533,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2173,9 +2533,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
) )
def test_enable_http2_false(self): def test_enable_http2_false(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-false')
'enable-http2-false'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2false.example.com', 'domain': 'enablehttp2false.example.com',
...@@ -2193,7 +2552,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2193,7 +2552,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2223,9 +2582,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2223,9 +2582,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_enable_http2_default(self): def test_enable_http2_default(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-default')
'enable-http2-default'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2default.example.com', 'domain': 'enablehttp2default.example.com',
...@@ -2243,7 +2601,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2243,7 +2601,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2273,10 +2631,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2273,10 +2631,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_prefer_gzip_encoding_to_backend(self): def test_prefer_gzip_encoding_to_backend(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'prefer-gzip-encoding-to-backend'] 'prefer-gzip-encoding-to-backend')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'prefer-gzip-encoding-to-backend')
self.assertEqual( self.assertEqual(
{ {
'domain': 'prefergzipencodingtobackend.example.com', 'domain': 'prefergzipencodingtobackend.example.com',
...@@ -2295,7 +2652,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2295,7 +2652,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
headers={'Accept-Encoding': 'gzip, deflate'}) headers={'Accept-Encoding': 'gzip, deflate'})
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2313,9 +2670,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2313,9 +2670,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'deflate', result.json()['Incoming Headers']['accept-encoding']) 'deflate', result.json()['Incoming Headers']['accept-encoding'])
def test_disabled_cookie_list(self): def test_disabled_cookie_list(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('disabled-cookie-list')
'disabled-cookie-list'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'disabled-cookie-list')
self.assertEqual( self.assertEqual(
{ {
'domain': 'disabledcookielist.example.com', 'domain': 'disabledcookielist.example.com',
...@@ -2337,7 +2693,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2337,7 +2693,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
)) ))
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2346,11 +2702,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2346,11 +2702,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
'Coffee=present', result.json()['Incoming Headers']['cookie']) 'Coffee=present', result.json()['Incoming Headers']['cookie'])
def test_apache_custom_http_s_rejected(self): def test_apache_custom_http_s_rejected(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'apache_custom_http_s-rejected'] 'apache_custom_http_s-rejected')
self.assertEqual( self.assertEqual(
{ {
'request-error-list': '["slave not authorized"]' 'request-error-list': ["slave not authorized"]
}, },
parameter_dict) parameter_dict)
slave_configuration_file_list = glob.glob(os.path.join( slave_configuration_file_list = glob.glob(os.path.join(
...@@ -2367,10 +2723,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2367,10 +2723,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual([], configuration_file_with_custom_http_list) self.assertEqual([], configuration_file_with_custom_http_list)
def test_apache_custom_http_s_accepted(self): def test_apache_custom_http_s_accepted(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'apache_custom_http_s-accepted'] 'apache_custom_http_s-accepted')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'apache_custom_http_s-accepted')
self.assertEqual( self.assertEqual(
{'replication_number': '1', 'public-ipv4': LOCAL_IPV4}, {'replication_number': '1', 'public-ipv4': LOCAL_IPV4},
parameter_dict parameter_dict
...@@ -2381,7 +2736,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2381,7 +2736,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['public-ipv4'], 'test-path') parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2424,11 +2779,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2424,11 +2779,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual(1, len(configuration_file_with_custom_http_list)) self.assertEqual(1, len(configuration_file_with_custom_http_list))
def test_caddy_custom_http_s_rejected(self): def test_caddy_custom_http_s_rejected(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'caddy_custom_http_s-rejected'] 'caddy_custom_http_s-rejected')
self.assertEqual( self.assertEqual(
{ {
'request-error-list': '["slave not authorized"]' 'request-error-list': ["slave not authorized"]
}, },
parameter_dict) parameter_dict)
slave_configuration_file_list = glob.glob(os.path.join( slave_configuration_file_list = glob.glob(os.path.join(
...@@ -2445,11 +2800,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2445,11 +2800,11 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual([], configuration_file_with_custom_http_list) self.assertEqual([], configuration_file_with_custom_http_list)
def test_caddy_custom_http_s(self): def test_caddy_custom_http_s(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'caddy_custom_http_s'] 'caddy_custom_http_s')
self.assertEqual( self.assertEqual(
{ {
'request-error-list': '["slave not authorized"]' 'request-error-list': ["slave not authorized"]
}, },
parameter_dict) parameter_dict)
slave_configuration_file_list = glob.glob(os.path.join( slave_configuration_file_list = glob.glob(os.path.join(
...@@ -2466,10 +2821,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2466,10 +2821,9 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual([], configuration_file_with_custom_http_list) self.assertEqual([], configuration_file_with_custom_http_list)
def test_caddy_custom_http_s_accepted(self): def test_caddy_custom_http_s_accepted(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'caddy_custom_http_s-accepted'] 'caddy_custom_http_s-accepted')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'caddy_custom_http_s-accepted')
self.assertEqual( self.assertEqual(
{'replication_number': '1', 'public-ipv4': LOCAL_IPV4}, {'replication_number': '1', 'public-ipv4': LOCAL_IPV4},
parameter_dict parameter_dict
...@@ -2480,7 +2834,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2480,7 +2834,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['public-ipv4'], 'test-path') parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2523,9 +2877,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2523,9 +2877,8 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
self.assertEqual(1, len(configuration_file_with_custom_http_list)) self.assertEqual(1, len(configuration_file_with_custom_http_list))
def test_https_url(self): def test_https_url(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('url_https-url')
'url_https-url'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'url_https-url')
self.assertEqual( self.assertEqual(
{ {
'domain': 'urlhttpsurl.example.com', 'domain': 'urlhttpsurl.example.com',
...@@ -2542,7 +2895,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s { ...@@ -2542,7 +2895,7 @@ http://apachecustomhttpsaccepted.example.com:%%(http_port)s {
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/https/test-path') self.assertEqualResultJson(result, 'Path', '/https/test-path')
...@@ -2559,8 +2912,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2559,8 +2912,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'-frontend-quantity': 2, '-frontend-quantity': 2,
'-sla-2-computer_guid': 'slapos.test', '-sla-2-computer_guid': 'slapos.test',
'-frontend-2-state': 'stopped', '-frontend-2-state': 'stopped',
...@@ -2582,9 +2935,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2582,9 +2935,8 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
} }
def test(self): def test(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('replicate')
'replicate'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'replicate')
self.assertEqual( self.assertEqual(
{ {
'domain': 'replicate.example.com', 'domain': 'replicate.example.com',
...@@ -2601,7 +2953,7 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -2601,7 +2953,7 @@ class TestReplicateSlave(SlaveHttpFrontendTestCase, TestDataMixin):
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -2631,8 +2983,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, ...@@ -2631,8 +2983,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'enable-http2-by-default': 'false', 'enable-http2-by-default': 'false',
'port': HTTPS_PORT, 'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT, 'plain_http_port': HTTP_PORT,
...@@ -2656,9 +3008,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, ...@@ -2656,9 +3008,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
} }
def test_enable_http2_default(self): def test_enable_http2_default(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-default')
'enable-http2-default'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2default.example.com', 'domain': 'enablehttp2default.example.com',
...@@ -2676,9 +3027,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, ...@@ -2676,9 +3027,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_enable_http2_false(self): def test_enable_http2_false(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-false')
'enable-http2-false'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2false.example.com', 'domain': 'enablehttp2false.example.com',
...@@ -2696,9 +3046,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase, ...@@ -2696,9 +3046,8 @@ class TestEnableHttp2ByDefaultFalseSlave(SlaveHttpFrontendTestCase,
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_enable_http2_true(self): def test_enable_http2_true(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-true')
'enable-http2-true'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-true')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2true.example.com', 'domain': 'enablehttp2true.example.com',
...@@ -2724,8 +3073,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, ...@@ -2724,8 +3073,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'port': HTTPS_PORT, 'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT, 'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT, 'nginx_port': NGINX_HTTPS_PORT,
...@@ -2748,9 +3097,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, ...@@ -2748,9 +3097,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
} }
def test_enable_http2_default(self): def test_enable_http2_default(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-default')
'enable-http2-default'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-default')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2default.example.com', 'domain': 'enablehttp2default.example.com',
...@@ -2768,9 +3116,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, ...@@ -2768,9 +3116,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_enable_http2_false(self): def test_enable_http2_false(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-false')
'enable-http2-false'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-false')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2false.example.com', 'domain': 'enablehttp2false.example.com',
...@@ -2788,9 +3135,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase, ...@@ -2788,9 +3135,8 @@ class TestEnableHttp2ByDefaultDefaultSlave(SlaveHttpFrontendTestCase,
isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4'])) isHTTP2(parameter_dict['domain'], parameter_dict['public-ipv4']))
def test_enable_http2_true(self): def test_enable_http2_true(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('enable-http2-true')
'enable-http2-true'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'enable-http2-true')
self.assertEqual( self.assertEqual(
{ {
'domain': 'enablehttp2true.example.com', 'domain': 'enablehttp2true.example.com',
...@@ -2829,9 +3175,8 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase, ...@@ -2829,9 +3175,8 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
} }
def test_default(self): def test_default(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('default')
'default'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'default')
self.assertEqual( self.assertEqual(
{ {
'domain': 'default.None', 'domain': 'default.None',
...@@ -2879,9 +3224,8 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2879,9 +3224,8 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase,
} }
def test_default(self): def test_default(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('default')
'default'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'default')
self.assertEqual( self.assertEqual(
{ {
'domain': 'default.None', 'domain': 'default.None',
...@@ -2915,8 +3259,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2915,8 +3259,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'port': HTTPS_PORT, 'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT, 'plain_http_port': HTTP_PORT,
'nginx_port': NGINX_HTTPS_PORT, 'nginx_port': NGINX_HTTPS_PORT,
...@@ -2939,7 +3283,7 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2939,7 +3283,7 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
} }
def test_master_partition_state(self): def test_master_partition_state(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
expected_parameter_dict = { expected_parameter_dict = {
...@@ -2948,10 +3292,11 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2948,10 +3292,11 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
'accepted-slave-amount': '1', 'accepted-slave-amount': '1',
'rejected-slave-amount': '2', 'rejected-slave-amount': '2',
'slave-amount': '3', 'slave-amount': '3',
'rejected-slave-dict': 'rejected-slave-dict': {
'{"_https-url": ["slave https-url \\"https://[fd46::c2ae]:!py!u\'123123' '_https-url': ['slave https-url "https://[fd46::c2ae]:!py!u\'123123\'"'
'\'\\" invalid"], "_url": ["slave url \\"https://[fd46::c2ae]:!py!u\'' ' invalid'],
'123123\'\\" invalid"]}' '_url': [u'slave url "https://[fd46::c2ae]:!py!u\'123123\'" invalid']
}
} }
self.assertEqual( self.assertEqual(
...@@ -2960,9 +3305,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2960,9 +3305,8 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
) )
def test_empty(self): def test_empty(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('empty')
'empty'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'empty')
self.assertEqual( self.assertEqual(
{ {
'domain': 'empty.example.com', 'domain': 'empty.example.com',
...@@ -2979,29 +3323,27 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase, ...@@ -2979,29 +3323,27 @@ class TestMalformedBackenUrlSlave(SlaveHttpFrontendTestCase,
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
def test_url(self): def test_url(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('url')
'url'].copy()
self.assertEqual( self.assertEqual(
{ {
'request-error-list': '["slave url \\"https://[fd46::c2ae]:!py!' 'request-error-list': [
'u\'123123\'\\" invalid"]' "slave url \"https://[fd46::c2ae]:!py!u'123123'\" invalid"]
}, },
parameter_dict parameter_dict
) )
def test_https_url(self): def test_https_url(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('https-url')
'https-url'].copy()
self.assertEqual( self.assertEqual(
{ {
'request-error-list': '["slave https-url \\"https://[fd46::c2ae]:' 'request-error-list': [
'!py!u\'123123\'\\" invalid"]' "slave https-url \"https://[fd46::c2ae]:!py!u'123123'\" invalid"]
}, },
parameter_dict parameter_dict
) )
...@@ -3023,8 +3365,7 @@ class TestDefaultMonitorHttpdPort(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3023,8 +3365,7 @@ class TestDefaultMonitorHttpdPort(SlaveHttpFrontendTestCase, TestDataMixin):
} }
def test(self): def test(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('test')
'test']
self.assertKeyWithPop('log-access-url', parameter_dict) self.assertKeyWithPop('log-access-url', parameter_dict)
self.assertEqual( self.assertEqual(
{ {
...@@ -3054,8 +3395,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3054,8 +3395,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'enable-quic': 'true', 'enable-quic': 'true',
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'-frontend-authorized-slave-string': '-frontend-authorized-slave-string':
'_apache_custom_http_s-accepted _caddy_custom_http_s-accepted', '_apache_custom_http_s-accepted _caddy_custom_http_s-accepted',
'port': HTTPS_PORT, 'port': HTTPS_PORT,
...@@ -3090,9 +3431,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3090,9 +3431,8 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0] if os.path.exists(os.path.join(q, 'etc', 'trafficserver'))][0]
def test_url(self): def test_url(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('url')
'url'].copy() self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'url')
self.assertEqual( self.assertEqual(
{ {
'domain': 'url.example.com', 'domain': 'url.example.com',
...@@ -3109,7 +3449,7 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3109,7 +3449,7 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
...@@ -3123,35 +3463,26 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3123,35 +3463,26 @@ class TestQuicEnabled(SlaveHttpFrontendTestCase, TestDataMixin):
self.assertKeyWithPop('Date', result.headers) self.assertKeyWithPop('Date', result.headers)
self.assertKeyWithPop('Content-Length', result.headers) self.assertKeyWithPop('Content-Length', result.headers)
self.assertEqual( quic_status, quic_result = getQUIC(
{'Content-Encoding': 'gzip', 'https://%s/%s' % (parameter_dict['domain'], 'test-path'),
'Alt-Svc': 'quic=":11443"; ma=2592000; v="39"', # QUIC advertises parameter_dict['public-ipv4'],
'Set-Cookie': 'secured=value;secure, nonsecured=value', HTTPS_PORT
'Vary': 'Accept-Encoding',
'Server': 'Caddy, BaseHTTP/0.3 Python/2.7.14',
'Content-Type': 'application/json'},
result.headers
) )
result_http = self.fakeHTTPResult( self.assertTrue(quic_status, quic_result)
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqualResultJson(result_http, 'Path', '/test-path')
try: try:
j = result_http.json() quic_jsoned = quic_result.split('body: ')[2].split('trailers')[0]
except Exception: except Exception:
raise ValueError('JSON decode problem in:\n%s' % (result.text,)) raise ValueError('JSON not found at all in QUIC result:\n%s' % (
self.assertFalse('remote_user' in j['Incoming Headers'].keys()) quic_result,))
try:
self.assertEqual( j = json.loads(quic_jsoned)
'gzip', except Exception:
result_http.headers['Content-Encoding'] raise ValueError('JSON decode problem in:\n%s' % (quic_jsoned,))
) key = 'Path'
self.assertTrue(key in j, 'No key %r in %s' % (key, j))
self.assertEqual( self.assertEqual('/test-path', j[key])
'secured=value;secure, nonsecured=value',
result_http.headers['Set-Cookie']
)
class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin): class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin):
...@@ -3161,8 +3492,8 @@ class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3161,8 +3492,8 @@ class TestSlaveBadParameters(SlaveHttpFrontendTestCase, TestDataMixin):
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'-frontend-authorized-slave-string': '_caddy_custom_http_s-reject', '-frontend-authorized-slave-string': '_caddy_custom_http_s-reject',
'port': HTTPS_PORT, 'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT, 'plain_http_port': HTTP_PORT,
...@@ -3231,7 +3562,7 @@ https://www.google.com {}""", ...@@ -3231,7 +3562,7 @@ https://www.google.com {}""",
} }
def test_master_partition_state(self): def test_master_partition_state(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
expected_parameter_dict = { expected_parameter_dict = {
...@@ -3240,14 +3571,21 @@ https://www.google.com {}""", ...@@ -3240,14 +3571,21 @@ https://www.google.com {}""",
'accepted-slave-amount': '8', 'accepted-slave-amount': '8',
'rejected-slave-amount': '4', 'rejected-slave-amount': '4',
'slave-amount': '12', 'slave-amount': '12',
'rejected-slave-dict': 'rejected-slave-dict': {
'{"_caddy_custom_http_s-reject": ["slave caddy_custom_http ' '_caddy_custom_http_s-reject': [
'configuration invalid", "slave caddy_custom_https configuration ' 'slave caddy_custom_http configuration invalid',
'invalid"], "_server-alias-unsafe": ["server-alias \'${section:option}\'' 'slave caddy_custom_https configuration invalid'],
' not valid", "server-alias \'afterspace\' not valid"], ' '_custom_domain-unsafe': [
'"_custom_domain-unsafe": ["custom_domain \'${section:option} ' "custom_domain '${section:option} afterspace\\nafternewline' invalid"
'afterspace\\\\nafternewline\' invalid"], "_ssl_key-ssl_crt-unsafe": ' ],
'["slave ssl_key and ssl_crt does not match"]}' '_server-alias-unsafe': [
"server-alias '${section:option}' not valid",
"server-alias 'afterspace' not valid"
],
'_ssl_key-ssl_crt-unsafe': [
'slave ssl_key and ssl_crt does not match'
]
}
} }
self.assertEqual( self.assertEqual(
...@@ -3256,9 +3594,8 @@ https://www.google.com {}""", ...@@ -3256,9 +3594,8 @@ https://www.google.com {}""",
) )
def test_server_alias_same(self): def test_server_alias_same(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('server-alias-same')
'server-alias-same'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'server-alias-same')
self.assertEqual( self.assertEqual(
{ {
'domain': 'serveraliassame.example.com', 'domain': 'serveraliassame.example.com',
...@@ -3275,15 +3612,14 @@ https://www.google.com {}""", ...@@ -3275,15 +3612,14 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson(result, 'Path', '/test-path') self.assertEqualResultJson(result, 'Path', '/test-path')
def test_re6st_optimal_test_unsafe(self): def test_re6st_optimal_test_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test-unsafe')
're6st-optimal-test-unsafe'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 're6st-optimal-test-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 're6stoptimaltestunsafe.example.com', 'domain': 're6stoptimaltestunsafe.example.com',
...@@ -3300,7 +3636,7 @@ https://www.google.com {}""", ...@@ -3300,7 +3636,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -3325,10 +3661,8 @@ https://www.google.com {}""", ...@@ -3325,10 +3661,8 @@ https://www.google.com {}""",
) )
def test_re6st_optimal_test_nocomma(self): def test_re6st_optimal_test_nocomma(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('re6st-optimal-test-nocomma')
're6st-optimal-test-nocomma'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(
parameter_dict, 're6st-optimal-test-nocomma')
self.assertEqual( self.assertEqual(
{ {
'domain': 're6stoptimaltestnocomma.example.com', 'domain': 're6stoptimaltestnocomma.example.com',
...@@ -3345,7 +3679,7 @@ https://www.google.com {}""", ...@@ -3345,7 +3679,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -3361,34 +3695,31 @@ https://www.google.com {}""", ...@@ -3361,34 +3695,31 @@ https://www.google.com {}""",
) )
def test_custom_domain_unsafe(self): def test_custom_domain_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('custom_domain-unsafe')
'custom_domain-unsafe']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': [
'["custom_domain \'${section:option} afterspace\\\\nafternewline\' ' "custom_domain '${section:option} afterspace\\nafternewline' invalid"
'invalid"]' ]
}, },
parameter_dict parameter_dict
) )
def test_server_alias_unsafe(self): def test_server_alias_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('server-alias-unsafe')
'server-alias-unsafe']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': [
'["server-alias \'${section:option}\' not valid", "server-alias ' "server-alias '${section:option}' not valid", "server-alias "
'\'afterspace\' not valid"]' "'afterspace' not valid"]
}, },
parameter_dict parameter_dict
) )
def test_virtualhostroot_http_port_unsafe(self): def test_virtualhostroot_http_port_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'virtualhostroot-http-port-unsafe'] 'virtualhostroot-http-port-unsafe')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'virtualhostroot-http-port-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 'virtualhostroothttpportunsafe.example.com', 'domain': 'virtualhostroothttpportunsafe.example.com',
...@@ -3413,10 +3744,9 @@ https://www.google.com {}""", ...@@ -3413,10 +3744,9 @@ https://www.google.com {}""",
) )
def test_virtualhostroot_https_port_unsafe(self): def test_virtualhostroot_https_port_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict(
'virtualhostroot-https-port-unsafe'] 'virtualhostroot-https-port-unsafe')
self.assertLogAccessUrlWithPop( self.assertLogAccessUrlWithPop(parameter_dict)
parameter_dict, 'virtualhostroot-https-port-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 'virtualhostroothttpsportunsafe.example.com', 'domain': 'virtualhostroothttpsportunsafe.example.com',
...@@ -3434,7 +3764,7 @@ https://www.google.com {}""", ...@@ -3434,7 +3764,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqualResultJson( self.assertEqualResultJson(
...@@ -3445,9 +3775,8 @@ https://www.google.com {}""", ...@@ -3445,9 +3775,8 @@ https://www.google.com {}""",
) )
def default_path_unsafe(self): def default_path_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('default-path-unsafe')
'default-path-unsafe'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'default-path-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 'defaultpathunsafe.example.com', 'domain': 'defaultpathunsafe.example.com',
...@@ -3464,7 +3793,7 @@ https://www.google.com {}""", ...@@ -3464,7 +3793,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], '') parameter_dict['domain'], parameter_dict['public-ipv4'], '')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual( self.assertEqual(
...@@ -3474,9 +3803,8 @@ https://www.google.com {}""", ...@@ -3474,9 +3803,8 @@ https://www.google.com {}""",
) )
def test_monitor_ipv4_test_unsafe(self): def test_monitor_ipv4_test_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('monitor-ipv4-test-unsafe')
'monitor-ipv4-test-unsafe'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv4-test-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 'monitoripv4testunsafe.example.com', 'domain': 'monitoripv4testunsafe.example.com',
...@@ -3493,7 +3821,7 @@ https://www.google.com {}""", ...@@ -3493,7 +3821,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -3517,9 +3845,8 @@ https://www.google.com {}""", ...@@ -3517,9 +3845,8 @@ https://www.google.com {}""",
) )
def test_monitor_ipv6_test_unsafe(self): def test_monitor_ipv6_test_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('monitor-ipv6-test-unsafe')
'monitor-ipv6-test-unsafe'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'monitor-ipv6-test-unsafe')
self.assertEqual( self.assertEqual(
{ {
'domain': 'monitoripv6testunsafe.example.com', 'domain': 'monitoripv6testunsafe.example.com',
...@@ -3536,7 +3863,7 @@ https://www.google.com {}""", ...@@ -3536,7 +3863,7 @@ https://www.google.com {}""",
parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path') parameter_dict['domain'], parameter_dict['public-ipv4'], 'test-path')
self.assertEqual( self.assertEqual(
open('wildcard.example.com.crt').read(), self.certificate_pem,
der2pem(result.peercert)) der2pem(result.peercert))
self.assertEqual(httplib.NOT_FOUND, result.status_code) self.assertEqual(httplib.NOT_FOUND, result.status_code)
...@@ -3560,21 +3887,20 @@ https://www.google.com {}""", ...@@ -3560,21 +3887,20 @@ https://www.google.com {}""",
) )
def test_ssl_key_ssl_crt_unsafe(self): def test_ssl_key_ssl_crt_unsafe(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('ssl_key-ssl_crt-unsafe')
'ssl_key-ssl_crt-unsafe']
self.assertEqual( self.assertEqual(
{'request-error-list': '["slave ssl_key and ssl_crt does not match"]'}, {'request-error-list': ["slave ssl_key and ssl_crt does not match"]},
parameter_dict parameter_dict
) )
def test_caddy_custom_http_s_reject(self): def test_caddy_custom_http_s_reject(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('caddy_custom_http_s-reject')
'caddy_custom_http_s-reject']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': [
'["slave caddy_custom_http configuration invalid", ' "slave caddy_custom_http configuration invalid",
'"slave caddy_custom_https configuration invalid"]' "slave caddy_custom_https configuration invalid"
]
}, },
parameter_dict parameter_dict
) )
...@@ -3587,8 +3913,8 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3587,8 +3913,8 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
'domain': 'example.com', 'domain': 'example.com',
'nginx-domain': 'nginx.example.com', 'nginx-domain': 'nginx.example.com',
'public-ipv4': LOCAL_IPV4, 'public-ipv4': LOCAL_IPV4,
'apache-certificate': open('wildcard.example.com.crt').read(), 'apache-certificate': cls.certificate_pem,
'apache-key': open('wildcard.example.com.key').read(), 'apache-key': cls.key_pem,
'-frontend-authorized-slave-string': '_caddy_custom_http_s-reject', '-frontend-authorized-slave-string': '_caddy_custom_http_s-reject',
'port': HTTPS_PORT, 'port': HTTPS_PORT,
'plain_http_port': HTTP_PORT, 'plain_http_port': HTTP_PORT,
...@@ -3618,7 +3944,7 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3618,7 +3944,7 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
} }
def test_master_partition_state(self): def test_master_partition_state(self):
parameter_dict = self.computer_partition.getConnectionParameterDict() parameter_dict = self.parseConnectionParameterDict()
self.assertKeyWithPop('monitor-setup-url', parameter_dict) self.assertKeyWithPop('monitor-setup-url', parameter_dict)
expected_parameter_dict = { expected_parameter_dict = {
...@@ -3627,10 +3953,11 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3627,10 +3953,11 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
'accepted-slave-amount': '1', 'accepted-slave-amount': '1',
'rejected-slave-amount': '3', 'rejected-slave-amount': '3',
'slave-amount': '4', 'slave-amount': '4',
'rejected-slave-dict': 'rejected-slave-dict': {
'{"_site_4": ["custom_domain \'duplicate.example.com\' clashes"], ' '_site_1': ["custom_domain 'duplicate.example.com' clashes"],
'"_site_1": ["custom_domain \'duplicate.example.com\' clashes"], ' '_site_3': ["server-alias 'duplicate.example.com' clashes"],
'"_site_3": ["server-alias \'duplicate.example.com\' clashes"]}' '_site_4': ["custom_domain 'duplicate.example.com' clashes"]
}
} }
self.assertEqual( self.assertEqual(
...@@ -3639,20 +3966,17 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3639,20 +3966,17 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
) )
def test_site_1(self): def test_site_1(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('site_1')
'site_1']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': ["custom_domain 'duplicate.example.com' clashes"]
'["custom_domain \'duplicate.example.com\' clashes"]'
}, },
parameter_dict parameter_dict
) )
def test_site_2(self): def test_site_2(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('site_2')
'site_2'] self.assertLogAccessUrlWithPop(parameter_dict)
self.assertLogAccessUrlWithPop(parameter_dict, 'site_2')
self.assertEqual( self.assertEqual(
{ {
'domain': 'duplicate.example.com', 'domain': 'duplicate.example.com',
...@@ -3666,23 +3990,19 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin): ...@@ -3666,23 +3990,19 @@ class TestDuplicateSiteKeyProtection(SlaveHttpFrontendTestCase, TestDataMixin):
) )
def test_site_3(self): def test_site_3(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('site_3')
'site_3']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': ["server-alias 'duplicate.example.com' clashes"]
'["server-alias \'duplicate.example.com\' clashes"]'
}, },
parameter_dict, parameter_dict,
) )
def test_site_4(self): def test_site_4(self):
parameter_dict = self.slave_connection_parameter_dict_dict[ parameter_dict = self.parseSlaveParameterDict('site_4')
'site_4']
self.assertEqual( self.assertEqual(
{ {
'request-error-list': 'request-error-list': ["custom_domain 'duplicate.example.com' clashes"]
'["custom_domain \'duplicate.example.com\' clashes"]'
}, },
parameter_dict parameter_dict
) )
......
TestDuplicateSiteKeyProtection-0/var/run/monitor-httpd.pid TestDuplicateSiteKeyProtection-0/var/run/monitor-httpd.pid
TestDuplicateSiteKeyProtection-0/var/run/monitor/monitor-bootstrap.pid TestDuplicateSiteKeyProtection-0/var/run/monitor/monitor-bootstrap.pid
TestDuplicateSiteKeyProtection-1/var/run/caddy_configuration.signature TestDuplicateSiteKeyProtection-1/var/run/caddy_graceful_signature
TestDuplicateSiteKeyProtection-1/var/run/caddy_graceful_signature.tmp
TestDuplicateSiteKeyProtection-1/var/run/caddy_validate_signature
TestDuplicateSiteKeyProtection-1/var/run/caddy_validate_signature.status
TestDuplicateSiteKeyProtection-1/var/run/httpd.pid TestDuplicateSiteKeyProtection-1/var/run/httpd.pid
TestDuplicateSiteKeyProtection-1/var/run/monitor-httpd.pid TestDuplicateSiteKeyProtection-1/var/run/monitor-httpd.pid
TestDuplicateSiteKeyProtection-1/var/run/monitor/monitor-bootstrap.pid TestDuplicateSiteKeyProtection-1/var/run/monitor/monitor-bootstrap.pid
TestDuplicateSiteKeyProtection-1/var/run/ncaddy_configuration.signature
TestDuplicateSiteKeyProtection-1/var/run/nginx.pid TestDuplicateSiteKeyProtection-1/var/run/nginx.pid
TestDuplicateSiteKeyProtection-1/var/run/nginx_graceful_signature
TestDuplicateSiteKeyProtection-1/var/run/nginx_graceful_signature.tmp
TestDuplicateSiteKeyProtection-1/var/run/nginx_validate_signature
TestDuplicateSiteKeyProtection-1/var/run/nginx_validate_signature.status
\ No newline at end of file
TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor-httpd.pid
TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid TestEnableHttp2ByDefaultDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_configuration.signature TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_graceful_signature
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_graceful_signature.tmp
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_validate_signature
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/caddy_validate_signature.status
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/httpd.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/httpd.pid
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor-httpd.pid
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/ncaddy_configuration.signature
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx.pid TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx.pid
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_graceful_signature
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_graceful_signature.tmp
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_validate_signature
TestEnableHttp2ByDefaultDefaultSlave-1/var/run/nginx_validate_signature.status
\ No newline at end of file
TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor-httpd.pid
TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor/monitor-bootstrap.pid TestEnableHttp2ByDefaultFalseSlave-0/var/run/monitor/monitor-bootstrap.pid
TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_configuration.signature TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_graceful_signature
TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_graceful_signature.tmp
TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_validate_signature
TestEnableHttp2ByDefaultFalseSlave-1/var/run/caddy_validate_signature.status
TestEnableHttp2ByDefaultFalseSlave-1/var/run/httpd.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/httpd.pid
TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor-httpd.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor-httpd.pid
TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor/monitor-bootstrap.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/monitor/monitor-bootstrap.pid
TestEnableHttp2ByDefaultFalseSlave-1/var/run/ncaddy_configuration.signature
TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx.pid TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx.pid
TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_graceful_signature
TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_graceful_signature.tmp
TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_validate_signature
TestEnableHttp2ByDefaultFalseSlave-1/var/run/nginx_validate_signature.status
\ No newline at end of file
TestMalformedBackenUrlSlave-0/var/run/monitor-httpd.pid TestMalformedBackenUrlSlave-0/var/run/monitor-httpd.pid
TestMalformedBackenUrlSlave-0/var/run/monitor/monitor-bootstrap.pid TestMalformedBackenUrlSlave-0/var/run/monitor/monitor-bootstrap.pid
TestMalformedBackenUrlSlave-1/var/run/caddy_configuration.signature TestMalformedBackenUrlSlave-1/var/run/caddy_graceful_signature
TestMalformedBackenUrlSlave-1/var/run/caddy_graceful_signature.tmp
TestMalformedBackenUrlSlave-1/var/run/caddy_validate_signature
TestMalformedBackenUrlSlave-1/var/run/caddy_validate_signature.status
TestMalformedBackenUrlSlave-1/var/run/httpd.pid TestMalformedBackenUrlSlave-1/var/run/httpd.pid
TestMalformedBackenUrlSlave-1/var/run/monitor-httpd.pid TestMalformedBackenUrlSlave-1/var/run/monitor-httpd.pid
TestMalformedBackenUrlSlave-1/var/run/monitor/monitor-bootstrap.pid TestMalformedBackenUrlSlave-1/var/run/monitor/monitor-bootstrap.pid
TestMalformedBackenUrlSlave-1/var/run/ncaddy_configuration.signature
TestMalformedBackenUrlSlave-1/var/run/nginx.pid TestMalformedBackenUrlSlave-1/var/run/nginx.pid
TestMalformedBackenUrlSlave-1/var/run/nginx_graceful_signature
TestMalformedBackenUrlSlave-1/var/run/nginx_graceful_signature.tmp
TestMalformedBackenUrlSlave-1/var/run/nginx_validate_signature
TestMalformedBackenUrlSlave-1/var/run/nginx_validate_signature.status
\ No newline at end of file
TestQuicEnabled-0/var/run/monitor-httpd.pid TestQuicEnabled-0/var/run/monitor-httpd.pid
TestQuicEnabled-0/var/run/monitor/monitor-bootstrap.pid TestQuicEnabled-0/var/run/monitor/monitor-bootstrap.pid
TestQuicEnabled-1/var/run/caddy_configuration.signature TestQuicEnabled-1/var/run/caddy_graceful_signature
TestQuicEnabled-1/var/run/caddy_graceful_signature.tmp
TestQuicEnabled-1/var/run/caddy_validate_signature
TestQuicEnabled-1/var/run/caddy_validate_signature.status
TestQuicEnabled-1/var/run/httpd.pid TestQuicEnabled-1/var/run/httpd.pid
TestQuicEnabled-1/var/run/monitor-httpd.pid TestQuicEnabled-1/var/run/monitor-httpd.pid
TestQuicEnabled-1/var/run/monitor/monitor-bootstrap.pid TestQuicEnabled-1/var/run/monitor/monitor-bootstrap.pid
TestQuicEnabled-1/var/run/ncaddy_configuration.signature
TestQuicEnabled-1/var/run/nginx.pid TestQuicEnabled-1/var/run/nginx.pid
TestQuicEnabled-1/var/run/nginx_graceful_signature
TestQuicEnabled-1/var/run/nginx_graceful_signature.tmp
TestQuicEnabled-1/var/run/nginx_validate_signature
TestQuicEnabled-1/var/run/nginx_validate_signature.status
\ No newline at end of file
TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor-httpd.pid TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor-httpd.pid
TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid TestRe6stVerificationUrlDefaultSlave-0/var/run/monitor/monitor-bootstrap.pid
TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_configuration.signature TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_graceful_signature
TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_graceful_signature.tmp
TestRe6stVerificationUrlDefaultSlave-1/var/run/caddy_validate_signature
TestRe6stVerificationUrlDefaultSlave-1/var/run/httpd.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/httpd.pid
TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor-httpd.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor-httpd.pid
TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/monitor/monitor-bootstrap.pid
TestRe6stVerificationUrlDefaultSlave-1/var/run/ncaddy_configuration.signature
TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx.pid TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx.pid
TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_graceful_signature
TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_graceful_signature.tmp
TestRe6stVerificationUrlDefaultSlave-1/var/run/nginx_validate_signature
\ No newline at end of file
TestRe6stVerificationUrlSlave-0/var/run/monitor-httpd.pid TestRe6stVerificationUrlSlave-0/var/run/monitor-httpd.pid
TestRe6stVerificationUrlSlave-0/var/run/monitor/monitor-bootstrap.pid TestRe6stVerificationUrlSlave-0/var/run/monitor/monitor-bootstrap.pid
TestRe6stVerificationUrlSlave-1/var/run/caddy_configuration.signature TestRe6stVerificationUrlSlave-1/var/run/caddy_graceful_signature
TestRe6stVerificationUrlSlave-1/var/run/caddy_graceful_signature.tmp
TestRe6stVerificationUrlSlave-1/var/run/caddy_validate_signature
TestRe6stVerificationUrlSlave-1/var/run/httpd.pid TestRe6stVerificationUrlSlave-1/var/run/httpd.pid
TestRe6stVerificationUrlSlave-1/var/run/monitor-httpd.pid TestRe6stVerificationUrlSlave-1/var/run/monitor-httpd.pid
TestRe6stVerificationUrlSlave-1/var/run/monitor/monitor-bootstrap.pid TestRe6stVerificationUrlSlave-1/var/run/monitor/monitor-bootstrap.pid
TestRe6stVerificationUrlSlave-1/var/run/ncaddy_configuration.signature
TestRe6stVerificationUrlSlave-1/var/run/nginx.pid TestRe6stVerificationUrlSlave-1/var/run/nginx.pid
TestRe6stVerificationUrlSlave-1/var/run/nginx_graceful_signature
TestRe6stVerificationUrlSlave-1/var/run/nginx_graceful_signature.tmp
TestRe6stVerificationUrlSlave-1/var/run/nginx_validate_signature
\ No newline at end of file
TestReplicateSlave-0/var/run/monitor-httpd.pid TestReplicateSlave-0/var/run/monitor-httpd.pid
TestReplicateSlave-0/var/run/monitor/monitor-bootstrap.pid TestReplicateSlave-0/var/run/monitor/monitor-bootstrap.pid
TestReplicateSlave-1/var/run/caddy_configuration.signature TestReplicateSlave-1/var/run/caddy_graceful_signature
TestReplicateSlave-1/var/run/caddy_graceful_signature.tmp
TestReplicateSlave-1/var/run/caddy_validate_signature
TestReplicateSlave-1/var/run/caddy_validate_signature.status
TestReplicateSlave-1/var/run/httpd.pid TestReplicateSlave-1/var/run/httpd.pid
TestReplicateSlave-1/var/run/monitor-httpd.pid TestReplicateSlave-1/var/run/monitor-httpd.pid
TestReplicateSlave-1/var/run/monitor/monitor-bootstrap.pid TestReplicateSlave-1/var/run/monitor/monitor-bootstrap.pid
TestReplicateSlave-1/var/run/ncaddy_configuration.signature
TestReplicateSlave-1/var/run/nginx.pid TestReplicateSlave-1/var/run/nginx.pid
TestReplicateSlave-1/var/run/nginx_graceful_signature
TestReplicateSlave-1/var/run/nginx_graceful_signature.tmp
TestReplicateSlave-1/var/run/nginx_validate_signature
TestReplicateSlave-1/var/run/nginx_validate_signature.status
\ No newline at end of file
...@@ -27,6 +27,8 @@ TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_access_log ...@@ -27,6 +27,8 @@ TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_access_log
TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_error_log TestSlave-1/var/log/httpd/_enable_cache-disable-via-header_error_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_access_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_error_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify-unverified_error_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
TestSlave-1/var/log/httpd/_enable_cache_access_log TestSlave-1/var/log/httpd/_enable_cache_access_log
...@@ -51,6 +53,8 @@ TestSlave-1/var/log/httpd/_server-alias_custom_domain-duplicated_error_log ...@@ -51,6 +53,8 @@ TestSlave-1/var/log/httpd/_server-alias_custom_domain-duplicated_error_log
TestSlave-1/var/log/httpd/_server-alias_error_log TestSlave-1/var/log/httpd/_server-alias_error_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_access_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_error_log TestSlave-1/var/log/httpd/_ssl-proxy-verify-unverified_error_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_access_log
TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_ssl-proxy-verify_ssl_proxy_ca_crt_error_log
TestSlave-1/var/log/httpd/_ssl_ca_crt_does_not_match_access_log TestSlave-1/var/log/httpd/_ssl_ca_crt_does_not_match_access_log
...@@ -67,6 +71,8 @@ TestSlave-1/var/log/httpd/_type-zope-path_access_log ...@@ -67,6 +71,8 @@ TestSlave-1/var/log/httpd/_type-zope-path_access_log
TestSlave-1/var/log/httpd/_type-zope-path_error_log TestSlave-1/var/log/httpd/_type-zope-path_error_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_access_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify-unverified_error_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_access_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified_error_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_access_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_access_log
TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_error_log TestSlave-1/var/log/httpd/_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt_error_log
TestSlave-1/var/log/httpd/_type-zope-virtualhostroot-http-port_access_log TestSlave-1/var/log/httpd/_type-zope-virtualhostroot-http-port_access_log
......
TestSlave-0/var/run/monitor-httpd.pid TestSlave-0/var/run/monitor-httpd.pid
TestSlave-0/var/run/monitor/monitor-bootstrap.pid TestSlave-0/var/run/monitor/monitor-bootstrap.pid
TestSlave-1/var/run/caddy_configuration.signature TestSlave-1/var/run/caddy_graceful_signature
TestSlave-1/var/run/caddy_graceful_signature.tmp
TestSlave-1/var/run/caddy_validate_signature
TestSlave-1/var/run/caddy_validate_signature.status
TestSlave-1/var/run/httpd.pid TestSlave-1/var/run/httpd.pid
TestSlave-1/var/run/monitor-httpd.pid TestSlave-1/var/run/monitor-httpd.pid
TestSlave-1/var/run/monitor/monitor-bootstrap.pid TestSlave-1/var/run/monitor/monitor-bootstrap.pid
TestSlave-1/var/run/ncaddy_configuration.signature
TestSlave-1/var/run/nginx.pid TestSlave-1/var/run/nginx.pid
TestSlave-1/var/run/nginx_graceful_signature
TestSlave-1/var/run/nginx_graceful_signature.tmp
TestSlave-1/var/run/nginx_validate_signature
TestSlave-1/var/run/nginx_validate_signature.status
\ No newline at end of file
...@@ -28,6 +28,8 @@ TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified- ...@@ -28,6 +28,8 @@ TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified-
TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_enable_cache-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-day TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_https-only-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_monitor-ipv4-test-error-log-last-day TestSlave-1/etc/monitor-promise/check-_monitor-ipv4-test-error-log-last-day
...@@ -53,6 +55,8 @@ TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-las ...@@ -53,6 +55,8 @@ TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-las
TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-day TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_does_not_match-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_garbage-error-log-last-day TestSlave-1/etc/monitor-promise/check-_ssl_ca_crt_garbage-error-log-last-day
...@@ -73,6 +77,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-err ...@@ -73,6 +77,8 @@ TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-err
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-ssl-proxy-verify_ssl_proxy_ca_crt-unverified-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-day
TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-hour TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-http-port-error-log-last-hour
TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-https-port-error-log-last-day TestSlave-1/etc/monitor-promise/check-_type-zope-virtualhostroot-https-port-error-log-last-day
......
TestSlaveBadParameters-0/var/run/monitor-httpd.pid TestSlaveBadParameters-0/var/run/monitor-httpd.pid
TestSlaveBadParameters-0/var/run/monitor/monitor-bootstrap.pid TestSlaveBadParameters-0/var/run/monitor/monitor-bootstrap.pid
TestSlaveBadParameters-1/var/run/caddy_configuration.signature TestSlaveBadParameters-1/var/run/caddy_graceful_signature
TestSlaveBadParameters-1/var/run/caddy_graceful_signature.tmp
TestSlaveBadParameters-1/var/run/caddy_validate_signature
TestSlaveBadParameters-1/var/run/caddy_validate_signature.status
TestSlaveBadParameters-1/var/run/httpd.pid TestSlaveBadParameters-1/var/run/httpd.pid
TestSlaveBadParameters-1/var/run/monitor-httpd.pid TestSlaveBadParameters-1/var/run/monitor-httpd.pid
TestSlaveBadParameters-1/var/run/monitor/monitor-bootstrap.pid TestSlaveBadParameters-1/var/run/monitor/monitor-bootstrap.pid
TestSlaveBadParameters-1/var/run/ncaddy_configuration.signature
TestSlaveBadParameters-1/var/run/nginx.pid TestSlaveBadParameters-1/var/run/nginx.pid
TestSlaveBadParameters-1/var/run/nginx_graceful_signature
TestSlaveBadParameters-1/var/run/nginx_graceful_signature.tmp
TestSlaveBadParameters-1/var/run/nginx_validate_signature
TestSlaveBadParameters-1/var/run/nginx_validate_signature.status
\ No newline at end of file
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAp0BSMfhzYo62X7FtSivZRpFn3HH5ij/fhQGla3C7gCIjsQCe
FZwYvK6i+qyGz4vC6fxj04ZHrAn6Xh3AQN/HA9OGEew0opL1tPtLoblbWTQv9gqh
nBupfPPZnvf7DOzfMKUvcl2RJAUZ9jWLGiUvYhtdCVGR9evq1z6O5ZMfoy29L1fB
Qc7k8Y6+bgunu85uVXxIxZQkb9wWY6A6B1qKLYkF3qi/6hto/XY+DEL23aBzWLuz
Zv1LmrzFarAsnc/UzsubrPaTho3EknNcfIxfNioFf0MBykEhTwZh6owh2c70ri2y
J0mg3bGMDcQyxlZrGPQVAlV9/1zrIKogrufDtQIDAQABAoIBACqXLZc+DpwNfZG2
y/70VZsr0ggIGiTDiTcEqUxH4+eIShB7+MXF/2KlEinFn3rgu1z8gatO6Zd83v3y
k4+xrKtjxSNxRCIWTG2vBJ6FZia8LG56XJc1UB7athNOUOcEtv1bQ07bVueWSPsy
vV6GE5/nGfUSiZnXXvE7JAaARbE2vix85CEZbSqps4plw+IRla5izgk2lfGeXZO4
tv0ci+5C+U5CbOA+i9I/m0qZBAqzBqCxiN/VRZSG6kxc0XF58NaJNCFqGUCzd+On
nLhSWxE+0+roj4BSsV8H2AHQzFy/d9eMiSoSGPLb0Sa0zvbcvf6SeknymEiTTAUK
nj94do0CgYEA0ontvQtCir443/2rkaUeXscJQO07QeGqztgSjEZj5GiT9cgBqlWQ
DsY6BoOHHMjJcWy4gEiz+whZOw87exy1ECevx5fazQzBwJvMD3qTOilOk49VzKs1
xrOdm3Me3E3X8AT3kKxrGdT/kHWlCij/Y+SIq2+YVh6t15p9P51eY2MCgYEAy12Q
K+llzNyL/6ml7CczfjNHkUlIMXlHs+bRk1eG+clUmoIQR7bxuhM6G23auGpq58mu
KhfThEytxU1vDSsXJKueLD59pWRDvwLDlLxoXXWgkdzWRMzKkJc/vd3GTJBW2ZpX
e66TEowBJkaftVAkGnded9EoKQKbGF2+/4/chAcCgYA1/8xrJT0u6rUZti1QEMKm
WnRkI7SEJEY0ATVYpyEtzyjL7D2JG6L0NyFg1FFOL62DGviDZqJK64w/WpvN6sIB
37v0/FzRJMl5BjyjZ7PlQfz2WdgOw4bqbN0qpq8uoASXeh6pC5/4oyndOl9XKMbA
LzhiiB/RTtMVrnkbXNh9swKBgDhBZI1RHhECfVO2ySg/W9YwNz7wZ6EP7I7ObfD1
SGg2kkm/auN7rviLMwq9Y8CZ54LA3oXUW3WAhJ1Mo0igP+Gr+7A/hSBIURk4mYO+
bpxT2pwe28LiZ7KBtGdAPweU8gF12XdkPljmE7dT2AAe8C3GEYLRf+uARgkCfcBS
OmznAoGAFXa3/sx8uBrA4rxpE9b/nEQNr8n0NatH7tW3fry88wYBLyFYdHrAmM/p
7a1/iLFvCl3fzZdiAxPplFw6neCpxD2ghHXZjN5njevs9AECNhf5M3EraNJW3tn5
b6+wwlbNqFm8NymFoq3Zeq8HUXPQbdUKOwSiwxQ5+5XdSsYOZoQ=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDRTCCAi0CCQDQ1EVpyJg5UzANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJB
VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
cyBQdHkgTHRkMRwwGgYDVQQDDBNUZXN0IFNlcnZlciBSb290IENBMB4XDTE4MDYy
NzExMjIxMloXDTI4MDYyNDExMjIxMlowZjELMAkGA1UEBhMCQVUxEzARBgNVBAgM
ClNvbWUtU3RhdGUxITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEf
MB0GA1UEAwwWdGVzdHNlcnZlci5leGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBAKdAUjH4c2KOtl+xbUor2UaRZ9xx+Yo/34UBpWtwu4Ai
I7EAnhWcGLyuovqshs+Lwun8Y9OGR6wJ+l4dwEDfxwPThhHsNKKS9bT7S6G5W1k0
L/YKoZwbqXzz2Z73+wzs3zClL3JdkSQFGfY1ixolL2IbXQlRkfXr6tc+juWTH6Mt
vS9XwUHO5PGOvm4Lp7vOblV8SMWUJG/cFmOgOgdaii2JBd6ov+obaP12PgxC9t2g
c1i7s2b9S5q8xWqwLJ3P1M7Lm6z2k4aNxJJzXHyMXzYqBX9DAcpBIU8GYeqMIdnO
9K4tsidJoN2xjA3EMsZWaxj0FQJVff9c6yCqIK7nw7UCAwEAATANBgkqhkiG9w0B
AQsFAAOCAQEAtEfuCYN5xQ+xwFF4UwJtQvv+DGlxzSPZUxY4h5BH7BbyC+XVvo7l
iY0pCHI7PsZRSMK3KaUuLYll/7mNB6GCE2zocWfIZwTgoJEhw35iVj07SYIcnd5h
R1XBGEn2EQfZEkjH5kuTBUKR1EE5yJimhG89chQkP5eAWsPNUM55XmojNt5uZawb
C8bJXGtlNGSgmfXCcGBp9VW3ImEKDoyLJuBqIcBfMv/3ENnKbuTt+cLaaLWkqX48
JSqEL41S6tU8Jmv3HrhSWmZJjCJ+gRXKANhlAOxuddTkaEnToe9G51Ekj0uRHF37
LHdySTpMHXg1Cm4njhLqVcRoikrSkYcHPA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDmTCCAoGgAwIBAgIJAOZ30I7+VqTNMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxHDAaBgNVBAMME1Rlc3QgU2VydmVyIFJvb3QgQ0EwHhcN
MTgwNjI3MTExOTEzWhcNMjgwNjI0MTExOTEzWjBjMQswCQYDVQQGEwJBVTETMBEG
A1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkg
THRkMRwwGgYDVQQDDBNUZXN0IFNlcnZlciBSb290IENBMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA6arXFNc2fl39wAgvFvB7XQILJ8xT/89n6KwvZHIs
eqptNgT7k2LCrsWDqvQS+fsAY62OSpt6gWckM2Q9toY6niXzvElj/+C3FxdEounN
dgHfG1M3imTbAPR/E2bPGUoWtod0DrHkIF3HlqvjTsKvk0t2XglbobZc3JFHzw2R
Vnh0NjGHxH5tvE0hiM2rdyMUOXJeLqz/iILqOEjBscHKUcb9rTvI08N0/FFpRtbB
JAgQeZB85ZxGqyg1pRwveG+mDALv9IImqtIpe9D/OwjOyF8MErS/Yfjqyw2eejj/
dX9GNFnuGxlyZ7GKRncHPR2QmKrIz+1NNqsXITPs5zVo/QIDAQABo1AwTjAdBgNV
HQ4EFgQUerhRsTxEadhORRVlRtqZryF456kwHwYDVR0jBBgwFoAUerhRsTxEadhO
RRVlRtqZryF456kwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAs6Oi
CMhQ6a8bW7u8jcC7Y2/50TlviQo+IQ44wgCJrnZCHDXdMLwwm7VjiUl33Z6YjnT+
UVzkA7O2aTHop1peR3kpJ/JP6yrGudj7gZJNLlQXEKopT0MFaZWxI80LP8gIHlsx
nzhe6Kzw8xtGiC0O4j3aJwsJp/ggaNYp37AyEA0KkGbLtA5QrpfZfvPV/zoiXQbn
HkzaYgf1VcfwjoSi4cBO0IE2iHWjGKCoo3WGCKzoyY/ldpyqFhOvAhL5FoS7hQcl
5meowzyz7OVGqvbhZgETNqFyl0la9JeMhbDG3+tHX6K5dbcOYRJUv/INO2CNnW/K
o1vE6iTVxjew2tnoMQ==
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
MIIEpQIBAAKCAQEA6arXFNc2fl39wAgvFvB7XQILJ8xT/89n6KwvZHIseqptNgT7
k2LCrsWDqvQS+fsAY62OSpt6gWckM2Q9toY6niXzvElj/+C3FxdEounNdgHfG1M3
imTbAPR/E2bPGUoWtod0DrHkIF3HlqvjTsKvk0t2XglbobZc3JFHzw2RVnh0NjGH
xH5tvE0hiM2rdyMUOXJeLqz/iILqOEjBscHKUcb9rTvI08N0/FFpRtbBJAgQeZB8
5ZxGqyg1pRwveG+mDALv9IImqtIpe9D/OwjOyF8MErS/Yfjqyw2eejj/dX9GNFnu
GxlyZ7GKRncHPR2QmKrIz+1NNqsXITPs5zVo/QIDAQABAoIBAQDRYTFrTlFZOJXZ
TjwL3R9dvygJ2HDoh4w/lJK++gPbQv2raxmW/ucePoR2WlDqyTyXFPys49cJP0fT
+R3HgU3jSnS2IjlGHrFRMpthNAnUlWa7EH1zOF5545w+4V/v9FCX7JZVWJfnXMEs
xQdhGtjDLtp49v+xzzw0tMXYxfqWtJBuFT2Dft60lH/kcCyD7TWQD30OyP28QuYK
Zn4uCDBCOYuHTb/eu6MLKGRkuyRbgXoCCjjziQ/u8lcUx7nPa1qTdGHAglNei5CV
nrDsaEQGd3U7jUgOpbd+a5E5UaFtR8HoBtIDQf72JTWBrKSjkmIHZsJSU8tMKZi4
nGr7mA4hAoGBAPcGQWdAa6qZIKTwp6EDJMBbSDH70ykBFgE4nmKAlxcfPlR0CU3R
iahVvvuNyE//rPEhZBGqh8VEfZfkz1H5zLJQS5EV6ePbKYQE2q9JHugMrw8zh5MH
89NpK+O9p/3MrCPAZgWGVQ3nfLkV0WTGGiSdLFDAvBtRZeMmsi2JedTJAoGBAPIo
V1bwRzihtvZT/rc86jYvJbMR49lbal8pHsIg5FS0EAgQp4tgMnEfqI3UHvjYIUJa
CursrHOFX0hypP2DW2BxJ6yMYv/jQivyxziCSd+xrSfR0B3vjJ33ayqs3EnS4MzY
jbaWm1O2Z585ZlulqGWfhJ3m7dzeGqXmNrMWABCVAoGAYU59hQbDYrhfO5nw7mQm
nf9XORlR3N0opeJ/wZ2V5u3Px8TNxXG9ICpmyQDY32p/3ZyhprPeN777GlJvuIMG
N1eZ7NUNBUzX1cFzw4iyPAaDDyHlTe3cBnNvbo7PFhMB3DN1/Mclygxd/SqzCVdg
BPxE8Kp7budpk0ky9u0oqMECgYEAq6hPKXDQe+Oe6AToxgnnWRuY1NR0uOqlf+mN
RT29vhGaX602p4U8nJY9jLR2dB35jah4nsnBAW7k+V1TeeY4yyfLYPRvZUc67B6A
fJ1XMrwnq9d+eQoLmxr9m9XHnolfE7ba1jjyyKe/0s4Esii/M7KddrVxniTPrRSB
Z/fLefUCgYEAl2Al2BK4ZYK6HSeFxZ1kaVkcefL1QBMzgLY8LPVpReoaULdFzwat
3elM8C31FDBvIaWzJCQMIIrFEldvU4tvBF7Mbe8lDDQXotoI6zTWMnNUGV3Xd0wc
hep0oINBctav7pVJ7Mf+X0Wqfc4D40FPbMzHMUxfdKs9eo9qR/fktYI=
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDjzCCAnegAwIBAgIJAP4QzV9d5d8KMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxFjAUBgNVBAMMDSouZXhhbXBsZS5jb20wIBcNMTgwNDE3
MTE0MjAxWhgPMjExODAzMjQxMTQyMDFaMF0xCzAJBgNVBAYTAkFVMRMwEQYDVQQI
DApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQx
FjAUBgNVBAMMDSouZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
ggEKAoIBAQC0MNnojTq6Yp60ecvP5lZGa6owZp64sumaT66JInTFJcSV/ls0AbPN
KPTcNRgbFLIuv/3Xhgi6YAxIz2PXdCDPj1fp4rVIijhpedaWZaIOeTqSGEg+5/iL
4UTxm166NgCU1zp0QsmU8MXJFv4YxTZsF9LlGFcP6uUQ9sY98yv+hErCxRXo+dXd
GGG4LTVLGPeRYNX2JVD5BxoNkL5/3IMylrFvI8aRFTKVn1P8UPJ5K9du3E0wHJY6
MkstZX3xKcGKSn2w1zIaq/NcrbLXvp6eZauLtMpZ9vW+CtYV3diOm2TiMvQIyCRM
4mWbaf76bpGiz9/+11w6U9n6zMzKTq+5AgMBAAGjUDBOMB0GA1UdDgQWBBT/Kswu
BKM3GXaIWvQ8Vs1xhs/1vzAfBgNVHSMEGDAWgBT/KswuBKM3GXaIWvQ8Vs1xhs/1
vzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAeeV7VIqbNL6Xe0I5y
fl44ogBY0zoYJH+p7HCebazZKepy7f+EeWv8B3dHODrilSYCnsOqhta8mMSMrgsT
TFByr/8NN/4UFe9FeKnxD9Sun0EetESkaeMqAGCK921lT0eU4IhA0JLRj16HomuK
I/JBFwUXFn6vVypw5R41zwnikv+EB0fSC4biSXWXUarGqlRCF7o00CPKqAaTE0yX
H4Yz3lR/Vuce7uFvkIY+F4vXtq1sy/tb4QBWlDS6t7cmeBGcvaQ8mlndA9T+us0l
/wb9mzdTcwkrkM2kk++GnS0NCAQfOalF3x8wG6j8DrU2dQ1NXh205c/zo0BljQr8
P84v
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC0MNnojTq6Yp60
ecvP5lZGa6owZp64sumaT66JInTFJcSV/ls0AbPNKPTcNRgbFLIuv/3Xhgi6YAxI
z2PXdCDPj1fp4rVIijhpedaWZaIOeTqSGEg+5/iL4UTxm166NgCU1zp0QsmU8MXJ
Fv4YxTZsF9LlGFcP6uUQ9sY98yv+hErCxRXo+dXdGGG4LTVLGPeRYNX2JVD5BxoN
kL5/3IMylrFvI8aRFTKVn1P8UPJ5K9du3E0wHJY6MkstZX3xKcGKSn2w1zIaq/Nc
rbLXvp6eZauLtMpZ9vW+CtYV3diOm2TiMvQIyCRM4mWbaf76bpGiz9/+11w6U9n6
zMzKTq+5AgMBAAECggEAR9n2+pFearYqnMK4b9Vkb7485gH1pqbJGdxON6bCs16F
Dl6X1ZwcK2H6idiuHRZamuO5//gVgOQN4fa41FAdSUbagowBR8S+C+kmlWA/h8/1
eA4wuMzdQkH4sPMIie5Auxk72OJM6ZQ8+huuBQiW0/GICgxzowhCgUo18LwHvfwt
XWLHplRFczgM4WEu+HVx1W9y/irOhEUEzwNfXdDTVE4bnwzb24qR0CRIdp3gc8Os
JoUFMgbV3qfJLmzqURLIlVc3Y9FFbWrr5zhzTx2vvoT1j83e56qKHbKanr2R6NQZ
UOsCgDvzrc9WqKE9/hwvxvPlx/L3UWuhPMpljZ8gBQKBgQDX4Qo27l8KPk9fXA18
SrRcAAGN+moc+Y0T9WbcbXCJLLU6TO3eJqW9H3Kwb80O/zycUBFK/dIOwZZYgsuQ
oXFG4ykSXFY/JGTEBIkvQ7LI/7t5mn0xlw3tqB7xuMO5QEyZMQFi0xP5h1B5coiO
Wv9T1xit4FHX2EN/CJLwlzzl1wKBgQDVrdvGi+j/1pGaEST1yhvrDduHrlMsF4BI
X8VaNXNXg9+GxsAA6+pRPRoHvmmz/RUr/km+JxWLHEZpFDOhIzJV4JYXv/q7KDH+
Mjf7uyRshBnR+QU38RqkENIJhEZJSa8ZYmkgU9yCDozkfVzYKdxUy6Z0+o2Omzls
cpZP1PFE7wKBgQCGXZx0+kMPZh8TFIGURg8iYCKXkzBu3miP7qNaOYfc6YXXRsCb
D+UC5MsGxF+WoQjBphhNW9RduOJyLt6zI7kUzRjoQ66u2GEbnFMipvlln765fo3D
yugxbv3rp/uylzHV+6mIMCbzneRZ4w7ZxAu9zFihCMkIFqRUMir7MrcFuwKBgFbK
88ZF9jJU+XdXF2gu3AAx9MW77VSvhw/ets7ZfyxBCH46JKs7KEYvR291zIGrfvoL
o/B09681oPP1nLMLFNsFCnJDLJjwzr2tsEez0CuzzLkZKSF78ZJKssXi0JncMB9j
dcgHyD2bo2b79MZo2nIm9kn1q6INMtn2AVAT8pxJAoGAZfysuUMc0bdKVi41SD0A
Ej7qX+qbXX+aA4OkTqJP3QxssD6CuZZwUKW7qj8AoOcLKsmwdjetetny46OMEXzN
5Fk3ahCD1cycFGBawNY10x5Xy+4iApzPiO1Ujd3t7FAIrLPWFwzmLIL8pxUNuHEn
OC9RrI4tzsvWHhMaLKVCh0g=
-----END PRIVATE KEY-----
...@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e ...@@ -18,4 +18,4 @@ md5sum = 307663d73ef3ef94b02567ecd322252e
[template-default] [template-default]
filename = instance-default.cfg filename = instance-default.cfg
md5sum = d5a4270e5e7827db2e6a19d2eedb570b md5sum = ff368286a75243d0536ee6a974107b6f
...@@ -85,8 +85,6 @@ rendered = $${basedirectory:services}/shellinaboxd ...@@ -85,8 +85,6 @@ rendered = $${basedirectory:services}/shellinaboxd
template = inline: template = inline:
#!/bin/sh #!/bin/sh
exec ${shellinabox:location}/bin/shellinaboxd \ exec ${shellinabox:location}/bin/shellinaboxd \
--disable-ssl \
--disable-ssl-menu \
--unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \ --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
--service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l" --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"
......
...@@ -15,4 +15,4 @@ ...@@ -15,4 +15,4 @@
[template] [template]
filename = instance.cfg filename = instance.cfg
md5sum = a345d46655c3e841c2ecf4e3a0446c8f md5sum = d8d9e9a4bd00ccba2c448bb9d5d6aeae
...@@ -37,7 +37,7 @@ command-line = ...@@ -37,7 +37,7 @@ command-line =
# XXX slapos.cookbook:wrapper does not allow extending env, so we add some default $PATH entries ( not sure they are needed ) # XXX slapos.cookbook:wrapper does not allow extending env, so we add some default $PATH entries ( not sure they are needed )
environment = environment =
PATH=${curl:location}/bin/:${openssl:location}/bin/:/usr/bin/:/bin PATH=${quic_client-bin:location}:${curl:location}/bin/:/usr/bin/:/bin
LOCAL_IPV4=$${slap-configuration:ipv4-random} LOCAL_IPV4=$${slap-configuration:ipv4-random}
GLOBAL_IPV6=$${slap-configuration:ipv6-random} GLOBAL_IPV6=$${slap-configuration:ipv6-random}
SLAPOS_TEST_WORKING_DIR=$${create-directory:working-dir} SLAPOS_TEST_WORKING_DIR=$${create-directory:working-dir}
......
...@@ -3,7 +3,9 @@ ...@@ -3,7 +3,9 @@
extends = extends =
../../../../component/git/buildout.cfg ../../../../component/git/buildout.cfg
../../../../component/curl/buildout.cfg ../../../../component/curl/buildout.cfg
../../../../component/python-cryptography/buildout.cfg
../../../../stack/slapos.cfg ../../../../stack/slapos.cfg
../../../../component/quic_client-bin/buildout.cfg
./buildout.hash.cfg ./buildout.hash.cfg
parts = parts =
...@@ -30,6 +32,7 @@ recipe = zc.recipe.egg ...@@ -30,6 +32,7 @@ recipe = zc.recipe.egg
eggs = eggs =
${slapos.test.caddy-frontend-setup:egg} ${slapos.test.caddy-frontend-setup:egg}
${erp5.util-setup:egg} ${erp5.util-setup:egg}
${python-cryptography:egg}
slapos.core slapos.core
entry-points = entry-points =
runTestSuite=erp5.util.testsuite:runTestSuite runTestSuite=erp5.util.testsuite:runTestSuite
......
# Selenium Server test # Selenium Server test
This software release is simply to run the test suite from `../seleniumrunner/test/setup.py` This software release is simply to run the test suite from `../../seleniumserver/test/setup.py`
Nexedi staff can see the results of this test from the test suite Nexedi staff can see the results of this test from the test suite
`SLAPOS-SELENIUMRUNNER-TEST` in test result module. `SLAPOS-SELENIUMSERVER-TEST` in test result module.
...@@ -15,5 +15,5 @@ ...@@ -15,5 +15,5 @@
[template] [template]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = 7e75c9eccb580f278da1784941363432 md5sum = 3019fd19f6623cca92741582b265a1da
...@@ -33,7 +33,7 @@ wrapper-path = $${create-directory:bin}/runTestSuite ...@@ -33,7 +33,7 @@ wrapper-path = $${create-directory:bin}/runTestSuite
command-line = command-line =
${buildout:bin-directory}/runTestSuite ${buildout:bin-directory}/runTestSuite
--python_interpreter=${buildout:bin-directory}/${eggs:interpreter} --python_interpreter=${buildout:bin-directory}/${eggs:interpreter}
--source_code_path_list=$${slapos:location}/software/seleniumrunner/test --source_code_path_list=$${slapos:location}/software/seleniumserver/test
# XXX we need "standard" path entries to compile softwares inside test # XXX we need "standard" path entries to compile softwares inside test
......
...@@ -16,10 +16,10 @@ parts = ...@@ -16,10 +16,10 @@ parts =
[setup-develop-egg] [setup-develop-egg]
recipe = zc.recipe.egg:develop recipe = zc.recipe.egg:develop
[slapos.test.seleniumrunner-setup] [slapos.test.seleniumserver-setup]
<= setup-develop-egg <= setup-develop-egg
egg = slapos.test.seleniumrunner egg = slapos.test.seleniumserver
setup = ${slapos-repository:location}/software/seleniumrunner/test/ setup = ${slapos-repository:location}/software/seleniumserver/test/
[eggs] [eggs]
recipe = zc.recipe.egg recipe = zc.recipe.egg
...@@ -27,7 +27,7 @@ eggs = ...@@ -27,7 +27,7 @@ eggs =
${pillow-python:egg} ${pillow-python:egg}
${python-pynacl:egg} ${python-pynacl:egg}
${bcrypt:egg} ${bcrypt:egg}
${slapos.test.seleniumrunner-setup:egg} ${slapos.test.seleniumserver-setup:egg}
slapos.core slapos.core
entry-points = entry-points =
runTestSuite=erp5.util.testsuite:runTestSuite runTestSuite=erp5.util.testsuite:runTestSuite
......
...@@ -101,7 +101,7 @@ configuration.nginx_gzip_comp_level = 2 ...@@ -101,7 +101,7 @@ configuration.nginx_gzip_comp_level = 2
configuration.nginx_gzip_proxied = any configuration.nginx_gzip_proxied = any
configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json configuration.nginx_gzip_types = text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json
configuration.nginx_keepalive_timeout = 65 configuration.nginx_keepalive_timeout = 65
configuration.nginx_header_allow_origin = * configuration.nginx_header_allow_origin = $http_origin
# configuring trusted proxies # configuring trusted proxies
# GitLab is behind a reverse proxy, so we don't want the IP address of the proxy # GitLab is behind a reverse proxy, so we don't want the IP address of the proxy
......
...@@ -293,7 +293,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49 ...@@ -293,7 +293,7 @@ md5sum = 7782f5c5d75663c2586e28d029c51e49
[gitlab-parameters.cfg] [gitlab-parameters.cfg]
<= download-file <= download-file
md5sum = dec5d989e2d969369bd1eaffcbfb78d6 md5sum = 8f4537cb8a0c9a8e0058c30cb687681c
[gitlab-shell-config.yml.in] [gitlab-shell-config.yml.in]
<= download-template <= download-template
...@@ -325,7 +325,7 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4 ...@@ -325,7 +325,7 @@ md5sum = a56a44e96f65f5ed20211bb6a54279f4
[nginx-gitlab-http.conf.in] [nginx-gitlab-http.conf.in]
<= download-template <= download-template
md5sum = 697140d980c75ddc1dd0a656b1c88447 md5sum = abcc5eda03e10b26c74619f299a7f6a8
[nginx.conf.in] [nginx.conf.in]
<= download-template <= download-template
...@@ -345,7 +345,7 @@ md5sum = 4e1ced687a86e4cfff2dde91237e3942 ...@@ -345,7 +345,7 @@ md5sum = 4e1ced687a86e4cfff2dde91237e3942
[template-gitlab-resiliency-restore.sh.in] [template-gitlab-resiliency-restore.sh.in]
<= download-template <= download-template
md5sum = 420d999daae050351a51487b9d2f8fe0 md5sum = 590fcadf26085fdd17487175bc0a469d
[unicorn.rb.in] [unicorn.rb.in]
<= download-template <= download-template
......
...@@ -120,6 +120,7 @@ server { ...@@ -120,6 +120,7 @@ server {
location {{ path }} { location {{ path }} {
# Set CORS header # Set CORS header
add_header 'Access-Control-Allow-Origin' {{ cfg('nginx_header_allow_origin') }}; add_header 'Access-Control-Allow-Origin' {{ cfg('nginx_header_allow_origin') }};
add_header 'Access-Control-Allow-Credentials' true;
## If you use HTTPS make sure you disable gzip compression ## If you use HTTPS make sure you disable gzip compression
## to be safe against BREACH attack. ## to be safe against BREACH attack.
{{ 'gzip off;' if cfg_https else ''}} {{ 'gzip off;' if cfg_https else ''}}
......
...@@ -69,7 +69,7 @@ trap "echo 'kill $postgres_pid" EXIT TERM INT ...@@ -69,7 +69,7 @@ trap "echo 'kill $postgres_pid" EXIT TERM INT
echo "Starting Redis server..." echo "Starting Redis server..."
$redis_executable & $redis_executable &
redis_pid=$! redis_pid=$!
trap "kill $redis_pid" EXIT TERM INT trap "kill $postgres_pid $redis_pid" EXIT TERM INT
echo "[OK]" echo "[OK]"
echo "Restoring gitlab data..." echo "Restoring gitlab data..."
...@@ -86,11 +86,11 @@ $promise_check/gitlab-app ...@@ -86,11 +86,11 @@ $promise_check/gitlab-app
echo "Starting Unicorn to check gitlab-shell promise..." echo "Starting Unicorn to check gitlab-shell promise..."
$unicorn_script & $unicorn_script &
unicorn_pid=$! unicorn_pid=$!
trap "kill $unicorn_pid" EXIT TERM INT trap "kill $postgres_pid $redis_pid $unicorn_pid" EXIT TERM INT
sleep 60 sleep 60
if [ -s "$run_location/unicorn.pid" ]; then if [ -s "$run_location/unicorn.pid" ]; then
unicorn_ppid=$(head -n 1 $run_location/unicorn.pid) > /dev/null 2>&1 unicorn_ppid=$(head -n 1 $run_location/unicorn.pid) > /dev/null 2>&1
trap "kill $unicorn_ppid" EXIT TERM INT trap "kill $postgres_pid $redis_pid $unicorn_ppid" EXIT TERM INT
fi fi
$promise_check/gitlab-shell $promise_check/gitlab-shell
......
...@@ -136,7 +136,7 @@ return = ...@@ -136,7 +136,7 @@ return =
{% if str(kvm_parameter_dict.get('use-tap', 'True')).lower() == 'true' -%} {% if str(kvm_parameter_dict.get('use-tap', 'True')).lower() == 'true' -%}
{{ ' ' }}tap-ipv4 {{ ' ' }}tap-ipv4
{% do publish_dict.__setitem__('lan-' ~ instance_name, '${' ~ section ~ ':connection-tap-ipv4}') -%} {% do publish_dict.__setitem__(instance_name ~ '-lan', '${' ~ section ~ ':connection-tap-ipv4}') -%}
{% do kvm_hostname_list.append(instance_name ~ ' ' ~ '${' ~ section ~ ':connection-tap-ipv4}') -%} {% do kvm_hostname_list.append(instance_name ~ ' ' ~ '${' ~ section ~ ':connection-tap-ipv4}') -%}
{% endif -%} {% endif -%}
{% do monitor_base_url_dict.__setitem__(instance_name, '${' ~ section ~ ':connection-monitor-base-url}') -%} {% do monitor_base_url_dict.__setitem__(instance_name, '${' ~ section ~ ':connection-monitor-base-url}') -%}
......
...@@ -7,12 +7,15 @@ parts += ...@@ -7,12 +7,15 @@ parts +=
cron-entry-backup cron-entry-backup
certificate-authority certificate-authority
certificate-authority-service
publish-connection-information publish-connection-information
kvm-vnc-promise kvm-vnc-promise
kvm-disk-image-corruption-promise kvm-disk-image-corruption-promise
websockify-sighandler websockify-sighandler
websockify-sighandler-service
novnc-promise novnc-promise
cron cron
cron-service
frontend-promise frontend-promise
# monitor parts # monitor parts
monitor-base monitor-base
......
...@@ -184,8 +184,13 @@ hash-files = ${buildout:directory}/software_release/buildout.cfg ...@@ -184,8 +184,13 @@ hash-files = ${buildout:directory}/software_release/buildout.cfg
{% if use_nat == 'true' and nat_rule_list -%} {% if use_nat == 'true' and nat_rule_list -%}
{% for port in nat_rule_list.split(' ') -%} {% for port in nat_rule_list.split(' ') -%}
{% if ':' in port -%}
{% set proto, port = port.split(':') -%}
{% else -%}
{% set proto, port = 'tcp', port -%}
{% endif -%}
{% set external_port = 10000 + port|int() -%} {% set external_port = 10000 + port|int() -%}
{% set section_name = '6tunnel-' ~ external_port -%} {% set section_name = '6tunnel-' ~ proto ~ '-' ~ external_port -%}
[{{ section_name }}] [{{ section_name }}]
<= tunnel-6to4-base <= tunnel-6to4-base
ipv4-port = {{ external_port }} ipv4-port = {{ external_port }}
...@@ -419,8 +424,13 @@ maximum-extra-disk-amount = {{ disk_number }} ...@@ -419,8 +424,13 @@ maximum-extra-disk-amount = {{ disk_number }}
{% if nat_rule_list -%} {% if nat_rule_list -%}
# Publish NAT port mapping status # Publish NAT port mapping status
{% for port in nat_rule_list.split(' ') -%} {% for port in nat_rule_list.split(' ') -%}
{% if ':' in port -%}
{% set proto, port = port.split(':') -%}
{% else -%}
{% set proto, port = 'tcp', port -%}
{% endif -%}
{% set external_port = 10000 + port|int() -%} {% set external_port = 10000 + port|int() -%}
nat-rule-port-{{port}} = ${slap-network-information:global-ipv6} : ${6tunnel-{{external_port}}:ipv6-port} nat-rule-port-{{proto}}-{{port}} = ${slap-network-information:global-ipv6} : ${6tunnel-{{proto}}-{{external_port}}:ipv6-port}
{% if slapparameter_dict.get('publish-nat-url', False) -%} {% if slapparameter_dict.get('publish-nat-url', False) -%}
nat-rule-url-{{port}} = [${slap-network-information:global-ipv6}]:${6tunnel-{{external_port}}:ipv6-port} nat-rule-url-{{port}} = [${slap-network-information:global-ipv6}]:${6tunnel-{{external_port}}:ipv6-port}
{% endif -%} {% endif -%}
......
...@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download ...@@ -99,7 +99,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2 url = ${:_profile_base_location_}/instance-kvm.cfg.jinja2
mode = 644 mode = 644
md5sum = 149df1bc788ce68c86a5fda4872e008e md5sum = 0668791e78430bafdec5300b4ea8d90a
download-only = true download-only = true
on-update = true on-update = true
...@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download ...@@ -108,7 +108,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in url = ${:_profile_base_location_}/instance-kvm-cluster.cfg.jinja2.in
mode = 644 mode = 644
md5sum = fa40e4729c27236c655f66966e43becf md5sum = 1282296397d445ccae59e6de7915840c
download-only = true download-only = true
on-update = true on-update = true
...@@ -144,7 +144,7 @@ recipe = hexagonit.recipe.download ...@@ -144,7 +144,7 @@ recipe = hexagonit.recipe.download
ignore-existing = true ignore-existing = true
url = ${:_profile_base_location_}/instance-kvm-export.cfg.jinja2 url = ${:_profile_base_location_}/instance-kvm-export.cfg.jinja2
mode = 644 mode = 644
md5sum = fbad91193be6ebde5fc4c05a38a55e7b md5sum = 00ce5e6da3c833d9d9d1825311f11a81
download-only = true download-only = true
on-update = true on-update = true
......
...@@ -31,9 +31,8 @@ output = ${buildout:directory}/${:_buildout_section_name_} ...@@ -31,9 +31,8 @@ output = ${buildout:directory}/${:_buildout_section_name_}
[plantuml.war] [plantuml.war]
recipe = slapos.recipe.build:download recipe = slapos.recipe.build:download
# XXX the war from sourceforge has no version in URL url = https://downloads.sourceforge.net/project/plantuml/1.2018.13/plantuml.1.2018.13.war
url = https://netcologne.dl.sourceforge.net/project/plantuml/plantuml.war#2018-10-21 md5sum = cda05c8163237de039d777c197b3d282
md5sum = f956cd28b18ec34740bb1757276f9641
[versions] [versions]
slapos.recipe.template = 4.3 slapos.recipe.template = 4.3
...@@ -15,8 +15,4 @@ ...@@ -15,8 +15,4 @@
[template] [template]
filename = instance.cfg.in filename = instance.cfg.in
md5sum = c4ac5de141ae6a64848309af03e51d88 md5sum = 1f31a063c79e19243dcc5508e08a6ae5
[template-selenium]
filename = instance-selenium.cfg.in
md5sum = 4167621b473f81892d38389ac427c6ba
[buildout] [buildout]
parts = parts =
switch-softwaretype # this sofware has no instance, it's only intended to make programs
# available for erp5testnode from its software.
eggs-directory = ${buildout:eggs-directory} eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory} develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true offline = true
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${template-selenium:output}
[slap-connection]
# part to migrate to new - separated words
computer-id = $${slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
key-file = $${slap_connection:key_file}
cert-file = $${slap_connection:cert_file}
# Selenium server # Selenium runner, helper software for erp5testnode.
# https://seleniumhq.github.io/docs/grid.html #
# Seleniumrunner responsability is to install Xvfb as
# ${buildout:parts-directory}/xserver/bin/Xvfb, a default firefox as
# ${buildout:bin-directory}/firefox and a geckodriver as
# ${buildout:bin-directory}/geckodriver for erp5testnode.
[buildout] [buildout]
extends = extends =
../../component/xorg/buildout.cfg ../../component/xorg/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/firefox/buildout.cfg ../../component/firefox/buildout.cfg
../../component/chromium/buildout.cfg
../../component/chromedriver/buildout.cfg
../../component/coreutils/buildout.cfg ../../component/coreutils/buildout.cfg
../../component/java/buildout.cfg
../../component/caddy/buildout.cfg
../../component/openssh/buildout.cfg
../../stack/slapos.cfg ../../stack/slapos.cfg
./buildout.hash.cfg ./buildout.hash.cfg
parts = parts =
slapos-cookbook slapos-cookbook
template template
xserver
firefox-wrapper firefox-wrapper
geckodriver geckodriver
# seleniumserver needs to install a default firefox as ${buildout:bin-directory}/firefox and
# a geckodriver as ${buildout:bin-directory}/geckodriver for erp5testnode
[instance-recipe]
egg = slapos.cookbook
module = seleniumrunner
[selenium-server]
recipe = slapos.recipe.build:download
version = 3.14.0
md5sum = 376450bd517510442b60018646deadfe
filename = selenium-server-standalone-${:version}.jar
url = https://selenium-release.storage.googleapis.com/3.14/${:filename}
[macro-template] [macro-template]
recipe = slapos.recipe.template recipe = slapos.recipe.template
...@@ -43,10 +30,6 @@ mode = 0644 ...@@ -43,10 +30,6 @@ mode = 0644
<= macro-template <= macro-template
output = ${buildout:directory}/template.cfg output = ${buildout:directory}/template.cfg
[template-selenium]
<= macro-template
output = ${buildout:directory}/template-selenium.cfg
[versions] [versions]
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.recipe.template = 4.3 slapos.recipe.template = 4.3
Tests for SeleniumRunner software release
# THIS IS NOT A BUILDOUT FILE, despite purposedly using a compatible syntax.
# The only allowed lines here are (regexes):
# - "^#" comments, copied verbatim
# - "^[" section beginings, copied verbatim
# - lines containing an "=" sign which must fit in the following categorie.
# - "^\s*filename\s*=\s*path\s*$" where "path" is relative to this file
# Copied verbatim.
# - "^\s*hashtype\s*=.*" where "hashtype" is one of the values supported
# by the re-generation script.
# Re-generated.
# - other lines are copied verbatim
# Substitution (${...:...}), extension ([buildout] extends = ...) and
# section inheritance (< = ...) are NOT supported (but you should really
# not need these here).
[template]
filename = instance.cfg.in
md5sum = c4ac5de141ae6a64848309af03e51d88
[template-selenium]
filename = instance-selenium.cfg.in
md5sum = 4167621b473f81892d38389ac427c6ba
[buildout]
parts =
switch-softwaretype
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${template-selenium:output}
[slap-connection]
# part to migrate to new - separated words
computer-id = $${slap_connection:computer_id}
partition-id = $${slap_connection:partition_id}
server-url = $${slap_connection:server_url}
software-release-url = $${slap_connection:software_release_url}
key-file = $${slap_connection:key_file}
cert-file = $${slap_connection:cert_file}
# Selenium server
# https://seleniumhq.github.io/docs/grid.html
[buildout]
extends =
../../component/xorg/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/firefox/buildout.cfg
../../component/chromium/buildout.cfg
../../component/chromedriver/buildout.cfg
../../component/coreutils/buildout.cfg
../../component/java/buildout.cfg
../../component/caddy/buildout.cfg
../../component/openssh/buildout.cfg
../../stack/slapos.cfg
./buildout.hash.cfg
parts =
slapos-cookbook
template
[selenium-server]
recipe = slapos.recipe.build:download
version = 3.14.0
md5sum = 376450bd517510442b60018646deadfe
filename = selenium-server-standalone-${:version}.jar
url = https://selenium-release.storage.googleapis.com/3.14/${:filename}
[macro-template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/${:filename}
mode = 0644
[template]
<= macro-template
output = ${buildout:directory}/template.cfg
[template-selenium]
<= macro-template
output = ${buildout:directory}/template-selenium.cfg
[versions]
plone.recipe.command = 1.1
slapos.recipe.template = 4.3
Tests for SeleniumServer software release
...@@ -27,12 +27,12 @@ ...@@ -27,12 +27,12 @@
from setuptools import setup, find_packages from setuptools import setup, find_packages
version = '0.0.1.dev0' version = '0.0.1.dev0'
name = 'slapos.test.seleniumrunner' name = 'slapos.test.seleniumserver'
long_description = open("README.md").read() long_description = open("README.md").read()
setup(name=name, setup(name=name,
version=version, version=version,
description="Test for SlapOS' Seleniumrunner", description="Test for SlapOS' Selenium Server",
long_description=long_description, long_description=long_description,
long_description_content_type='text/markdown', long_description_content_type='text/markdown',
maintainer="Nexedi", maintainer="Nexedi",
......
...@@ -14,11 +14,11 @@ ...@@ -14,11 +14,11 @@
# not need these here). # not need these here).
[template-erp5] [template-erp5]
filename = instance-erp5.cfg.in filename = instance-erp5.cfg.in
md5sum = 6dfda47ff95a3fa768382d8002c8a780 md5sum = a617197b7be3cc40d97a97c75f923a48
[template-balancer] [template-balancer]
filename = instance-balancer.cfg.in filename = instance-balancer.cfg.in
md5sum = 3c7afbf160b943d2a10f527722792a23 md5sum = 0f0ff00eca0b2ba1f1626b6415acb719
[template-apache-backend-conf] [template-apache-backend-conf]
filename = apache-backend.conf.in filename = apache-backend.conf.in
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
{% set caucase_url = slapparameter_dict.get('caucase-url', '') -%} {% set caucase_url = slapparameter_dict.get('caucase-url', '') -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%} {% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
{% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%} {% set use_ipv6 = slapparameter_dict.get('use-ipv6', False) -%}
{% set shared_ca_path = slapparameter_dict['shared-certificate-authority-path'] -%} {% set shared_ca_path = slapparameter_dict.get('shared-certificate-authority-path') -%}
{# {#
XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6 XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6
per partition. No more (undefined result), no less (IndexError). per partition. No more (undefined result), no less (IndexError).
...@@ -104,6 +104,7 @@ ipv4 = {{ ipv4 }} ...@@ -104,6 +104,7 @@ ipv4 = {{ ipv4 }}
{% for family_name, parameter_id_list in sorted( {% for family_name, parameter_id_list in sorted(
slapparameter_dict['zope-family-dict'].iteritems()) -%} slapparameter_dict['zope-family-dict'].iteritems()) -%}
{% set zope_family_address_list = [] -%} {% set zope_family_address_list = [] -%}
{% set ssl_authentication = slapparameter_dict['ssl-authentication-dict'].get(family_name, False) -%}
{% set has_webdav = [] -%} {% set has_webdav = [] -%}
{% for parameter_id in parameter_id_list -%} {% for parameter_id in parameter_id_list -%}
{% set zope_address_list = slapparameter_dict[parameter_id] -%} {% set zope_address_list = slapparameter_dict[parameter_id] -%}
...@@ -130,7 +131,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} ...@@ -130,7 +131,7 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% set test_runner_apache_url_list = [] %} {% set test_runner_apache_url_list = [] %}
{% set test_runner_external_port = next_port() %} {% set test_runner_external_port = next_port() %}
{% for i, (test_runner_internal_ip, test_runner_internal_port) in {% for i, (test_runner_internal_ip, test_runner_internal_port) in
enumerate(slapparameter_dict[parameter_id ~ '-test-runner-address-list']) %} enumerate(slapparameter_dict.get(parameter_id ~ '-test-runner-address-list', [])) %}
{% do test_runner_backend_mapping.__setitem__( {% do test_runner_backend_mapping.__setitem__(
'unit_test_' ~ i, 'unit_test_' ~ i,
'http://' ~ test_runner_internal_ip ~ ':' ~ test_runner_internal_port ) %} 'http://' ~ test_runner_internal_ip ~ ':' ~ test_runner_internal_port ) %}
...@@ -162,7 +163,6 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }} ...@@ -162,7 +163,6 @@ ipv6 = {{ zope_address.split(']:')[0][1:] }}
{% set internal_scheme = 'http' -%} {% set internal_scheme = 'http' -%}
{% set external_scheme = 'https' -%} {% set external_scheme = 'https' -%}
{% endif -%} {% endif -%}
{% set ssl_authentication = slapparameter_dict['ssl-authentication-dict'].get(family_name, False) -%}
{% do apache_dict.__setitem__(family_name, (next_port(), external_scheme, internal_scheme ~ '://' ~ ipv4 ~ ':' ~ haproxy_port ~ backend_path, ssl_authentication)) -%} {% do apache_dict.__setitem__(family_name, (next_port(), external_scheme, internal_scheme ~ '://' ~ ipv4 ~ ':' ~ haproxy_port ~ backend_path, ssl_authentication)) -%}
{% endfor -%} {% endfor -%}
...@@ -330,6 +330,12 @@ newcerts = ${:ca-dir}/newcerts ...@@ -330,6 +330,12 @@ newcerts = ${:ca-dir}/newcerts
crl = ${:ca-dir}/crl crl = ${:ca-dir}/crl
apachedex = ${monitor-directory:private}/apachedex apachedex = ${monitor-directory:private}/apachedex
[{{ section('resiliency-exclude-file') }}]
# Generate rdiff exclude file in case of resiliency
< = jinja2-template-base
template = {{ 'inline:{{ "${directory:log}/**\\n" }}' }}
rendered = ${directory:srv}/exporter.exclude
[{{ section('monitor-generate-apachedex-report') }}] [{{ section('monitor-generate-apachedex-report') }}]
recipe = slapos.cookbook:cron.d recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries} cron-entries = ${cron:cron-entries}
......
...@@ -195,7 +195,9 @@ config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longreques ...@@ -195,7 +195,9 @@ config-longrequest-logger-timeout = {{ dumps(zope_parameter_dict.get('longreques
config-large-file-threshold = {{ dumps(zope_parameter_dict.get('large-file-threshold', "10MB")) }} config-large-file-threshold = {{ dumps(zope_parameter_dict.get('large-file-threshold', "10MB")) }}
config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }} config-port-base = {{ dumps(zope_parameter_dict.get('port-base', 2200)) }}
config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }} config-webdav = {{ dumps(zope_parameter_dict.get('webdav', False)) }}
{% if test_runner_enabled -%}
config-test-runner-apache-url-list = ${publish-early:{{ zope_family }}-test-runner-url-list} config-test-runner-apache-url-list = ${publish-early:{{ zope_family }}-test-runner-url-list}
{% endif -%}
{% endfor -%} {% endfor -%}
{# if not explicitly configured, connect jupyter to first zope family, which -#} {# if not explicitly configured, connect jupyter to first zope family, which -#}
...@@ -365,9 +367,11 @@ hosts-dict = {{ '${' ~ zope_address_list_id_dict.keys()[0] ~ ':connection-hosts- ...@@ -365,9 +367,11 @@ hosts-dict = {{ '${' ~ zope_address_list_id_dict.keys()[0] ~ ':connection-hosts-
{% for name, value in publish_dict.items() -%} {% for name, value in publish_dict.items() -%}
{{ name }} = {{ value }} {{ name }} = {{ value }}
{% endfor -%} {% endfor -%}
{% if test_runner_enabled -%}
{% for zope_family_name in zope_family_name_list -%} {% for zope_family_name in zope_family_name_list -%}
{{ zope_family_name }}-test-runner-url-list = ${request-balancer:connection-{{ zope_family_name }}-test-runner-url-list} {{ zope_family_name }}-test-runner-url-list = ${request-balancer:connection-{{ zope_family_name }}-test-runner-url-list}
{% endfor -%} {% endfor -%}
{% endif -%}
[publish-early] [publish-early]
...@@ -378,9 +382,11 @@ recipe = slapos.cookbook:publish-early ...@@ -378,9 +382,11 @@ recipe = slapos.cookbook:publish-early
{%- if has_posftix %} {%- if has_posftix %}
smtpd-sasl-password gen-smtpd-sasl-password:passwd smtpd-sasl-password gen-smtpd-sasl-password:passwd
{%- endif %} {%- endif %}
{% if test_runner_enabled -%}
{% for zope_family_name in zope_family_name_list %} {% for zope_family_name in zope_family_name_list %}
{{ zope_family_name }}-test-runner-url-list default-balancer-test-runner-url-list:default {{ zope_family_name }}-test-runner-url-list default-balancer-test-runner-url-list:default
{% endfor -%} {% endfor -%}
{% endif -%}
{%- if neo %} {%- if neo %}
neo-cluster gen-neo-cluster:name neo-cluster gen-neo-cluster:name
{%- if neo[0] %} {%- if neo[0] %}
......
...@@ -38,6 +38,7 @@ setup = ${caucase-repository:location} ...@@ -38,6 +38,7 @@ setup = ${caucase-repository:location}
<= setup-develop-egg <= setup-develop-egg
egg = kedifa egg = kedifa
setup = ${kedifa-repository:location} setup = ${kedifa-repository:location}
depends = ${caucase-setup:egg}
[slapos.libnetworkcache-setup] [slapos.libnetworkcache-setup]
<= setup-develop-egg <= setup-develop-egg
......
...@@ -18,7 +18,7 @@ md5sum = f0cab61c7b8478afb8b676fc725d50d5 ...@@ -18,7 +18,7 @@ md5sum = f0cab61c7b8478afb8b676fc725d50d5
[template-runner] [template-runner]
filename = instance-runner.cfg filename = instance-runner.cfg
md5sum = cd855670076979919c0fd00cc0f5938c md5sum = d9096d49eda70f3aa02c44615077f6c9
[template-runner-import-script] [template-runner-import-script]
filename = template/runner-import.sh.jinja2 filename = template/runner-import.sh.jinja2
...@@ -26,11 +26,11 @@ md5sum = ed2e08c07a6727b2012f15da67c0705d ...@@ -26,11 +26,11 @@ md5sum = ed2e08c07a6727b2012f15da67c0705d
[instance-runner-import] [instance-runner-import]
filename = instance-runner-import.cfg.in filename = instance-runner-import.cfg.in
md5sum = 2d516c6f1337efb7def32771c2eabc2b md5sum = 1ed9526a6e5ac9a80e5b3add2d0a88fe
[instance-runner-export] [instance-runner-export]
filename = instance-runner-export.cfg.in filename = instance-runner-export.cfg.in
md5sum = 01395b98534066ec23a5ad5c96d5f1e7 md5sum = 8132130c89896c2d30a08f3b3a7000ff
[template-resilient] [template-resilient]
filename = instance-resilient.cfg.jinja2 filename = instance-resilient.cfg.jinja2
......
...@@ -23,6 +23,7 @@ parts += ...@@ -23,6 +23,7 @@ parts +=
runner-sshkeys-authority runner-sshkeys-authority
runner-sshkeys-authority-service runner-sshkeys-authority-service
runner-sshkeys-sshd runner-sshkeys-sshd
runner-sshkeys-sshd-service
runtestsuite runtestsuite
symlinks symlinks
shellinabox shellinabox
......
...@@ -19,6 +19,7 @@ parts += ...@@ -19,6 +19,7 @@ parts +=
runner-sshkeys-authority runner-sshkeys-authority
runner-sshkeys-authority-service runner-sshkeys-authority-service
runner-sshkeys-sshd runner-sshkeys-sshd
runner-sshkeys-sshd-service
runtestsuite runtestsuite
shellinabox shellinabox
shellinabox-service shellinabox-service
......
...@@ -703,8 +703,6 @@ rendered = $${directory:bin}/shellinaboxd ...@@ -703,8 +703,6 @@ rendered = $${directory:bin}/shellinaboxd
template = inline: template = inline:
#!/bin/sh #!/bin/sh
exec ${shellinabox:location}/bin/shellinaboxd \ exec ${shellinabox:location}/bin/shellinaboxd \
--disable-ssl \
--disable-ssl-menu \
--unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \ --unixdomain-only=$${:socket}:$(id -u):$(id -g):0600 \
--service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l" --service "/:$(id -u):$(id -g):HOME:$${shell-environment:shell} -l"
......
...@@ -60,68 +60,7 @@ buildout-versions = 1.7 ...@@ -60,68 +60,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -45,68 +45,8 @@ buildout-versions = 1.7 ...@@ -45,68 +45,8 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -55,68 +55,7 @@ buildout-versions = 1.7 ...@@ -55,68 +55,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -55,68 +55,7 @@ buildout-versions = 1.7 ...@@ -55,68 +55,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -55,68 +55,7 @@ buildout-versions = 1.7 ...@@ -55,68 +55,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -65,8 +65,3 @@ eggs = ...@@ -65,8 +65,3 @@ eggs =
slapos.toolbox slapos.toolbox
[versions] [versions]
# if you upgrade to >1.0.29 this recipe may break
# as slapos.cookbook:downloader was removed.
slapos.cookbook = 0.64.1
slapos.toolbox = 0.30
...@@ -43,68 +43,7 @@ buildout-versions = 1.7 ...@@ -43,68 +43,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -68,68 +68,7 @@ buildout-versions = 1.7 ...@@ -68,68 +68,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -45,68 +45,7 @@ buildout-versions = 1.7 ...@@ -45,68 +45,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -47,68 +47,7 @@ buildout-versions = 1.7 ...@@ -47,68 +47,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -55,68 +55,7 @@ buildout-versions = 1.7 ...@@ -55,68 +55,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -56,68 +56,7 @@ buildout-versions = 1.7 ...@@ -56,68 +56,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -56,68 +56,7 @@ buildout-versions = 1.7 ...@@ -56,68 +56,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -46,68 +46,7 @@ buildout-versions = 1.7 ...@@ -46,68 +46,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -47,68 +47,7 @@ buildout-versions = 1.7 ...@@ -47,68 +47,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -55,68 +55,7 @@ buildout-versions = 1.7 ...@@ -55,68 +55,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -45,68 +45,7 @@ buildout-versions = 1.7 ...@@ -45,68 +45,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -44,68 +44,7 @@ buildout-versions = 1.7 ...@@ -44,68 +44,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -179,22 +179,6 @@ gitdb = 0.5.4 ...@@ -179,22 +179,6 @@ gitdb = 0.5.4
plone.recipe.command = 1.1 plone.recipe.command = 1.1
pycrypto = 2.6 pycrypto = 2.6
slapos.recipe.template = 2.4.2 slapos.recipe.template = 2.4.2
slapos.toolbox = 0.34.0
smmap = 0.8.2 smmap = 0.8.2
z3c.recipe.scripts = 1.0.1 z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.toolbox==0.34.0
GitPython = 0.3.2.RC1
# Required by:
# slapos.toolbox==0.34.0
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.34.0
feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.34.0
paramiko = 1.10.1
...@@ -45,68 +45,7 @@ buildout-versions = 1.7 ...@@ -45,68 +45,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.5
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -57,68 +57,7 @@ buildout-versions = 1.7 ...@@ -57,68 +57,7 @@ buildout-versions = 1.7
hexagonit.recipe.cmmi = 1.5.0 hexagonit.recipe.cmmi = 1.5.0
meld3 = 0.6.7 meld3 = 0.6.7
plone.recipe.command = 1.1 plone.recipe.command = 1.1
slapos.cookbook = 0.34
slapos.recipe.build = 0.7
slapos.recipe.template = 2.2 slapos.recipe.template = 2.2
slapos.toolbox = 0.10
# Required by:
# slapos.core==0.18
# slapos.toolbox==0.10
Flask = 0.8
# Required by:
# slapos.cookbook==0.34
PyXML = 0.8.4
# Required by:
# hexagonit.recipe.cmmi==1.5.0
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.34
# slapos.core==0.18
# slapos.toolbox==0.10
# xml-marshaller==0.9.7
lxml = 2.3.1
# Required by:
# slapos.cookbook==0.34
netaddr = 0.7.6
# Required by:
# slapos.core==0.18
netifaces = 0.6
# Required by:
# slapos.toolbox==0.10
paramiko = 1.7.7.1
# Required by:
# slapos.toolbox==0.10
psutil = 0.3.0
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
slapos.core = 0.18
# Required by:
# slapos.core==0.18
supervisor = 3.0a10
# Required by:
# slapos.cookbook==0.34
# slapos.toolbox==0.10
xml-marshaller = 0.9.7
# Required by:
# slapos.cookbook==0.34
zc.recipe.egg = 1.3.2
# Required by:
# slapos.core==0.18
zope.interface = 3.8.0
[downloadcache-workaround] [downloadcache-workaround]
# workaround irritating problem of hexagonit.recipe.cmmi which automatically # workaround irritating problem of hexagonit.recipe.cmmi which automatically
......
...@@ -14,79 +14,8 @@ lxml = 3.1.0 ...@@ -14,79 +14,8 @@ lxml = 3.1.0
meld3 = 0.6.10 meld3 = 0.6.10
plone.recipe.command = 1.1 plone.recipe.command = 1.1
pycrypto = 2.6 pycrypto = 2.6
slapos.cookbook = 0.73.1
slapos.recipe.template = 2.4.2 slapos.recipe.template = 2.4.2
slapos.toolbox = 0.33.1
smmap = 0.8.2 smmap = 0.8.2
websockify = 0.3.0 websockify = 0.3.0
z3c.recipe.scripts = 1.0.1 z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.core==0.35.1
# slapos.toolbox==0.33.1
Flask = 0.9
# Required by:
# slapos.toolbox==0.33.1
GitPython = 0.3.2.RC1
# Required by:
# slapos.toolbox==0.33.1
atomize = 0.1.1
# Required by:
# slapos.toolbox==0.33.1
feedparser = 5.1.3
# Required by:
# hexagonit.recipe.cmmi==1.6
hexagonit.recipe.download = 1.6nxd002
# Required by:
# slapos.cookbook==0.73.1
# Required by:
# slapos.cookbook==0.73.1
netaddr = 0.7.10
# Required by:
# slapos.core==0.35.1
netifaces = 0.10.4
# Required by:
# slapos.toolbox==0.33.1
paramiko = 1.10.0
# Required by:
# slapos.toolbox==0.33.1
psutil = 0.6.1
# Required by:
# slapos.core==0.35.1
pyflakes = 0.6.1
# Required by:
# slapos.cookbook==0.73.1
pytz = 2012j
# Required by:
# slapos.cookbook==0.73.1
# slapos.toolbox==0.33.1
slapos.core = 0.35.1
# Required by:
# slapos.core==0.35.1
supervisor = 3.0b1
# Required by:
# slapos.core==0.35.1
unittest2 = 0.5.1
# Required by:
# slapos.cookbook==0.73.1
# slapos.toolbox==0.33.1
xml-marshaller = 0.9.7
# Required by:
# slapos.core==0.35.1
zope.interface = 4.0.5
\ No newline at end of file
...@@ -407,10 +407,8 @@ initialization = ...@@ -407,10 +407,8 @@ initialization =
parts_directory = '''${buildout:parts-directory}''' parts_directory = '''${buildout:parts-directory}'''
repository_id_list = \ repository_id_list = \
'''${erp5_repository_list:repository_id_list}'''.split()[::-1] '''${erp5_repository_list:repository_id_list}'''.split()[::-1]
os.environ['erp5_tests_bt5_path'] = ','.join(sum(( os.environ['erp5_tests_bt5_path'] = ','.join(
[bt5_path, os.path.join(bt5_path, '*')] os.path.join(parts_directory, x, 'bt5') for x in repository_id_list)
for bt5_path in (os.path.join(parts_directory, x, 'bt5')
for x in repository_id_list)), []))
extra_path_list = '''${:extra-paths}'''.split() extra_path_list = '''${:extra-paths}'''.split()
sys.path[:0] = sum(( sys.path[:0] = sum((
glob.glob(os.path.join(x, 'tests')) glob.glob(os.path.join(x, 'tests'))
......
...@@ -135,13 +135,13 @@ pytz = 2016.10 ...@@ -135,13 +135,13 @@ pytz = 2016.10
requests = 2.13.0 requests = 2.13.0
six = 1.11.0 six = 1.11.0
slapos.cookbook = 1.0.75 slapos.cookbook = 1.0.75
slapos.core = 1.4.13 slapos.core = 1.4.14
slapos.extension.strip = 0.4 slapos.extension.strip = 0.4
slapos.extension.shared = 1.0 slapos.extension.shared = 1.0
slapos.libnetworkcache = 0.16 slapos.libnetworkcache = 0.16
slapos.rebootstrap = 4.1 slapos.rebootstrap = 4.1
slapos.recipe.build = 0.39 slapos.recipe.build = 0.40
slapos.recipe.cmmi = 0.8 slapos.recipe.cmmi = 0.10
slapos.toolbox = 0.83 slapos.toolbox = 0.83
stevedore = 1.21.0 stevedore = 1.21.0
unicodecsv = 0.14.1 unicodecsv = 0.14.1
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment