summaryrefslogtreecommitdiff
path: root/cpp/src/tests/sasl_fed_ex
diff options
context:
space:
mode:
Diffstat (limited to 'cpp/src/tests/sasl_fed_ex')
-rwxr-xr-xcpp/src/tests/sasl_fed_ex306
1 files changed, 211 insertions, 95 deletions
diff --git a/cpp/src/tests/sasl_fed_ex b/cpp/src/tests/sasl_fed_ex
index 0740650d6c..716a806874 100755
--- a/cpp/src/tests/sasl_fed_ex
+++ b/cpp/src/tests/sasl_fed_ex
@@ -19,22 +19,52 @@
# under the License.
#
-
#===============================================================================
-# This test creates a federated link between two brokers using SASL security.
+# These tests create federated links between two brokers using SASL security.
# The SASL mechanism used is EXTERNAL, which is satisfied by SSL
# transport-layer security.
#===============================================================================
source ./test_env.sh
+script_name=`basename $0`
+
+if [ $# -lt 1 ] || [ $# -gt 2 ]
+then
+ echo
+ # These are the four different ways of creating links ( or routes+links )
+ # that the qpid-route command provides.
+ echo "Usage: ${script_name} dynamic|link|queue|route [cluster]"
+ echo
+ exit 1
+fi
+
+# Has the user told us to do clustering ? -----------
+clustering_flag=
+if [ $# -eq "2" ] && [ "$2" == "cluster" ]; then
+ clustering_flag=true
+fi
+
+qpid_route_method=$1
+
+# Debugging print. --------------------------
+debug=
+function print {
+ if [ "$debug" ]; then
+ echo "${script_name}: $1"
+ fi
+}
+
+print "=========== start sasl_fed_ex $* ============"
+
+
# This minimum value corresponds to sasl version 2.1.22
minimum_sasl_version=131350
sasl_version=`$QPID_TEST_EXEC_DIR/sasl_version`
-# This test is necessary becasue this sasl version is the first one that permits
+# This test is necessary because this sasl version is the first one that permits
# redirection of the sasl config file path.
if [ "$sasl_version" -lt "$minimum_sasl_version" ]; then
echo "sasl_fed: must have sasl version 2.1.22 or greater. ( Integer value: $minimum_sasl_version ) Version is: $sasl_version"
@@ -60,6 +90,7 @@ create_certs() {
delete_certs() {
if [[ -e ${CERT_DIR} ]] ; then
+ print "removing cert dir ${CERT_DIR}"
rm -rf ${CERT_DIR}
fi
}
@@ -72,22 +103,40 @@ if [[ !(-x $CERTUTIL) ]] ; then
fi
delete_certs
-create_certs || error "Could not create test certificate"
-
+create_certs 2> /dev/null
+if [ ! $? ]; then
+ error "Could not create test certificate"
+ exit 1
+fi
-sasl_config_file=$builddir/sasl_config
+sasl_config_dir=$builddir/sasl_config
-my_random_number=$RANDOM
-tmp_root=/tmp/sasl_fed_$my_random_number
+tmp_root=${builddir}/sasl_fed_ex_temp
+print "results dir is ${tmp_root}"
+rm -rf ${tmp_root}
mkdir -p $tmp_root
SRC_SSL_PORT=6667
DST_SSL_PORT=6666
+SRC_SSL_PORT_2=6668
+DST_SSL_PORT_2=6669
+
SRC_TCP_PORT=5801
DST_TCP_PORT=5807
-SSL_LIB=../.libs/ssl.so
+SRC_TCP_PORT_2=5802
+DST_TCP_PORT_2=5803
+
+CLUSTER_NAME_SUFFIX=`hostname | tr '.' ' ' | awk '{print $1}'`
+CLUSTER_1_NAME=sasl_fed_ex_cluster_1_${CLUSTER_NAME_SUFFIX}
+CLUSTER_2_NAME=sasl_fed_ex_cluster_2_${CLUSTER_NAME_SUFFIX}
+
+print "CLUSTER_1_NAME == ${CLUSTER_1_NAME}"
+print "CLUSTER_2_NAME == ${CLUSTER_2_NAME}"
+
+SSL_LIB=${moduledir}/ssl.so
+CLUSTER_LIB=${moduledir}/cluster.so
export QPID_SSL_CERT_NAME=${TEST_HOSTNAME}
@@ -116,52 +165,112 @@ export QPID_SSL_CERT_NAME=${TEST_HOSTNAME}
# 5. DST pulls messages off the temp queue on SRC to itself.
#
+COMMON_BROKER_OPTIONS=" \
+ --ssl-sasl-no-dict \
+ --sasl-config=$sasl_config_dir \
+ --ssl-require-client-authentication \
+ --auth yes \
+ --ssl-cert-db $CERT_DIR \
+ --ssl-cert-password-file $CERT_PW_FILE \
+ --ssl-cert-name $TEST_HOSTNAME \
+ --no-data-dir \
+ --no-module-dir \
+ --load-module ${SSL_LIB} \
+ --mgmt-enable=yes \
+ --log-enable info+ \
+ --log-source yes \
+ --daemon "
+
+
+function start_brokers {
+ if [ $1 ]; then
+ # clustered ----------------------------------------
+ print "Starting SRC cluster"
+
+ print " src broker 1"
+ $QPIDD_EXEC \
+ --port=${SRC_TCP_PORT} \
+ --ssl-port ${SRC_SSL_PORT} \
+ ${COMMON_BROKER_OPTIONS} \
+ --load-module ${CLUSTER_LIB} \
+ --cluster-name ${CLUSTER_1_NAME} \
+ --log-to-file $tmp_root/qpidd_src.log 2> /dev/null
+
+ broker_ports[0]=${SRC_TCP_PORT}
+
+ print " src broker 2"
+ $QPIDD_EXEC \
+ --port=${SRC_TCP_PORT_2} \
+ --ssl-port ${SRC_SSL_PORT_2} \
+ ${COMMON_BROKER_OPTIONS} \
+ --load-module ${CLUSTER_LIB} \
+ --cluster-name ${CLUSTER_1_NAME} \
+ --log-to-file $tmp_root/qpidd_src_2.log 2> /dev/null
+
+ broker_ports[1]=${SRC_TCP_PORT_2}
+
+
+ print "Starting DST cluster"
+
+ print " dst broker 1"
+ $QPIDD_EXEC \
+ --port=${DST_TCP_PORT} \
+ --ssl-port ${DST_SSL_PORT} \
+ ${COMMON_BROKER_OPTIONS} \
+ --load-module ${CLUSTER_LIB} \
+ --cluster-name ${CLUSTER_2_NAME} \
+ --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null
+
+ broker_ports[2]=${DST_TCP_PORT}
+
+ print " dst broker 2"
+ $QPIDD_EXEC \
+ --port=${DST_TCP_PORT_2} \
+ --ssl-port ${DST_SSL_PORT_2} \
+ ${COMMON_BROKER_OPTIONS} \
+ --load-module ${CLUSTER_LIB} \
+ --cluster-name ${CLUSTER_2_NAME} \
+ --log-to-file $tmp_root/qpidd_dst_2.log 2> /dev/null
+
+ broker_ports[3]=${DST_TCP_PORT_2}
+
+ else
+ # vanilla brokers --------------------------------
+ print "Starting SRC broker"
+ $QPIDD_EXEC \
+ --port=${SRC_TCP_PORT} \
+ --ssl-port ${SRC_SSL_PORT} \
+ ${COMMON_BROKER_OPTIONS} \
+ --log-to-file $tmp_root/qpidd_src.log 2> /dev/null
+
+ broker_ports[0]=${SRC_TCP_PORT}
+
+ print "Starting DST broker"
+ $QPIDD_EXEC \
+ --port=${DST_TCP_PORT} \
+ --ssl-port ${DST_SSL_PORT} \
+ ${COMMON_BROKER_OPTIONS} \
+ --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null
+
+ broker_ports[1]=${DST_TCP_PORT}
+ fi
+}
+
+function halt_brokers {
+ n_brokers=${#broker_ports[@]}
+ print "Halting ${n_brokers} brokers."
+ for i in $(seq 0 $((${n_brokers} - 1)))
+ do
+ halt_port=${broker_ports[$i]}
+ print "Halting broker $i on port ${halt_port}"
+ $QPIDD_EXEC --port ${halt_port} --quit
+ done
+
+}
-#echo "-----------------------"
-#echo "Starting SRC broker"
-#echo "-----------------------"
-$QPIDD_EXEC \
- --port=${SRC_TCP_PORT} \
- --ssl-port ${SRC_SSL_PORT} \
- --ssl-sasl-no-dict \
- --sasl-config=$sasl_config_file \
- --ssl-require-client-authentication \
- --auth yes \
- --ssl-cert-db $CERT_DIR \
- --ssl-cert-password-file $CERT_PW_FILE \
- --ssl-cert-name $TEST_HOSTNAME \
- --no-data-dir \
- --no-module-dir \
- --load-module ${SSL_LIB} \
- --mgmt-enable=yes \
- --log-enable info+ \
- --log-source yes \
- --daemon \
- --log-to-file $tmp_root/qpidd_src.log 2> /dev/null
-
-
-#echo "-----------------------"
-#echo "Starting DST broker"
-#echo "-----------------------"
-$QPIDD_EXEC \
- --port=${DST_TCP_PORT} \
- --ssl-port ${DST_SSL_PORT} \
- --ssl-cert-db $CERT_DIR \
- --ssl-cert-password-file $CERT_PW_FILE \
- --ssl-cert-name $TEST_HOSTNAME \
- --ssl-sasl-no-dict \
- --ssl-require-client-authentication \
- --sasl-config=$sasl_config_file \
- --no-data-dir \
- --no-module-dir \
- --load-module ${SSL_LIB} \
- --mgmt-enable=yes \
- --log-enable info+ \
- --log-source yes \
- --daemon \
- $COMMON_BROKER_OPTIONS \
- --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null
+
+start_brokers $clustering_flag
# I am not randomizing these names, because this test creates its own brokers.
@@ -170,76 +279,83 @@ ROUTING_KEY=sasl_fed_queue
EXCHANGE_NAME=sasl_fedex
-#echo "-----------------------"
-#echo "add exchanges"
-#echo "-----------------------"
+print "add exchanges"
$QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} add exchange direct $EXCHANGE_NAME
$QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} add exchange direct $EXCHANGE_NAME
-#echo "-----------------------"
-#echo "add queues"
-#echo "-----------------------"
+print "add queues"
$QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} add queue $QUEUE_NAME
$QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} add queue $QUEUE_NAME
-#echo "-----------------------"
-#echo "create bindings"
-#echo "-----------------------"
+print "create bindings"
$QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} bind $EXCHANGE_NAME $QUEUE_NAME $ROUTING_KEY
$QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} bind $EXCHANGE_NAME $QUEUE_NAME $ROUTING_KEY
-#echo "-----------------------"
-#echo "qpid-route route add"
-#echo "-----------------------"
+#
# NOTE: The SRC broker *must* be referred to as $TEST_HOSTNAME, and not as "localhost".
# It must be referred to by the exact string given as the Common Name (CN) in the cert,
# which was created in the function create_certs, above.
-$QPID_ROUTE_EXEC route add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} -t ssl $EXCHANGE_NAME $ROUTING_KEY "" "" EXTERNAL
-#echo "-----------------------"
-#echo "view the route :"
-#echo "-----------------------"
-#$PYTHON_COMMANDS/qpid-route route list localhost:${DST_TCP_PORT}
-
-# I don't know how to avoid this sleep yet. It has to come after route-creation.
-sleep 5
-n_messages=100
-./datagen --count ${n_messages} | ./sender --broker localhost --port ${SRC_TCP_PORT} --exchange ${EXCHANGE_NAME} --routing-key ${ROUTING_KEY} --mechanism ANONYMOUS
+#----------------------------------------------------------------
+# Use qpid-route to create the link, or the link+route, depending
+# on which of its several methods was requested.
+#----------------------------------------------------------------
+if [ ${qpid_route_method} == "dynamic" ]; then
+ print "dynamic add"
+ $QPID_ROUTE_EXEC -t ssl dynamic add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME "" "" EXTERNAL
+elif [ ${qpid_route_method} == "link" ]; then
+ print "link add"
+ $QPID_ROUTE_EXEC -t ssl link add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} EXTERNAL
+elif [ ${qpid_route_method} == "queue" ]; then
+ print "queue add"
+ $QPID_ROUTE_EXEC -t ssl queue add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME $ROUTING_KEY EXTERNAL
+elif [ ${qpid_route_method} == "route" ]; then
+ print "route add"
+ $QPID_ROUTE_EXEC -t ssl route add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME $ROUTING_KEY "" "" EXTERNAL
+else
+ echo "unknown method: |${qpid_route_method}|"
+ echo " choices are: dynamic|link|queue|route "
+ halt_brokers
+ exit 1
+fi
-#echo "-----------------------"
-#echo "Examine DST Broker"
-#echo "-----------------------"
-dst_message_count=`qpid-stat -q localhost:${DST_TCP_PORT} | grep sasl_fed_queue | awk '{print $2}'`
+# I don't know how to avoid this sleep yet. It has to come after route-creation
+# to avoid false negatives.
+sleep 5
+# This should work the same whether or not we are running a clustered test.
+# In the case of clustered tests, the status is not printed by qpid_route.
+# So in either case, I will look only at the transport field, which should be "ssl".
+print "check the link"
+link_status=$($QPID_ROUTE_EXEC link list localhost:${DST_TCP_PORT} | tail -1 | awk '{print $3}')
-#echo "-----------------------"
-#echo "Asking brokers to quit."
-#echo "-----------------------"
-$QPIDD_EXEC --port ${SRC_TCP_PORT} --quit
-$QPIDD_EXEC --port ${DST_TCP_PORT} --quit
+halt_brokers
+sleep 1
-#echo "-----------------------"
-#echo "Removing temporary directory $tmp_root"
-#echo "-----------------------"
-rm -rf $tmp_root
+if [ ! ${link_status} ]; then
+ print "link_status is empty"
+ print "result: fail"
+ exit 2
+fi
-if [ "$dst_message_count" -eq "$n_messages" ]; then
- #echo "good: |$dst_message_count| == |$n_messages|"
+if [ ${link_status} == "ssl" ]; then
+ print "result: good"
+ # Only remove the tmp_root on success, to permit debugging.
+ print "Removing temporary directory $tmp_root"
+ rm -rf $tmp_root
exit 0
-else
- #echo "not ideal: |$dst_message_count| != |$n_messages|"
- exit 1
fi
-
-
+print "link_status has a bad value: ${link_status}"
+print "result: fail"
+exit 3