diff options
Diffstat (limited to 'cpp/src/tests/sasl_fed_ex')
-rwxr-xr-x | cpp/src/tests/sasl_fed_ex | 306 |
1 files changed, 95 insertions, 211 deletions
diff --git a/cpp/src/tests/sasl_fed_ex b/cpp/src/tests/sasl_fed_ex index 716a806874..0740650d6c 100755 --- a/cpp/src/tests/sasl_fed_ex +++ b/cpp/src/tests/sasl_fed_ex @@ -19,52 +19,22 @@ # under the License. # + #=============================================================================== -# These tests create federated links between two brokers using SASL security. +# This test creates a federated link between two brokers using SASL security. # The SASL mechanism used is EXTERNAL, which is satisfied by SSL # transport-layer security. #=============================================================================== source ./test_env.sh -script_name=`basename $0` - -if [ $# -lt 1 ] || [ $# -gt 2 ] -then - echo - # These are the four different ways of creating links ( or routes+links ) - # that the qpid-route command provides. - echo "Usage: ${script_name} dynamic|link|queue|route [cluster]" - echo - exit 1 -fi - -# Has the user told us to do clustering ? ----------- -clustering_flag= -if [ $# -eq "2" ] && [ "$2" == "cluster" ]; then - clustering_flag=true -fi - -qpid_route_method=$1 - -# Debugging print. -------------------------- -debug= -function print { - if [ "$debug" ]; then - echo "${script_name}: $1" - fi -} - -print "=========== start sasl_fed_ex $* ============" - - # This minimum value corresponds to sasl version 2.1.22 minimum_sasl_version=131350 sasl_version=`$QPID_TEST_EXEC_DIR/sasl_version` -# This test is necessary because this sasl version is the first one that permits +# This test is necessary becasue this sasl version is the first one that permits # redirection of the sasl config file path. if [ "$sasl_version" -lt "$minimum_sasl_version" ]; then echo "sasl_fed: must have sasl version 2.1.22 or greater. ( Integer value: $minimum_sasl_version ) Version is: $sasl_version" @@ -90,7 +60,6 @@ create_certs() { delete_certs() { if [[ -e ${CERT_DIR} ]] ; then - print "removing cert dir ${CERT_DIR}" rm -rf ${CERT_DIR} fi } @@ -103,40 +72,22 @@ if [[ !(-x $CERTUTIL) ]] ; then fi delete_certs -create_certs 2> /dev/null -if [ ! $? ]; then - error "Could not create test certificate" - exit 1 -fi +create_certs || error "Could not create test certificate" -sasl_config_dir=$builddir/sasl_config -tmp_root=${builddir}/sasl_fed_ex_temp -print "results dir is ${tmp_root}" -rm -rf ${tmp_root} +sasl_config_file=$builddir/sasl_config + +my_random_number=$RANDOM +tmp_root=/tmp/sasl_fed_$my_random_number mkdir -p $tmp_root SRC_SSL_PORT=6667 DST_SSL_PORT=6666 -SRC_SSL_PORT_2=6668 -DST_SSL_PORT_2=6669 - SRC_TCP_PORT=5801 DST_TCP_PORT=5807 -SRC_TCP_PORT_2=5802 -DST_TCP_PORT_2=5803 - -CLUSTER_NAME_SUFFIX=`hostname | tr '.' ' ' | awk '{print $1}'` -CLUSTER_1_NAME=sasl_fed_ex_cluster_1_${CLUSTER_NAME_SUFFIX} -CLUSTER_2_NAME=sasl_fed_ex_cluster_2_${CLUSTER_NAME_SUFFIX} - -print "CLUSTER_1_NAME == ${CLUSTER_1_NAME}" -print "CLUSTER_2_NAME == ${CLUSTER_2_NAME}" - -SSL_LIB=${moduledir}/ssl.so -CLUSTER_LIB=${moduledir}/cluster.so +SSL_LIB=../.libs/ssl.so export QPID_SSL_CERT_NAME=${TEST_HOSTNAME} @@ -165,112 +116,52 @@ export QPID_SSL_CERT_NAME=${TEST_HOSTNAME} # 5. DST pulls messages off the temp queue on SRC to itself. # -COMMON_BROKER_OPTIONS=" \ - --ssl-sasl-no-dict \ - --sasl-config=$sasl_config_dir \ - --ssl-require-client-authentication \ - --auth yes \ - --ssl-cert-db $CERT_DIR \ - --ssl-cert-password-file $CERT_PW_FILE \ - --ssl-cert-name $TEST_HOSTNAME \ - --no-data-dir \ - --no-module-dir \ - --load-module ${SSL_LIB} \ - --mgmt-enable=yes \ - --log-enable info+ \ - --log-source yes \ - --daemon " - - -function start_brokers { - if [ $1 ]; then - # clustered ---------------------------------------- - print "Starting SRC cluster" - - print " src broker 1" - $QPIDD_EXEC \ - --port=${SRC_TCP_PORT} \ - --ssl-port ${SRC_SSL_PORT} \ - ${COMMON_BROKER_OPTIONS} \ - --load-module ${CLUSTER_LIB} \ - --cluster-name ${CLUSTER_1_NAME} \ - --log-to-file $tmp_root/qpidd_src.log 2> /dev/null - - broker_ports[0]=${SRC_TCP_PORT} - - print " src broker 2" - $QPIDD_EXEC \ - --port=${SRC_TCP_PORT_2} \ - --ssl-port ${SRC_SSL_PORT_2} \ - ${COMMON_BROKER_OPTIONS} \ - --load-module ${CLUSTER_LIB} \ - --cluster-name ${CLUSTER_1_NAME} \ - --log-to-file $tmp_root/qpidd_src_2.log 2> /dev/null - - broker_ports[1]=${SRC_TCP_PORT_2} - - - print "Starting DST cluster" - - print " dst broker 1" - $QPIDD_EXEC \ - --port=${DST_TCP_PORT} \ - --ssl-port ${DST_SSL_PORT} \ - ${COMMON_BROKER_OPTIONS} \ - --load-module ${CLUSTER_LIB} \ - --cluster-name ${CLUSTER_2_NAME} \ - --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null - - broker_ports[2]=${DST_TCP_PORT} - - print " dst broker 2" - $QPIDD_EXEC \ - --port=${DST_TCP_PORT_2} \ - --ssl-port ${DST_SSL_PORT_2} \ - ${COMMON_BROKER_OPTIONS} \ - --load-module ${CLUSTER_LIB} \ - --cluster-name ${CLUSTER_2_NAME} \ - --log-to-file $tmp_root/qpidd_dst_2.log 2> /dev/null - - broker_ports[3]=${DST_TCP_PORT_2} - - else - # vanilla brokers -------------------------------- - print "Starting SRC broker" - $QPIDD_EXEC \ - --port=${SRC_TCP_PORT} \ - --ssl-port ${SRC_SSL_PORT} \ - ${COMMON_BROKER_OPTIONS} \ - --log-to-file $tmp_root/qpidd_src.log 2> /dev/null - - broker_ports[0]=${SRC_TCP_PORT} - - print "Starting DST broker" - $QPIDD_EXEC \ - --port=${DST_TCP_PORT} \ - --ssl-port ${DST_SSL_PORT} \ - ${COMMON_BROKER_OPTIONS} \ - --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null - - broker_ports[1]=${DST_TCP_PORT} - fi -} - -function halt_brokers { - n_brokers=${#broker_ports[@]} - print "Halting ${n_brokers} brokers." - for i in $(seq 0 $((${n_brokers} - 1))) - do - halt_port=${broker_ports[$i]} - print "Halting broker $i on port ${halt_port}" - $QPIDD_EXEC --port ${halt_port} --quit - done - -} - -start_brokers $clustering_flag +#echo "-----------------------" +#echo "Starting SRC broker" +#echo "-----------------------" +$QPIDD_EXEC \ + --port=${SRC_TCP_PORT} \ + --ssl-port ${SRC_SSL_PORT} \ + --ssl-sasl-no-dict \ + --sasl-config=$sasl_config_file \ + --ssl-require-client-authentication \ + --auth yes \ + --ssl-cert-db $CERT_DIR \ + --ssl-cert-password-file $CERT_PW_FILE \ + --ssl-cert-name $TEST_HOSTNAME \ + --no-data-dir \ + --no-module-dir \ + --load-module ${SSL_LIB} \ + --mgmt-enable=yes \ + --log-enable info+ \ + --log-source yes \ + --daemon \ + --log-to-file $tmp_root/qpidd_src.log 2> /dev/null + + +#echo "-----------------------" +#echo "Starting DST broker" +#echo "-----------------------" +$QPIDD_EXEC \ + --port=${DST_TCP_PORT} \ + --ssl-port ${DST_SSL_PORT} \ + --ssl-cert-db $CERT_DIR \ + --ssl-cert-password-file $CERT_PW_FILE \ + --ssl-cert-name $TEST_HOSTNAME \ + --ssl-sasl-no-dict \ + --ssl-require-client-authentication \ + --sasl-config=$sasl_config_file \ + --no-data-dir \ + --no-module-dir \ + --load-module ${SSL_LIB} \ + --mgmt-enable=yes \ + --log-enable info+ \ + --log-source yes \ + --daemon \ + $COMMON_BROKER_OPTIONS \ + --log-to-file $tmp_root/qpidd_dst.log 2> /dev/null # I am not randomizing these names, because this test creates its own brokers. @@ -279,83 +170,76 @@ ROUTING_KEY=sasl_fed_queue EXCHANGE_NAME=sasl_fedex -print "add exchanges" +#echo "-----------------------" +#echo "add exchanges" +#echo "-----------------------" $QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} add exchange direct $EXCHANGE_NAME $QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} add exchange direct $EXCHANGE_NAME -print "add queues" +#echo "-----------------------" +#echo "add queues" +#echo "-----------------------" $QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} add queue $QUEUE_NAME $QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} add queue $QUEUE_NAME -print "create bindings" +#echo "-----------------------" +#echo "create bindings" +#echo "-----------------------" $QPID_CONFIG_EXEC -a localhost:${SRC_TCP_PORT} bind $EXCHANGE_NAME $QUEUE_NAME $ROUTING_KEY $QPID_CONFIG_EXEC -a localhost:${DST_TCP_PORT} bind $EXCHANGE_NAME $QUEUE_NAME $ROUTING_KEY -# +#echo "-----------------------" +#echo "qpid-route route add" +#echo "-----------------------" # NOTE: The SRC broker *must* be referred to as $TEST_HOSTNAME, and not as "localhost". # It must be referred to by the exact string given as the Common Name (CN) in the cert, # which was created in the function create_certs, above. +$QPID_ROUTE_EXEC route add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} -t ssl $EXCHANGE_NAME $ROUTING_KEY "" "" EXTERNAL +#echo "-----------------------" +#echo "view the route :" +#echo "-----------------------" +#$PYTHON_COMMANDS/qpid-route route list localhost:${DST_TCP_PORT} +# I don't know how to avoid this sleep yet. It has to come after route-creation. +sleep 5 -#---------------------------------------------------------------- -# Use qpid-route to create the link, or the link+route, depending -# on which of its several methods was requested. -#---------------------------------------------------------------- -if [ ${qpid_route_method} == "dynamic" ]; then - print "dynamic add" - $QPID_ROUTE_EXEC -t ssl dynamic add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME "" "" EXTERNAL -elif [ ${qpid_route_method} == "link" ]; then - print "link add" - $QPID_ROUTE_EXEC -t ssl link add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} EXTERNAL -elif [ ${qpid_route_method} == "queue" ]; then - print "queue add" - $QPID_ROUTE_EXEC -t ssl queue add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME $ROUTING_KEY EXTERNAL -elif [ ${qpid_route_method} == "route" ]; then - print "route add" - $QPID_ROUTE_EXEC -t ssl route add localhost:${DST_TCP_PORT} $TEST_HOSTNAME:${SRC_SSL_PORT} $EXCHANGE_NAME $ROUTING_KEY "" "" EXTERNAL -else - echo "unknown method: |${qpid_route_method}|" - echo " choices are: dynamic|link|queue|route " - halt_brokers - exit 1 -fi +n_messages=100 +./datagen --count ${n_messages} | ./sender --broker localhost --port ${SRC_TCP_PORT} --exchange ${EXCHANGE_NAME} --routing-key ${ROUTING_KEY} --mechanism ANONYMOUS -# I don't know how to avoid this sleep yet. It has to come after route-creation -# to avoid false negatives. -sleep 5 -# This should work the same whether or not we are running a clustered test. -# In the case of clustered tests, the status is not printed by qpid_route. -# So in either case, I will look only at the transport field, which should be "ssl". -print "check the link" -link_status=$($QPID_ROUTE_EXEC link list localhost:${DST_TCP_PORT} | tail -1 | awk '{print $3}') +#echo "-----------------------" +#echo "Examine DST Broker" +#echo "-----------------------" +dst_message_count=`qpid-stat -q localhost:${DST_TCP_PORT} | grep sasl_fed_queue | awk '{print $2}'` -halt_brokers -sleep 1 +#echo "-----------------------" +#echo "Asking brokers to quit." +#echo "-----------------------" +$QPIDD_EXEC --port ${SRC_TCP_PORT} --quit +$QPIDD_EXEC --port ${DST_TCP_PORT} --quit -if [ ! ${link_status} ]; then - print "link_status is empty" - print "result: fail" - exit 2 -fi -if [ ${link_status} == "ssl" ]; then - print "result: good" - # Only remove the tmp_root on success, to permit debugging. - print "Removing temporary directory $tmp_root" - rm -rf $tmp_root +#echo "-----------------------" +#echo "Removing temporary directory $tmp_root" +#echo "-----------------------" +rm -rf $tmp_root + +if [ "$dst_message_count" -eq "$n_messages" ]; then + #echo "good: |$dst_message_count| == |$n_messages|" exit 0 +else + #echo "not ideal: |$dst_message_count| != |$n_messages|" + exit 1 fi -print "link_status has a bad value: ${link_status}" -print "result: fail" -exit 3 + + |