Enable testing on Windows via AppVeyor

This abolishes the test.sh script which spawns a bunch of `openssl` instances to instead run/manage the binary in-process (providing more isolation to boot). The tests have been updated accordingly and the `connected_socket` dependency was also dropped in favor of `net2` as it the former doesn't work on Windows.
2015-09-22 11:29:47 -07:00 · 2015-09-22 11:29:47 -07:00 · a91b6bf3bd
parent b1b76f7913
commit a91b6bf3bd
7 changed files with 193 additions and 100 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -11,8 +11,6 @@ env:
    - FEATURES="tlsv1_2 tlsv1_1 dtlsv1 dtlsv1_2 sslv2 aes_xts npn alpn aes_ctr"
 before_install:
 - (test $TRAVIS_OS_NAME == "osx" || ./openssl/test/build.sh)
-before_script:
- ./openssl/test/test.sh
 script:
 - (test $TRAVIS_OS_NAME != "osx" || (cd openssl && cargo test))
 - (test $TRAVIS_OS_NAME == "osx" || (cd openssl && OPENSSL_LIB_DIR=/usr/lib OPENSSL_INCLUDE_DIR=/usr/include LD_LIBRARY_PATH=/usr/lib:$LD_LIBRARY_PATH cargo test))
--- a/README.md
+++ b/README.md
@ -64,18 +64,4 @@ The build script can be configured via environment variables:
 If either `OPENSSL_LIB_DIR` or `OPENSSL_INCLUDE_DIR` are specified, then the
 build script will skip the pkg-config step.

-## Testing
-Several tests expect a local test server to be running to bounce requests off
-of. It's easy to do this. Open a separate terminal window and `cd` to the
-rust-openssl directory. Then run one of the following command:
-
-```bash
-./openssl/test/test.sh
-```
-
-This will boot a bunch of `openssl s_server` processes that the tests connect
-to. Then in the original terminal, run `cargo test`. If everything is set up
-correctly, all tests should pass. You can stop the servers with `killall
-openssl`.
-
 [1]: http://slproweb.com/products/Win32OpenSSL.html
--- a/appveyor.yml
+++ b/appveyor.yml
@ -0,0 +1,25 @@
+environment:
+  OPENSSL_INCLUDE_DIR: C:\OpenSSL\include
+  OPENSSL_LIB_DIR: C:\OpenSSL\lib
+  OPENSSL_LIBS: ssleay32:libeay32
+  matrix:
+  - TARGET: i686-pc-windows-gnu
+    BITS: 32
+  - TARGET: x86_64-pc-windows-msvc
+    BITS: 64
+install:
+  - ps: Start-FileDownload "http://slproweb.com/download/Win${env:BITS}OpenSSL-1_0_2d.exe"
+  - Win%BITS%OpenSSL-1_0_2d.exe /SILENT /VERYSILENT /SP- /DIR="C:\OpenSSL"
+  - ps: Start-FileDownload "https://static.rust-lang.org/dist/rust-nightly-${env:TARGET}.exe"
+  - rust-nightly-%TARGET%.exe /VERYSILENT /NORESTART /DIR="C:\Program Files (x86)\Rust"
+  - SET PATH=%PATH%;C:\Program Files (x86)\Rust\bin
+  - SET PATH=%PATH%;C:\MinGW\bin
+  - rustc -V
+  - cargo -V
+
+build: false
+
+# Don't run doctests due to rust-lang/cargo#1592
+test_script:
+  - cargo test --lib --manifest-path openssl/Cargo.toml
+
--- a/openssl/Cargo.toml
+++ b/openssl/Cargo.toml
@ -32,6 +32,4 @@ libc = "0.1"

 [dev-dependencies]
 rustc-serialize = "0.3"
-
-[dev-dependencies.connected_socket]
-connected_socket = "0.0.1"
+net2 = "0.2.13"
--- a/openssl/src/lib.rs
+++ b/openssl/src/lib.rs
@ -11,8 +11,7 @@ extern crate openssl_sys as ffi;
 extern crate rustc_serialize as serialize;

 #[cfg(test)]
-#[cfg(any(feature="dtlsv1", feature="dtlsv1_2"))]
-extern crate connected_socket;
+extern crate net2;

 mod macros;

--- a/openssl/src/ssl/tests.rs
+++ b/openssl/src/ssl/tests.rs
@ -1,12 +1,13 @@
 #![allow(unused_imports)]

-use std::net::TcpStream;
-use std::io;
-use std::io::prelude::*;
-use std::path::Path;
-use std::net::TcpListener;
-use std::thread;
 use std::fs::File;
+use std::io::prelude::*;
+use std::io::{self, BufReader};
+use std::iter;
+use std::net::{TcpStream, TcpListener, SocketAddr};
+use std::path::Path;
+use std::process::{Command, Child, Stdio, ChildStdin};
+use std::thread;

 use crypto::hash::Type::{SHA256};
 use ssl;
@ -26,19 +27,139 @@ use ssl::SslMethod::Dtlsv1;
 #[cfg(feature="sslv2")]
 use ssl::SslMethod::Sslv2;
 #[cfg(feature="dtlsv1")]
-use connected_socket::Connect;
+use net2::UdpSocketExt;
+
+fn next_addr() -> SocketAddr {
+    use std::sync::atomic::{AtomicUsize, ATOMIC_USIZE_INIT, Ordering};
+    static PORT: AtomicUsize = ATOMIC_USIZE_INIT;
+    let port = 15411 + PORT.fetch_add(1, Ordering::SeqCst);
+
+    format!("127.0.0.1:{}", port).parse().unwrap()
+}
+
+struct Server {
+    p: Child,
+}
+
+impl Server {
+    fn spawn(args: &[&str], input: Option<Box<FnMut(ChildStdin) + Send>>)
+             -> (Server, SocketAddr) {
+        let addr = next_addr();
+        let mut child = Command::new("openssl").arg("s_server")
+                                .arg("-accept").arg(addr.port().to_string())
+                                .args(args)
+                                .arg("-cert").arg("cert.pem")
+                                .arg("-key").arg("key.pem")
+                                .arg("-no_dhe")
+                                .current_dir("test")
+                                .stdout(Stdio::null())
+                                .stderr(Stdio::null())
+                                .stdin(Stdio::piped())
+                                .spawn().unwrap();
+        let stdin = child.stdin.take().unwrap();
+        if let Some(mut input) = input {
+            thread::spawn(move || input(stdin));
+        }
+        (Server { p: child }, addr)
+    }
+
+    fn new_tcp(args: &[&str]) -> (Server, TcpStream) {
+        let (server, addr) = Server::spawn(args, None);
+        loop {
+            match TcpStream::connect(&addr) {
+                Ok(s) => return (server, s),
+                Err(ref e) if e.kind() == io::ErrorKind::ConnectionRefused => {
+                    thread::sleep_ms(100);
+                }
+                Err(e) => panic!("wut: {}", e),
+            }
+        }
+    }
+
+    fn new() -> (Server, TcpStream) {
+        Server::new_tcp(&["-www"])
+    }
+
+    #[cfg(any(feature = "alpn", feature = "npn"))]
+    fn new_alpn() -> (Server, TcpStream) {
+        Server::new_tcp(&["-www", "-nextprotoneg", "http/1.1,spdy/3.1",
+                          "-alpn", "http/1.1,spdy/3.1"])
+    }

    #[cfg(feature = "dtlsv1")]
-mod udp {
-    use std::sync::atomic::{AtomicUsize, ATOMIC_USIZE_INIT, Ordering};
-
-    static UDP_PORT: AtomicUsize = ATOMIC_USIZE_INIT;
-
-    pub fn next_server<'a>() -> String {
-        let diff = UDP_PORT.fetch_add(1, Ordering::SeqCst);
-        format!("127.0.0.1:{}", 15411 + diff)
+    fn new_dtlsv1<I>(input: I) -> (Server, UdpConnected)
+        where I: IntoIterator<Item=&'static str>,
+              I::IntoIter: Send + 'static
+    {
+        let mut input = input.into_iter();
+        let (s, addr) = Server::spawn(&["-dtls1"], Some(Box::new(move |mut io| {
+            for s in input.by_ref() {
+                if io.write_all(s.as_bytes()).is_err() {
+                    break
                }
            }
+        })));
+        // Need to wait for the UDP socket to get bound in our child process,
+        // but don't currently have a great way to do that so just wait for a
+        // bit.
+        thread::sleep_ms(100);
+        let socket = UdpSocket::bind(next_addr()).unwrap();
+        socket.connect(&addr).unwrap();
+        (s, UdpConnected(socket))
+    }
+}
+
+impl Drop for Server {
+    fn drop(&mut self) {
+        let _ = self.p.kill();
+        let _ = self.p.wait();
+    }
+}
+
+#[cfg(feature = "dtlsv1")]
+struct UdpConnected(UdpSocket);
+
+#[cfg(feature = "dtlsv1")]
+impl Read for UdpConnected {
+    fn read(&mut self, buf: &mut [u8]) -> io::Result<usize> {
+        self.0.recv_from(buf).map(|(s, _)| s)
+    }
+}
+
+#[cfg(feature = "dtlsv1")]
+impl Write for UdpConnected {
+    #[cfg(unix)]
+    fn write(&mut self, buf: &[u8]) -> io::Result<usize> {
+        use std::os::unix::prelude::*;
+        use libc;
+        let n = unsafe {
+            libc::send(self.0.as_raw_fd(), buf.as_ptr() as *const _,
+                       buf.len() as libc::size_t, 0)
+        };
+        if n < 0 {
+            Err(io::Error::last_os_error())
+        } else {
+            Ok(n as usize)
+        }
+    }
+
+    #[cfg(windows)]
+    fn write(&mut self, buf: &[u8]) -> io::Result<usize> {
+        use std::os::windows::prelude::*;
+        use libc;
+        let n = unsafe {
+            libc::send(self.0.as_raw_socket(), buf.as_ptr() as *const _,
+                       buf.len() as libc::c_int, 0)
+        };
+        if n < 0 {
+            Err(io::Error::last_os_error())
+        } else {
+            Ok(n as usize)
+        }
+    }
+
+    fn flush(&mut self) -> io::Result<()> { Ok(()) }
+}

 macro_rules! run_test(
    ($module:ident, $blk:expr) => (
@ -56,22 +177,18 @@ macro_rules! run_test(
            use crypto::hash::Type::SHA256;
            use x509::X509StoreContext;
            use serialize::hex::FromHex;
+            use super::Server;

            #[test]
            fn sslv23() {
-                let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+                let (_s, stream) = Server::new();
                $blk(SslMethod::Sslv23, stream);
            }

            #[test]
            #[cfg(feature="dtlsv1")]
            fn dtlsv1() {
-                use connected_socket::Connect;
-
-                let sock = UdpSocket::bind("127.0.0.1:0").unwrap();
-                let server = super::udp::next_server();
-                let stream = sock.connect(&server[..]).unwrap();
-
+                let (_s, stream) = Server::new_dtlsv1(Some("hello"));
                $blk(SslMethod::Dtlsv1, stream);
            }
        }
@ -244,7 +361,7 @@ run_test!(verify_callback_data, |method, stream| {
 // Make sure every write call translates to a write call to the underlying socket.
 #[test]
 fn test_write_hits_stream() {
-    let listener = TcpListener::bind("localhost:0").unwrap();
+    let listener = TcpListener::bind(next_addr()).unwrap();
    let addr = listener.local_addr().unwrap();

    let guard = thread::spawn(move || {
@ -314,7 +431,7 @@ run_test!(clear_ctx_options, |method, _| {

 #[test]
 fn test_write() {
-    let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, stream) = Server::new();
    let mut stream = SslStream::connect_generic(&SslContext::new(Sslv23).unwrap(), stream).unwrap();
    stream.write_all("hello".as_bytes()).unwrap();
    stream.flush().unwrap();
@ -324,7 +441,7 @@ fn test_write() {

 #[test]
 fn test_write_direct() {
-    let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, stream) = Server::new();
    let mut stream = SslStream::connect(&SslContext::new(Sslv23).unwrap(), stream).unwrap();
    stream.write_all("hello".as_bytes()).unwrap();
    stream.flush().unwrap();
@ -333,7 +450,8 @@ fn test_write_direct() {
 }

 run_test!(get_peer_certificate, |method, stream| {
-    let stream = SslStream::connect_generic(&SslContext::new(method).unwrap(), stream).unwrap();
+    let stream = SslStream::connect_generic(&SslContext::new(method).unwrap(),
+                                            stream).unwrap();
    let cert = stream.get_peer_certificate().unwrap();
    let fingerprint = cert.fingerprint(SHA256).unwrap();
    let node_hash_str = "db400bb62f1b1f29c3b8f323b8f7d9dea724fdcd67104ef549c772ae3749655b";
@ -344,19 +462,19 @@ run_test!(get_peer_certificate, |method, stream| {
 #[test]
 #[cfg(feature = "dtlsv1")]
 fn test_write_dtlsv1() {
-    let sock = UdpSocket::bind("127.0.0.1:0").unwrap();
-    let stream = sock.connect("127.0.0.1:15410").unwrap();
+    let (_s, stream) = Server::new_dtlsv1(iter::repeat("y\n"));

-    let mut stream = SslStream::connect_generic(&SslContext::new(Dtlsv1).unwrap(), stream).unwrap();
-    stream.write_all("hello".as_bytes()).unwrap();
+    let mut stream = SslStream::connect_generic(&SslContext::new(Dtlsv1).unwrap(),
+                                                stream).unwrap();
+    stream.write_all(b"hello").unwrap();
    stream.flush().unwrap();
-    stream.write_all(" there".as_bytes()).unwrap();
+    stream.write_all(b" there").unwrap();
    stream.flush().unwrap();
 }

 #[test]
 fn test_read() {
-    let tcp = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, tcp) = Server::new();
    let mut stream = SslStream::connect_generic(&SslContext::new(Sslv23).unwrap(), tcp).unwrap();
    stream.write_all("GET /\r\n\r\n".as_bytes()).unwrap();
    stream.flush().unwrap();
@ -365,7 +483,7 @@ fn test_read() {

 #[test]
 fn test_read_direct() {
-    let tcp = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, tcp) = Server::new();
    let mut stream = SslStream::connect(&SslContext::new(Sslv23).unwrap(), tcp).unwrap();
    stream.write_all("GET /\r\n\r\n".as_bytes()).unwrap();
    stream.flush().unwrap();
@ -374,7 +492,7 @@ fn test_read_direct() {

 #[test]
 fn test_pending() {
-    let tcp = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, tcp) = Server::new();
    let mut stream = SslStream::connect_generic(&SslContext::new(Sslv23).unwrap(), tcp).unwrap();
    stream.write_all("GET /\r\n\r\n".as_bytes()).unwrap();
    stream.flush().unwrap();
@ -397,7 +515,7 @@ fn test_pending() {

 #[test]
 fn test_state() {
-    let tcp = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, tcp) = Server::new();
    let stream = SslStream::connect_generic(&SslContext::new(Sslv23).unwrap(), tcp).unwrap();
    assert_eq!(stream.get_state_string(), "SSLOK ");
    assert_eq!(stream.get_state_string_long(), "SSL negotiation finished successfully");
@ -408,7 +526,7 @@ fn test_state() {
 #[test]
 #[cfg(feature = "alpn")]
 fn test_connect_with_unilateral_alpn() {
-    let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, stream) = Server::new();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_alpn_protocols(&[b"http/1.1", b"spdy/3.1"]);
@ -430,7 +548,7 @@ fn test_connect_with_unilateral_alpn() {
 #[test]
 #[cfg(feature = "npn")]
 fn test_connect_with_unilateral_npn() {
-    let stream = TcpStream::connect("127.0.0.1:15418").unwrap();
+    let (_s, stream) = Server::new();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]);
@ -452,9 +570,7 @@ fn test_connect_with_unilateral_npn() {
 #[test]
 #[cfg(feature = "alpn")]
 fn test_connect_with_alpn_successful_multiple_matching() {
-    // A different port than the other tests: an `openssl` process that has
-    // ALPN enabled.
-    let stream = TcpStream::connect("127.0.0.1:15419").unwrap();
+    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_alpn_protocols(&[b"spdy/3.1", b"http/1.1"]);
@ -476,9 +592,7 @@ fn test_connect_with_alpn_successful_multiple_matching() {
 #[test]
 #[cfg(feature = "npn")]
 fn test_connect_with_npn_successful_multiple_matching() {
-    // A different port than the other tests: an `openssl` process that has
-    // NPN enabled.
-    let stream = TcpStream::connect("127.0.0.1:15419").unwrap();
+    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_npn_protocols(&[b"spdy/3.1", b"http/1.1"]);
@ -501,9 +615,7 @@ fn test_connect_with_npn_successful_multiple_matching() {
 #[test]
 #[cfg(feature = "alpn")]
 fn test_connect_with_alpn_successful_single_match() {
-    // A different port than the other tests: an `openssl` process that has
-    // ALPN enabled.
-    let stream = TcpStream::connect("127.0.0.1:15419").unwrap();
+    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_alpn_protocols(&[b"spdy/3.1"]);
@ -527,9 +639,7 @@ fn test_connect_with_alpn_successful_single_match() {
 #[test]
 #[cfg(feature = "npn")]
 fn test_connect_with_npn_successful_single_match() {
-    // A different port than the other tests: an `openssl` process that has
-    // NPN enabled.
-    let stream = TcpStream::connect("127.0.0.1:15419").unwrap();
+    let (_s, stream) = Server::new_alpn();
    let mut ctx = SslContext::new(Sslv23).unwrap();
    ctx.set_verify(SSL_VERIFY_PEER, None);
    ctx.set_npn_protocols(&[b"spdy/3.1"]);
@ -551,8 +661,8 @@ fn test_connect_with_npn_successful_single_match() {
 #[test]
 #[cfg(feature = "npn")]
 fn test_npn_server_advertise_multiple() {
-    let localhost = "127.0.0.1:15450";
-    let listener = TcpListener::bind(localhost).unwrap();
+    let listener = TcpListener::bind(next_addr()).unwrap();
+    let localhost = listener.local_addr().unwrap();
    // We create a different context instance for the server...
    let listener_ctx = {
        let mut ctx = SslContext::new(Sslv23).unwrap();
@ -592,8 +702,8 @@ fn test_npn_server_advertise_multiple() {
 #[test]
 #[cfg(feature = "alpn")]
 fn test_alpn_server_advertise_multiple() {
-    let localhost = "127.0.0.1:15421";
-    let listener = TcpListener::bind(localhost).unwrap();
+    let listener = TcpListener::bind(next_addr()).unwrap();
+    let localhost = listener.local_addr().unwrap();
    // We create a different context instance for the server...
    let listener_ctx = {
        let mut ctx = SslContext::new(Sslv23).unwrap();
@ -633,8 +743,8 @@ fn test_alpn_server_advertise_multiple() {
 #[test]
 #[cfg(feature = "alpn")]
 fn test_alpn_server_select_none() {
-    let localhost = "127.0.0.1:15422";
-    let listener = TcpListener::bind(localhost).unwrap();
+    let listener = TcpListener::bind(next_addr()).unwrap();
+    let localhost = listener.local_addr().unwrap();
    // We create a different context instance for the server...
    let listener_ctx = {
        let mut ctx = SslContext::new(Sslv23).unwrap();
@ -696,9 +806,7 @@ mod dtlsv1 {
 #[test]
 #[cfg(feature = "dtlsv1")]
 fn test_read_dtlsv1() {
-    let sock = UdpSocket::bind("127.0.0.1:0").unwrap();
-    let server = udp::next_server();
-    let stream = sock.connect(&server[..]).unwrap();
+    let (_s, stream) = Server::new_dtlsv1(Some("hello"));

    let mut stream = SslStream::connect_generic(&SslContext::new(Dtlsv1).unwrap(), stream).unwrap();
    let mut buf = [0u8;100];
@ -708,6 +816,6 @@ fn test_read_dtlsv1() {
 #[test]
 #[cfg(feature = "sslv2")]
 fn test_sslv2_connect_failure() {
-    let tcp = TcpStream::connect("127.0.0.1:15420").unwrap();
+    let (_s, tcp) = Server::new_tcp(&["-no_ssl2", "-www"]);
    SslStream::connect_generic(&SslContext::new(Sslv2).unwrap(), tcp).err().unwrap();
 }
--- a/openssl/test/test.sh
+++ b/openssl/test/test.sh
@ -1,21 +0,0 @@
-#!/bin/bash
-
-cd $(dirname $0)
-
-openssl s_server -accept 15418 -www -cert cert.pem -key key.pem >/dev/null 2>&1 &
-openssl s_server -accept 15419 -www -cert cert.pem -key key.pem \
-    -nextprotoneg "http/1.1,spdy/3.1" -alpn "http/1.1,spdy/3.1" >/dev/null 2>&1 &
-openssl s_server -no_ssl2 -accept 15420 -www -cert cert.pem -key key.pem >/dev/null 2>&1 &
-
-if test "$TRAVIS_OS_NAME" == "osx"; then
-	return
-fi
-
-for port in `seq 15411 15430`; do
-    echo hello | openssl s_server -accept $port -dtls1 -cert cert.pem \
-        -key key.pem 2>&1 >/dev/null &
-done
-
-# the server for the test ssl::tests::test_write_dtlsv1 must wait to receive
-# data from the client
-yes | openssl s_server -accept 15410 -dtls1 -cert cert.pem -key key.pem 2>&1 >/dev/null &