diff --git a/tests/Makefile.am b/tests/Makefile.am index 00072434..97b114fc 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -3,17 +3,19 @@ EXTRA_DIST = ca-key.pem ca.pem common.sh server-cert.pem server-key.pem test1.co user-config/test user-config-opt/test test-pass-script.config test-multi-cookie.config test-pam.config \ test-stress.config user-cert-wrong.pem connect-script test-group.passwd \ test-group-pass.config user-group-cert.pem user-group-key.pem test-user-group-cert.config \ - test-user-group-cert-no-pass.config docker-common.sh + test-user-group-cert-no-pass.config docker-common.sh test-cookie-timeout.config SUBDIRS = docker-ocserv dist_check_SCRIPTS = test-pass test-pass-cert test-cert test-iroute test-pass-script \ test-multi-cookie test-pam test-stress full-test test-group-pass test-pass-group-cert \ - ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert + ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert \ + test-cookie-timeout TESTS = test-pass test-pass-cert test-cert test-iroute test-pass-script \ test-multi-cookie full-test test-group-pass test-pass-group-cert \ - ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert + ocpasswd-test test-pass-group-cert-no-pass unix-test test-pass-opt-cert \ + test-cookie-timeout TESTS_ENVIRONMENT = srcdir="$(srcdir)" \ top_builddir="$(top_builddir)" diff --git a/tests/test-cookie-timeout b/tests/test-cookie-timeout new file mode 100755 index 00000000..30c57ebe --- /dev/null +++ b/tests/test-cookie-timeout @@ -0,0 +1,92 @@ +#!/bin/sh +# +# Copyright (C) 2013 Red Hat +# +# This file is part of ocserv. +# +# ocserv is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at +# your option) any later version. +# +# ocserv is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with GnuTLS; if not, write to the Free Software Foundation, +# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +SERV="${SERV:-../src/ocserv}" +srcdir=${srcdir:-.} +PORT=4499 + +. `dirname $0`/common.sh + +echo "Testing whether cookies will expire as expected... " +rm -f ${srcdir}/pid1 + +launch_server -d 1 -f -c ${srcdir}/test-cookie-timeout.config & PID=$! +wait_server $PID + +echo "Connecting to obtain cookie... " +eval `echo "test" | openconnect -q localhost:$PORT -u test --authenticate --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3` + +if [ -z "$COOKIE" ];then + fail $PID "Could not obtain cookie" +fi + +#echo "Cookie: $COOKIE" +sleep 10 +echo "" +echo "Connecting with cookie... " +echo "test" | openconnect -q -b localhost:$PORT -u test -C "$COOKIE" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --script=/bin/true --verbose --pid-file ${srcdir}/pid1 & + +sleep 4 + +if [ ! -f ${srcdir}/pid1 ];then + fail $PID "It was not possible to establish session!" +fi + +CPID=`cat ${srcdir}/pid1` +kill $CPID +rm -f "${srcdir}/pid1" +wait $CPID + +sleep 10 +echo "" +echo "Connecting again with cookie... " +echo "test" | openconnect -b -q localhost:$PORT -u test -C "$COOKIE" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --script=/bin/true --verbose --pid-file ${srcdir}/pid1 & + +sleep 4 + +if [ ! -f ${srcdir}/pid1 ];then + fail $PID "It was not possible to establish second session!" +fi + +CPID=`cat ${srcdir}/pid1` +kill $CPID +rm -f "${srcdir}/pid1" +wait $CPID + + +sleep 30 +echo "" +echo "Connecting with cookie after expiration... " +echo "test" | openconnect -q -b localhost:$PORT -u test -C "$COOKIE" --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --script=/bin/true --verbose --pid-file ${srcdir}/pid1 & + +sleep 4 + +if [ -f ${srcdir}/pid1 ];then + fail $PID "Session was established with expired cookie!" + CPID=`cat ${srcdir}/pid1` + kill $CPID + rm -f "${srcdir}/pid1" + wait $CPID +fi + +kill $PID +wait + +exit 0