summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2023-11-29 07:40:18 +0100
committerFlorin Coras <florin.coras@gmail.com>2024-01-11 10:35:54 +0000
commit3336eefaa800f13a531bb1cca5ded99bbe36aca8 (patch)
tree927c48d13cfae8efbe2706d33db378a9adf89636
parent4fa0ba6ac0f78a49a3481063105020a9b585476c (diff)
hs-test: add tls proxy test
Type: test Change-Id: I8f3f4c464907356bb1990ea53f0f46befc057acf Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
-rw-r--r--extras/hs-test/docker/Dockerfile.vpp1
-rw-r--r--extras/hs-test/proxy_test.go32
-rw-r--r--extras/hs-test/vppinstance.go1
3 files changed, 22 insertions, 12 deletions
diff --git a/extras/hs-test/docker/Dockerfile.vpp b/extras/hs-test/docker/Dockerfile.vpp
index e45479d01bc..6b057581d4b 100644
--- a/extras/hs-test/docker/Dockerfile.vpp
+++ b/extras/hs-test/docker/Dockerfile.vpp
@@ -17,6 +17,7 @@ COPY \
$DIR/quic_plugin.so \
$DIR/http_static_plugin.so \
$DIR/prom_plugin.so \
+ $DIR/tlsopenssl_plugin.so \
/usr/lib/x86_64-linux-gnu/vpp_plugins/
COPY vpp-data/bin/vpp /usr/bin/
diff --git a/extras/hs-test/proxy_test.go b/extras/hs-test/proxy_test.go
index 9e7230317fb..7b7321eba6d 100644
--- a/extras/hs-test/proxy_test.go
+++ b/extras/hs-test/proxy_test.go
@@ -7,7 +7,7 @@ import (
"github.com/edwarnicke/exechelper"
)
-func testProxyHttpTcp(s *NsSuite) error {
+func testProxyHttpTcp(s *NsSuite, proto string) error {
const outputFile = "test.data"
const srcFile = "10M"
stopServer := make(chan struct{}, 1)
@@ -32,12 +32,11 @@ func testProxyHttpTcp(s *NsSuite) error {
clientVeth := s.netInterfaces[clientInterface]
c := fmt.Sprintf("ip netns exec client wget --no-proxy --retry-connrefused"+
- " --retry-on-http-error=503 --tries=10"+
- " -O %s %s:555/%s",
- outputFile,
- clientVeth.ip4AddressString(),
- srcFile,
- )
+ " --retry-on-http-error=503 --tries=10 -O %s ", outputFile)
+ if proto == "tls" {
+ c += " --secure-protocol=TLSv1_3 --no-check-certificate https://"
+ }
+ c += fmt.Sprintf("%s:555/%s", clientVeth.ip4AddressString(), srcFile)
s.log(c)
_, err = exechelper.CombinedOutput(c)
s.assertNil(err, "failed to run wget")
@@ -49,13 +48,14 @@ func testProxyHttpTcp(s *NsSuite) error {
return nil
}
-func configureVppProxy(s *NsSuite) {
+func configureVppProxy(s *NsSuite, proto string) {
serverVeth := s.netInterfaces[serverInterface]
clientVeth := s.netInterfaces[clientInterface]
testVppProxy := s.getContainerByName("vpp").vppInstance
output := testVppProxy.vppctl(
- "test proxy server server-uri tcp://%s/555 client-uri tcp://%s/666",
+ "test proxy server server-uri %s://%s/555 client-uri tcp://%s/666",
+ proto,
clientVeth.ip4AddressString(),
serverVeth.peer.ip4AddressString(),
)
@@ -63,8 +63,16 @@ func configureVppProxy(s *NsSuite) {
}
func (s *NsSuite) TestVppProxyHttpTcp() {
- configureVppProxy(s)
- err := testProxyHttpTcp(s)
+ proto := "tcp"
+ configureVppProxy(s, proto)
+ err := testProxyHttpTcp(s, proto)
+ s.assertNil(err)
+}
+
+func (s *NsSuite) TestVppProxyHttpTls() {
+ proto := "tls"
+ configureVppProxy(s, proto)
+ err := testProxyHttpTcp(s, proto)
s.assertNil(err)
}
@@ -88,6 +96,6 @@ func configureEnvoyProxy(s *NsSuite) {
func (s *NsSuite) TestEnvoyProxyHttpTcp() {
configureEnvoyProxy(s)
- err := testProxyHttpTcp(s)
+ err := testProxyHttpTcp(s, "tcp")
s.assertNil(err)
}
diff --git a/extras/hs-test/vppinstance.go b/extras/hs-test/vppinstance.go
index e31b7929fd8..e909b85abba 100644
--- a/extras/hs-test/vppinstance.go
+++ b/extras/hs-test/vppinstance.go
@@ -58,6 +58,7 @@ plugins {
plugin http_plugin.so { enable }
plugin http_static_plugin.so { enable }
plugin prom_plugin.so { enable }
+ plugin tlsopenssl_plugin.so { enable }
}
logging {