Simple regression test for existence of SSL keys

There is no test for actual validity of the files... just if there is something there.

diff --git a/regression-tests.dnsdist/test_OutgoingDOH.py b/regression-tests.dnsdist/test_OutgoingDOH.py
index 4f73a5a6b7aac3d12589d6cc881f2035cbadeadb..7b7c31541d4b0d3414f4a370aea8f5d9c51e8a94 100644 (file)
--- a/regression-tests.dnsdist/test_OutgoingDOH.py
+++ b/regression-tests.dnsdist/test_OutgoingDOH.py
@@ -6,6 +6,7 @@ import requests
 import ssl
 import threading
 import time
+import os
 
 from dnsdisttests import DNSDistTest, pickAvailablePort
 
@@ -263,6 +264,8 @@ class OutgoingDOHBrokenResponsesTests(object):
         self.assertEqual(response, receivedResponse)
 
 class TestOutgoingDOHOpenSSL(DNSDistTest, OutgoingDOHTests):
+    if os.path.exists("/tmp/dohkeys"):
+        os.remove("/tmp/dohkeys")
     _tlsBackendPort = pickAvailablePort()
     _tlsProvider = 'openssl'
     _consoleKey = DNSDistTest.generateConsoleKey()
@@ -272,7 +275,7 @@ class TestOutgoingDOHOpenSSL(DNSDistTest, OutgoingDOHTests):
     setKey("%s")
     controlSocket("127.0.0.1:%d")
     setMaxTCPClientThreads(1)
-    newServer{address="127.0.0.1:%s", tls='%s', validateCertificates=true, caStore='ca.pem', subjectName='powerdns.com', dohPath='/dns-query', pool={'', 'cache'}}:setUp()
+    newServer{address="127.0.0.1:%s", tls='%s', validateCertificates=true, caStore='ca.pem', subjectName='powerdns.com', dohPath='/dns-query', pool={'', 'cache'}, keyLogFile="/tmp/dohkeys"}:setUp()
     webserver("127.0.0.1:%s")
     setWebserverConfig({password="%s", apiKey="%s"})
 
@@ -283,6 +286,10 @@ class TestOutgoingDOHOpenSSL(DNSDistTest, OutgoingDOHTests):
     addAction(SuffixMatchNodeRule(smn), PoolAction('cache'))
     """
 
+    def testZNonEmptyKeyfile(self):
+        self.assertTrue(os.path.exists("/tmp/dohkeys"))
+        self.assertTrue(os.path.getsize("/tmp/dohkeys") > 0)
+
     @staticmethod
     def sniCallback(sslSocket, sni, sslContext):
         assert(sni == 'powerdns.com')

diff --git a/regression-tests.dnsdist/test_OutgoingTLS.py b/regression-tests.dnsdist/test_OutgoingTLS.py
index 0430cfd979be158f2c58bcf28a4b4ab88e8f258b..534c26789e65aef35f9c93f83aed383700a7aaf9 100644 (file)
--- a/regression-tests.dnsdist/test_OutgoingTLS.py
+++ b/regression-tests.dnsdist/test_OutgoingTLS.py
@@ -4,6 +4,7 @@ import requests
 import ssl
 import threading
 import time
+import os
 
 from dnsdisttests import DNSDistTest, pickAvailablePort
 
@@ -137,15 +138,21 @@ class BrokenOutgoingTLSTests(object):
         self.checkNoResponderHit()
 
 class TestOutgoingTLSOpenSSL(DNSDistTest, OutgoingTLSTests):
+    if os.path.exists("/tmp/dotkeys"):
+        os.remove("/tmp/dotkeys")
     _tlsBackendPort = pickAvailablePort()
     _config_params = ['_tlsBackendPort', '_webServerPort', '_webServerBasicAuthPasswordHashed', '_webServerAPIKeyHashed']
     _config_template = """
     setMaxTCPClientThreads(1)
-    newServer{address="127.0.0.1:%s", tls='openssl', validateCertificates=true, caStore='ca.pem', subjectName='powerdns.com'}
+    newServer{address="127.0.0.1:%s", tls='openssl', validateCertificates=true, caStore='ca.pem', subjectName='powerdns.com', keyLogFile="/tmp/dotkeys"}
     webserver("127.0.0.1:%s")
     setWebserverConfig({password="%s", apiKey="%s"})
     """
 
+    def testZNonEmptyKeyfile(self):
+        self.assertTrue(os.path.exists("/tmp/dotkeys"))
+        self.assertTrue(os.path.getsize("/tmp/dotkeys") > 0)
+
     @staticmethod
     def sniCallback(sslSocket, sni, sslContext):
         assert(sni == 'powerdns.com')