pytests: add hints and forward options to Kresd

diff --git a/tests/pytests/kresd.py b/tests/pytests/kresd.py
index 3323fd37a6731009fd997247ee566f4460941178..c1414e86e390120f066c7c9c6b30d5acae757099 100644 (file)
--- a/tests/pytests/kresd.py
+++ b/tests/pytests/kresd.py
@@ -1,3 +1,4 @@
+from collections import namedtuple
 from contextlib import ContextDecorator, contextmanager
 import os
 import random
@@ -29,8 +30,13 @@ def create_file_from_template(template_path, dest, data):
         fh.write(rendered_template)
 
 
+Forward = namedtuple('Forward', ['proto', 'ip', 'port'])
+
+
 class Kresd(ContextDecorator):
-    def __init__(self, workdir, port, tls_port, ip=None, ip6=None, certname=None, verbose=True):
+    def __init__(
+            self, workdir, port, tls_port, ip=None, ip6=None, certname=None,
+            verbose=True, hints=None, forward=None):
         if ip is None and ip6 is None:
             raise ValueError("IPv4 or IPv6 must be specified!")
         self.workdir = str(workdir)
@@ -42,6 +48,8 @@ class Kresd(ContextDecorator):
         self.sockets = []
         self.logfile = None
         self.verbose = verbose
+        self.hints = {} if hints is None else hints
+        self.forward = forward
 
         if certname:
             self.tls_cert_path = os.path.join(CERTS_DIR, certname + '.cert.pem')
@@ -215,10 +223,10 @@ KRESD_LOG_IO_CLOSE = re.compile(r'^\[io\].*closed by peer.*')
 
 
 @contextmanager
-def make_kresd(workdir, certname=None, ip='127.0.0.1', ip6='::1'):
+def make_kresd(workdir, certname=None, ip='127.0.0.1', ip6='::1', forward=None, hints=None):
     port = make_port(ip, ip6)
     tls_port = make_port(ip, ip6)
-    with Kresd(workdir, port, tls_port, ip, ip6, certname) as kresd:
+    with Kresd(workdir, port, tls_port, ip, ip6, certname, forward=forward, hints=hints) as kresd:
         yield kresd
         with open(kresd.logfile_path) as log:  # display partial log for debugging
             past_startup_msgid = False

diff --git a/tests/pytests/templates/kresd.conf.j2 b/tests/pytests/templates/kresd.conf.j2
index 0f403b9ed808cfaa2ec2b24bb943342c786615d1..22461479055d7bdd8ec34458e34f55b826f26f66 100644 (file)
--- a/tests/pytests/templates/kresd.conf.j2
+++ b/tests/pytests/templates/kresd.conf.j2
@@ -1,18 +1,42 @@
+modules = {
+    'policy',
+    'hints > iterate',
+}
+
 verbose({{ 'true' if kresd.verbose else 'false' }})
+
 {% if kresd.ip %}
 net.listen('{{ kresd.ip }}', {{ kresd.port }})
 net.listen('{{ kresd.ip }}', {{ kresd.tls_port }}, {tls = true})
 {% endif %}
+
 {% if kresd.ip6 %}
 net.listen('{{ kresd.ip6 }}', {{ kresd.port }})
 net.listen('{{ kresd.ip6 }}', {{ kresd.tls_port }}, {tls = true})
 {% endif %}
+
 net.ipv4=true
 net.ipv6=false
+
 net.tcp_pipeline(65535)
+
 {% if kresd.tls_key_path and kresd.tls_cert_path %}
 net.tls("{{ kresd.tls_cert_path }}", "{{ kresd.tls_key_path }}")
 {% endif %}
+
+{% for name, ip in kresd.hints.items() %}
+hints['{{ name }}'] = '{{ ip }}'
+{% endfor %}
+
+{% if kresd.forward %}
+policy.add(policy.all(
+    {% if kresd.forward.proto == 'tls' %}
+    policy.TLS_FORWARD({
+        {"{{ kresd.forward.ip }}@{{ kresd.forward.port }}", insecure=true}})
+    {% endif %}
+))
+{% endif %}
+
 modules.unload("ta_signal_query")
 modules.unload("priming")
 modules.unload("detect_time_skew")