Package: apache2 Version: 2.4.6-2 User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu saucy ubuntu-patch Tags: patch Severity: wishlist
I've added a dep8[1] test to the Ubuntu apache2 package which verifies basic functionality as well as checks that SSL is working and passphrase prompting on service startup works correctly. An error in an Ubuntu diff for passphrase entry prompted me to do this, but I wrote the test to work correctly with the Debian package as well. Please consider adding this test to the Debian packaging. Patch attached. Thanks! [1]: http://dep.debian.net/deps/dep8/
diff --git a/debian/ask-for-passphrase b/debian/ask-for-passphrase old mode 100644 new mode 100755 diff --git a/debian/control b/debian/control index a36428d..60906c2 100644 --- a/debian/control +++ b/debian/control @@ -13,6 +13,7 @@ Standards-Version: 3.9.4 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-apache/apache2.git Vcs-Git: git://anonscm.debian.org/pkg-apache/apache2.git Homepage: http://httpd.apache.org/ +XS-Testsuite: autopkgtest Package: apache2 Architecture: any diff --git a/debian/tests/control b/debian/tests/control new file mode 100644 index 0000000..26b0b80 --- /dev/null +++ b/debian/tests/control @@ -0,0 +1,3 @@ +Tests: ssl-passphrase +Restrictions: needs-root allow-stderr +Depends: apache2, curl, expect, ssl-cert diff --git a/debian/tests/ssl-passphrase b/debian/tests/ssl-passphrase new file mode 100644 index 0000000..c509677 --- /dev/null +++ b/debian/tests/ssl-passphrase @@ -0,0 +1,49 @@ +#!/bin/sh +set -ex + +# Check that the init script correctly prompts for the passphrase on startup, +# then starts and responds correctly to https queries. +# +# Author: Robie Basak <robie.ba...@ubuntu.com> + +cd /etc/ssl/private +[ -f ssl-cert-snakeoil.key.nopassphrase ] || mv ssl-cert-snakeoil.key ssl-cert-snakeoil.key.nopassphrase +openssl rsa -des3 -in ssl-cert-snakeoil.key.nopassphrase -out ssl-cert-snakeoil.key -passout pass:test +a2enmod ssl +a2ensite default-ssl + +expect <<EOT +spawn service apache2 restart +set timeout 600 +expect { + # Debian + "ass phrase:" {send "test\r"} + + # Ubuntu + "assphrase:" {send "test\r"} + + # Failure cases + "failed" {exit 1} + eof {exit 1} +} + +# wait for eof and return exit code from spawned process back to the caller +expect eof +catch wait result +exit [lindex \$result 3] +EOT + +echo "Hello, world!" > /var/www/hello.txt + +# Use curl here. wget doesn't work on Debian, even with --no-check-certificate +# wget on Debian gives me: +# GnuTLS: A TLS warning alert has been received. +# Unable to establish SSL connection. +# Presumably this is due to the self-signed certificate, but I'm not sure how +# to skip the warning with wget. curl will do for now. +result=`curl -k https://localhost/hello.txt` + +if [ "$result" != "Hello, world!" ]; then + echo "Unexpected result from wget" >&2 + exit 1 +fi