diff --git a/apps/restconf/restconf_native.c b/apps/restconf/restconf_native.c index b946a883..11c806e7 100644 --- a/apps/restconf/restconf_native.c +++ b/apps/restconf/restconf_native.c @@ -266,7 +266,7 @@ restconf_connection_sanity(clicon_handle h, if (rc->rc_ssl == NULL && rc->rc_proto == HTTP_2 && clicon_option_bool(h, "CLICON_RESTCONF_HTTP2_PLAIN") == 0){ - if (netconf_invalid_value_xml(&xerr, "protocol", "Non-tls HTTP/2 is disabled") < 0) + if (netconf_invalid_value_xml(&xerr, "protocol", "Plain HTTP/2 is disabled") < 0) goto done; if ((media_str = restconf_param_get(h, "HTTP_ACCEPT")) == NULL){ media_out = YANG_DATA_JSON; diff --git a/test/lib.sh b/test/lib.sh index 24288c48..503c7ee5 100755 --- a/test/lib.sh +++ b/test/lib.sh @@ -406,8 +406,8 @@ function wait_restconf(){ else myproto=${RCPROTO} fi -# echo "curl $CURLOPTS $* $myproto://localhost/restconf" - hdr=$(curl $CURLOPTS $* $myproto://localhost/restconf 2> /dev/null) +# echo "curl $CURLOPTS $myproto://localhost/restconf" + hdr=$(curl $CURLOPTS $myproto://localhost/restconf 2> /dev/null) # echo "hdr:\"$hdr\"" let i=0; while [[ $hdr != *"200"* ]]; do diff --git a/test/test_restconf.sh b/test/test_restconf.sh index 6d32d836..13baa5a9 100755 --- a/test/test_restconf.sh +++ b/test/test_restconf.sh @@ -156,21 +156,73 @@ function testrun() new "start restconf daemon" # inline of start_restconf, cant make quotes to work - echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R " + echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R $RESTCONFIG1" sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG -f $cfg -R "$RESTCONFIG1" & if [ $? -ne 0 ]; then err1 "expected 0" "$?" fi fi - new "wait restconf" - wait_restconf + #------------------------------------------------------- HTTP/1 + HTTP/2 + if [ ${HAVE_LIBNGHTTP2} = true -a ${HAVE_LIBEVHTP} = true ]; then - new "restconf root discovery. RFC 8040 3.1 (xml+xrd)" - echo "curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta" - expectpart "$(curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/$HVER 200" "" "" "" + if [ $proto = http ]; then # No plain http/2 + HVER=1.1 + else + HVER=2 + fi + new "wait restconf" + wait_restconf + + new "restconf root discovery. RFC 8040 3.1 (xml+xrd)" + echo "curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta" + expectpart "$(curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/$HVER 200" "" "" "" + + echo "fcgi or native+http/1 or native+http/1+http/2" + if [ "${WITH_RESTCONF}" = "native" ]; then # XXX does not work with nginx + new "restconf GET http/1.0 - returns 1.0" + expectpart "$(curl $CURLOPTS --http1.0 -X GET $proto://$addr/.well-known/host-meta)" 0 'HTTP/1.0 200 OK' "" "" "" + fi + new "restconf GET http/1.1" + expectpart "$(curl $CURLOPTS --http1.1 -X GET $proto://$addr/.well-known/host-meta)" 0 'HTTP/1.1 200 OK' "" "" "" + + new "restconf GET http/2 switch protocol" + if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c + expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "" "HTTP/1.1 200" "" "" "" + else + expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "" "HTTP/2 200" "" "" "" # Only if https: HTTP/1.1 101 Switching Protocols + fi + + # http2-prior knowledge + if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c + new "restconf GET http/2 prior-knowledge (http)" + expectpart "$(curl $CURLOPTS --http2-prior-knowledge -X GET $proto://$addr/.well-known/host-meta 2>&1)" "16 52 55" # "Error in the HTTP2 framing layer" "Connection reset by peer" + else + new "restconf GET https/2 prior-knowledge" + expectpart "$(curl $CURLOPTS --http2-prior-knowledge -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/$HVER 200" "" "" "" + fi + + # Wrong protocol http when https or vice versa + if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c + new "Wrong proto=https on http port, expect err 35 wrong version number" + expectpart "$(curl $CURLOPTS -X GET https://$addr:80/.well-known/host-meta 2>&1)" 35 #"wrong version number" # dependent on curl version + else # see (1) http to https port in restconf_main_native.c + new "Wrong proto=http on https port, expect bad request" + expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta)" 0 "HTTP/" "400" + # expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta 2>&1)" 56 "Connection reset by peer" + fi + + #------------------------------------------------------- HTTP/2 ONLY + elif [ ${HAVE_LIBNGHTTP2} = true -a ${HAVE_LIBEVHTP} = false ]; then + HVER=2 + + new "wait restconf" + wait_restconf https + + new "restconf root discovery. RFC 8040 3.1 (xml+xrd)" + echo "curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta" + expectpart "$(curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/$HVER 200" "" "" "" - if [ ${HAVE_LIBNGHTTP2} = true -a ${HAVE_LIBEVHTP} = false ]; then echo "native + http/2 only" # Important here is robustness of restconf daemon, not a meaningful reply if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c @@ -210,7 +262,18 @@ function testrun() new "Wrong proto=http on https port, expect bad request" expectpart "$(curl $CURLOPTS -X GET http://$addr:443/.well-known/host-meta)" "16 52 55" --not-- 'HTTP' fi - else + + else #------------------------------------------------------- HTTP/1 only + + HVER=1.1 + + new "wait restconf" + wait_restconf + + new "restconf root discovery. RFC 8040 3.1 (xml+xrd)" + echo "curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta" + expectpart "$(curl $CURLOPTS -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/$HVER 200" "" "" "" + echo "fcgi or native+http/1 or native+http/1+http/2" if [ "${WITH_RESTCONF}" = "native" ]; then # XXX does not work with nginx new "restconf GET http/1.0 - returns 1.0" @@ -219,20 +282,9 @@ function testrun() new "restconf GET http/1.1" expectpart "$(curl $CURLOPTS --http1.1 -X GET $proto://$addr/.well-known/host-meta)" 0 'HTTP/1.1 200 OK' "" "" "" - if ${HAVE_LIBNGHTTP2}; then - # http/1 + http/2 - - new "restconf GET http/2 switch protocol" - if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c - expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "" "HTTP/1.1 200" "" "" "" - else - expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "" "HTTP/2 200" "" "" "" # Only if https: HTTP/1.1 101 Switching Protocols - fi - else - # http/1 only Try http/2 - go back to http/1.1 - new "restconf GET http/2 switch protocol" - expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/1.1 200 OK" "" "" "" - fi + # http/1 only Try http/2 - go back to http/1.1 + new "restconf GET http/2 switch protocol" + expectpart "$(curl $CURLOPTS --http2 -X GET $proto://$addr/.well-known/host-meta)" 0 "HTTP/1.1 200 OK" "" "" "" # http2-prior knowledge if [ $proto = http ]; then # see (2) https to http port in restconf_main_native.c @@ -485,23 +537,20 @@ function testrun() } # Go thru all combinations of IPv4/IPv6, http/https, local/backend config -protos="http" +if ${HAVE_LIBEVHTP}; then + protos="http" # No plain http for http/2 only +fi if [ "${WITH_RESTCONF}" = "native" ]; then # http only relevant for internal (for fcgi: need nginx config) protos="$protos https" fi for proto in $protos; do - if [ $proto = https ]; then - HVER=2 - else - HVER=1.1 - fi addrs="127.0.0.1" if $IPv6 ; then addrs="$addrs \[::1\]" fi for addr in $addrs; do - new "restconf test: proto:$proto addr:$addr" + new "restconf test: proto:$proto addr:$addr HVER:$HVER" testrun $proto $addr done done diff --git a/test/test_restconf_basic_auth.sh b/test/test_restconf_basic_auth.sh index 5ebe2be8..0be4c8b2 100755 --- a/test/test_restconf_basic_auth.sh +++ b/test/test_restconf_basic_auth.sh @@ -27,10 +27,17 @@ anonymous=myanonymous fyang=$dir/myexample.yang # No ssl + + +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi RCPROTO=http HVER=1.1 # Start with common config, then append fcgi/native specific config +# NOTE this is replaced in testrun() cat < $cfg $cfg @@ -285,6 +292,7 @@ fi # unset conditional parameters unset RCPROTO +unset HVER unset RESTCONFIG1 unset MSGANON unset MSGWILMA diff --git a/test/test_restconf_err.sh b/test/test_restconf_err.sh index 457aced9..9a1a1123 100755 --- a/test/test_restconf_err.sh +++ b/test/test_restconf_err.sh @@ -30,6 +30,12 @@ fyang=$dir/example.yang fyang2=$dir/augment.yang fxml=$dir/initial.xml fstate=$dir/state.xml + +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi + RCPROTO=http # Force to http due to netcat HVER=1.1 @@ -327,6 +333,8 @@ fi # Set by restconf_config unset RESTCONFIG +unset HVER +unset RCPROTO rm -rf $dir diff --git a/test/test_restconf_http_upgrade.sh b/test/test_restconf_http_upgrade.sh index de3232d7..2dd06871 100755 --- a/test/test_restconf_http_upgrade.sh +++ b/test/test_restconf_http_upgrade.sh @@ -15,6 +15,12 @@ if [ "${WITH_RESTCONF}" != "native" ]; then if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip fi +# Cant make it work in sum.sh... +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi + APPNAME=example cfg=$dir/conf.xml diff --git a/test/test_restconf_internal.sh b/test/test_restconf_internal.sh index 6192d834..3ab87fe3 100755 --- a/test/test_restconf_internal.sh +++ b/test/test_restconf_internal.sh @@ -24,6 +24,11 @@ RESTCONFDBG=$DBG RCPROTO=http # no ssl here HVER=1.1 +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi + # log-destination in restconf xml: syslog or file : ${LOGDST:=syslog} # Set daemon command-line to -f diff --git a/test/test_restconf_internal_usecases.sh b/test/test_restconf_internal_usecases.sh index 5fd9c3a8..b804011a 100755 --- a/test/test_restconf_internal_usecases.sh +++ b/test/test_restconf_internal_usecases.sh @@ -34,6 +34,10 @@ startupdb=$dir/startup_db RESTCONFDBG=$DBG RCPROTO=http # no ssl here HVER=1.1 +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi INVALIDADDR=251.1.1.1 # used by fourth usecase as invalid diff --git a/test/test_restconf_netns.sh b/test/test_restconf_netns.sh index 1f23e90e..dcb5899a 100755 --- a/test/test_restconf_netns.sh +++ b/test/test_restconf_netns.sh @@ -16,6 +16,11 @@ if [ "${WITH_RESTCONF}" != "native" ]; then if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip fi +if ! ${HAVE_LIBEVHTP}; then + echo "...skipped: LIBEVHTP is false, must run with http/1 (evhtp)" + if [ "$s" = $0 ]; then exit 0; else return 0; fi +fi + # Skip if valgrind restconf (actually valgrind version < 3.16 27 May 2020) if [ $valgrindtest -eq 3 ]; then if [ "$s" = $0 ]; then exit 0; else return 0; fi # skip @@ -173,8 +178,10 @@ new "netconf commit" expecteof "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO]]>]]>" "^]]>]]>$" # NOTE http/1.1 +if ${HAVE_LIBEVHTP}; then new "restconf http get config on default netns" expectpart "$(curl $CURLOPTS -X GET -H 'Accept: application/yang-data+xml' http://127.0.0.1/restconf/data/clixon-example:table)" 0 "HTTP/1.1 200" 'a42
' +fi new "restconf http get config on addr:$vaddr in netns:$netns" expectpart "$(sudo ip netns exec $netns curl $CURLOPTS -X GET -H 'Accept: application/yang-data+xml' https://$vaddr/restconf/data/clixon-example:table)" 0 "HTTP/$HVER 200" 'a42
' @@ -185,9 +192,11 @@ expectpart "$(sudo ip netns exec $netns curl $CURLOPTS -X GET -H 'Accept: applic new "restconf https/SSL put table b" expectpart "$(sudo ip netns exec $netns curl $CURLOPTS -X POST -H 'Content-Type: application/yang-data+xml' -d 'b99' https://$vaddr/restconf/data/clixon-example:table)" 0 "HTTP/$HVER 201" +if ${HAVE_LIBEVHTP}; then # NOTE http/1.1 new "restconf http get table b on default ns" expectpart "$(curl $CURLOPTS -X GET -H 'Accept: application/yang-data+xml' http://127.0.0.1/restconf/data/clixon-example:table/parameter=b)" 0 "HTTP/1.1 200" 'b99' +fi # Negative new "restconf get config on wrong port in netns:$netns"