[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] HSTS ready
From: |
Giuseppe Scrivano |
Subject: |
Re: [Bug-wget] HSTS ready |
Date: |
Mon, 20 Jul 2015 16:34:21 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
Ander Juaristi <address@hidden> writes:
> Hi,
>
> I've reworked my patch according to Tim's suggestions:
>
> - Removed the countchars() function.
> - Removed the macros SEPARATOR, SETPARAM and COPYPARAM.
> - Fixed some issues detected by Valgrind.
>
> I also include the second patch with the test 'Test-hsts.py', plus some
> modifications in the core testing engine. In short:
>
> 1. I've added a new optional parameter 'req_protocols', which allows to
> specify with protocol we'll be making the request with. Until now, the
> request protocol was coupled to the HTTP server: if the server was listening
> in HTTP, the protocol passed to Wget was automatically 'http://', and there
> was no way to override this. This need became apparent when testing HSTS,
> where we request 'http://', but expect Wget to rewrite it to 'https://', and
> thus we need an HTTPS server. If this parameter is omitted, it preserves the
> original behaviour in which the requested protocols are the same as the ones
> used by the server (the parameter 'protocols').
>
> test = HTTPTest(
> name = TEST_NAME,
> pre_hook = pre_test,
> post_hook = post_test,
> test_params = test_options,
> protocols = Servers,
> req_protocols = Requests
> )
>
> 2. I've decoupled the calls to server_setup() and do_test(), and put them
> into two different functions, setup() and begin(). The first one is used to
> launch the test HTTP server, but not the test. The second one launches the
> test itself, and, in case setup() hasn't been called before, it calls it.
> This way we preserve backward-compatibility with original tests that only
> call begin(), but not setup().
>
> This is how the HSTS test, in 'Test-hsts.py' works: it first calls setup(),
> and retrieves the port in which the HTTP server is listening. It then creates
> a temporary HSTS database with that port, and launches Wget (with begin())
> against it.
>
> On 07/01/2015 04:47 PM, Ander Juaristi wrote:
>> Here goes the HSTS engine! Leave your comments, please.
>>
>> I must say Tim's feedback was both strict and invaluable. Two good things :D
>>
>> I'm very happy with the end result. I think it's of a high quality, which
>> wouldn't be if it wasn't for his feedback.
>>
>> I'm late with the test cases, though. They'll follow in short. I
>> thought they'd be straightforward, as the other tests, but I noticed
>> that the Python test suite lacks some features which are needed to
>> test HSTS, so I had to dig into the core of the testing engine and
>> tweak some things, while still maintaining compatibility with
>> existing tests. I hope I'll have them ready before next week, so
>> that we can discuss whether the approach I took to fulfil my
>> requirements for testing HSTS was the best one or not. Also, I hope
>> that my enhancements to the test suite core will be in some way
>> beneficial for the existing tests, and for those that will be
>> written in the future, not only for HSTS.
>>
I am going to push these patches, together with the Metalink work in a
while to master.
Regards,
Giuseppe