bug-wget
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] HSTS ready

From: Giuseppe Scrivano
Subject: Re: [Bug-wget] HSTS ready
Date: Mon, 20 Jul 2015 16:34:21 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) 
Ander Juaristi <address@hidden> writes:

> Hi,
>
> I've reworked my patch according to Tim's suggestions:
>
>     - Removed the countchars() function.
>     - Removed the macros SEPARATOR, SETPARAM and COPYPARAM.
>     - Fixed some issues detected by Valgrind.
>
> I also include the second patch with the test 'Test-hsts.py', plus some 
> modifications in the core testing engine. In short:
>
>   1. I've added a new optional parameter 'req_protocols', which allows to 
> specify with protocol we'll be making the request with. Until now, the 
> request protocol was coupled to the HTTP server: if the server was listening 
> in HTTP, the protocol passed to Wget was automatically 'http://', and there 
> was no way to override this. This need became apparent when testing HSTS, 
> where we request 'http://', but expect Wget to rewrite it to 'https://', and 
> thus we need an HTTPS server. If this parameter is omitted, it preserves the 
> original behaviour in which the requested protocols are the same as the ones 
> used by the server (the parameter 'protocols').
>
>     test = HTTPTest(
>         name = TEST_NAME,
>         pre_hook = pre_test,
>         post_hook = post_test,
>         test_params = test_options,
>         protocols = Servers,
>         req_protocols = Requests
>     )
>
>   2. I've decoupled the calls to server_setup() and do_test(), and put them 
> into two different functions, setup() and begin(). The first one is used to 
> launch the test HTTP server, but not the test. The second one launches the 
> test itself, and, in case setup() hasn't been called before, it calls it. 
> This way we preserve backward-compatibility with original tests that only 
> call begin(), but not setup().
>
> This is how the HSTS test, in 'Test-hsts.py' works: it first calls setup(), 
> and retrieves the port in which the HTTP server is listening. It then creates 
> a temporary HSTS database with that port, and launches Wget (with begin()) 
> against it.
>
> On 07/01/2015 04:47 PM, Ander Juaristi wrote:
>> Here goes the HSTS engine! Leave your comments, please.
>>
>> I must say Tim's feedback was both strict and invaluable. Two good things :D
>>
>> I'm very happy with the end result. I think it's of a high quality, which 
>> wouldn't be if it wasn't for his feedback.
>>
>> I'm late with the test cases, though. They'll follow in short. I
>> thought they'd be straightforward, as the other tests, but I noticed
>> that the Python test suite lacks some features which are needed to
>> test HSTS, so I had to dig into the core of the testing engine and
>> tweak some things, while still maintaining compatibility with
>> existing tests. I hope I'll have them ready before next week, so
>> that we can discuss whether the approach I took to fulfil my
>> requirements for testing HSTS was the best one or not. Also, I hope
>> that my enhancements to the test suite core will be in some way
>> beneficial for the existing tests, and for those that will be
>> written in the future, not only for HSTS.
>>

I am going to push these patches, together with the Metalink work in a
while to master.

Regards,
Giuseppe
reply via email to
[Prev in Thread] Current Thread [Next in Thread]