You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2015/07/16 17:30:25 UTC
svn commit: r1691416 - in /httpd/test/framework/trunk: README
t/modules/cgi.t t/modules/include.t t/security/CVE-2004-0747.t
Author: jim
Date: Thu Jul 16 15:30:25 2015
New Revision: 1691416
URL: http://svn.apache.org/r1691416
Log:
Update for use of DateTime
Modified:
httpd/test/framework/trunk/README
httpd/test/framework/trunk/t/modules/cgi.t
httpd/test/framework/trunk/t/modules/include.t
httpd/test/framework/trunk/t/security/CVE-2004-0747.t
Modified: httpd/test/framework/trunk/README
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/README?rev=1691416&r1=1691415&r2=1691416&view=diff
==============================================================================
--- httpd/test/framework/trunk/README (original)
+++ httpd/test/framework/trunk/README Thu Jul 16 15:30:25 2015
@@ -20,7 +20,8 @@ http://svn.apache.org/viewvc/perl/modper
(Update 2015-07-14: to run the tests for all modules, it is advisable to have
up-to-date versions of the following perl modules: Test::Harness, Crypt::SSLeay,
- Net::SSLeay, IO::Socket::SSL, LWP::Protocol::https, HTTP::DAV.)
+ Net::SSLeay, IO::Socket::SSL, LWP::Protocol::https, HTTP::DAV,
+ DateTime.)
Quick Start
-----------
Modified: httpd/test/framework/trunk/t/modules/cgi.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/modules/cgi.t?rev=1691416&r1=1691415&r2=1691416&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/modules/cgi.t (original)
+++ httpd/test/framework/trunk/t/modules/cgi.t Thu Jul 16 15:30:25 2015
@@ -241,12 +241,12 @@ foreach my $length (@post_content) {
## make sure cgi log does not
## keep logging after it is bigger
## than ScriptLogLength
-for (my $i=1 ; $i<=20 ; $i++) {
+for (my $i=1 ; $i<=40 ; $i++) {
## get out if log does not exist ##
last unless -e $cgi_log;
- ## request the 1k bad cgi 8 times
+ ## request the 1k bad cgi
## (1k of data logged per request)
GET_RC "$path/bogus1k.pl";
Modified: httpd/test/framework/trunk/t/modules/include.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/modules/include.t?rev=1691416&r1=1691415&r2=1691416&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/modules/include.t (original)
+++ httpd/test/framework/trunk/t/modules/include.t Thu Jul 16 15:30:25 2015
@@ -309,47 +309,24 @@ unless(eval "require POSIX") {
skip "POSIX module not found", 1;
}
else {
- # XXX: not sure about the locale thing, but it seems to work at least on my
- # machine :)
- # Perl is wonky about TZ and localtime. On some systems
- # setting TZ and then tzset() works to adjust to the
- # specified timezone; others don't.
- # We should look at DateTime instead...
- use POSIX qw(tzset);
+ # use DateTime and avoid the system locale messing things up
+ use DateTime;
my $result = super_chomp(GET_BODY "${dir}file.shtml");
$result = single_space($result);
my $httpdtz = $1 if $result =~ /\w+, \d+-\w+-\d+ \d+:\d+:\d+ (\w+) /;
- my $oldtimezone = $ENV{TZ};
- (($ENV{TZ} = $httpdtz) && tzset) if $httpdtz;
-
my $file = catfile($htdocs, splitpath($dir), "file.shtml");
my $mtime = (stat $file)[9];
- my @time = localtime($mtime);
+ my $dt = DateTime->from_epoch( epoch => $mtime,
+ locale => 'en_US', time_zone => $httpdtz||'UTC' );
- my $strftime = sub($) {
- my $fmt = shift;
-
- POSIX::strftime($fmt, @time);
- };
-
my $expected = join ' ' =>
- #$strftime->("%A, %d-%b-%Y %H:%M:%S %Z"),
- #$strftime->("%A, %d-%b-%Y %H:%M:%S %Z"),
- $strftime->("%A, %B %e, %G"),
- $strftime->("%A, %B %e, %G"),
- $strftime->("%s"),
- $strftime->("%s");
-
- if (defined($oldtimezone)) {
- $ENV{TZ} = $oldtimezone;
- }
- else {
- delete($ENV{TZ});
- }
- tzset;
+ $dt->strftime("%A, %B %e, %G"),
+ $dt->strftime("%A, %B %e, %G"),
+ $dt->strftime("%s"),
+ $dt->strftime("%s");
# trim output
$expected = single_space($expected);
Modified: httpd/test/framework/trunk/t/security/CVE-2004-0747.t
URL: http://svn.apache.org/viewvc/httpd/test/framework/trunk/t/security/CVE-2004-0747.t?rev=1691416&r1=1691415&r2=1691416&view=diff
==============================================================================
--- httpd/test/framework/trunk/t/security/CVE-2004-0747.t (original)
+++ httpd/test/framework/trunk/t/security/CVE-2004-0747.t Thu Jul 16 15:30:25 2015
@@ -11,5 +11,24 @@ my $rc;
$rc = GET_RC "/security/CAN-2004-0747/";
+# This test used to check for SegFaults when expanding variables
+# inside a .htaccess file.
+# Only, the code trying to parse the generated AuthName will
+# fail with a 500 when the string exceeds a certain length (at least on OS X)
+#
+# So, in case of a 500 return, we check for a proper body and assume
+# that the failure was graceful and not a crash.
+#
+# The alternative would be to expand a env var under our control in .htacess
+# for this test, so that the outcome is not depending on the env of the person
+# starting the test.
+#
+if ($rc == 500) {
+ my $body = GET_BODY "/security/CAN-2004-0747/";
+ if (length $body > 0) {
+ $rc = 200;
+ }
+}
+
ok t_cmp($rc, 200, "CAN-2004-0747 ap_resolve_env test case");