From 7237261d836f20ad402f2b752ad30a209d016d4e Mon Sep 17 00:00:00 2001 From: Stuart <146047128+strtgbb@users.noreply.github.com> Date: Wed, 24 Jul 2024 18:17:49 -0400 Subject: [PATCH] Short timeouts for ssl server tests --- ssl_server/regression.py | 8 ++++++++ ssl_server/tests/common.py | 18 ++++++++++++++---- ssl_server/tests/dictionary.py | 6 ++++++ ssl_server/tests/url_table_function.py | 8 +++++++- 4 files changed, 35 insertions(+), 5 deletions(-) diff --git a/ssl_server/regression.py b/ssl_server/regression.py index eb7eb889b..95d2e69d9 100755 --- a/ssl_server/regression.py +++ b/ssl_server/regression.py @@ -106,6 +106,14 @@ def argparser(parser): r".*SSLV3_ALERT_HANDSHAKE_FAILURE.*", ) ], + ":/https server:checks/:onnection:should:": [ + ( + Error, + "Takes too long on 24.3+ https://github.com/ClickHouse/ClickHouse/issues/62887", + check_clickhouse_version(">=24.3"), + r"ExpectTimeoutError.+https_server[\w]+connection.+node.query\($", + ) + ], } xflags = {} diff --git a/ssl_server/tests/common.py b/ssl_server/tests/common.py index 8c7369506..21740f21d 100644 --- a/ssl_server/tests/common.py +++ b/ssl_server/tests/common.py @@ -1040,7 +1040,7 @@ def create_crt_and_key( @TestStep(Then) def https_server_url_function_connection( - self, success=True, options=None, node=None, port=None + self, success=True, options=None, node=None, port=None, timeout=15 ): """Check reading data from an https server with specified clickhouse-server config.""" if node is None: @@ -1062,12 +1062,19 @@ def https_server_url_function_connection( node.query( f"SELECT * FROM url('https://127.0.0.1:{port}/data', 'CSV') FORMAT CSV", message=message, + timeout=timeout, ) @TestStep(Given) def https_server_https_dictionary_connection( - self, name=None, node=None, success=True, options=None, port=None + self, + name=None, + node=None, + success=True, + options=None, + port=None, + timeout=5, ): """Check reading data from a dictionary sourced from an https server""" if node is None: @@ -1091,11 +1098,14 @@ def https_server_https_dictionary_connection( try: with When("I create a dictionary using an https source"): node.query( - f"CREATE DICTIONARY {name} (c1 Int64) PRIMARY KEY c1 SOURCE(HTTP(URL 'https://127.0.0.1:{port}/data' FORMAT 'CSV')) LIFETIME(MIN 0 MAX 0) LAYOUT(FLAT())" + f"CREATE DICTIONARY {name} (c1 Int64) PRIMARY KEY c1 SOURCE(HTTP(URL 'https://127.0.0.1:{port}/data' FORMAT 'CSV')) LIFETIME(MIN 0 MAX 0) LAYOUT(FLAT())", + timeout=timeout, ) with Then("I select data from the dictionary"): - node.query(f"SELECT * FROM {name} FORMAT CSV", message=message) + node.query( + f"SELECT * FROM {name} FORMAT CSV", message=message, timeout=timeout + ) finally: with Finally("I remove the dictionary"): diff --git a/ssl_server/tests/dictionary.py b/ssl_server/tests/dictionary.py index 4013715c4..ec26a6f2a 100644 --- a/ssl_server/tests/dictionary.py +++ b/ssl_server/tests/dictionary.py @@ -56,6 +56,7 @@ def https_server_dictionary_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check(f"TLSv1.2 suite connection should work"): @@ -74,6 +75,7 @@ def https_server_dictionary_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1_1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check("TLSv1.1 suite connection should be rejected"): @@ -83,6 +85,7 @@ def https_server_dictionary_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check("TLSv1.3 suite connection should be rejected"): @@ -92,6 +95,7 @@ def https_server_dictionary_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2", }, success=False, + timeout=5, ) with Check(f"just disabling TLSv1 suite connection should work"): @@ -121,6 +125,7 @@ def https_server_dictionary_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_3", }, success=True, + timeout=5, ) for cipher in all_ciphers: @@ -132,6 +137,7 @@ def https_server_dictionary_checks(self): https_server_https_dictionary_connection( options={"cipherList": cipher, "disableProtocols": ""}, success=False, + timeout=5, ) diff --git a/ssl_server/tests/url_table_function.py b/ssl_server/tests/url_table_function.py index 2d744a885..b03bc1467 100644 --- a/ssl_server/tests/url_table_function.py +++ b/ssl_server/tests/url_table_function.py @@ -40,12 +40,13 @@ def https_server_url_function_checks(self): ciphers=default_ciphers, ) - with Check("Connection with no protocols should be rejected"): + with Check("connection with no protocols should be rejected"): https_server_url_function_connection( options={ "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check(f"TLSv1.2 suite connection should work"): @@ -64,6 +65,7 @@ def https_server_url_function_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1_1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check("TLSv1.1 suite connection should be rejected"): @@ -73,6 +75,7 @@ def https_server_url_function_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_2,tlsv1_3", }, success=False, + timeout=5, ) with Check("TLSv1.3 suite connection should be rejected"): @@ -82,6 +85,7 @@ def https_server_url_function_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_2", }, success=False, + timeout=5, ) with Check(f"just disabling TLSv1 suite connection should work"): @@ -111,6 +115,7 @@ def https_server_url_function_checks(self): "disableProtocols": "sslv2,sslv3,tlsv1,tlsv1_1,tlsv1_3", }, success=True, + timeout=5, ) for cipher in all_ciphers: @@ -122,6 +127,7 @@ def https_server_url_function_checks(self): https_server_url_function_connection( options={"cipherList": cipher, "disableProtocols": ""}, success=False, + timeout=5, )