Review Board 1.7.16


Testsuite: For httpd server, need option to define server name for security purposes

Review Request #4377 - Created Jan. 26, 2015 and submitted

Ashley Sanders
testsuite
ASTERISK-24316
Reviewers
asterisk-dev
testsuite
Currently, all responses from the Asterisk HTTP server contain a [Server] header that identifies Asterisk and its version (e.g. "Server:Asterisk/<version>", where <version> is the currently running version of Asterisk). The preferred behavior is to allow the user to configure an alternate name to use for the value returned in the [Server] header for HTTP responses (e.g. "Server:SomeSuperAwesomeServerName").

This patch to the Asterisk source provides a new configuration property, [servername], in http.conf, that gives users the ability to modify the value that Asterisk uses when identifying itself. 

This test verifies that the HTTP server correctly reports the expected name through the [Server] header field in all HTTP responses. It uses three instances of Asterisk to test the three possible logic paths:
1) No configuration was provided
2) A non-empty/non-null value was provided through the new configuration property [servername]
3) An empty/null value was provided through the new configuration property [servername]

For clarity, consider this example for the possible outcomes as described above, respectively:
1) There was nothing configured for [servername].
2) The user configured a non-empty value for [servername] (e.g. servername="JohnMcClane")
3) The user configured an empty/null value for [servername] (e.g. servername="")

The HTTP server is expected to create the [Server] header field as follows, respectively:
1) Server: Asterisk/<version>
2) Server: JohnMcClane
3) 

In case #3, the [Server] header field will be omitted from HTTP response headers.

***Note*** This is the test. It is only the test. You can find the review for the Asterisk source at: https://reviewboard.asterisk.org/r/4374/

 
./asterisk/trunk/tests/tests.yaml
Revision 6339 New Change
1
# Enter tests here in the order they should be considered for execution:
1
# Enter tests here in the order they should be considered for execution:
2
tests:
2
tests:
3
    - test: 'example'
3
    - test: 'example'
4
    - test: 'dynamic-modules'
4
    - test: 'dynamic-modules'
5
    - dir: 'manager'
5
    - dir: 'manager'
6
    - dir: 'cdr'
6
    - dir: 'cdr'
7
    - dir: 'channels'
7
    - dir: 'channels'
8
    - test: 'udptl'
8
    - test: 'udptl'
9
    - test: 'udptl_v6'
9
    - test: 'udptl_v6'
10
    - test: 'feature_call_pickup'
10
    - test: 'feature_call_pickup'
11
    - test: 'feature_blonde_transfer'
11
    - test: 'feature_blonde_transfer'
12
    - test: 'feature_attended_transfer'
12
    - test: 'feature_attended_transfer'
13
    - test: 'blind-transfer-parkingtimeout'
13
    - test: 'blind-transfer-parkingtimeout'
14
    - test: 'callparking'
14
    - test: 'callparking'
15
    - test: 'callparking_retrieval'
15
    - test: 'callparking_retrieval'
16
    - test: 'masquerade'
16
    - test: 'masquerade'
17
    - dir: 'fastagi'
17
    - dir: 'fastagi'
18
    - dir: 'agi'
18
    - dir: 'agi'
19
    - dir: 'asyncagi'
19
    - dir: 'asyncagi'
20
    - dir: 'pbx'
20
    - dir: 'pbx'
21
    - dir: 'phoneprov'
21
    - dir: 'phoneprov'
22
    - test: 'predial'
22
    - test: 'predial'
23
    - dir: 'hangup'
23
    - dir: 'hangup'
24
    - dir: 'fax'
24
    - dir: 'fax'
25
    - dir: 'apps'
25
    - dir: 'apps'
26
    - dir: 'funcs'
26
    - dir: 'funcs'
27
    - dir: 'connected_line'
27
    - dir: 'connected_line'
28
    - dir: 'redirecting'
28
    - dir: 'redirecting'
29
    - test: 'cause_answered_elsewhere'
29
    - test: 'cause_answered_elsewhere'
30
    - dir: 'bridge'
30
    - dir: 'bridge'
31
    - dir: 'rest_api'
31
    - dir: 'rest_api'
32
    - dir: 'hep'
32
    - dir: 'hep'
33
    - dir: 'realtime'
33
    - dir: 'realtime'

    
   
34
    - dir: 'http_server'
./asterisk/trunk/tests/http_server/tests.yaml
New File
 
./asterisk/trunk/tests/http_server/servername/run-test
New File
 
./asterisk/trunk/tests/http_server/servername/test-config.yaml
New File
 
./asterisk/trunk/tests/http_server/servername/configs/ast1/http.conf
New File
 
./asterisk/trunk/tests/http_server/servername/configs/ast2/http.conf
New File
 
./asterisk/trunk/tests/http_server/servername/configs/ast3/http.conf
New File
 
  1. ./asterisk/trunk/tests/tests.yaml: Loading...
  2. ./asterisk/trunk/tests/http_server/tests.yaml: Loading...
  3. ./asterisk/trunk/tests/http_server/servername/run-test: Loading...
  4. ./asterisk/trunk/tests/http_server/servername/test-config.yaml: Loading...
  5. ./asterisk/trunk/tests/http_server/servername/configs/ast1/http.conf: Loading...
  6. ./asterisk/trunk/tests/http_server/servername/configs/ast2/http.conf: Loading...
  7. ./asterisk/trunk/tests/http_server/servername/configs/ast3/http.conf: Loading...

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.