commit 04a3265002dbc3971c3ed0e552565d3c9e53754f
parent 4f5e8029080c325197950cbea29ac24fd074b90f
Author: lv-426 <oxcafebaby@yahoo.com>
Date: Mon, 8 Sep 2008 22:39:05 +0000
some test fixes
tls connection teardown upon unrecognized message type
connection state dictionary compiles based on 'enable_messages'
Diffstat:
11 files changed, 231 insertions(+), 252 deletions(-)
diff --git a/src/daemon/connection_https.c b/src/daemon/connection_https.c
@@ -87,7 +87,7 @@ MHD_get_connection_info (struct MHD_Connection *connection,
/**
* This function is called once a secure connection has been marked
* for closure.
- *
+ *
* NOTE: Some code duplication with connection_close_error
* in connection.c
*
@@ -216,6 +216,7 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
{
/* set connection state to enable HTTP processing */
connection->state = MHD_CONNECTION_INIT;
+ break;
}
/* set connection as closed */
else
@@ -227,7 +228,6 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
connection->state = MHD_TLS_HANDSHAKE_FAILED;
return MHD_NO;
}
- break;
}
/* a handshake message has been received out of bound */
else
@@ -241,7 +241,7 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
return MHD_NO;
}
- /* ignore any out of bound change chiper spec messages */
+ /* ignore any out of bound change chiper spec messages */
case GNUTLS_CHANGE_CIPHER_SPEC:
MHD_tls_connection_close (connection,
MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
@@ -303,9 +303,12 @@ MHD_tls_connection_handle_read (struct MHD_Connection *connection)
default:
#if HAVE_MESSAGES
MHD_DLOG (connection->daemon,
- "Error: unrecognized TLS read message. con-state: %d. l: %d, f: %s\n",
- connection->state, __LINE__, __FUNCTION__);
+ "Error: unrecognized TLS message type: %d, connection state: %s. l: %d, f: %s\n",
+ msg_type, MHD_state_to_string(connection->state), __LINE__, __FUNCTION__);
#endif
+ /* close connection upon reception of unrecognized message type */
+ MHD_tls_connection_close (connection,
+ MHD_TLS_REQUEST_TERMINATED_WITH_ERROR);
return MHD_NO;
}
diff --git a/src/daemon/https/tls/gnutls_buffers.c b/src/daemon/https/tls/gnutls_buffers.c
@@ -487,7 +487,6 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
if (sizeOfPtr > MAX_RECV_SIZE || sizeOfPtr == 0)
{
gnutls_assert (); /* internal error */
- printf("AT %u\n", __LINE__);
return GNUTLS_E_INVALID_REQUEST;
}
@@ -538,7 +537,6 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
> MAX_RECV_SIZE)
{
gnutls_assert (); /* internal error */
- printf("AT %u\n", __LINE__);
return GNUTLS_E_INVALID_REQUEST;
}
@@ -551,14 +549,12 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
if (session->internals.record_recv_buffer.data == NULL)
{
gnutls_assert ();
- printf("AT %u\n", __LINE__);
return GNUTLS_E_MEMORY_ERROR;
}
buf_pos = session->internals.record_recv_buffer.length;
buf = session->internals.record_recv_buffer.data;
*iptr = buf;
- printf("AT %u\n", __LINE__);
/* READ DATA - but leave RCVLOWAT bytes in the kernel buffer. */
if (recvdata - recvlowat > 0)
@@ -570,7 +566,6 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
*/
if (ret < 0 && MHD_gtls_error_is_fatal (ret) == 0)
{
- printf("AT %u\n", __LINE__);
return ret;
}
}
@@ -598,7 +593,6 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
if (ret2 < 0 && MHD_gtls_error_is_fatal (ret2) == 0)
{
- printf("AT %u\n", __LINE__);
return ret2;
}
@@ -618,7 +612,6 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
{
gnutls_assert ();
/* that's because they are initialized to 0 */
- printf("AT %u\n", __LINE__);
return MIN (ret, ret2);
}
@@ -627,14 +620,12 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
if (ret > 0 && ret < recvlowat)
{
gnutls_assert ();
- printf("AT %u\n", __LINE__);
return GNUTLS_E_AGAIN;
}
if (ret == 0)
{ /* EOF */
gnutls_assert ();
- printf("AT %u\n", __LINE__);
return 0;
}
@@ -644,12 +635,10 @@ mhd_gtls_io_read_buffered (mhd_gtls_session_t session, opaque ** iptr,
{
/* Short Read */
gnutls_assert ();
- printf("AT %u\n", __LINE__);
return GNUTLS_E_AGAIN;
}
else
{
- printf("AT %u\n", __LINE__);
return ret;
}
}
@@ -1234,7 +1223,7 @@ mhd_gtls_handshake_buffer_get_ptr (mhd_gtls_session_t session,
if (length != NULL)
*length = session->internals.handshake_hash_buffer.length;
- _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
+ _gnutls_buffers_log ("BUF[HSK]: Peeked %d bytes of Data\n",
session->internals.handshake_hash_buffer.length);
if (data_ptr != NULL)
diff --git a/src/daemon/https/tls/gnutls_str.c b/src/daemon/https/tls/gnutls_str.c
@@ -227,33 +227,6 @@ mhd_gtls_string_append_data (mhd_gtls_string * dest,
}
}
-int
-mhd_gtls_string_append_printf (mhd_gtls_string * dest, const char *fmt, ...)
-{
- va_list args;
- int len;
- char *str;
-
- va_start (args, fmt);
- len = vsnprintf (NULL, 0, fmt, args);
- va_end (args);
- if (len < 0)
- return -1;
- str = malloc(len + 1);
- if (! str)
- return -1;
-
- va_start (args, fmt);
- len = vsprintf (str, fmt, args);
- va_end (args);
-
- len = mhd_gtls_string_append_str (dest, str);
-
- free (str);
-
- return len;
-}
-
/* Converts the given string (old) to hex. A buffer must be provided
* to hold the new hex string. The new string will be null terminated.
* If the buffer does not have enough space to hold the string, a
diff --git a/src/daemon/https/tls/gnutls_str.h b/src/daemon/https/tls/gnutls_str.h
@@ -55,9 +55,6 @@ int mhd_gtls_string_copy_str (mhd_gtls_string * dest, const char *src);
int mhd_gtls_string_append_str (mhd_gtls_string *, const char *str);
int mhd_gtls_string_append_data (mhd_gtls_string *, const void *data,
size_t data_size);
-int mhd_gtls_string_append_printf (mhd_gtls_string * dest, const char *fmt,
- ...);
-
char *mhd_gtls_bin2hex (const void *old, size_t oldlen, char *buffer,
size_t buffer_size);
int mhd_gtls_hex2bin (const opaque * hex_data, int hex_size,
diff --git a/src/daemon/internal.c b/src/daemon/internal.c
@@ -26,7 +26,10 @@
#include "internal.h"
-#if DEBUG_STATES
+#if HAVE_MESSAGES
+/**
+ * State to string dictionary.
+ */
char *
MHD_state_to_string (enum MHD_CONNECTION_STATE state)
{
@@ -80,8 +83,9 @@ MHD_state_to_string (enum MHD_CONNECTION_STATE state)
return "secure handshake failed";
case MHD_TLS_HANDSHAKE_COMPLETE:
return "secure handshake _complete";
+ default:
+ return "unrecognized connection state";
}
- return "unrecognized connection state";
}
#endif
diff --git a/src/daemon/internal.h b/src/daemon/internal.h
@@ -301,7 +301,7 @@ enum MHD_CONNECTION_STATE
*/
#define DEBUG_STATES MHD_NO
-#if DEBUG_STATES
+#if HAVE_MESSAGES
char *MHD_state_to_string (enum MHD_CONNECTION_STATE state);
#endif
@@ -568,7 +568,7 @@ struct MHD_Connection
ReceiveCallback recv_cls;
TransmitCallback send_cls;
-
+
#if HTTPS_SUPPORT
/* TODO rename as this might be an SSL connection */
mhd_gtls_session_t tls_session;
diff --git a/src/examples/Makefile.am b/src/examples/Makefile.am
@@ -14,7 +14,7 @@ fileserver_example_external_select \
refuse_post_example
if ENABLE_HTTPS
-noinst_PROGRAMS += https_server_example
+noinst_PROGRAMS += https_fileserver_example
endif
minimal_example_SOURCES = \
@@ -47,7 +47,7 @@ fileserver_example_external_select_SOURCES = \
fileserver_example_external_select_LDADD = \
$(top_builddir)/src/daemon/libmicrohttpd.la
-https_server_example_SOURCES = \
-https_server_example.c
-https_server_example_LDADD = \
+https_fileserver_example_SOURCES = \
+https_fileserver_example.c
+https_fileserver_example_LDADD = \
$(top_builddir)/src/daemon/libmicrohttpd.la
diff --git a/src/examples/https_fileserver_example.c b/src/examples/https_fileserver_example.c
@@ -0,0 +1,203 @@
+/*
+ This file is part of libmicrohttpd
+ (C) 2007, 2008 Christian Grothoff (and other contributing authors)
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+/**
+ * @file https_server_example.c
+ * @brief a simple HTTPS file server using TLS.
+ *
+ * Usage :
+ *
+ * 'http_fileserver_example HTTP-PORT SECONDS-TO-RUN [CERTIFICATE PATH, KEY PATH]'
+ *
+ * The certificate & key are required by the server to operate, Omitting the
+ * path arguments will cause the server to use the hard coded example certificate & key.
+ *
+ * 'certtool' may be used to generate these if required.
+ *
+ * @author Sagie Amir
+ */
+
+#include "platform.h"
+#include <microhttpd.h>
+#include <sys/stat.h>
+
+#include "gnutls.h"
+#include <gcrypt.h>
+
+#define BUF_SIZE 1024
+#define MAX_URL_LEN 255
+
+// TODO remove if unused
+#define CAFILE "ca.pem"
+#define CRLFILE "crl.pem"
+
+#define EMPTY_PAGE "<html><head><title>File not found</title></head><body>File not found</body></html>"
+
+/* Test Certificate */
+const char cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
+ "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
+ "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
+ "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
+ "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
+ "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
+ "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
+ "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
+ "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
+ "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
+ "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
+ "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
+ "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
+ "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
+ "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
+
+const char key_pem[] =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
+ "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
+ "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
+ "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
+ "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
+ "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
+ "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
+ "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
+ "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
+ "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
+ "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
+ "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
+ "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
+ "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
+ "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
+ "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
+ "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
+ "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
+ "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
+ "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
+ "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
+ "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
+ "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
+ "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
+ "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+static int
+file_reader (void *cls, size_t pos, char *buf, int max)
+{
+ FILE *file = cls;
+
+ fseek (file, pos, SEEK_SET);
+ return fread (buf, 1, max, file);
+}
+
+/* HTTP access handler call back */
+static int
+http_ahc (void *cls,
+ struct MHD_Connection *connection,
+ const char *url,
+ const char *method,
+ const char *upload_data,
+ const char *version, unsigned int *upload_data_size, void **ptr)
+{
+ static int aptr;
+ struct MHD_Response *response;
+ int ret;
+ FILE *file;
+ struct stat buf;
+
+ if (0 != strcmp (method, MHD_HTTP_METHOD_GET))
+ return MHD_NO; /* unexpected method */
+ if (&aptr != *ptr)
+ {
+ /* do never respond on first call */
+ *ptr = &aptr;
+ return MHD_YES;
+ }
+ *ptr = NULL; /* reset when done */
+
+ file = fopen (url, "r");
+ if (file == NULL)
+ {
+ response = MHD_create_response_from_data (strlen (EMPTY_PAGE),
+ (void *) EMPTY_PAGE,
+ MHD_NO, MHD_NO);
+ ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
+ MHD_destroy_response (response);
+ }
+ else
+ {
+ stat (url, &buf);
+ response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */
+ &file_reader, file,
+ (MHD_ContentReaderFreeCallback)
+ & fclose);
+ ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
+ MHD_destroy_response (response);
+ }
+ return ret;
+}
+
+int
+main (int argc, char *const *argv)
+{
+ struct MHD_Daemon *TLS_daemon;
+
+ if (argc == 3){
+ /* TODO check if this is truly necessary - disallow usage of the blocking /dev/random */
+ /* gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); */
+ TLS_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG
+ | MHD_USE_SSL, atoi (argv[1]),
+ NULL,
+ NULL, &http_ahc,
+ NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256,
+ MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+ MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
+
+ MHD_OPTION_END);
+ }
+ else if (argc == 5){
+ TLS_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG
+ | MHD_USE_SSL, atoi (argv[1]),
+ NULL,
+ NULL, &http_ahc,
+ NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256,
+ MHD_OPTION_HTTPS_CERT_PATH, argv[3],
+ MHD_OPTION_HTTPS_KEY_PATH, argv[4],
+ MHD_OPTION_END);
+ }
+ else {
+ printf
+ ("Usage : %s HTTP-PORT SECONDS-TO-RUN [CERTIFICATE PATH, KEY PATH]\n", argv[0]);
+ return 1;
+ }
+
+ if (TLS_daemon == NULL)
+ {
+ printf ("Error: failed to start TLS_daemon");
+ return 1;
+ }
+ else {
+ printf ("MHD daemon listening on port %d\n", atoi (argv[1]));
+ }
+
+ sleep (atoi (argv[2]));
+
+ MHD_stop_daemon (TLS_daemon);
+
+ return 0;
+}
diff --git a/src/examples/https_server_example.c b/src/examples/https_server_example.c
@@ -1,193 +0,0 @@
-/*
- This file is part of libmicrohttpd
- (C) 2007, 2008 Christian Grothoff (and other contributing authors)
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/
-/**
- * @file https_server_example.c
- * @brief a simple HTTPS file server using TLS.
- *
- * Server may be supplied either with included hard coded certificates or using
- * external ones, which are to be supplied through command line arguments.
- * A private key file named "key.pem" and a server certificate file named "cert.pem".
- * are necessary to run the server in this way.
- *
- * 'certtool' may be used to generate these if required.
- *
- * Access server with your browser of choice or with curl :
- *
- * curl --insecure --tlsv1 --ciphers AES256-SHA <url>
- *
- * @author Sagie Amir
- */
-
-#include "platform.h"
-#include <microhttpd.h>
-#include <sys/stat.h>
-
-#include "gnutls.h"
-#include <gcrypt.h>
-
-#define BUF_SIZE 1024
-#define MAX_URL_LEN 255
-
-// TODO remove if unused
-#define CAFILE "ca.pem"
-#define CRLFILE "crl.pem"
-
-#define EMPTY_PAGE "<html><head><title>File not found</title></head><body>File not found</body></html>"
-
-/* Test Certificate */
-const char cert_pem[] =
- "-----BEGIN CERTIFICATE-----\n"
- "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
- "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
- "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
- "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
- "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
- "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
- "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
- "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
- "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
- "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
- "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
- "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
- "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
- "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
- "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
-
-const char key_pem[] =
- "-----BEGIN RSA PRIVATE KEY-----\n"
- "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
- "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
- "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
- "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
- "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
- "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
- "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
- "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
- "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
- "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
- "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
- "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
- "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
- "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
- "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
- "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
- "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
- "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
- "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
- "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
- "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
- "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
- "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
- "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
- "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
- "-----END RSA PRIVATE KEY-----\n";
-
-static int
-file_reader (void *cls, size_t pos, char *buf, int max)
-{
- FILE *file = cls;
-
- fseek (file, pos, SEEK_SET);
- return fread (buf, 1, max, file);
-}
-
-/* HTTP access handler call back */
-static int
-http_ahc (void *cls,
- struct MHD_Connection *connection,
- const char *url,
- const char *method,
- const char *upload_data,
- const char *version, unsigned int *upload_data_size, void **ptr)
-{
- static int aptr;
- struct MHD_Response *response;
- int ret;
- FILE *file;
- struct stat buf;
-
- if (0 != strcmp (method, MHD_HTTP_METHOD_GET))
- return MHD_NO; /* unexpected method */
- if (&aptr != *ptr)
- {
- /* do never respond on first call */
- *ptr = &aptr;
- return MHD_YES;
- }
- *ptr = NULL; /* reset when done */
-
- file = fopen (url, "r");
- if (file == NULL)
- {
- response = MHD_create_response_from_data (strlen (EMPTY_PAGE),
- (void *) EMPTY_PAGE,
- MHD_NO, MHD_NO);
- ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
- MHD_destroy_response (response);
- }
- else
- {
- stat (url, &buf);
- response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */
- &file_reader, file,
- (MHD_ContentReaderFreeCallback)
- & fclose);
- ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
- MHD_destroy_response (response);
- }
- return ret;
-}
-
-int
-main (int argc, char *const *argv)
-{
- struct MHD_Daemon *TLS_daemon;
-
- /* look for HTTPS arguments */
- if (argc < 5)
- {
- printf
- ("Usage : %s HTTP-PORT SECONDS-TO-RUN KEY-FILE CERT-FILE\n", argv[0]);
- return 1;
- }
-
- /* TODO check if this is truly necessary - disallow usage of the blocking /dev/random */
- /* gcry_control(GCRYCTL_ENABLE_QUICK_RANDOM, 0); */
-
- TLS_daemon = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_DEBUG
- | MHD_USE_SSL, atoi (argv[3]),
- NULL,
- NULL, &http_ahc,
- NULL, MHD_OPTION_CONNECTION_TIMEOUT, 256,
- MHD_OPTION_HTTPS_MEM_KEY, key_pem,
- MHD_OPTION_HTTPS_MEM_CERT, cert_pem,
- MHD_OPTION_END);
-
- if (TLS_daemon == NULL)
- {
- printf ("Error: failed to start TLS_daemon");
- return 1;
- }
-
- sleep (atoi (argv[2]));
-
- MHD_stop_daemon (TLS_daemon);
-
- return 0;
-}
diff --git a/src/testcurl/https/tls_daemon_options_test.c b/src/testcurl/https/tls_daemon_options_test.c
@@ -403,6 +403,7 @@ main (int argc, char *const *argv)
{
FILE *test_fd;
unsigned int errorCount = 0;
+ char * cur_dir;
MHD_gtls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL);
@@ -434,11 +435,14 @@ main (int argc, char *const *argv)
MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
MHD_OPTION_END);
+
+ cur_dir = get_current_dir_name ();
errorCount +=
test_wrap ("file certificates", &test_file_certificates, test_fd,
- "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
- srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
- srv_self_signed_cert_pem, MHD_OPTION_END);
+ "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_CERT_PATH, cur_dir,
+ MHD_OPTION_HTTPS_KEY_PATH, cur_dir, MHD_OPTION_END);
+ free (cur_dir);
+
errorCount +=
test_wrap ("protocol_version", &test_protocol_version, test_fd,
"AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
diff --git a/src/testcurl/https/tls_session_time_out_test.c b/src/testcurl/https/tls_session_time_out_test.c
@@ -156,7 +156,6 @@ main (int argc, char *const *argv)
MHD_USE_DEBUG, 42433,
NULL, NULL, &http_ahc, NULL,
MHD_OPTION_CONNECTION_TIMEOUT, TIME_OUT,
- MHD_OPTION_SOCK_ADDR, "127.0.0.1",
MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
MHD_OPTION_END);
