commit ad200289e96622c68ca345397603b68113d8c39f
parent 1ba982f9ae3dbf054d7ef7834ff49bbb42411970
Author: lv-426 <oxcafebaby@yahoo.com>
Date: Tue, 8 Jul 2008 05:54:05 +0000
renaming
Diffstat:
2 files changed, 638 insertions(+), 0 deletions(-)
diff --git a/src/testcurl/https/mhds_get_test.c b/src/testcurl/https/mhds_get_test.c
@@ -0,0 +1,400 @@
+/*
+ This file is part of libmicrohttpd
+ (C) 2007 Christian Grothoff
+
+ libmicrohttpd is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2, or (at your
+ option) any later version.
+
+ libmicrohttpd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with libmicrohttpd; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * @file mhds_get_test.c
+ * @brief Testcase for libmicrohttpd GET operations
+ * @author Sagie Amir
+ */
+
+#include "config.h"
+#include "plibc.h"
+#include "microhttpd.h"
+#include <errno.h>
+
+#include <curl/curl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/stat.h>
+
+#define BUF_SIZE 1024
+#define MAX_URL_LEN 255
+
+#define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"
+
+#define MHD_E_SERVER_INIT "Error: failed to start server\n"
+#define MHD_E_TEST_FILE_CREAT "Error: failed to setup test file\n"
+#define MHD_E_CERT_FILE_CREAT "Error: failed to setup test certificate\n"
+#define MHD_E_KEY_FILE_CREAT "Error: failed to setup test certificate\n"
+
+/* Test Certificate */
+const char cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
+ "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
+ "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
+ "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
+ "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
+ "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
+ "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
+ "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
+ "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
+ "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
+ "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
+ "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
+ "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
+ "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
+ "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
+
+const char key_pem[] =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
+ "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
+ "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
+ "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
+ "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
+ "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
+ "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
+ "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
+ "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
+ "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
+ "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
+ "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
+ "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
+ "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
+ "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
+ "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
+ "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
+ "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
+ "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
+ "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
+ "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
+ "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
+ "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
+ "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
+ "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+const char *test_file_name = "https_test_file";
+
+const char test_file_data[] = "Hello World\n";
+
+struct CBC
+{
+ char *buf;
+ size_t pos;
+ size_t size;
+};
+
+static size_t
+copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx)
+{
+ struct CBC *cbc = ctx;
+
+ if (cbc->pos + size * nmemb > cbc->size)
+ return 0; /* overflow */
+ memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
+ cbc->pos += size * nmemb;
+ return size * nmemb;
+}
+
+static int
+file_reader (void *cls, size_t pos, char *buf, int max)
+{
+ FILE *file = cls;
+ fseek (file, pos, SEEK_SET);
+ return fread (buf, 1, max, file);
+}
+
+/* HTTP access handler call back */
+static int
+http_ahc (void *cls, struct MHD_Connection *connection,
+ const char *url, const char *method, const char *upload_data,
+ const char *version, unsigned int *upload_data_size, void **ptr)
+{
+ static int aptr;
+ struct MHD_Response *response;
+ int ret;
+ FILE *file;
+ struct stat buf;
+
+ // TODO never respond on first call
+ if (0 != strcmp (method, MHD_HTTP_METHOD_GET))
+ return MHD_NO; /* unexpected method */
+ if (&aptr != *ptr)
+ {
+ /* do never respond on first call */
+ *ptr = &aptr;
+ return MHD_YES;
+ }
+ *ptr = NULL; /* reset when done */
+
+ file = fopen (url, "r");
+ if (file == NULL)
+ {
+ response = MHD_create_response_from_data (strlen (PAGE_NOT_FOUND),
+ (void *) PAGE_NOT_FOUND,
+ MHD_NO, MHD_NO);
+ ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response);
+ MHD_destroy_response (response);
+ }
+ else
+ {
+ stat (&url[1], &buf);
+ response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */
+ &file_reader, file,
+ (MHD_ContentReaderFreeCallback)
+ & fclose);
+ ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
+ MHD_destroy_response (response);
+ }
+ return ret;
+}
+
+/*
+ * test HTTPS transfer
+ * @param test_fd: file to attempt transfering
+ */
+static int
+test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version)
+{
+ CURL *c;
+ struct CBC cbc;
+ CURLcode errornum;
+ char *doc_path;
+ char url[255];
+ size_t len = fseek (test_fd, 0, SEEK_END);
+
+
+ /* used to memcmp local copy & deamon supplied copy */
+ unsigned char *mem_test_file_local;
+
+ /* setup test file path, url */
+ doc_path = get_current_dir_name ();
+
+ mem_test_file_local = malloc (len);
+ fseek (test_fd, 0, SEEK_SET);
+ if (fread (mem_test_file_local, sizeof (char), len, test_fd) != len)
+ {
+ fclose (test_fd);
+ fprintf (stderr, "Error: failed to read test file. %s\n",
+ strerror (errno));
+ return -1;
+ }
+
+ if (NULL == (cbc.buf = malloc (sizeof (char) * len)))
+ {
+ fclose (test_fd);
+ fprintf (stderr, "Error: failed to read test file. %s\n",
+ strerror (errno));
+ return -1;
+ }
+ cbc.size = len;
+ cbc.pos = 0;
+
+ /* construct url - this might use doc_path */
+ sprintf (url, "%s%s/%s", "https://localhost:42433",
+ doc_path, test_file_name);
+
+ c = curl_easy_init ();
+ // curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
+ curl_easy_setopt (c, CURLOPT_URL, url);
+ curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0);
+ curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L);
+ curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 10L);
+ curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer);
+ curl_easy_setopt (c, CURLOPT_FILE, &cbc);
+
+ /* TLS options */
+ curl_easy_setopt (c, CURLOPT_SSLVERSION, proto_version);
+ curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, cipher_suite);
+
+ // TODO rm : currently skip any peer authentication */
+ curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0);
+
+ curl_easy_setopt (c, CURLOPT_FAILONERROR, 1);
+
+ // NOTE: use of CONNECTTIMEOUT without also
+ // setting NOSIGNAL results in really weird
+ // crashes on my system!
+ curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1);
+ if (CURLE_OK != (errornum = curl_easy_perform (c)))
+ {
+ fprintf (stderr, "curl_easy_perform failed: `%s'\n",
+ curl_easy_strerror (errornum));
+ curl_easy_cleanup (c);
+ return errornum;
+ }
+
+ curl_easy_cleanup (c);
+
+ if (memcmp (cbc.buf, mem_test_file_local, len) != 0)
+ {
+ fprintf (stderr, "Error: local file & received file differ.\n");
+ return -1;
+ }
+
+ return 0;
+}
+
+/* perform a HTTP GET request via SSL/TLS */
+int
+test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version)
+{
+
+ int ret;
+ struct MHD_Daemon *d;
+ d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+ MHD_USE_DEBUG, 42433,
+ NULL, NULL, &http_ahc, NULL,
+ MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+ MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+
+ if (d == NULL)
+ {
+ fprintf (stderr, MHD_E_SERVER_INIT);
+ return -1;
+ }
+
+ ret = test_daemon_get (test_fd, cipher_suite, proto_version);
+ MHD_stop_daemon (d);
+ return ret;
+}
+
+/* test server works with key & certificate files */
+int
+test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version)
+{
+ int ret;
+ struct MHD_Daemon *d;
+ FILE *cert_fd, *key_fd;
+ char cert_path[255], key_path[255];
+
+ sprintf (cert_path, "%s/%s", get_current_dir_name (), "cert.pem");
+ sprintf (key_path, "%s/%s", get_current_dir_name (), "key.pem");
+
+ if (NULL == (key_fd = fopen (key_path, "w+")))
+ {
+ fprintf (stderr, MHD_E_KEY_FILE_CREAT);
+ return -1;
+ }
+ if (NULL == (cert_fd = fopen (cert_path, "w+")))
+ {
+ fprintf (stderr, MHD_E_CERT_FILE_CREAT);
+ return -1;
+ }
+
+ fwrite (key_pem, strlen (key_pem), sizeof (char), key_fd);
+ fwrite (cert_pem, strlen (cert_pem), sizeof (char), cert_fd);
+ fclose (key_fd);
+ fclose (cert_fd);
+
+ d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+ MHD_USE_DEBUG, 42433,
+ NULL, NULL, &http_ahc, NULL,
+ MHD_OPTION_HTTPS_KEY_PATH, key_path,
+ MHD_OPTION_HTTPS_CERT_PATH, cert_path,
+ MHD_OPTION_END);
+
+ if (d == NULL)
+ {
+ fprintf (stderr, MHD_E_SERVER_INIT);
+ return -1;
+ }
+
+ ret = test_daemon_get (test_fd, cipher_suite, proto_version);
+ MHD_stop_daemon (d);
+
+ remove (cert_path);
+ remove (key_path);
+ return ret;
+}
+
+/* setup a temporary transfer test file */
+FILE *
+setupTestFile ()
+{
+ FILE *test_fd;
+
+ if (NULL == (test_fd = fopen (test_file_name, "w+")))
+ {
+ fprintf (stderr, "Error: failed to open `%s': %s\n",
+ test_file_name, strerror (errno));
+ return NULL;
+ }
+ if (fwrite (test_file_data, sizeof (char), strlen (test_file_data), test_fd)
+ != strlen (test_file_data))
+ {
+ fprintf (stderr, "Error: failed to write `%s. %s'\n",
+ test_file_name, strerror (errno));
+ return NULL;
+ }
+ if (fflush (test_fd))
+ {
+ fprintf (stderr, "Error: failed to flush test file stream. %s\n",
+ strerror (errno));
+ return NULL;
+ }
+
+ return test_fd;
+}
+
+int
+main (int argc, char *const *argv)
+{
+ FILE *test_fd;
+ unsigned int errorCount = 0;
+
+ gnutls_global_set_log_level (0);
+
+ if ((test_fd = setupTestFile ()) == NULL)
+ {
+ fprintf (stderr, MHD_E_TEST_FILE_CREAT);
+ return -1;
+ }
+
+ if (0 != curl_global_init (CURL_GLOBAL_ALL))
+ {
+ fprintf (stderr, "Error (code: %u)\n", errorCount);
+ return -1;
+ }
+
+ errorCount +=
+ test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
+ errorCount +=
+ test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3);
+ errorCount +=
+ test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1);
+
+ if (errorCount != 0)
+ fprintf (stderr, "Error (code: %u)\n", errorCount);
+
+ curl_global_cleanup ();
+ fclose (test_fd);
+
+ remove (test_file_name);
+
+ return errorCount != 0;
+}
diff --git a/src/testcurl/https/mhds_session_info_test.c b/src/testcurl/https/mhds_session_info_test.c
@@ -0,0 +1,238 @@
+/*
+ This file is part of libmicrohttpd
+ (C) 2007 Christian Grothoff
+
+ libmicrohttpd is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 2, or (at your
+ option) any later version.
+
+ libmicrohttpd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with libmicrohttpd; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+ Boston, MA 02111-1307, USA.
+ */
+
+/**
+ * @file mhds_session_info_test.c
+ * @brief Testcase for libmicrohttpd GET operations
+ * @author Sagie Amir
+ */
+
+#include "config.h"
+#include "plibc.h"
+#include "microhttpsd.h"
+#include <errno.h>
+
+#include <curl/curl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#define BUF_SIZE 1024
+#define MAX_URL_LEN 255
+
+#define EMPTY_PAGE "<html><head><title>Empty page</title></head><body>Empty page</body></html>"
+
+/* Test Certificate */
+const char cert_pem[] =
+ "-----BEGIN CERTIFICATE-----\n"
+ "MIICpjCCAZCgAwIBAgIESEPtjjALBgkqhkiG9w0BAQUwADAeFw0wODA2MDIxMjU0\n"
+ "MzhaFw0wOTA2MDIxMjU0NDZaMAAwggEfMAsGCSqGSIb3DQEBAQOCAQ4AMIIBCQKC\n"
+ "AQC03TyUvK5HmUAirRp067taIEO4bibh5nqolUoUdo/LeblMQV+qnrv/RNAMTx5X\n"
+ "fNLZ45/kbM9geF8qY0vsPyQvP4jumzK0LOJYuIwmHaUm9vbXnYieILiwCuTgjaud\n"
+ "3VkZDoQ9fteIo+6we9UTpVqZpxpbLulBMh/VsvX0cPJ1VFC7rT59o9hAUlFf9jX/\n"
+ "GmKdYI79MtgVx0OPBjmmSD6kicBBfmfgkO7bIGwlRtsIyMznxbHu6VuoX/eVxrTv\n"
+ "rmCwgEXLWRZ6ru8MQl5YfqeGXXRVwMeXU961KefbuvmEPccgCxm8FZ1C1cnDHFXh\n"
+ "siSgAzMBjC/b6KVhNQ4KnUdZAgMBAAGjLzAtMAwGA1UdEwEB/wQCMAAwHQYDVR0O\n"
+ "BBYEFJcUvpjvE5fF/yzUshkWDpdYiQh/MAsGCSqGSIb3DQEBBQOCAQEARP7eKSB2\n"
+ "RNd6XjEjK0SrxtoTnxS3nw9sfcS7/qD1+XHdObtDFqGNSjGYFB3Gpx8fpQhCXdoN\n"
+ "8QUs3/5ZVa5yjZMQewWBgz8kNbnbH40F2y81MHITxxCe1Y+qqHWwVaYLsiOTqj2/\n"
+ "0S3QjEJ9tvklmg7JX09HC4m5QRYfWBeQLD1u8ZjA1Sf1xJriomFVyRLI2VPO2bNe\n"
+ "JDMXWuP+8kMC7gEvUnJ7A92Y2yrhu3QI3bjPk8uSpHea19Q77tul1UVBJ5g+zpH3\n"
+ "OsF5p0MyaVf09GTzcLds5nE/osTdXGUyHJapWReVmPm3Zn6gqYlnzD99z+DPIgIV\n"
+ "RhZvQx74NQnS6g==\n" "-----END CERTIFICATE-----\n";
+
+const char key_pem[] =
+ "-----BEGIN RSA PRIVATE KEY-----\n"
+ "MIIEowIBAAKCAQEAtN08lLyuR5lAIq0adOu7WiBDuG4m4eZ6qJVKFHaPy3m5TEFf\n"
+ "qp67/0TQDE8eV3zS2eOf5GzPYHhfKmNL7D8kLz+I7psytCziWLiMJh2lJvb2152I\n"
+ "niC4sArk4I2rnd1ZGQ6EPX7XiKPusHvVE6VamacaWy7pQTIf1bL19HDydVRQu60+\n"
+ "faPYQFJRX/Y1/xpinWCO/TLYFcdDjwY5pkg+pInAQX5n4JDu2yBsJUbbCMjM58Wx\n"
+ "7ulbqF/3lca0765gsIBFy1kWeq7vDEJeWH6nhl10VcDHl1PetSnn27r5hD3HIAsZ\n"
+ "vBWdQtXJwxxV4bIkoAMzAYwv2+ilYTUOCp1HWQIDAQABAoIBAArOQv3R7gmqDspj\n"
+ "lDaTFOz0C4e70QfjGMX0sWnakYnDGn6DU19iv3GnX1S072ejtgc9kcJ4e8VUO79R\n"
+ "EmqpdRR7k8dJr3RTUCyjzf/C+qiCzcmhCFYGN3KRHA6MeEnkvRuBogX4i5EG1k5l\n"
+ "/5t+YBTZBnqXKWlzQLKoUAiMLPg0eRWh+6q7H4N7kdWWBmTpako7TEqpIwuEnPGx\n"
+ "u3EPuTR+LN6lF55WBePbCHccUHUQaXuav18NuDkcJmCiMArK9SKb+h0RqLD6oMI/\n"
+ "dKD6n8cZXeMBkK+C8U/K0sN2hFHACsu30b9XfdnljgP9v+BP8GhnB0nCB6tNBCPo\n"
+ "32srOwECgYEAxWh3iBT4lWqL6bZavVbnhmvtif4nHv2t2/hOs/CAq8iLAw0oWGZc\n"
+ "+JEZTUDMvFRlulr0kcaWra+4fN3OmJnjeuFXZq52lfMgXBIKBmoSaZpIh2aDY1Rd\n"
+ "RbEse7nQl9hTEPmYspiXLGtnAXW7HuWqVfFFP3ya8rUS3t4d07Hig8ECgYEA6ou6\n"
+ "OHiBRTbtDqLIv8NghARc/AqwNWgEc9PelCPe5bdCOLBEyFjqKiT2MttnSSUc2Zob\n"
+ "XhYkHC6zN1Mlq30N0e3Q61YK9LxMdU1vsluXxNq2rfK1Scb1oOlOOtlbV3zA3VRF\n"
+ "hV3t1nOA9tFmUrwZi0CUMWJE/zbPAyhwWotKyZkCgYEAh0kFicPdbABdrCglXVae\n"
+ "SnfSjVwYkVuGd5Ze0WADvjYsVkYBHTvhgRNnRJMg+/vWz3Sf4Ps4rgUbqK8Vc20b\n"
+ "AU5G6H6tlCvPRGm0ZxrwTWDHTcuKRVs+pJE8C/qWoklE/AAhjluWVoGwUMbPGuiH\n"
+ "6Gf1bgHF6oj/Sq7rv/VLZ8ECgYBeq7ml05YyLuJutuwa4yzQ/MXfghzv4aVyb0F3\n"
+ "QCdXR6o2IYgR6jnSewrZKlA9aPqFJrwHNR6sNXlnSmt5Fcf/RWO/qgJQGLUv3+rG\n"
+ "7kuLTNDR05azSdiZc7J89ID3Bkb+z2YkV+6JUiPq/Ei1+nDBEXb/m+/HqALU/nyj\n"
+ "P3gXeQKBgBusb8Rbd+KgxSA0hwY6aoRTPRt8LNvXdsB9vRcKKHUFQvxUWiUSS+L9\n"
+ "/Qu1sJbrUquKOHqksV5wCnWnAKyJNJlhHuBToqQTgKXjuNmVdYSe631saiI7PHyC\n"
+ "eRJ6DxULPxABytJrYCRrNqmXi5TCiqR2mtfalEMOPxz8rUU8dYyx\n"
+ "-----END RSA PRIVATE KEY-----\n";
+
+struct MHD_Daemon *d;
+
+struct CBC
+{
+ char *buf;
+ size_t pos;
+ size_t size;
+};
+
+static size_t
+copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx)
+{
+ struct CBC *cbc = ctx;
+
+ if (cbc->pos + size * nmemb > cbc->size)
+ return 0; /* overflow */
+ memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
+ cbc->pos += size * nmemb;
+ return size * nmemb;
+}
+
+/* HTTP access handler call back */
+static int
+query_session_ahc (void *cls, struct MHD_Connection *connection,
+ const char *url, const char *method,
+ const char *upload_data, const char *version,
+ unsigned int *upload_data_size, void **ptr)
+{
+ struct MHD_Response *response;
+ int ret;
+
+ /* assert actual connection cipher is the one negotiated */
+ if (MHDS_get_session_cipher (connection) != GNUTLS_CIPHER_AES_256_CBC)
+ {
+ fprintf (stderr, "Error: requested cipher mismatch. %s\n",
+ strerror (errno));
+ return -1;
+ }
+
+ // TODO should these be hard coded into the server ?
+ if (MHDS_get_session_mac (connection) != GNUTLS_MAC_SHA1)
+ {
+ fprintf (stderr, "Error: requested mac algorithm mismatch. %s\n",
+ strerror (errno));
+ return -1;
+ }
+ if (MHDS_get_session_compression (connection) != GNUTLS_COMP_NULL)
+ {
+ fprintf (stderr, "Error: requested compression mismatch. %s\n",
+ strerror (errno));
+ return -1;
+ }
+ if (MHDS_get_session_cert_type (connection) != GNUTLS_CRT_X509)
+ {
+ fprintf (stderr, "Error: requested certificate mismatch. %s\n",
+ strerror (errno));
+ return -1;
+ }
+
+ response = MHD_create_response_from_data (strlen (EMPTY_PAGE),
+ (void *) EMPTY_PAGE,
+ MHD_NO, MHD_NO);
+ ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
+ MHD_destroy_response (response);
+ return ret;
+}
+
+static int
+test_query_session ()
+{
+
+ CURL *c;
+ struct CBC cbc;
+ CURLcode errornum;
+ char url[] = "https://localhost:42433/";
+
+ if (NULL == (cbc.buf = malloc (sizeof (char) * 255)))
+ return 16;
+ cbc.size = 255;
+ cbc.pos = 0;
+
+ /* setup test */
+ d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+ MHD_USE_DEBUG, 42433,
+ NULL, NULL, &query_session_ahc, NULL,
+ MHD_OPTION_HTTPS_MEM_KEY, key_pem,
+ MHD_OPTION_HTTPS_MEM_CERT, cert_pem, MHD_OPTION_END);
+
+ if (d == NULL)
+ return 2;
+
+ c = curl_easy_init ();
+ //curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
+ curl_easy_setopt (c, CURLOPT_URL, url);
+ curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
+ curl_easy_setopt (c, CURLOPT_TIMEOUT, 10L);
+ curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 10L);
+ curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer);
+ curl_easy_setopt (c, CURLOPT_FILE, &cbc);
+ /* TLS options */
+ curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3);
+ curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, "AES256-SHA");
+ /* currently skip any peer authentication */
+ curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0);
+ curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0);
+
+ curl_easy_setopt (c, CURLOPT_FAILONERROR, 1);
+
+ // NOTE: use of CONNECTTIMEOUT without also
+ // setting NOSIGNAL results in really weird
+ // crashes on my system!
+ curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1);
+ if (CURLE_OK != (errornum = curl_easy_perform (c)))
+ {
+ fprintf (stderr, "curl_easy_perform failed: `%s'\n",
+ curl_easy_strerror (errornum));
+ curl_easy_cleanup (c);
+ MHD_stop_daemon (d);
+ return 4;
+ }
+
+ curl_easy_cleanup (c);
+ MHD_stop_daemon (d);
+
+ return 0;
+}
+
+int
+main (int argc, char *const *argv)
+{
+ FILE *test_fd;
+ unsigned int errorCount = 0;
+
+ if (0 != curl_global_init (CURL_GLOBAL_ALL))
+ {
+ fprintf (stderr, "Error (code: %u)\n", errorCount);
+ return 8;
+ }
+
+ errorCount += test_query_session (test_fd);
+ if (errorCount != 0)
+ fprintf (stderr, "Error (code: %u)\n", errorCount);
+
+ curl_global_cleanup ();
+
+ return errorCount != 0;
+}
