diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2023-05-22 10:48:08 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2023-05-22 15:53:02 +0300 |
commit | dfa503656fcf721acfdd337aad2646d5bcc731bf (patch) | |
tree | a84505fe645857af788c0df8e0e01a8605afa2de | |
parent | f55531f3d39ceda2d33c1d24586a6fc6becd7e93 (diff) | |
download | libmicrohttpd-dfa503656fcf721acfdd337aad2646d5bcc731bf.tar.gz libmicrohttpd-dfa503656fcf721acfdd337aad2646d5bcc731bf.zip |
testcurl/https: removed enforcement of TLS version and cipher
-rw-r--r-- | src/testcurl/https/test_empty_response.c | 7 | ||||
-rw-r--r-- | src/testcurl/https/test_https_get.c | 15 | ||||
-rw-r--r-- | src/testcurl/https/test_https_get_iovec.c | 21 | ||||
-rw-r--r-- | src/testcurl/https/test_https_get_parallel.c | 24 | ||||
-rw-r--r-- | src/testcurl/https/test_https_get_parallel_threads.c | 23 | ||||
-rw-r--r-- | src/testcurl/https/test_https_get_select.c | 10 | ||||
-rw-r--r-- | src/testcurl/https/test_https_multi_daemon.c | 19 | ||||
-rw-r--r-- | src/testcurl/https/test_tls_authentication.c | 11 | ||||
-rw-r--r-- | src/testcurl/https/test_tls_extensions.c | 3 | ||||
-rw-r--r-- | src/testcurl/https/tls_test_common.c | 42 | ||||
-rw-r--r-- | src/testcurl/https/tls_test_common.h | 14 |
11 files changed, 50 insertions, 139 deletions
diff --git a/src/testcurl/https/test_empty_response.c b/src/testcurl/https/test_empty_response.c index de28211e..daa1328a 100644 --- a/src/testcurl/https/test_empty_response.c +++ b/src/testcurl/https/test_empty_response.c | |||
@@ -78,7 +78,6 @@ testInternalSelectGet () | |||
78 | time_t start; | 78 | time_t start; |
79 | struct timeval tv; | 79 | struct timeval tv; |
80 | int port; | 80 | int port; |
81 | char *aes256_sha = "AES256-SHA"; | ||
82 | 81 | ||
83 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) | 82 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) |
84 | port = 0; | 83 | port = 0; |
@@ -108,10 +107,6 @@ testInternalSelectGet () | |||
108 | } | 107 | } |
109 | port = (int) dinfo->port; | 108 | port = (int) dinfo->port; |
110 | } | 109 | } |
111 | if (curl_tls_is_nss ()) | ||
112 | { | ||
113 | aes256_sha = "rsa_aes_256_sha"; | ||
114 | } | ||
115 | 110 | ||
116 | c = curl_easy_init (); | 111 | c = curl_easy_init (); |
117 | curl_easy_setopt (c, CURLOPT_URL, "https://127.0.0.1/hello_world"); | 112 | curl_easy_setopt (c, CURLOPT_URL, "https://127.0.0.1/hello_world"); |
@@ -119,8 +114,6 @@ testInternalSelectGet () | |||
119 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); | 114 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); |
120 | curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); | 115 | curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); |
121 | /* TLS options */ | 116 | /* TLS options */ |
122 | curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); | ||
123 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, aes256_sha); | ||
124 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); | 117 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); |
125 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); | 118 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); |
126 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); | 119 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); |
diff --git a/src/testcurl/https/test_https_get.c b/src/testcurl/https/test_https_get.c index 0c368908..a8371f10 100644 --- a/src/testcurl/https/test_https_get.c +++ b/src/testcurl/https/test_https_get.c | |||
@@ -43,9 +43,7 @@ static int global_port; | |||
43 | 43 | ||
44 | /* perform a HTTP GET request via SSL/TLS */ | 44 | /* perform a HTTP GET request via SSL/TLS */ |
45 | static int | 45 | static int |
46 | test_secure_get (FILE *test_fd, | 46 | test_secure_get (FILE *test_fd) |
47 | const char *cipher_suite, | ||
48 | int proto_version) | ||
49 | { | 47 | { |
50 | int ret; | 48 | int ret; |
51 | struct MHD_Daemon *d; | 49 | struct MHD_Daemon *d; |
@@ -82,9 +80,7 @@ test_secure_get (FILE *test_fd, | |||
82 | } | 80 | } |
83 | 81 | ||
84 | ret = test_https_transfer (test_fd, | 82 | ret = test_https_transfer (test_fd, |
85 | port, | 83 | port); |
86 | cipher_suite, | ||
87 | proto_version); | ||
88 | 84 | ||
89 | MHD_stop_daemon (d); | 85 | MHD_stop_daemon (d); |
90 | return ret; | 86 | return ret; |
@@ -235,7 +231,6 @@ int | |||
235 | main (int argc, char *const *argv) | 231 | main (int argc, char *const *argv) |
236 | { | 232 | { |
237 | unsigned int errorCount = 0; | 233 | unsigned int errorCount = 0; |
238 | const char *aes256_sha_tlsv1 = "AES256-SHA"; | ||
239 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ | 234 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ |
240 | 235 | ||
241 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT | 236 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT |
@@ -253,12 +248,8 @@ main (int argc, char *const *argv) | |||
253 | return 77; | 248 | return 77; |
254 | } | 249 | } |
255 | 250 | ||
256 | if (curl_tls_is_nss ()) | ||
257 | { | ||
258 | aes256_sha_tlsv1 = "rsa_aes_256_sha"; | ||
259 | } | ||
260 | errorCount += | 251 | errorCount += |
261 | test_secure_get (NULL, aes256_sha_tlsv1, CURL_SSLVERSION_TLSv1); | 252 | test_secure_get (NULL); |
262 | errorCount += testEmptyGet (0); | 253 | errorCount += testEmptyGet (0); |
263 | curl_global_cleanup (); | 254 | curl_global_cleanup (); |
264 | 255 | ||
diff --git a/src/testcurl/https/test_https_get_iovec.c b/src/testcurl/https/test_https_get_iovec.c index 3682bab8..bd861b5f 100644 --- a/src/testcurl/https/test_https_get_iovec.c +++ b/src/testcurl/https/test_https_get_iovec.c | |||
@@ -143,9 +143,7 @@ iovec_ahc (void *cls, | |||
143 | 143 | ||
144 | static int | 144 | static int |
145 | test_iovec_transfer (void *cls, | 145 | test_iovec_transfer (void *cls, |
146 | int port, | 146 | int port) |
147 | const char *cipher_suite, | ||
148 | int proto_version) | ||
149 | { | 147 | { |
150 | int len; | 148 | int len; |
151 | int ret = 0; | 149 | int ret = 0; |
@@ -171,7 +169,7 @@ test_iovec_transfer (void *cls, | |||
171 | } | 169 | } |
172 | 170 | ||
173 | if (CURLE_OK != | 171 | if (CURLE_OK != |
174 | send_curl_req (url, &cbc, cipher_suite, proto_version)) | 172 | send_curl_req (url, &cbc)) |
175 | { | 173 | { |
176 | ret = -1; | 174 | ret = -1; |
177 | goto cleanup; | 175 | goto cleanup; |
@@ -192,9 +190,7 @@ cleanup: | |||
192 | 190 | ||
193 | /* perform a HTTP GET request via SSL/TLS */ | 191 | /* perform a HTTP GET request via SSL/TLS */ |
194 | static int | 192 | static int |
195 | test_secure_get (FILE *test_fd, | 193 | test_secure_get (FILE *test_fd) |
196 | const char *cipher_suite, | ||
197 | int proto_version) | ||
198 | { | 194 | { |
199 | int ret; | 195 | int ret; |
200 | struct MHD_Daemon *d; | 196 | struct MHD_Daemon *d; |
@@ -231,9 +227,7 @@ test_secure_get (FILE *test_fd, | |||
231 | } | 227 | } |
232 | 228 | ||
233 | ret = test_iovec_transfer (test_fd, | 229 | ret = test_iovec_transfer (test_fd, |
234 | port, | 230 | port); |
235 | cipher_suite, | ||
236 | proto_version); | ||
237 | 231 | ||
238 | MHD_stop_daemon (d); | 232 | MHD_stop_daemon (d); |
239 | return ret; | 233 | return ret; |
@@ -390,7 +384,6 @@ int | |||
390 | main (int argc, char *const *argv) | 384 | main (int argc, char *const *argv) |
391 | { | 385 | { |
392 | unsigned int errorCount = 0; | 386 | unsigned int errorCount = 0; |
393 | const char *aes256_sha_tlsv1 = "AES256-SHA"; | ||
394 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ | 387 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ |
395 | 388 | ||
396 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT | 389 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT |
@@ -408,12 +401,8 @@ main (int argc, char *const *argv) | |||
408 | return 77; | 401 | return 77; |
409 | } | 402 | } |
410 | 403 | ||
411 | if (curl_tls_is_nss ()) | ||
412 | { | ||
413 | aes256_sha_tlsv1 = "rsa_aes_256_sha"; | ||
414 | } | ||
415 | errorCount += | 404 | errorCount += |
416 | test_secure_get (NULL, aes256_sha_tlsv1, CURL_SSLVERSION_TLSv1); | 405 | test_secure_get (NULL); |
417 | errorCount += testEmptyGet (0); | 406 | errorCount += testEmptyGet (0); |
418 | curl_global_cleanup (); | 407 | curl_global_cleanup (); |
419 | 408 | ||
diff --git a/src/testcurl/https/test_https_get_parallel.c b/src/testcurl/https/test_https_get_parallel.c index f44dcf33..95a06319 100644 --- a/src/testcurl/https/test_https_get_parallel.c +++ b/src/testcurl/https/test_https_get_parallel.c | |||
@@ -62,8 +62,7 @@ https_transfer_thread_adapter (void *args) | |||
62 | 62 | ||
63 | /* time spread incoming requests */ | 63 | /* time spread incoming requests */ |
64 | usleep ((useconds_t) 10.0 * ((double) rand ()) / ((double) RAND_MAX)); | 64 | usleep ((useconds_t) 10.0 * ((double) rand ()) / ((double) RAND_MAX)); |
65 | ret = test_https_transfer (NULL, cargs->port, | 65 | ret = test_https_transfer (NULL, cargs->port); |
66 | cargs->cipher_suite, cargs->proto_version); | ||
67 | if (ret == 0) | 66 | if (ret == 0) |
68 | return NULL; | 67 | return NULL; |
69 | return &nonnull; | 68 | return &nonnull; |
@@ -78,12 +77,11 @@ https_transfer_thread_adapter (void *args) | |||
78 | * TODO : make client_count a parameter - number of curl client threads to spawn | 77 | * TODO : make client_count a parameter - number of curl client threads to spawn |
79 | */ | 78 | */ |
80 | static int | 79 | static int |
81 | test_single_client (void *cls, int port, const char *cipher_suite, | 80 | test_single_client (void *cls, int port) |
82 | int curl_proto_version) | ||
83 | { | 81 | { |
84 | void *client_thread_ret; | 82 | void *client_thread_ret; |
85 | struct https_test_data client_args = | 83 | struct https_test_data client_args = |
86 | { NULL, port, cipher_suite, curl_proto_version }; | 84 | { NULL, port }; |
87 | (void) cls; /* Unused. Silent compiler warning. */ | 85 | (void) cls; /* Unused. Silent compiler warning. */ |
88 | 86 | ||
89 | client_thread_ret = https_transfer_thread_adapter (&client_args); | 87 | client_thread_ret = https_transfer_thread_adapter (&client_args); |
@@ -101,15 +99,14 @@ test_single_client (void *cls, int port, const char *cipher_suite, | |||
101 | * TODO : make client_count a parameter - number of curl client threads to spawn | 99 | * TODO : make client_count a parameter - number of curl client threads to spawn |
102 | */ | 100 | */ |
103 | static int | 101 | static int |
104 | test_parallel_clients (void *cls, int port, const char *cipher_suite, | 102 | test_parallel_clients (void *cls, int port) |
105 | int curl_proto_version) | ||
106 | { | 103 | { |
107 | int i; | 104 | int i; |
108 | int client_count = (MHD_CPU_COUNT - 1); | 105 | int client_count = (MHD_CPU_COUNT - 1); |
109 | void *client_thread_ret; | 106 | void *client_thread_ret; |
110 | pthread_t client_arr[client_count]; | 107 | pthread_t client_arr[client_count]; |
111 | struct https_test_data client_args = | 108 | struct https_test_data client_args = |
112 | { NULL, port, cipher_suite, curl_proto_version }; | 109 | { NULL, port }; |
113 | (void) cls; /* Unused. Silent compiler warning. */ | 110 | (void) cls; /* Unused. Silent compiler warning. */ |
114 | 111 | ||
115 | for (i = 0; i < client_count; ++i) | 112 | for (i = 0; i < client_count; ++i) |
@@ -138,7 +135,6 @@ int | |||
138 | main (int argc, char *const *argv) | 135 | main (int argc, char *const *argv) |
139 | { | 136 | { |
140 | unsigned int errorCount = 0; | 137 | unsigned int errorCount = 0; |
141 | const char *aes256_sha = "AES256-SHA"; | ||
142 | int port; | 138 | int port; |
143 | unsigned int iseed; | 139 | unsigned int iseed; |
144 | (void) argc; /* Unused. Silent compiler warning. */ | 140 | (void) argc; /* Unused. Silent compiler warning. */ |
@@ -159,8 +155,6 @@ main (int argc, char *const *argv) | |||
159 | fprintf (stderr, "Curl does not support SSL. Cannot run the test.\n"); | 155 | fprintf (stderr, "Curl does not support SSL. Cannot run the test.\n"); |
160 | return 77; | 156 | return 77; |
161 | } | 157 | } |
162 | if (curl_tls_is_nss ()) | ||
163 | aes256_sha = "rsa_aes_256_sha"; | ||
164 | #ifdef EPOLL_SUPPORT | 158 | #ifdef EPOLL_SUPPORT |
165 | errorCount += | 159 | errorCount += |
166 | test_wrap ("single threaded daemon, single client, epoll", | 160 | test_wrap ("single threaded daemon, single client, epoll", |
@@ -168,7 +162,7 @@ main (int argc, char *const *argv) | |||
168 | NULL, port, | 162 | NULL, port, |
169 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | 163 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS |
170 | | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, | 164 | | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, |
171 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 165 | MHD_OPTION_HTTPS_MEM_KEY, |
172 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 166 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
173 | srv_self_signed_cert_pem, MHD_OPTION_END); | 167 | srv_self_signed_cert_pem, MHD_OPTION_END); |
174 | #endif | 168 | #endif |
@@ -177,7 +171,7 @@ main (int argc, char *const *argv) | |||
177 | NULL, port, | 171 | NULL, port, |
178 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | 172 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS |
179 | | MHD_USE_ERROR_LOG, | 173 | | MHD_USE_ERROR_LOG, |
180 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 174 | MHD_OPTION_HTTPS_MEM_KEY, |
181 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 175 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
182 | srv_self_signed_cert_pem, MHD_OPTION_END); | 176 | srv_self_signed_cert_pem, MHD_OPTION_END); |
183 | #ifdef EPOLL_SUPPORT | 177 | #ifdef EPOLL_SUPPORT |
@@ -186,7 +180,7 @@ main (int argc, char *const *argv) | |||
186 | &test_parallel_clients, NULL, port, | 180 | &test_parallel_clients, NULL, port, |
187 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | 181 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS |
188 | | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, | 182 | | MHD_USE_ERROR_LOG | MHD_USE_EPOLL, |
189 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 183 | MHD_OPTION_HTTPS_MEM_KEY, |
190 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 184 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
191 | srv_self_signed_cert_pem, MHD_OPTION_END); | 185 | srv_self_signed_cert_pem, MHD_OPTION_END); |
192 | #endif | 186 | #endif |
@@ -195,7 +189,7 @@ main (int argc, char *const *argv) | |||
195 | &test_parallel_clients, NULL, port, | 189 | &test_parallel_clients, NULL, port, |
196 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS | 190 | MHD_USE_INTERNAL_POLLING_THREAD | MHD_USE_TLS |
197 | | MHD_USE_ERROR_LOG, | 191 | | MHD_USE_ERROR_LOG, |
198 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 192 | MHD_OPTION_HTTPS_MEM_KEY, |
199 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 193 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
200 | srv_self_signed_cert_pem, MHD_OPTION_END); | 194 | srv_self_signed_cert_pem, MHD_OPTION_END); |
201 | 195 | ||
diff --git a/src/testcurl/https/test_https_get_parallel_threads.c b/src/testcurl/https/test_https_get_parallel_threads.c index f963fc8b..cc1add12 100644 --- a/src/testcurl/https/test_https_get_parallel_threads.c +++ b/src/testcurl/https/test_https_get_parallel_threads.c | |||
@@ -63,8 +63,7 @@ https_transfer_thread_adapter (void *args) | |||
63 | 63 | ||
64 | /* time spread incoming requests */ | 64 | /* time spread incoming requests */ |
65 | usleep ((useconds_t) 10.0 * ((double) rand ()) / ((double) RAND_MAX)); | 65 | usleep ((useconds_t) 10.0 * ((double) rand ()) / ((double) RAND_MAX)); |
66 | ret = test_https_transfer (cargs->cls, cargs->port, | 66 | ret = test_https_transfer (cargs->cls, cargs->port); |
67 | cargs->cipher_suite, cargs->proto_version); | ||
68 | if (ret == 0) | 67 | if (ret == 0) |
69 | return NULL; | 68 | return NULL; |
70 | return &nonnull; | 69 | return &nonnull; |
@@ -79,12 +78,11 @@ https_transfer_thread_adapter (void *args) | |||
79 | * TODO : make client_count a parameter - number of curl client threads to spawn | 78 | * TODO : make client_count a parameter - number of curl client threads to spawn |
80 | */ | 79 | */ |
81 | static int | 80 | static int |
82 | test_single_client (void *cls, int port, const char *cipher_suite, | 81 | test_single_client (void *cls, int port) |
83 | int curl_proto_version) | ||
84 | { | 82 | { |
85 | void *client_thread_ret; | 83 | void *client_thread_ret; |
86 | struct https_test_data client_args = | 84 | struct https_test_data client_args = |
87 | { NULL, port, cipher_suite, curl_proto_version }; | 85 | { NULL, port}; |
88 | (void) cls; /* Unused. Silent compiler warning. */ | 86 | (void) cls; /* Unused. Silent compiler warning. */ |
89 | 87 | ||
90 | client_thread_ret = https_transfer_thread_adapter (&client_args); | 88 | client_thread_ret = https_transfer_thread_adapter (&client_args); |
@@ -102,15 +100,14 @@ test_single_client (void *cls, int port, const char *cipher_suite, | |||
102 | * TODO : make client_count a parameter - number of curl client threads to spawn | 100 | * TODO : make client_count a parameter - number of curl client threads to spawn |
103 | */ | 101 | */ |
104 | static int | 102 | static int |
105 | test_parallel_clients (void *cls, int port, const char *cipher_suite, | 103 | test_parallel_clients (void *cls, int port) |
106 | int curl_proto_version) | ||
107 | { | 104 | { |
108 | int i; | 105 | int i; |
109 | int client_count = (MHD_CPU_COUNT - 1); | 106 | int client_count = (MHD_CPU_COUNT - 1); |
110 | void *client_thread_ret; | 107 | void *client_thread_ret; |
111 | pthread_t client_arr[client_count]; | 108 | pthread_t client_arr[client_count]; |
112 | struct https_test_data client_args = | 109 | struct https_test_data client_args = |
113 | { NULL, port, cipher_suite, curl_proto_version }; | 110 | { NULL, port }; |
114 | (void) cls; /* Unused. Silent compiler warning. */ | 111 | (void) cls; /* Unused. Silent compiler warning. */ |
115 | 112 | ||
116 | for (i = 0; i < client_count; ++i) | 113 | for (i = 0; i < client_count; ++i) |
@@ -143,7 +140,6 @@ main (int argc, char *const *argv) | |||
143 | const char *ssl_version; | 140 | const char *ssl_version; |
144 | int port; | 141 | int port; |
145 | unsigned int iseed; | 142 | unsigned int iseed; |
146 | char *aes256_sha = "AES256-SHA"; | ||
147 | (void) argc; /* Unused. Silent compiler warning. */ | 143 | (void) argc; /* Unused. Silent compiler warning. */ |
148 | 144 | ||
149 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) | 145 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) |
@@ -176,17 +172,12 @@ main (int argc, char *const *argv) | |||
176 | return 77; | 172 | return 77; |
177 | } | 173 | } |
178 | 174 | ||
179 | if (curl_tls_is_nss ()) | ||
180 | { | ||
181 | aes256_sha = "rsa_aes_256_sha"; | ||
182 | } | ||
183 | |||
184 | errorCount += | 175 | errorCount += |
185 | test_wrap ("multi threaded daemon, single client", &test_single_client, | 176 | test_wrap ("multi threaded daemon, single client", &test_single_client, |
186 | NULL, port, | 177 | NULL, port, |
187 | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION | 178 | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION |
188 | | MHD_USE_INTERNAL_POLLING_THREAD, | 179 | | MHD_USE_INTERNAL_POLLING_THREAD, |
189 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 180 | MHD_OPTION_HTTPS_MEM_KEY, |
190 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 181 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
191 | srv_self_signed_cert_pem, MHD_OPTION_END); | 182 | srv_self_signed_cert_pem, MHD_OPTION_END); |
192 | 183 | ||
@@ -195,7 +186,7 @@ main (int argc, char *const *argv) | |||
195 | &test_parallel_clients, NULL, port, | 186 | &test_parallel_clients, NULL, port, |
196 | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION | 187 | MHD_USE_TLS | MHD_USE_ERROR_LOG | MHD_USE_THREAD_PER_CONNECTION |
197 | | MHD_USE_INTERNAL_POLLING_THREAD, | 188 | | MHD_USE_INTERNAL_POLLING_THREAD, |
198 | aes256_sha, CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, | 189 | MHD_OPTION_HTTPS_MEM_KEY, |
199 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, | 190 | srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT, |
200 | srv_self_signed_cert_pem, MHD_OPTION_END); | 191 | srv_self_signed_cert_pem, MHD_OPTION_END); |
201 | 192 | ||
diff --git a/src/testcurl/https/test_https_get_select.c b/src/testcurl/https/test_https_get_select.c index 0ec7763f..47094d8e 100644 --- a/src/testcurl/https/test_https_get_select.c +++ b/src/testcurl/https/test_https_get_select.c | |||
@@ -95,7 +95,6 @@ testExternalGet (int flags) | |||
95 | struct CURLMsg *msg; | 95 | struct CURLMsg *msg; |
96 | time_t start; | 96 | time_t start; |
97 | struct timeval tv; | 97 | struct timeval tv; |
98 | const char *aes256_sha = "AES256-SHA"; | ||
99 | int port; | 98 | int port; |
100 | 99 | ||
101 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) | 100 | if (MHD_NO != MHD_is_feature_supported (MHD_FEATURE_AUTODETECT_BIND_PORT)) |
@@ -109,8 +108,8 @@ testExternalGet (int flags) | |||
109 | cbc.pos = 0; | 108 | cbc.pos = 0; |
110 | d = MHD_start_daemon (MHD_USE_ERROR_LOG | MHD_USE_TLS | flags, | 109 | d = MHD_start_daemon (MHD_USE_ERROR_LOG | MHD_USE_TLS | flags, |
111 | port, NULL, NULL, &ahc_echo, "GET", | 110 | port, NULL, NULL, &ahc_echo, "GET", |
112 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 111 | MHD_OPTION_HTTPS_MEM_KEY, srv_signed_key_pem, |
113 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 112 | MHD_OPTION_HTTPS_MEM_CERT, srv_signed_cert_pem, |
114 | MHD_OPTION_END); | 113 | MHD_OPTION_END); |
115 | if (d == NULL) | 114 | if (d == NULL) |
116 | return 256; | 115 | return 256; |
@@ -125,17 +124,12 @@ testExternalGet (int flags) | |||
125 | port = (int) dinfo->port; | 124 | port = (int) dinfo->port; |
126 | } | 125 | } |
127 | 126 | ||
128 | if (curl_tls_is_nss ()) | ||
129 | aes256_sha = "rsa_aes_256_sha"; | ||
130 | |||
131 | c = curl_easy_init (); | 127 | c = curl_easy_init (); |
132 | curl_easy_setopt (c, CURLOPT_URL, "https://127.0.0.1/hello_world"); | 128 | curl_easy_setopt (c, CURLOPT_URL, "https://127.0.0.1/hello_world"); |
133 | curl_easy_setopt (c, CURLOPT_PORT, (long) port); | 129 | curl_easy_setopt (c, CURLOPT_PORT, (long) port); |
134 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); | 130 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); |
135 | curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); | 131 | curl_easy_setopt (c, CURLOPT_WRITEDATA, &cbc); |
136 | /* TLS options */ | 132 | /* TLS options */ |
137 | curl_easy_setopt (c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1); | ||
138 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, aes256_sha); | ||
139 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); | 133 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L); |
140 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); | 134 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L); |
141 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); | 135 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1L); |
diff --git a/src/testcurl/https/test_https_multi_daemon.c b/src/testcurl/https/test_https_multi_daemon.c index 26a09c2d..5172c1c9 100644 --- a/src/testcurl/https/test_https_multi_daemon.c +++ b/src/testcurl/https/test_https_multi_daemon.c | |||
@@ -42,9 +42,7 @@ extern const char srv_self_signed_cert_pem[]; | |||
42 | * doesn't affect the other | 42 | * doesn't affect the other |
43 | */ | 43 | */ |
44 | static int | 44 | static int |
45 | test_concurent_daemon_pair (void *cls, | 45 | test_concurent_daemon_pair (void *cls) |
46 | const char *cipher_suite, | ||
47 | int proto_version) | ||
48 | { | 46 | { |
49 | int ret; | 47 | int ret; |
50 | struct MHD_Daemon *d1; | 48 | struct MHD_Daemon *d1; |
@@ -113,14 +111,13 @@ test_concurent_daemon_pair (void *cls, | |||
113 | } | 111 | } |
114 | 112 | ||
115 | ret = | 113 | ret = |
116 | test_daemon_get (NULL, cipher_suite, proto_version, port1, 0); | 114 | test_daemon_get (NULL, port1, 0); |
117 | ret += | 115 | ret += |
118 | test_daemon_get (NULL, cipher_suite, proto_version, | 116 | test_daemon_get (NULL, port2, 0); |
119 | port2, 0); | ||
120 | 117 | ||
121 | MHD_stop_daemon (d2); | 118 | MHD_stop_daemon (d2); |
122 | ret += | 119 | ret += |
123 | test_daemon_get (NULL, cipher_suite, proto_version, port1, 0); | 120 | test_daemon_get (NULL, port1, 0); |
124 | MHD_stop_daemon (d1); | 121 | MHD_stop_daemon (d1); |
125 | return ret; | 122 | return ret; |
126 | } | 123 | } |
@@ -131,7 +128,6 @@ main (int argc, char *const *argv) | |||
131 | { | 128 | { |
132 | unsigned int errorCount = 0; | 129 | unsigned int errorCount = 0; |
133 | FILE *cert; | 130 | FILE *cert; |
134 | const char *aes256_sha = "AES256-SHA"; | ||
135 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ | 131 | (void) argc; (void) argv; /* Unused. Silent compiler warning. */ |
136 | 132 | ||
137 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT | 133 | #ifdef MHD_HTTPS_REQUIRE_GCRYPT |
@@ -155,13 +151,8 @@ main (int argc, char *const *argv) | |||
155 | return 99; | 151 | return 99; |
156 | } | 152 | } |
157 | 153 | ||
158 | if (curl_tls_is_nss ()) | ||
159 | { | ||
160 | aes256_sha = "rsa_aes_256_sha"; | ||
161 | } | ||
162 | |||
163 | errorCount += | 154 | errorCount += |
164 | test_concurent_daemon_pair (NULL, aes256_sha, CURL_SSLVERSION_TLSv1); | 155 | test_concurent_daemon_pair (NULL); |
165 | 156 | ||
166 | print_test_result (errorCount, "concurent_daemon_pair"); | 157 | print_test_result (errorCount, "concurent_daemon_pair"); |
167 | 158 | ||
diff --git a/src/testcurl/https/test_tls_authentication.c b/src/testcurl/https/test_tls_authentication.c index e1aa0d22..aeefe44f 100644 --- a/src/testcurl/https/test_tls_authentication.c +++ b/src/testcurl/https/test_tls_authentication.c | |||
@@ -40,7 +40,7 @@ extern const char srv_signed_key_pem[]; | |||
40 | 40 | ||
41 | /* perform a HTTP GET request via SSL/TLS */ | 41 | /* perform a HTTP GET request via SSL/TLS */ |
42 | static int | 42 | static int |
43 | test_secure_get (void *cls, char *cipher_suite, int proto_version) | 43 | test_secure_get (void *cls) |
44 | { | 44 | { |
45 | int ret; | 45 | int ret; |
46 | struct MHD_Daemon *d; | 46 | struct MHD_Daemon *d; |
@@ -76,7 +76,7 @@ test_secure_get (void *cls, char *cipher_suite, int proto_version) | |||
76 | port = (int) dinfo->port; | 76 | port = (int) dinfo->port; |
77 | } | 77 | } |
78 | 78 | ||
79 | ret = test_daemon_get (NULL, cipher_suite, proto_version, port, 0); | 79 | ret = test_daemon_get (NULL, port, 0); |
80 | 80 | ||
81 | MHD_stop_daemon (d); | 81 | MHD_stop_daemon (d); |
82 | return ret; | 82 | return ret; |
@@ -87,7 +87,6 @@ int | |||
87 | main (int argc, char *const *argv) | 87 | main (int argc, char *const *argv) |
88 | { | 88 | { |
89 | unsigned int errorCount = 0; | 89 | unsigned int errorCount = 0; |
90 | char *aes256_sha = "AES256-SHA"; | ||
91 | FILE *crt; | 90 | FILE *crt; |
92 | (void) argc; | 91 | (void) argc; |
93 | (void) argv; /* Unused. Silent compiler warning. */ | 92 | (void) argv; /* Unused. Silent compiler warning. */ |
@@ -114,13 +113,9 @@ main (int argc, char *const *argv) | |||
114 | return 99; | 113 | return 99; |
115 | } | 114 | } |
116 | fclose (crt); | 115 | fclose (crt); |
117 | if (curl_tls_is_nss ()) | ||
118 | { | ||
119 | aes256_sha = "rsa_aes_256_sha"; | ||
120 | } | ||
121 | 116 | ||
122 | errorCount += | 117 | errorCount += |
123 | test_secure_get (NULL, aes256_sha, CURL_SSLVERSION_TLSv1); | 118 | test_secure_get (NULL); |
124 | 119 | ||
125 | print_test_result (errorCount, argv[0]); | 120 | print_test_result (errorCount, argv[0]); |
126 | 121 | ||
diff --git a/src/testcurl/https/test_tls_extensions.c b/src/testcurl/https/test_tls_extensions.c index 0ab75f1f..9f57783f 100644 --- a/src/testcurl/https/test_tls_extensions.c +++ b/src/testcurl/https/test_tls_extensions.c | |||
@@ -188,8 +188,7 @@ test_hello_extension (gnutls_session_t session, int port, extensions_t exten_t, | |||
188 | gnutls_free (data); | 188 | gnutls_free (data); |
189 | 189 | ||
190 | /* make sure daemon is still functioning */ | 190 | /* make sure daemon is still functioning */ |
191 | if (CURLE_OK != send_curl_req (url, &cbc, "AES128-SHA", | 191 | if (CURLE_OK != send_curl_req (url, &cbc)) |
192 | MHD_GNUTLS_PROTOCOL_TLS1_2)) | ||
193 | { | 192 | { |
194 | ret = -1; | 193 | ret = -1; |
195 | goto cleanup; | 194 | goto cleanup; |
diff --git a/src/testcurl/https/tls_test_common.c b/src/testcurl/https/tls_test_common.c index 9cce3d94..7409596e 100644 --- a/src/testcurl/https/tls_test_common.c +++ b/src/testcurl/https/tls_test_common.c | |||
@@ -62,8 +62,6 @@ setup_ca_cert () | |||
62 | */ | 62 | */ |
63 | int | 63 | int |
64 | test_daemon_get (void *cls, | 64 | test_daemon_get (void *cls, |
65 | const char *cipher_suite, | ||
66 | int proto_version, | ||
67 | int port, | 65 | int port, |
68 | int ver_peer) | 66 | int ver_peer) |
69 | { | 67 | { |
@@ -112,14 +110,7 @@ test_daemon_get (void *cls, | |||
112 | } | 110 | } |
113 | 111 | ||
114 | /* TLS options */ | 112 | /* TLS options */ |
115 | if ((CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSLVERSION, | 113 | if ((CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, |
116 | proto_version))) || | ||
117 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, | ||
118 | cipher_suite))) || | ||
119 | |||
120 | /* perform peer authentication */ | ||
121 | /* TODO merge into send_curl_req */ | ||
122 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, | ||
123 | ver_peer))) || | 114 | ver_peer))) || |
124 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L)))) | 115 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L)))) |
125 | { | 116 | { |
@@ -260,16 +251,12 @@ http_dummy_ahc (void *cls, | |||
260 | * send a test http request to the daemon | 251 | * send a test http request to the daemon |
261 | * @param url | 252 | * @param url |
262 | * @param cbc - may be null | 253 | * @param cbc - may be null |
263 | * @param cipher_suite | ||
264 | * @param proto_version | ||
265 | * @return | 254 | * @return |
266 | */ | 255 | */ |
267 | /* TODO have test wrap consider a NULL cbc */ | 256 | /* TODO have test wrap consider a NULL cbc */ |
268 | int | 257 | int |
269 | send_curl_req (char *url, | 258 | send_curl_req (char *url, |
270 | struct CBC *cbc, | 259 | struct CBC *cbc) |
271 | const char *cipher_suite, | ||
272 | int proto_version) | ||
273 | { | 260 | { |
274 | CURL *c; | 261 | CURL *c; |
275 | CURLcode errornum; | 262 | CURLcode errornum; |
@@ -307,13 +294,9 @@ send_curl_req (char *url, | |||
307 | } | 294 | } |
308 | 295 | ||
309 | /* TLS options */ | 296 | /* TLS options */ |
310 | if ((CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSLVERSION, | 297 | if (/* currently skip any peer authentication */ |
311 | proto_version))) || | 298 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L))) || |
312 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, | 299 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L)))) |
313 | cipher_suite))) || | ||
314 | /* currently skip any peer authentication */ | ||
315 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0L))) || | ||
316 | (CURLE_OK != (e = curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0L)))) | ||
317 | { | 300 | { |
318 | fprintf (stderr, "HTTPS curl_easy_setopt failed: `%s'\n", | 301 | fprintf (stderr, "HTTPS curl_easy_setopt failed: `%s'\n", |
319 | curl_easy_strerror (e)); | 302 | curl_easy_strerror (e)); |
@@ -409,9 +392,7 @@ gen_test_file_url (char *url, | |||
409 | */ | 392 | */ |
410 | int | 393 | int |
411 | test_https_transfer (void *cls, | 394 | test_https_transfer (void *cls, |
412 | int port, | 395 | int port) |
413 | const char *cipher_suite, | ||
414 | int proto_version) | ||
415 | { | 396 | { |
416 | int len; | 397 | int len; |
417 | int ret = 0; | 398 | int ret = 0; |
@@ -437,7 +418,7 @@ test_https_transfer (void *cls, | |||
437 | } | 418 | } |
438 | 419 | ||
439 | if (CURLE_OK != | 420 | if (CURLE_OK != |
440 | send_curl_req (url, &cbc, cipher_suite, proto_version)) | 421 | send_curl_req (url, &cbc)) |
441 | { | 422 | { |
442 | ret = -1; | 423 | ret = -1; |
443 | goto cleanup; | 424 | goto cleanup; |
@@ -540,17 +521,16 @@ teardown_session (gnutls_session_t session, | |||
540 | /* TODO test_wrap: change sig to (setup_func, test, va_list test_arg) */ | 521 | /* TODO test_wrap: change sig to (setup_func, test, va_list test_arg) */ |
541 | int | 522 | int |
542 | test_wrap (const char *test_name, int | 523 | test_wrap (const char *test_name, int |
543 | (*test_function)(void *cls, int port, const char *cipher_suite, | 524 | (*test_function)(void *cls, int port), void *cls, |
544 | int proto_version), void *cls, | ||
545 | int port, | 525 | int port, |
546 | int daemon_flags, const char *cipher_suite, int proto_version, ...) | 526 | int daemon_flags, ...) |
547 | { | 527 | { |
548 | int ret; | 528 | int ret; |
549 | va_list arg_list; | 529 | va_list arg_list; |
550 | struct MHD_Daemon *d; | 530 | struct MHD_Daemon *d; |
551 | (void) cls; /* Unused. Silent compiler warning. */ | 531 | (void) cls; /* Unused. Silent compiler warning. */ |
552 | 532 | ||
553 | va_start (arg_list, proto_version); | 533 | va_start (arg_list, daemon_flags); |
554 | port = setup_testcase (&d, port, daemon_flags, arg_list); | 534 | port = setup_testcase (&d, port, daemon_flags, arg_list); |
555 | if (0 == port) | 535 | if (0 == port) |
556 | { | 536 | { |
@@ -561,7 +541,7 @@ test_wrap (const char *test_name, int | |||
561 | #if 0 | 541 | #if 0 |
562 | fprintf (stdout, "running test: %s ", test_name); | 542 | fprintf (stdout, "running test: %s ", test_name); |
563 | #endif | 543 | #endif |
564 | ret = test_function (NULL, port, cipher_suite, proto_version); | 544 | ret = test_function (NULL, port); |
565 | #if 0 | 545 | #if 0 |
566 | if (ret == 0) | 546 | if (ret == 0) |
567 | { | 547 | { |
diff --git a/src/testcurl/https/tls_test_common.h b/src/testcurl/https/tls_test_common.h index e3f552a8..80512f51 100644 --- a/src/testcurl/https/tls_test_common.h +++ b/src/testcurl/https/tls_test_common.h | |||
@@ -53,8 +53,6 @@ struct https_test_data | |||
53 | { | 53 | { |
54 | void *cls; | 54 | void *cls; |
55 | int port; | 55 | int port; |
56 | const char *cipher_suite; | ||
57 | int proto_version; | ||
58 | }; | 56 | }; |
59 | 57 | ||
60 | struct CBC | 58 | struct CBC |
@@ -94,7 +92,6 @@ setup_ca_cert (void); | |||
94 | */ | 92 | */ |
95 | int | 93 | int |
96 | test_daemon_get (void *cls, | 94 | test_daemon_get (void *cls, |
97 | const char *cipher_suite, int proto_version, | ||
98 | int port, int ver_peer); | 95 | int port, int ver_peer); |
99 | 96 | ||
100 | void | 97 | void |
@@ -129,12 +126,10 @@ gen_test_file_url (char *url, | |||
129 | int port); | 126 | int port); |
130 | 127 | ||
131 | int | 128 | int |
132 | send_curl_req (char *url, struct CBC *cbc, const char *cipher_suite, | 129 | send_curl_req (char *url, struct CBC *cbc); |
133 | int proto_version); | ||
134 | 130 | ||
135 | int | 131 | int |
136 | test_https_transfer (void *cls, int port, const char *cipher_suite, int | 132 | test_https_transfer (void *cls, int port); |
137 | proto_version); | ||
138 | 133 | ||
139 | int | 134 | int |
140 | setup_testcase (struct MHD_Daemon **d, int port, int daemon_flags, va_list | 135 | setup_testcase (struct MHD_Daemon **d, int port, int daemon_flags, va_list |
@@ -154,10 +149,9 @@ teardown_session (gnutls_session_t session, | |||
154 | 149 | ||
155 | int | 150 | int |
156 | test_wrap (const char *test_name, int | 151 | test_wrap (const char *test_name, int |
157 | (*test_function)(void *cls, int port, const char *cipher_suite, | 152 | (*test_function)(void *cls, int port), void *cls, |
158 | int proto_version), void *cls, | ||
159 | int port, | 153 | int port, |
160 | int daemon_flags, const char *cipher_suite, int proto_version, ...); | 154 | int daemon_flags, ...); |
161 | 155 | ||
162 | int testsuite_curl_global_init (void); | 156 | int testsuite_curl_global_init (void); |
163 | 157 | ||