diff options
author | Christian Grothoff <christian@grothoff.org> | 2010-07-25 09:47:50 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2010-07-25 09:47:50 +0000 |
commit | 63b5f01682144ebb24cbfbcc05b2260cd3fa2605 (patch) | |
tree | 27945686664acf3af4ec9c50b9d90018d399336d /src/testcurl | |
parent | 67851b280ee6c5b9fcc4f82402c1dad12887e224 (diff) | |
download | libmicrohttpd-63b5f01682144ebb24cbfbcc05b2260cd3fa2605.tar.gz libmicrohttpd-63b5f01682144ebb24cbfbcc05b2260cd3fa2605.zip |
getting gnutls tests to pass:
Diffstat (limited to 'src/testcurl')
-rw-r--r-- | src/testcurl/https/mhds_get_test.c | 18 | ||||
-rw-r--r-- | src/testcurl/https/mhds_get_test_select.c | 2 | ||||
-rw-r--r-- | src/testcurl/https/mhds_session_info_test.c | 37 | ||||
-rw-r--r-- | src/testcurl/https/tls_daemon_options_test.c | 96 |
4 files changed, 76 insertions, 77 deletions
diff --git a/src/testcurl/https/mhds_get_test.c b/src/testcurl/https/mhds_get_test.c index 0f5f06a1..1a835523 100644 --- a/src/testcurl/https/mhds_get_test.c +++ b/src/testcurl/https/mhds_get_test.c | |||
@@ -43,14 +43,13 @@ test_cipher_option (FILE * test_fd, char *cipher_suite, int proto_version) | |||
43 | { | 43 | { |
44 | 44 | ||
45 | int ret; | 45 | int ret; |
46 | int ciper[] = { GNUTLS_CIPHER_3DES_CBC, 0 }; | ||
47 | struct MHD_Daemon *d; | 46 | struct MHD_Daemon *d; |
48 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 47 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | |
49 | MHD_USE_DEBUG, 42433, | 48 | MHD_USE_DEBUG, 42433, |
50 | NULL, NULL, &http_ahc, NULL, | 49 | NULL, NULL, &http_ahc, NULL, |
51 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 50 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, |
52 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 51 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, |
53 | MHD_OPTION_CIPHER_ALGORITHM, ciper, MHD_OPTION_END); | 52 | MHD_OPTION_END); |
54 | 53 | ||
55 | if (d == NULL) | 54 | if (d == NULL) |
56 | { | 55 | { |
@@ -90,37 +89,28 @@ test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
90 | return ret; | 89 | return ret; |
91 | } | 90 | } |
92 | 91 | ||
93 | GCRY_THREAD_OPTION_PTHREAD_IMPL; | ||
94 | |||
95 | int | 92 | int |
96 | main (int argc, char *const *argv) | 93 | main (int argc, char *const *argv) |
97 | { | 94 | { |
98 | FILE *test_fd; | 95 | FILE *test_fd; |
99 | unsigned int errorCount = 0; | 96 | unsigned int errorCount = 0; |
100 | 97 | ||
101 | /* gnutls_global_set_log_level(11); */ | 98 | gnutls_global_set_log_level(11); |
102 | if (curl_check_version (MHD_REQ_CURL_VERSION, MHD_REQ_CURL_OPENSSL_VERSION)) | 99 | if (curl_check_version (MHD_REQ_CURL_VERSION, MHD_REQ_CURL_GNUTLS_VERSION)) |
103 | { | 100 | return -1; |
104 | return -1; | ||
105 | } | ||
106 | gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); | ||
107 | |||
108 | if (!gcry_check_version (GCRYPT_VERSION)) | 101 | if (!gcry_check_version (GCRYPT_VERSION)) |
109 | abort (); | 102 | abort (); |
110 | |||
111 | if ((test_fd = setup_test_file ()) == NULL) | 103 | if ((test_fd = setup_test_file ()) == NULL) |
112 | { | 104 | { |
113 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); | 105 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); |
114 | return -1; | 106 | return -1; |
115 | } | 107 | } |
116 | |||
117 | if (0 != curl_global_init (CURL_GLOBAL_ALL)) | 108 | if (0 != curl_global_init (CURL_GLOBAL_ALL)) |
118 | { | 109 | { |
119 | fprintf (stderr, "Error: %s\n", strerror (errno)); | 110 | fprintf (stderr, "Error: %s\n", strerror (errno)); |
120 | fclose (test_fd); | 111 | fclose (test_fd); |
121 | return -1; | 112 | return -1; |
122 | } | 113 | } |
123 | |||
124 | errorCount += | 114 | errorCount += |
125 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); | 115 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); |
126 | errorCount += | 116 | errorCount += |
diff --git a/src/testcurl/https/mhds_get_test_select.c b/src/testcurl/https/mhds_get_test_select.c index 01a92cd0..fd3c0b7b 100644 --- a/src/testcurl/https/mhds_get_test_select.c +++ b/src/testcurl/https/mhds_get_test_select.c | |||
@@ -59,14 +59,12 @@ ahc_echo (void *cls, | |||
59 | if (&ptr != *unused) | 59 | if (&ptr != *unused) |
60 | { | 60 | { |
61 | *unused = &ptr; | 61 | *unused = &ptr; |
62 | fprintf (stderr, "received %s\n", method); | ||
63 | return MHD_YES; | 62 | return MHD_YES; |
64 | } | 63 | } |
65 | *unused = NULL; | 64 | *unused = NULL; |
66 | response = MHD_create_response_from_data (strlen (url), | 65 | response = MHD_create_response_from_data (strlen (url), |
67 | (void *) url, MHD_NO, MHD_YES); | 66 | (void *) url, MHD_NO, MHD_YES); |
68 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); | 67 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); |
69 | fprintf (stderr, "sending reply\n"); | ||
70 | MHD_destroy_response (response); | 68 | MHD_destroy_response (response); |
71 | if (ret == MHD_NO) | 69 | if (ret == MHD_NO) |
72 | abort (); | 70 | abort (); |
diff --git a/src/testcurl/https/mhds_session_info_test.c b/src/testcurl/https/mhds_session_info_test.c index 93985604..a851ab99 100644 --- a/src/testcurl/https/mhds_session_info_test.c +++ b/src/testcurl/https/mhds_session_info_test.c | |||
@@ -48,24 +48,33 @@ query_session_ahc (void *cls, struct MHD_Connection *connection, | |||
48 | { | 48 | { |
49 | struct MHD_Response *response; | 49 | struct MHD_Response *response; |
50 | int ret; | 50 | int ret; |
51 | |||
52 | if (NULL == *ptr) | ||
53 | { | ||
54 | *ptr = &query_session_ahc; | ||
55 | return MHD_YES; | ||
56 | } | ||
51 | 57 | ||
52 | /* assert actual connection cipher is the one negotiated */ | 58 | /* assert actual connection cipher is the one negotiated */ |
53 | if (MHD_get_connection_info | 59 | if (GNUTLS_CIPHER_AES_256_CBC != |
54 | (connection, | 60 | (ret = MHD_get_connection_info |
55 | MHD_CONNECTION_INFO_CIPHER_ALGO)->cipher_algorithm != | 61 | (connection, |
56 | GNUTLS_CIPHER_AES_256_CBC) | 62 | MHD_CONNECTION_INFO_CIPHER_ALGO)->cipher_algorithm)) |
57 | { | 63 | { |
58 | fprintf (stderr, "Error: requested cipher mismatch. %s\n", | 64 | fprintf (stderr, "Error: requested cipher mismatch (wanted %d, got %d)\n", |
59 | strerror (errno)); | 65 | GNUTLS_CIPHER_AES_256_CBC, |
66 | ret); | ||
60 | return -1; | 67 | return -1; |
61 | } | 68 | } |
62 | 69 | ||
63 | if (MHD_get_connection_info | 70 | if (GNUTLS_SSL3 != |
64 | (connection, | 71 | (ret = MHD_get_connection_info |
65 | MHD_CONNECTION_INFO_PROTOCOL)->protocol != GNUTLS_SSL3) | 72 | (connection, |
73 | MHD_CONNECTION_INFO_PROTOCOL)->protocol)) | ||
66 | { | 74 | { |
67 | fprintf (stderr, "Error: requested compression mismatch. %s\n", | 75 | fprintf (stderr, "Error: requested protocol mismatch (wanted %d, got %d)\n", |
68 | strerror (errno)); | 76 | GNUTLS_SSL3, |
77 | ret); | ||
69 | return -1; | 78 | return -1; |
70 | } | 79 | } |
71 | 80 | ||
@@ -99,6 +108,7 @@ test_query_session () | |||
99 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 108 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | |
100 | MHD_USE_DEBUG, DEAMON_TEST_PORT, | 109 | MHD_USE_DEBUG, DEAMON_TEST_PORT, |
101 | NULL, NULL, &query_session_ahc, NULL, | 110 | NULL, NULL, &query_session_ahc, NULL, |
111 | MHD_OPTION_HTTPS_PRIORITIES, "NORMAL:-AES-128-CBC", | ||
102 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 112 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, |
103 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 113 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, |
104 | MHD_OPTION_END); | 114 | MHD_OPTION_END); |
@@ -167,6 +177,7 @@ main (int argc, char *const *argv) | |||
167 | print_test_result (errorCount, argv[0]); | 177 | print_test_result (errorCount, argv[0]); |
168 | 178 | ||
169 | curl_global_cleanup (); | 179 | curl_global_cleanup (); |
170 | 180 | if (errorCount > 0) | |
171 | return errorCount != 0; | 181 | fprintf (stderr, "Error (code: %u)\n", errorCount); |
182 | return errorCount; | ||
172 | } | 183 | } |
diff --git a/src/testcurl/https/tls_daemon_options_test.c b/src/testcurl/https/tls_daemon_options_test.c index 05ee6aed..2d859428 100644 --- a/src/testcurl/https/tls_daemon_options_test.c +++ b/src/testcurl/https/tls_daemon_options_test.c | |||
@@ -28,6 +28,7 @@ | |||
28 | #include "microhttpd.h" | 28 | #include "microhttpd.h" |
29 | #include <sys/stat.h> | 29 | #include <sys/stat.h> |
30 | #include <limits.h> | 30 | #include <limits.h> |
31 | #include <gcrypt.h> | ||
31 | #include "tls_test_common.h" | 32 | #include "tls_test_common.h" |
32 | 33 | ||
33 | extern const char srv_key_pem[]; | 34 | extern const char srv_key_pem[]; |
@@ -40,7 +41,7 @@ int curl_check_version (const char *req_version, ...); | |||
40 | * | 41 | * |
41 | */ | 42 | */ |
42 | /* TODO rm test_fd */ | 43 | /* TODO rm test_fd */ |
43 | static int | 44 | int |
44 | test_unmatching_ssl_version (FILE * test_fd, char *cipher_suite, | 45 | test_unmatching_ssl_version (FILE * test_fd, char *cipher_suite, |
45 | int curl_req_ssl_version) | 46 | int curl_req_ssl_version) |
46 | { | 47 | { |
@@ -79,12 +80,11 @@ main (int argc, char *const *argv) | |||
79 | { | 80 | { |
80 | FILE *test_fd; | 81 | FILE *test_fd; |
81 | unsigned int errorCount = 0; | 82 | unsigned int errorCount = 0; |
82 | unsigned int cpos; | ||
83 | char test_name[64]; | ||
84 | 83 | ||
85 | int daemon_flags = | 84 | int daemon_flags = |
86 | MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG; | 85 | MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | MHD_USE_DEBUG; |
87 | 86 | gcry_control (GCRYCTL_DISABLE_SECMEM, 0); | |
87 | gcry_control (GCRYCTL_ENABLE_QUICK_RANDOM, 0); | ||
88 | if (curl_check_version (MHD_REQ_CURL_VERSION)) | 88 | if (curl_check_version (MHD_REQ_CURL_VERSION)) |
89 | { | 89 | { |
90 | return -1; | 90 | return -1; |
@@ -103,46 +103,39 @@ main (int argc, char *const *argv) | |||
103 | fprintf (stderr, "Error: %s\n", strerror (errno)); | 103 | fprintf (stderr, "Error: %s\n", strerror (errno)); |
104 | return -1; | 104 | return -1; |
105 | } | 105 | } |
106 | #if 0 | ||
107 | errorCount += | ||
108 | test_wrap ("TLS1.0-AES-SHA1", | ||
109 | &test_https_transfer, test_fd, daemon_flags, | ||
110 | "AES128-SHA1", | ||
111 | CURL_SSLVERSION_TLSv1, | ||
112 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
113 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
114 | MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+AES-128-CBC:+SHA1:+RSA:+COMP-NULL", | ||
115 | MHD_OPTION_END); | ||
116 | #endif | ||
117 | #if 0 | ||
118 | errorCount += | ||
119 | test_wrap ("TLS1.0-AES-SHA1", | ||
120 | &test_https_transfer, test_fd, daemon_flags, | ||
121 | "AES128-SHA1", | ||
122 | CURL_SSLVERSION_SSLv3, | ||
123 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
124 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
125 | MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-SSL3.0:+AES-128-CBC:+SHA1:+RSA:+COMP-NULL", | ||
126 | MHD_OPTION_END); | ||
127 | |||
128 | errorCount += | ||
129 | test_wrap ("SSL3.0-AES-SHA1", | ||
130 | &test_https_transfer, test_fd, daemon_flags, | ||
131 | "AES128-SHA1", | ||
132 | CURL_SSLVERSION_SSLv3, | ||
133 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
134 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
135 | MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-SSL3.0:+AES-128-CBC:+SHA1:+RSA:+COMP-NULL", | ||
136 | MHD_OPTION_END); | ||
137 | #endif | ||
106 | 138 | ||
107 | struct CipherDef ciphers[] = { | ||
108 | {{GNUTLS_CIPHER_AES_128_CBC, 0}, "AES128-SHA"}, | ||
109 | {{GNUTLS_CIPHER_ARCFOUR_128, 0}, "RC4-SHA"}, | ||
110 | {{GNUTLS_CIPHER_3DES_CBC, 0}, "3DES-SHA"}, | ||
111 | {{GNUTLS_CIPHER_AES_256_CBC, 0}, "AES256-SHA"}, | ||
112 | {{0, 0}, NULL} | ||
113 | }; | ||
114 | fprintf (stderr, "SHA/TLS tests:\n"); | ||
115 | cpos = 0; | ||
116 | while (ciphers[cpos].curlname != NULL) | ||
117 | { | ||
118 | sprintf (test_name, "%s-TLS", ciphers[cpos].curlname); | ||
119 | errorCount += | ||
120 | test_wrap (test_name, | ||
121 | &test_https_transfer, test_fd, daemon_flags, | ||
122 | ciphers[cpos].curlname, | ||
123 | CURL_SSLVERSION_TLSv1, | ||
124 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
125 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
126 | MHD_OPTION_CIPHER_ALGORITHM, "NORMAL", | ||
127 | MHD_OPTION_END); | ||
128 | cpos++; | ||
129 | } | ||
130 | fprintf (stderr, "SHA/SSL3 tests:\n"); | ||
131 | cpos = 0; | ||
132 | while (ciphers[cpos].curlname != NULL) | ||
133 | { | ||
134 | sprintf (test_name, "%s-SSL3", ciphers[cpos].curlname); | ||
135 | errorCount += | ||
136 | test_wrap (test_name, | ||
137 | &test_https_transfer, test_fd, daemon_flags, | ||
138 | ciphers[cpos].curlname, | ||
139 | CURL_SSLVERSION_SSLv3, | ||
140 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
141 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
142 | MHD_OPTION_CIPHER_ALGORITHM, "NORMAL", | ||
143 | MHD_OPTION_END); | ||
144 | cpos++; | ||
145 | } | ||
146 | #if 0 | 139 | #if 0 |
147 | /* manual inspection of the handshake suggests that CURL will | 140 | /* manual inspection of the handshake suggests that CURL will |
148 | request TLSv1, we send back "SSL3" and CURL takes it *despite* | 141 | request TLSv1, we send back "SSL3" and CURL takes it *despite* |
@@ -158,12 +151,19 @@ main (int argc, char *const *argv) | |||
158 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 151 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, |
159 | MHD_OPTION_CIPHER_ALGORITHM, "SSL3", MHD_OPTION_END); | 152 | MHD_OPTION_CIPHER_ALGORITHM, "SSL3", MHD_OPTION_END); |
160 | #endif | 153 | #endif |
154 | |||
155 | #if 1 | ||
161 | errorCount += | 156 | errorCount += |
162 | test_wrap ("unmatching version: TLS vs. SSL3", &test_unmatching_ssl_version, | 157 | test_wrap ("TLS1.0 vs SSL3", |
163 | test_fd, daemon_flags, "AES256-SHA", CURL_SSLVERSION_SSLv3, | 158 | &test_unmatching_ssl_version, test_fd, daemon_flags, |
164 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 159 | "AES256-SHA", |
165 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 160 | CURL_SSLVERSION_SSLv3, |
166 | MHD_OPTION_CIPHER_ALGORITHM, "SSL3", MHD_OPTION_END); | 161 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, |
162 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
163 | MHD_OPTION_HTTPS_PRIORITIES, "NONE:+VERS-TLS1.0:+AES-256-CBC:+SHA1:+RSA:+COMP-NULL", | ||
164 | MHD_OPTION_END); | ||
165 | #endif | ||
166 | |||
167 | curl_global_cleanup (); | 167 | curl_global_cleanup (); |
168 | fclose (test_fd); | 168 | fclose (test_fd); |
169 | remove (TEST_FILE_NAME); | 169 | remove (TEST_FILE_NAME); |