diff options
author | lv-426 <oxcafebaby@yahoo.com> | 2008-08-02 22:17:12 +0000 |
---|---|---|
committer | lv-426 <oxcafebaby@yahoo.com> | 2008-08-02 22:17:12 +0000 |
commit | ae588bb3c84708b17d75d3ab2ccaf5e972c28fde (patch) | |
tree | abcddff8a5f883291bf2fee10c9ceb21b9e8e345 /src | |
parent | a0026eb09eb0b6687ca55a6bf6a019b54f55d330 (diff) | |
download | libmicrohttpd-ae588bb3c84708b17d75d3ab2ccaf5e972c28fde.tar.gz libmicrohttpd-ae588bb3c84708b17d75d3ab2ccaf5e972c28fde.zip |
added MHD_daemon_start_va
better daemon option testing through tls_option_test
other misc fixes
Diffstat (limited to 'src')
-rw-r--r-- | src/daemon/daemon.c | 66 | ||||
-rw-r--r-- | src/daemon/https/tls/gnutls_alert.c | 4 | ||||
-rw-r--r-- | src/include/microhttpd.h | 21 | ||||
-rw-r--r-- | src/testcurl/Makefile.am | 1 | ||||
-rw-r--r-- | src/testcurl/curl_version_check.c | 6 | ||||
-rw-r--r-- | src/testcurl/https/Makefile.am | 16 | ||||
-rw-r--r-- | src/testcurl/https/tls_daemon_options_test.c (renamed from src/testcurl/https/mhds_get_test.c) | 270 | ||||
-rw-r--r-- | src/testcurl/https/tls_session_time_out_test.c | 1 |
8 files changed, 223 insertions, 162 deletions
diff --git a/src/daemon/daemon.c b/src/daemon/daemon.c index 5d192567..34a9bac6 100644 --- a/src/daemon/daemon.c +++ b/src/daemon/daemon.c | |||
@@ -59,7 +59,7 @@ | |||
59 | #if HTTPS_SUPPORT | 59 | #if HTTPS_SUPPORT |
60 | /* initialize security aspects of the HTTPS daemon */ | 60 | /* initialize security aspects of the HTTPS daemon */ |
61 | static int | 61 | static int |
62 | MHDS_init (struct MHD_Daemon *daemon) | 62 | MHD_TLS_init (struct MHD_Daemon *daemon) |
63 | { | 63 | { |
64 | int i; | 64 | int i; |
65 | priority_st st; | 65 | priority_st st; |
@@ -305,7 +305,7 @@ gnutls_push_param_adapter (void *connection, | |||
305 | */ | 305 | */ |
306 | #if HTTPS_SUPPORT | 306 | #if HTTPS_SUPPORT |
307 | static void * | 307 | static void * |
308 | MHDS_handle_connection (void *data) | 308 | MHD_TLS_handle_connection (void *data) |
309 | { | 309 | { |
310 | struct MHD_Connection *con = data; | 310 | struct MHD_Connection *con = data; |
311 | 311 | ||
@@ -489,7 +489,7 @@ MHD_accept_connection (struct MHD_Daemon *daemon) | |||
489 | #if HTTPS_SUPPORT | 489 | #if HTTPS_SUPPORT |
490 | if (daemon->options & MHD_USE_SSL) | 490 | if (daemon->options & MHD_USE_SSL) |
491 | res_thread_create = pthread_create (&connection->pid, NULL, | 491 | res_thread_create = pthread_create (&connection->pid, NULL, |
492 | &MHDS_handle_connection, | 492 | &MHD_TLS_handle_connection, |
493 | connection); | 493 | connection); |
494 | else | 494 | else |
495 | #endif | 495 | #endif |
@@ -767,11 +767,11 @@ MHD_select_thread (void *cls) | |||
767 | * @return NULL on error, handle to daemon on success | 767 | * @return NULL on error, handle to daemon on success |
768 | */ | 768 | */ |
769 | struct MHD_Daemon * | 769 | struct MHD_Daemon * |
770 | MHD_start_daemon (unsigned int options, | 770 | MHD_start_daemon_va (unsigned int options, |
771 | unsigned short port, | 771 | unsigned short port, |
772 | MHD_AcceptPolicyCallback apc, | 772 | MHD_AcceptPolicyCallback apc, |
773 | void *apc_cls, | 773 | void *apc_cls, |
774 | MHD_AccessHandlerCallback dh, void *dh_cls, ...) | 774 | MHD_AccessHandlerCallback dh, void *dh_cls, va_list ap) |
775 | { | 775 | { |
776 | const int on = 1; | 776 | const int on = 1; |
777 | struct MHD_Daemon *retVal; | 777 | struct MHD_Daemon *retVal; |
@@ -783,7 +783,6 @@ MHD_start_daemon (unsigned int options, | |||
783 | struct sockaddr_in6 servaddr6; | 783 | struct sockaddr_in6 servaddr6; |
784 | const struct sockaddr *servaddr; | 784 | const struct sockaddr *servaddr; |
785 | socklen_t addrlen; | 785 | socklen_t addrlen; |
786 | va_list ap; | ||
787 | enum MHD_OPTION opt; | 786 | enum MHD_OPTION opt; |
788 | 787 | ||
789 | if ((port == 0) || (dh == NULL)) | 788 | if ((port == 0) || (dh == NULL)) |
@@ -879,7 +878,7 @@ MHD_start_daemon (unsigned int options, | |||
879 | } | 878 | } |
880 | #endif | 879 | #endif |
881 | /* initializes the argument pointer variable */ | 880 | /* initializes the argument pointer variable */ |
882 | va_start (ap, dh_cls); | 881 | |
883 | /* | 882 | /* |
884 | * loop through daemon options | 883 | * loop through daemon options |
885 | */ | 884 | */ |
@@ -905,6 +904,10 @@ MHD_start_daemon (unsigned int options, | |||
905 | retVal->per_ip_connection_limit = va_arg (ap, unsigned int); | 904 | retVal->per_ip_connection_limit = va_arg (ap, unsigned int); |
906 | break; | 905 | break; |
907 | #if HTTPS_SUPPORT | 906 | #if HTTPS_SUPPORT |
907 | case MHD_OPTION_PROTOCOL_VERSION: | ||
908 | _set_priority (&retVal->priority_cache->protocol, | ||
909 | va_arg (ap, const int *)); | ||
910 | break; | ||
908 | case MHD_OPTION_HTTPS_KEY_PATH: | 911 | case MHD_OPTION_HTTPS_KEY_PATH: |
909 | retVal->https_key_path = va_arg (ap, const char *); | 912 | retVal->https_key_path = va_arg (ap, const char *); |
910 | break; | 913 | break; |
@@ -925,13 +928,17 @@ MHD_start_daemon (unsigned int options, | |||
925 | _set_priority (&retVal->priority_cache->cipher, | 928 | _set_priority (&retVal->priority_cache->cipher, |
926 | va_arg (ap, const int *)); | 929 | va_arg (ap, const int *)); |
927 | break; | 930 | break; |
931 | case MHD_OPTION_MAC_ALGO: | ||
932 | _set_priority (&retVal->priority_cache->mac, | ||
933 | va_arg (ap, const int *)); | ||
934 | break; | ||
928 | #endif | 935 | #endif |
929 | default: | 936 | default: |
930 | #if HAVE_MESSAGES | 937 | #if HAVE_MESSAGES |
931 | if (opt > MHD_HTTPS_OPTION_START && opt < MHD_HTTPS_OPTION_END) | 938 | if (opt > MHD_HTTPS_OPTION_START && opt < MHD_HTTPS_OPTION_END) |
932 | { | 939 | { |
933 | fprintf (stderr, | 940 | fprintf (stderr, |
934 | "Error: HTTPS option given while compiling without HTTPS support\n"); | 941 | "Error: HTTPS option %d passed to non HTTPS daemon\n", opt); |
935 | } | 942 | } |
936 | else | 943 | else |
937 | { | 944 | { |
@@ -942,18 +949,19 @@ MHD_start_daemon (unsigned int options, | |||
942 | abort (); | 949 | abort (); |
943 | } | 950 | } |
944 | } | 951 | } |
952 | |||
945 | #if HTTPS_SUPPORT | 953 | #if HTTPS_SUPPORT |
946 | /* initialize HTTPS daemon certificate aspects & send / recv functions */ | 954 | /* initialize HTTPS daemon certificate aspects & send / recv functions */ |
947 | if (options & MHD_USE_SSL && MHD_NO == MHDS_init (retVal)) | 955 | if (options & MHD_USE_SSL && MHD_NO == MHD_TLS_init (retVal)) |
948 | { | 956 | { |
949 | #if HAVE_MESSAGES | 957 | #if HAVE_MESSAGES |
950 | MHD_DLOG (retVal, "Failed to initialize MHDS\n", STRERROR (errno)); | 958 | MHD_DLOG (retVal, "Failed to initialize HTTPS daemon\n"); |
951 | #endif | 959 | #endif |
952 | free (retVal); | 960 | free (retVal); |
953 | return NULL; | 961 | return NULL; |
954 | } | 962 | } |
955 | #endif | 963 | #endif |
956 | va_end (ap); | 964 | |
957 | if (((0 != (options & MHD_USE_THREAD_PER_CONNECTION)) || (0 != (options | 965 | if (((0 != (options & MHD_USE_THREAD_PER_CONNECTION)) || (0 != (options |
958 | & | 966 | & |
959 | MHD_USE_SELECT_INTERNALLY))) | 967 | MHD_USE_SELECT_INTERNALLY))) |
@@ -972,6 +980,36 @@ MHD_start_daemon (unsigned int options, | |||
972 | return retVal; | 980 | return retVal; |
973 | } | 981 | } |
974 | 982 | ||
983 | struct MHD_Daemon * | ||
984 | MHD_start_daemon (unsigned int options, | ||
985 | unsigned short port, | ||
986 | MHD_AcceptPolicyCallback apc, | ||
987 | void *apc_cls, | ||
988 | MHD_AccessHandlerCallback dh, void *dh_cls, ...){ | ||
989 | |||
990 | int ret; | ||
991 | va_list ap; | ||
992 | va_start (ap, dh_cls); | ||
993 | ret = MHD_start_daemon_va (options, | ||
994 | port, | ||
995 | apc, | ||
996 | apc_cls, | ||
997 | dh, dh_cls, ap); | ||
998 | va_end (ap); | ||
999 | return ret; | ||
1000 | } | ||
1001 | |||
1002 | /** | ||
1003 | * Start a webserver on the given port. | ||
1004 | * | ||
1005 | * @param port port to bind to | ||
1006 | * @param apc callback to call to check which clients | ||
1007 | * will be allowed to connect | ||
1008 | * @param apc_cls extra argument to apc | ||
1009 | * @param dh default handler for all URIs | ||
1010 | * @param dh_cls extra argument to dh | ||
1011 | * @return NULL on error, handle to daemon on success | ||
1012 | */ | ||
975 | /** | 1013 | /** |
976 | * Shutdown an http daemon. | 1014 | * Shutdown an http daemon. |
977 | */ | 1015 | */ |
diff --git a/src/daemon/https/tls/gnutls_alert.c b/src/daemon/https/tls/gnutls_alert.c index 75f9dcd2..dfa35f85 100644 --- a/src/daemon/https/tls/gnutls_alert.c +++ b/src/daemon/https/tls/gnutls_alert.c | |||
@@ -144,8 +144,8 @@ gnutls_alert_send (gnutls_session_t session, gnutls_alert_level_t level, | |||
144 | * | 144 | * |
145 | * Returns an alert depending on the error code returned by a gnutls | 145 | * Returns an alert depending on the error code returned by a gnutls |
146 | * function. All alerts sent by this function should be considered fatal. | 146 | * function. All alerts sent by this function should be considered fatal. |
147 | * The only exception is when err == GNUTLS_E_REHANDSHAKE, where a warning | 147 | * The only exception is when err == GNUTLS_E_REHANDSHAKE, where a warning |
148 | * alert should be sent to the peer indicating that no renegotiation will | 148 | * alert should be sent to the peer indicating that no renegotiation will |
149 | * be performed. | 149 | * be performed. |
150 | * | 150 | * |
151 | * If there is no mapping to a valid alert the alert to indicate internal error | 151 | * If there is no mapping to a valid alert the alert to indicate internal error |
diff --git a/src/include/microhttpd.h b/src/include/microhttpd.h index ad8b1e77..cb6993c8 100644 --- a/src/include/microhttpd.h +++ b/src/include/microhttpd.h | |||
@@ -380,6 +380,15 @@ enum MHD_OPTION | |||
380 | MHD_OPTION_HTTPS_MEM_CERT, | 380 | MHD_OPTION_HTTPS_MEM_CERT, |
381 | 381 | ||
382 | /* | 382 | /* |
383 | * SSL/TLS protocol version | ||
384 | * | ||
385 | * Memory pointer to a zero terminated int array representing the | ||
386 | * protocol versions to this server should support. Unsupported | ||
387 | * requests will be droped by the server. | ||
388 | */ | ||
389 | MHD_OPTION_PROTOCOL_VERSION, | ||
390 | |||
391 | /* | ||
383 | * Memory pointer to a zero terminated int array representing the | 392 | * Memory pointer to a zero terminated int array representing the |
384 | * cipher priority order to which the HTTPS daemon should adhere. | 393 | * cipher priority order to which the HTTPS daemon should adhere. |
385 | * "const int *" argument. | 394 | * "const int *" argument. |
@@ -703,6 +712,18 @@ typedef int | |||
703 | * terminated with MHD_OPTION_END). | 712 | * terminated with MHD_OPTION_END). |
704 | * @return NULL on error, handle to daemon on success | 713 | * @return NULL on error, handle to daemon on success |
705 | */ | 714 | */ |
715 | struct MHD_Daemon * | ||
716 | MHD_start_daemon_va (unsigned int options, | ||
717 | unsigned short port, | ||
718 | MHD_AcceptPolicyCallback apc, | ||
719 | void *apc_cls, | ||
720 | MHD_AccessHandlerCallback dh, void *dh_cls, va_list ap); | ||
721 | |||
722 | |||
723 | /* | ||
724 | * Variadic version of MHD_start_daemon_va. This function will delegate calls | ||
725 | * to MHD_start_daemon_va() once argument list is analyzed. | ||
726 | */ | ||
706 | struct MHD_Daemon *MHD_start_daemon (unsigned int flags, | 727 | struct MHD_Daemon *MHD_start_daemon (unsigned int flags, |
707 | unsigned short port, | 728 | unsigned short port, |
708 | MHD_AcceptPolicyCallback apc, | 729 | MHD_AcceptPolicyCallback apc, |
diff --git a/src/testcurl/Makefile.am b/src/testcurl/Makefile.am index cb8172b0..f5c9b236 100644 --- a/src/testcurl/Makefile.am +++ b/src/testcurl/Makefile.am | |||
@@ -38,7 +38,6 @@ libcurl_version_check_a_CPPFLAGS = \ | |||
38 | -I$(top_srcdir)/src/daemon/https \ | 38 | -I$(top_srcdir)/src/daemon/https \ |
39 | $(LIBCURL_CPPFLAGS) | 39 | $(LIBCURL_CPPFLAGS) |
40 | 40 | ||
41 | |||
42 | daemontest_get_SOURCES = \ | 41 | daemontest_get_SOURCES = \ |
43 | daemontest_get.c | 42 | daemontest_get.c |
44 | daemontest_get_LDADD = \ | 43 | daemontest_get_LDADD = \ |
diff --git a/src/testcurl/curl_version_check.c b/src/testcurl/curl_version_check.c index 20587bf2..8847d035 100644 --- a/src/testcurl/curl_version_check.c +++ b/src/testcurl/curl_version_check.c | |||
@@ -89,7 +89,7 @@ curl_check_version (const char *req_version) | |||
89 | fprintf (stderr, "curl version: %s\n", ver); | 89 | fprintf (stderr, "curl version: %s\n", ver); |
90 | #endif | 90 | #endif |
91 | /* | 91 | /* |
92 | * this call relies on the cURL string to be of the format : | 92 | * this call relies on the cURL string to be of the exact following format : |
93 | * 'libcurl/7.16.4 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/0.6.5' OR | 93 | * 'libcurl/7.16.4 OpenSSL/0.9.8g zlib/1.2.3.3 libidn/0.6.5' OR |
94 | * 'libcurl/7.18.2 GnuTLS/2.4.0 zlib/1.2.3.3 libidn/0.6.5' | 94 | * 'libcurl/7.18.2 GnuTLS/2.4.0 zlib/1.2.3.3 libidn/0.6.5' |
95 | */ | 95 | */ |
@@ -118,7 +118,7 @@ curl_check_version (const char *req_version) | |||
118 | * TODO use curl version string to assert use of gnutls | 118 | * TODO use curl version string to assert use of gnutls |
119 | */ | 119 | */ |
120 | #if HTTPS_SUPPORT | 120 | #if HTTPS_SUPPORT |
121 | ssl_ver = strchr (curl_ver, '\ ') + 1; | 121 | ssl_ver = strchr (curl_ver, ' ') + 1; |
122 | 122 | ||
123 | if (strncmp ("GnuTLS", ssl_ver, strlen ("GNUtls")) == 0) | 123 | if (strncmp ("GnuTLS", ssl_ver, strlen ("GNUtls")) == 0) |
124 | { | 124 | { |
@@ -132,7 +132,7 @@ curl_check_version (const char *req_version) | |||
132 | } | 132 | } |
133 | else | 133 | else |
134 | { | 134 | { |
135 | fprintf (stderr, "Error: unrecognized curl ssl library\n", req_ssl_ver); | 135 | fprintf (stderr, "Error: unrecognized curl ssl library\n"); |
136 | return -1; | 136 | return -1; |
137 | } | 137 | } |
138 | 138 | ||
diff --git a/src/testcurl/https/Makefile.am b/src/testcurl/https/Makefile.am index 827b0e7c..73698996 100644 --- a/src/testcurl/https/Makefile.am +++ b/src/testcurl/https/Makefile.am | |||
@@ -12,7 +12,7 @@ $(LIBCURL_CPPFLAGS) | |||
12 | check_PROGRAMS = \ | 12 | check_PROGRAMS = \ |
13 | tls_session_time_out_test \ | 13 | tls_session_time_out_test \ |
14 | tls_cipher_change_test \ | 14 | tls_cipher_change_test \ |
15 | mhds_get_test \ | 15 | tls_daemon_options_test \ |
16 | tls_alert_test \ | 16 | tls_alert_test \ |
17 | tls_authentication_test \ | 17 | tls_authentication_test \ |
18 | mhds_multi_daemon_test \ | 18 | mhds_multi_daemon_test \ |
@@ -20,6 +20,13 @@ mhds_session_info_test | |||
20 | 20 | ||
21 | TESTS = $(check_PROGRAMS) | 21 | TESTS = $(check_PROGRAMS) |
22 | 22 | ||
23 | tls_daemon_options_test_SOURCES = \ | ||
24 | tls_daemon_options_test.c | ||
25 | tls_daemon_options_test_LDADD = \ | ||
26 | $(top_builddir)/src/testcurl/libcurl_version_check.a \ | ||
27 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | ||
28 | @LIBCURL@ | ||
29 | |||
23 | tls_session_time_out_test_SOURCES = \ | 30 | tls_session_time_out_test_SOURCES = \ |
24 | tls_session_time_out_test.c | 31 | tls_session_time_out_test.c |
25 | tls_session_time_out_test_LDADD = \ | 32 | tls_session_time_out_test_LDADD = \ |
@@ -45,13 +52,6 @@ tls_authentication_test_LDADD = \ | |||
45 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | 52 | $(top_builddir)/src/daemon/libmicrohttpd.la \ |
46 | @LIBCURL@ | 53 | @LIBCURL@ |
47 | 54 | ||
48 | mhds_get_test_SOURCES = \ | ||
49 | mhds_get_test.c | ||
50 | mhds_get_test_LDADD = \ | ||
51 | $(top_builddir)/src/testcurl/libcurl_version_check.a \ | ||
52 | $(top_builddir)/src/daemon/libmicrohttpd.la \ | ||
53 | @LIBCURL@ | ||
54 | |||
55 | mhds_session_info_test_SOURCES = \ | 55 | mhds_session_info_test_SOURCES = \ |
56 | mhds_session_info_test.c | 56 | mhds_session_info_test.c |
57 | mhds_session_info_test_LDADD = \ | 57 | mhds_session_info_test_LDADD = \ |
diff --git a/src/testcurl/https/mhds_get_test.c b/src/testcurl/https/tls_daemon_options_test.c index bac6b895..95accebb 100644 --- a/src/testcurl/https/mhds_get_test.c +++ b/src/testcurl/https/tls_daemon_options_test.c | |||
@@ -123,11 +123,11 @@ http_ahc (void *cls, struct MHD_Connection *connection, | |||
123 | * @param test_fd: file to attempt transfering | 123 | * @param test_fd: file to attempt transfering |
124 | */ | 124 | */ |
125 | static int | 125 | static int |
126 | test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | 126 | test_https_transfer (FILE * test_fd, char * cipher_suite, int proto_version) |
127 | { | 127 | { |
128 | CURL *c; | 128 | CURL *c; |
129 | struct CBC cbc; | ||
130 | CURLcode errornum; | 129 | CURLcode errornum; |
130 | struct CBC cbc; | ||
131 | char *doc_path; | 131 | char *doc_path; |
132 | char url[255]; | 132 | char url[255]; |
133 | struct stat statb; | 133 | struct stat statb; |
@@ -177,8 +177,8 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
177 | #endif | 177 | #endif |
178 | curl_easy_setopt (c, CURLOPT_URL, url); | 178 | curl_easy_setopt (c, CURLOPT_URL, url); |
179 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); | 179 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); |
180 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 2L); | 180 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 5L); |
181 | curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 2L); | 181 | curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 5L); |
182 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); | 182 | curl_easy_setopt (c, CURLOPT_WRITEFUNCTION, ©Buffer); |
183 | curl_easy_setopt (c, CURLOPT_FILE, &cbc); | 183 | curl_easy_setopt (c, CURLOPT_FILE, &cbc); |
184 | 184 | ||
@@ -220,30 +220,77 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
220 | return 0; | 220 | return 0; |
221 | } | 221 | } |
222 | 222 | ||
223 | /* perform a HTTP GET request via SSL/TLS */ | 223 | FILE * |
224 | int | 224 | setupTestFile () |
225 | test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version) | ||
226 | { | 225 | { |
227 | int ret; | 226 | FILE *test_fd; |
228 | struct MHD_Daemon *d; | ||
229 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
230 | MHD_USE_DEBUG, 42433, | ||
231 | NULL, NULL, &http_ahc, NULL, | ||
232 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
233 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
234 | MHD_OPTION_END); | ||
235 | 227 | ||
236 | if (d == NULL) | 228 | if (NULL == (test_fd = fopen (test_file_name, "w+"))) |
229 | { | ||
230 | fprintf (stderr, "Error: failed to open `%s': %s\n", | ||
231 | test_file_name, strerror (errno)); | ||
232 | return NULL; | ||
233 | } | ||
234 | if (fwrite (test_file_data, sizeof (char), strlen (test_file_data), test_fd) | ||
235 | != strlen (test_file_data)) | ||
236 | { | ||
237 | fprintf (stderr, "Error: failed to write `%s. %s'\n", | ||
238 | test_file_name, strerror (errno)); | ||
239 | return NULL; | ||
240 | } | ||
241 | if (fflush (test_fd)) | ||
242 | { | ||
243 | fprintf (stderr, "Error: failed to flush test file stream. %s\n", | ||
244 | strerror (errno)); | ||
245 | return NULL; | ||
246 | } | ||
247 | |||
248 | return test_fd; | ||
249 | } | ||
250 | |||
251 | static int | ||
252 | setup (struct MHD_Daemon **d, enum MHD_OPTION option, void * value ) | ||
253 | { | ||
254 | *d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
255 | MHD_USE_DEBUG, 42433, | ||
256 | NULL, NULL, &http_ahc, NULL, | ||
257 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
258 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
259 | option, value, MHD_OPTION_END); | ||
260 | |||
261 | if (*d == NULL) | ||
237 | { | 262 | { |
238 | fprintf (stderr, MHD_E_SERVER_INIT); | 263 | fprintf (stderr, MHD_E_SERVER_INIT); |
239 | return -1; | 264 | return -1; |
240 | } | 265 | } |
241 | 266 | ||
242 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | 267 | return 0; |
268 | } | ||
269 | |||
270 | static void | ||
271 | teardown (struct MHD_Daemon *d) | ||
272 | { | ||
243 | MHD_stop_daemon (d); | 273 | MHD_stop_daemon (d); |
274 | } | ||
275 | |||
276 | int | ||
277 | test_wrap (int | ||
278 | (*test) (FILE * test_fd, char *cipher_suite, int proto_version), | ||
279 | FILE * test_fd, char *cipher_suite, int proto_version, | ||
280 | enum MHD_OPTION option, void * value) | ||
281 | { | ||
282 | int ret; | ||
283 | struct MHD_Daemon *d; | ||
284 | |||
285 | if (setup (&d, option, value) != 0) | ||
286 | return -1; | ||
287 | ret = test (test_fd, cipher_suite, proto_version); | ||
288 | teardown (d); | ||
244 | return ret; | 289 | return ret; |
245 | } | 290 | } |
246 | 291 | ||
292 | /* perform a HTTP GET request via SSL/TLS */ | ||
293 | |||
247 | /* test loading of key & certificate files */ | 294 | /* test loading of key & certificate files */ |
248 | int | 295 | int |
249 | test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version) | 296 | test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version) |
@@ -275,21 +322,13 @@ test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version) | |||
275 | fclose (key_fd); | 322 | fclose (key_fd); |
276 | fclose (cert_fd); | 323 | fclose (cert_fd); |
277 | 324 | ||
278 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
279 | MHD_USE_DEBUG, 42433, | ||
280 | NULL, NULL, &http_ahc, NULL, | ||
281 | MHD_OPTION_HTTPS_KEY_PATH, key_path, | ||
282 | MHD_OPTION_HTTPS_CERT_PATH, cert_path, | ||
283 | MHD_OPTION_END); | ||
284 | |||
285 | if (d == NULL) | 325 | if (d == NULL) |
286 | { | 326 | { |
287 | fprintf (stderr, MHD_E_SERVER_INIT); | 327 | fprintf (stderr, MHD_E_SERVER_INIT); |
288 | return -1; | 328 | return -1; |
289 | } | 329 | } |
290 | 330 | ||
291 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | 331 | ret = test_https_transfer (test_fd, cipher_suite, proto_version); |
292 | MHD_stop_daemon (d); | ||
293 | 332 | ||
294 | free (cur_dir); | 333 | free (cur_dir); |
295 | remove (cert_path); | 334 | remove (cert_path); |
@@ -298,123 +337,54 @@ test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version) | |||
298 | } | 337 | } |
299 | 338 | ||
300 | int | 339 | int |
301 | test_cipher_option (FILE * test_fd, char *cipher_suite, int proto_version) | 340 | test_protocol_version (FILE * test_fd, char *cipher_suite, |
341 | int curl_proto_version) | ||
302 | { | 342 | { |
343 | CURL *c; | ||
344 | CURLcode errornum; | ||
303 | 345 | ||
304 | int ret; | 346 | c = curl_easy_init (); |
305 | int ciper[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 }; | 347 | #ifdef DEBUG |
306 | struct MHD_Daemon *d; | 348 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); |
307 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 349 | #endif |
308 | MHD_USE_DEBUG, 42433, | 350 | curl_easy_setopt (c, CURLOPT_URL, "https://localhost:42433/"); |
309 | NULL, NULL, &http_ahc, NULL, | 351 | curl_easy_setopt (c, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_0); |
310 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 352 | curl_easy_setopt (c, CURLOPT_TIMEOUT, 5L); |
311 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | 353 | curl_easy_setopt (c, CURLOPT_CONNECTTIMEOUT, 5L); |
312 | MHD_OPTION_CIPHER_ALGORITHM, ciper, MHD_OPTION_END); | ||
313 | |||
314 | if (d == NULL) | ||
315 | { | ||
316 | fprintf (stderr, MHD_E_SERVER_INIT); | ||
317 | return -1; | ||
318 | } | ||
319 | |||
320 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | ||
321 | |||
322 | MHD_stop_daemon (d); | ||
323 | return ret; | ||
324 | } | ||
325 | |||
326 | int | ||
327 | test_kx_option (FILE * test_fd, char *cipher_suite, int proto_version) | ||
328 | { | ||
329 | |||
330 | int ret; | ||
331 | int ciper[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 }; | ||
332 | int kx[] = { MHD_GNUTLS_KX_DHE_RSA, 0 }; | ||
333 | struct MHD_Daemon *d; | ||
334 | |||
335 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | ||
336 | MHD_USE_DEBUG, 42433, | ||
337 | NULL, NULL, &http_ahc, NULL, | ||
338 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | ||
339 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
340 | MHD_OPTION_KX_PRIORITY, kx, | ||
341 | MHD_OPTION_CIPHER_ALGORITHM, ciper, MHD_OPTION_END); | ||
342 | |||
343 | if (d == NULL) | ||
344 | { | ||
345 | fprintf (stderr, MHD_E_SERVER_INIT); | ||
346 | return -1; | ||
347 | } | ||
348 | |||
349 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | ||
350 | |||
351 | MHD_stop_daemon (d); | ||
352 | return ret; | ||
353 | } | ||
354 | 354 | ||
355 | int | 355 | /* TLS options */ |
356 | test_mac_option (FILE * test_fd, char *cipher_suite, int proto_version) | 356 | curl_easy_setopt (c, CURLOPT_SSLVERSION, curl_proto_version); |
357 | { | 357 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, cipher_suite); |
358 | 358 | ||
359 | int ret; | 359 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 0); |
360 | int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 }; | 360 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYHOST, 0); |
361 | struct MHD_Daemon *d; | 361 | curl_easy_setopt (c, CURLOPT_FAILONERROR, 1); |
362 | 362 | ||
363 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 363 | /* NOTE: use of CONNECTTIMEOUT without also |
364 | MHD_USE_DEBUG, 42433, | 364 | setting NOSIGNAL results in really weird |
365 | NULL, NULL, &http_ahc, NULL, | 365 | crashes on my system! */ |
366 | MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem, | 366 | curl_easy_setopt (c, CURLOPT_NOSIGNAL, 1); |
367 | MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem, | ||
368 | MHD_OPTION_MAC_ALGO, mac, MHD_OPTION_END); | ||
369 | 367 | ||
370 | if (d == NULL) | 368 | /* assert daemon rejected request */ |
369 | if (CURLE_OK == (errornum = curl_easy_perform (c))) | ||
371 | { | 370 | { |
372 | fprintf (stderr, MHD_E_SERVER_INIT); | 371 | fprintf (stderr, "curl_easy_perform failed: `%s'\n", |
372 | curl_easy_strerror (errornum)); | ||
373 | curl_easy_cleanup (c); | ||
373 | return -1; | 374 | return -1; |
374 | } | 375 | } |
375 | 376 | ||
376 | ret = test_daemon_get (test_fd, cipher_suite, proto_version); | 377 | return 0; |
377 | |||
378 | MHD_stop_daemon (d); | ||
379 | return ret; | ||
380 | } | 378 | } |
381 | 379 | ||
382 | /* setup a temporary transfer test file */ | 380 | /* setup a temporary transfer test file */ |
383 | FILE * | ||
384 | setupTestFile () | ||
385 | { | ||
386 | FILE *test_fd; | ||
387 | |||
388 | if (NULL == (test_fd = fopen (test_file_name, "w+"))) | ||
389 | { | ||
390 | fprintf (stderr, "Error: failed to open `%s': %s\n", | ||
391 | test_file_name, strerror (errno)); | ||
392 | return NULL; | ||
393 | } | ||
394 | if (fwrite (test_file_data, sizeof (char), strlen (test_file_data), test_fd) | ||
395 | != strlen (test_file_data)) | ||
396 | { | ||
397 | fprintf (stderr, "Error: failed to write `%s. %s'\n", | ||
398 | test_file_name, strerror (errno)); | ||
399 | return NULL; | ||
400 | } | ||
401 | if (fflush (test_fd)) | ||
402 | { | ||
403 | fprintf (stderr, "Error: failed to flush test file stream. %s\n", | ||
404 | strerror (errno)); | ||
405 | return NULL; | ||
406 | } | ||
407 | |||
408 | return test_fd; | ||
409 | } | ||
410 | |||
411 | int | 381 | int |
412 | main (int argc, char *const *argv) | 382 | main (int argc, char *const *argv) |
413 | { | 383 | { |
414 | FILE *test_fd; | 384 | FILE *test_fd; |
415 | unsigned int errorCount = 0; | 385 | unsigned int errorCount = 0; |
416 | 386 | ||
417 | /* gnutls_global_set_log_level(11); */ | 387 | gnutls_global_set_log_level(11); |
418 | 388 | ||
419 | if (curl_check_version (MHD_REQ_CURL_VERSION)) | 389 | if (curl_check_version (MHD_REQ_CURL_VERSION)) |
420 | { | 390 | { |
@@ -433,20 +403,54 @@ main (int argc, char *const *argv) | |||
433 | return -1; | 403 | return -1; |
434 | } | 404 | } |
435 | 405 | ||
436 | errorCount += | 406 | int mac[] = {MHD_GNUTLS_MAC_SHA1, 0}; |
437 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); | 407 | int p [] = {MHD_GNUTLS_SSL3, 0}; |
438 | errorCount += | 408 | int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 }; |
439 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3); | 409 | int kx[] = { MHD_GNUTLS_KX_DHE_RSA, 0 }; |
440 | errorCount += | 410 | |
441 | test_file_certificates (test_fd, "AES256-SHA", CURL_SSLVERSION_SSLv3); | 411 | |
442 | /* TODO resolve cipher setting issue when compiling against GNU TLS */ | 412 | // errorCount += |
413 | // test_wrap (&test_https_transfer, test_fd, "AES256-SHA", | ||
414 | // CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0); | ||
443 | // errorCount += | 415 | // errorCount += |
444 | // test_cipher_option (test_fd, "DES-CBC3-SHA", CURL_SSLVERSION_TLSv1); | 416 | // test_wrap (&test_file_certificates, test_fd, "AES256-SHA", |
417 | // CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0); | ||
418 | // | ||
445 | // errorCount += | 419 | // errorCount += |
446 | // test_kx_option (test_fd, "EDH-RSA-DES-CBC3-SHA", CURL_SSLVERSION_TLSv1); | 420 | // test_wrap (&test_protocol_version, test_fd, "AES256-SHA", |
421 | // CURL_SSLVERSION_TLSv1, MHD_OPTION_PROTOCOL_VERSION, p); | ||
422 | // | ||
423 | // errorCount += | ||
424 | // test_wrap (&test_https_transfer, test_fd, "DES-CBC3-SHA", | ||
425 | // CURL_SSLVERSION_TLSv1, MHD_OPTION_CIPHER_ALGORITHM, cipher); | ||
426 | |||
427 | errorCount += | ||
428 | test_wrap (&test_https_transfer, test_fd, "AES256-SHA", | ||
429 | CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, mac); | ||
430 | |||
431 | // errorCount += | ||
432 | // test_wrap (&test_https_transfer, test_fd, "EDH-RSA-DES-CBC3-SHA", | ||
433 | // CURL_SSLVERSION_TLSv1, MHD_OPTION_KX_PRIORITY, kx); | ||
434 | |||
435 | /*gnutls_mac_algorithm_t mac[] = { | ||
436 | {MHD_GNUTLS_MAC_MD5, 0}, 0}; | ||
437 | gnutls_mac_algorithm_t * cur_mac; | ||
438 | |||
439 | for ( cur_mac = &mac[0]; (*cur_mac) != 0; cur_mac++ ){ | ||
440 | option[0] = MHD_GNUTLS_MAC_SHA1; | ||
441 | errorCount += | ||
442 | test_wrap (&test_https_transfer, test_fd, "AES256-SHA", | ||
443 | CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, option); | ||
444 | }*/ | ||
445 | |||
446 | |||
447 | 447 | ||
448 | if (errorCount != 0) | 448 | if (errorCount != 0) |
449 | fprintf (stderr, "Failed test: %s.\n", argv[0]); | 449 | fprintf (stderr, "Failed test: %s.\n", argv[0]); |
450 | else | ||
451 | { | ||
452 | fprintf (stderr, "ok\n"); | ||
453 | } | ||
450 | 454 | ||
451 | curl_global_cleanup (); | 455 | curl_global_cleanup (); |
452 | fclose (test_fd); | 456 | fclose (test_fd); |
diff --git a/src/testcurl/https/tls_session_time_out_test.c b/src/testcurl/https/tls_session_time_out_test.c index 5650be55..846bdd10 100644 --- a/src/testcurl/https/tls_session_time_out_test.c +++ b/src/testcurl/https/tls_session_time_out_test.c | |||
@@ -128,7 +128,6 @@ test_tls_session_time_out (gnutls_session_t session) | |||
128 | 128 | ||
129 | sleep (TIME_OUT + 1); | 129 | sleep (TIME_OUT + 1); |
130 | 130 | ||
131 | |||
132 | /* check that server has closed the connection */ | 131 | /* check that server has closed the connection */ |
133 | /* TODO better RST trigger */ | 132 | /* TODO better RST trigger */ |
134 | if (send (sd, "", 1, 0) == 0) | 133 | if (send (sd, "", 1, 0) == 0) |