diff options
Diffstat (limited to 'src/testcurl/https/tls_authentication_test.c')
-rw-r--r-- | src/testcurl/https/tls_authentication_test.c | 179 |
1 files changed, 23 insertions, 156 deletions
diff --git a/src/testcurl/https/tls_authentication_test.c b/src/testcurl/https/tls_authentication_test.c index 6e8cf0af..c5e2ea7c 100644 --- a/src/testcurl/https/tls_authentication_test.c +++ b/src/testcurl/https/tls_authentication_test.c | |||
@@ -30,93 +30,17 @@ | |||
30 | #include <limits.h> | 30 | #include <limits.h> |
31 | #include <sys/stat.h> | 31 | #include <sys/stat.h> |
32 | 32 | ||
33 | #define DEBUG_CURL_VERBOSE 0 | 33 | #include "tls_test_common.h" |
34 | #define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>" | ||
35 | |||
36 | #define MHD_E_MEM "Error: memory error\n" | ||
37 | #define MHD_E_SERVER_INIT "Error: failed to start server\n" | ||
38 | #define MHD_E_TEST_FILE_CREAT "Error: failed to setup test file\n" | ||
39 | |||
40 | #include "tls_test_keys.h" | ||
41 | 34 | ||
42 | extern int curl_check_version (const char *req_version, ...); | 35 | extern int curl_check_version (const char *req_version, ...); |
36 | extern const char test_file_data[]; | ||
43 | 37 | ||
44 | const int DEBUG_GNUTLS_LOG_LEVEL = 6; | 38 | extern const char ca_key_pem[]; |
45 | const char *ca_cert_file_name = "ca_cert_pem"; | 39 | extern const char ca_cert_pem[]; |
46 | const char *test_file_name = "https_test_file"; | 40 | extern const char srv_signed_cert_pem[]; |
47 | const char test_file_data[] = "Hello World\n"; | 41 | extern const char srv_signed_key_pem[]; |
48 | |||
49 | |||
50 | struct CBC | ||
51 | { | ||
52 | char *buf; | ||
53 | size_t pos; | ||
54 | size_t size; | ||
55 | }; | ||
56 | |||
57 | static size_t | ||
58 | copyBuffer (void *ptr, size_t size, size_t nmemb, void *ctx) | ||
59 | { | ||
60 | struct CBC *cbc = ctx; | ||
61 | |||
62 | if (cbc->pos + size * nmemb > cbc->size) | ||
63 | return 0; /* overflow */ | ||
64 | memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb); | ||
65 | cbc->pos += size * nmemb; | ||
66 | return size * nmemb; | ||
67 | } | ||
68 | |||
69 | static int | ||
70 | file_reader (void *cls, size_t pos, char *buf, int max) | ||
71 | { | ||
72 | FILE *file = cls; | ||
73 | fseek (file, pos, SEEK_SET); | ||
74 | return fread (buf, 1, max, file); | ||
75 | } | ||
76 | 42 | ||
77 | /* HTTP access handler call back */ | 43 | const char *ca_cert_file_name = "ca_cert_pem"; |
78 | static int | ||
79 | http_ahc (void *cls, struct MHD_Connection *connection, | ||
80 | const char *url, const char *method, const char *upload_data, | ||
81 | const char *version, unsigned int *upload_data_size, void **ptr) | ||
82 | { | ||
83 | static int aptr; | ||
84 | struct MHD_Response *response; | ||
85 | int ret; | ||
86 | FILE *file; | ||
87 | struct stat buf; | ||
88 | |||
89 | if (0 != strcmp (method, MHD_HTTP_METHOD_GET)) | ||
90 | return MHD_NO; /* unexpected method */ | ||
91 | if (&aptr != *ptr) | ||
92 | { | ||
93 | /* do never respond on first call */ | ||
94 | *ptr = &aptr; | ||
95 | return MHD_YES; | ||
96 | } | ||
97 | *ptr = NULL; /* reset when done */ | ||
98 | |||
99 | file = fopen (url, "r"); | ||
100 | if (file == NULL) | ||
101 | { | ||
102 | response = MHD_create_response_from_data (strlen (PAGE_NOT_FOUND), | ||
103 | (void *) PAGE_NOT_FOUND, | ||
104 | MHD_NO, MHD_NO); | ||
105 | ret = MHD_queue_response (connection, MHD_HTTP_NOT_FOUND, response); | ||
106 | MHD_destroy_response (response); | ||
107 | } | ||
108 | else | ||
109 | { | ||
110 | stat (url, &buf); | ||
111 | response = MHD_create_response_from_callback (buf.st_size, 32 * 1024, /* 32k PAGE_NOT_FOUND size */ | ||
112 | &file_reader, file, | ||
113 | (MHD_ContentReaderFreeCallback) | ||
114 | & fclose); | ||
115 | ret = MHD_queue_response (connection, MHD_HTTP_OK, response); | ||
116 | MHD_destroy_response (response); | ||
117 | } | ||
118 | return ret; | ||
119 | } | ||
120 | 44 | ||
121 | /* | 45 | /* |
122 | * test HTTPS transfer | 46 | * test HTTPS transfer |
@@ -128,37 +52,19 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
128 | CURL *c; | 52 | CURL *c; |
129 | struct CBC cbc; | 53 | struct CBC cbc; |
130 | CURLcode errornum; | 54 | CURLcode errornum; |
131 | char *doc_path; | ||
132 | size_t doc_path_len; | ||
133 | char url[255]; | 55 | char url[255]; |
134 | struct stat statb; | 56 | struct stat statb; |
135 | 57 | ||
136 | stat (test_file_name, &statb); | 58 | stat (TEST_FILE_NAME, &statb); |
137 | 59 | ||
138 | int len = statb.st_size; | 60 | int len = statb.st_size; |
139 | 61 | ||
140 | /* used to memcmp local copy & deamon supplied copy */ | 62 | /* used to memcmp local copy & deamon supplied copy */ |
141 | unsigned char *mem_test_file_local; | 63 | unsigned char *mem_test_file_local; |
142 | 64 | ||
143 | /* setup test file path, url */ | ||
144 | doc_path_len = PATH_MAX > 4096 ? 4096 : PATH_MAX; | ||
145 | if (NULL == (doc_path = malloc (doc_path_len))) | ||
146 | { | ||
147 | fprintf (stderr, MHD_E_MEM); | ||
148 | return -1; | ||
149 | } | ||
150 | if (getcwd (doc_path, doc_path_len) == NULL) | ||
151 | { | ||
152 | fprintf (stderr, "Error: failed to get working directory. %s\n", | ||
153 | strerror (errno)); | ||
154 | free (doc_path); | ||
155 | return -1; | ||
156 | } | ||
157 | |||
158 | if (NULL == (mem_test_file_local = malloc (len))) | 65 | if (NULL == (mem_test_file_local = malloc (len))) |
159 | { | 66 | { |
160 | fprintf (stderr, MHD_E_MEM); | 67 | fprintf (stderr, MHD_E_MEM); |
161 | free (doc_path); | ||
162 | return -1; | 68 | return -1; |
163 | } | 69 | } |
164 | 70 | ||
@@ -167,7 +73,6 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
167 | { | 73 | { |
168 | fprintf (stderr, "Error: failed to read test file. %s\n", | 74 | fprintf (stderr, "Error: failed to read test file. %s\n", |
169 | strerror (errno)); | 75 | strerror (errno)); |
170 | free (doc_path); | ||
171 | free (mem_test_file_local); | 76 | free (mem_test_file_local); |
172 | return -1; | 77 | return -1; |
173 | } | 78 | } |
@@ -175,7 +80,6 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
175 | if (NULL == (cbc.buf = malloc (sizeof (char) * len))) | 80 | if (NULL == (cbc.buf = malloc (sizeof (char) * len))) |
176 | { | 81 | { |
177 | fprintf (stderr, MHD_E_MEM); | 82 | fprintf (stderr, MHD_E_MEM); |
178 | free (doc_path); | ||
179 | free (mem_test_file_local); | 83 | free (mem_test_file_local); |
180 | return -1; | 84 | return -1; |
181 | } | 85 | } |
@@ -183,11 +87,10 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
183 | cbc.pos = 0; | 87 | cbc.pos = 0; |
184 | 88 | ||
185 | /* construct url - this might use doc_path */ | 89 | /* construct url - this might use doc_path */ |
186 | sprintf (url, "%s%s/%s", "https://localhost:42433", | 90 | gen_test_file_url (url, DEAMON_TEST_PORT); |
187 | doc_path, test_file_name); | ||
188 | 91 | ||
189 | c = curl_easy_init (); | 92 | c = curl_easy_init (); |
190 | #if DEBUG_CURL_VERBOSE | 93 | #if DEBUG_HTTPS_TEST |
191 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); | 94 | curl_easy_setopt (c, CURLOPT_VERBOSE, 1); |
192 | #endif | 95 | #endif |
193 | curl_easy_setopt (c, CURLOPT_URL, url); | 96 | curl_easy_setopt (c, CURLOPT_URL, url); |
@@ -202,6 +105,7 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
202 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, cipher_suite); | 105 | curl_easy_setopt (c, CURLOPT_SSL_CIPHER_LIST, cipher_suite); |
203 | 106 | ||
204 | /* perform peer authentication */ | 107 | /* perform peer authentication */ |
108 | /* TODO merge into send_curl_req */ | ||
205 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 1); | 109 | curl_easy_setopt (c, CURLOPT_SSL_VERIFYPEER, 1); |
206 | curl_easy_setopt (c, CURLOPT_CAINFO, ca_cert_file_name); | 110 | curl_easy_setopt (c, CURLOPT_CAINFO, ca_cert_file_name); |
207 | 111 | ||
@@ -218,9 +122,8 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
218 | fprintf (stderr, "curl_easy_perform failed: `%s'\n", | 122 | fprintf (stderr, "curl_easy_perform failed: `%s'\n", |
219 | curl_easy_strerror (errornum)); | 123 | curl_easy_strerror (errornum)); |
220 | curl_easy_cleanup (c); | 124 | curl_easy_cleanup (c); |
221 | free (cbc.buf); | ||
222 | free (doc_path); | ||
223 | free (mem_test_file_local); | 125 | free (mem_test_file_local); |
126 | free (cbc.buf); | ||
224 | return errornum; | 127 | return errornum; |
225 | } | 128 | } |
226 | 129 | ||
@@ -231,13 +134,11 @@ test_daemon_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
231 | fprintf (stderr, "Error: local file & received file differ.\n"); | 134 | fprintf (stderr, "Error: local file & received file differ.\n"); |
232 | free (cbc.buf); | 135 | free (cbc.buf); |
233 | free (mem_test_file_local); | 136 | free (mem_test_file_local); |
234 | free (doc_path); | ||
235 | return -1; | 137 | return -1; |
236 | } | 138 | } |
237 | 139 | ||
238 | free (mem_test_file_local); | 140 | free (mem_test_file_local); |
239 | free (cbc.buf); | 141 | free (cbc.buf); |
240 | free (doc_path); | ||
241 | return 0; | 142 | return 0; |
242 | } | 143 | } |
243 | 144 | ||
@@ -249,7 +150,7 @@ test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
249 | struct MHD_Daemon *d; | 150 | struct MHD_Daemon *d; |
250 | 151 | ||
251 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | | 152 | d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL | |
252 | MHD_USE_DEBUG, 42433, | 153 | MHD_USE_DEBUG, DEAMON_TEST_PORT, |
253 | NULL, NULL, &http_ahc, NULL, | 154 | NULL, NULL, &http_ahc, NULL, |
254 | MHD_OPTION_HTTPS_MEM_KEY, srv_signed_key_pem, | 155 | MHD_OPTION_HTTPS_MEM_KEY, srv_signed_key_pem, |
255 | MHD_OPTION_HTTPS_MEM_CERT, srv_signed_cert_pem, | 156 | MHD_OPTION_HTTPS_MEM_CERT, srv_signed_cert_pem, |
@@ -267,65 +168,34 @@ test_secure_get (FILE * test_fd, char *cipher_suite, int proto_version) | |||
267 | return ret; | 168 | return ret; |
268 | } | 169 | } |
269 | 170 | ||
270 | /* setup a temporary transfer test file */ | ||
271 | static FILE * | ||
272 | setupTestFile () | ||
273 | { | ||
274 | FILE *test_fd; | ||
275 | |||
276 | if (NULL == (test_fd = fopen (test_file_name, "w+"))) | ||
277 | { | ||
278 | fprintf (stderr, "Error: failed to open `%s': %s\n", | ||
279 | test_file_name, strerror (errno)); | ||
280 | return NULL; | ||
281 | } | ||
282 | if (fwrite (test_file_data, sizeof (char), strlen (test_file_data), test_fd) | ||
283 | != strlen (test_file_data)) | ||
284 | { | ||
285 | fprintf (stderr, "Error: failed to write `%s. %s'\n", | ||
286 | test_file_name, strerror (errno)); | ||
287 | fclose (test_fd); | ||
288 | return NULL; | ||
289 | } | ||
290 | if (fflush (test_fd)) | ||
291 | { | ||
292 | fprintf (stderr, "Error: failed to flush test file stream. %s\n", | ||
293 | strerror (errno)); | ||
294 | fclose (test_fd); | ||
295 | return NULL; | ||
296 | } | ||
297 | |||
298 | return test_fd; | ||
299 | } | ||
300 | |||
301 | static FILE * | 171 | static FILE * |
302 | setup_ca_cert () | 172 | setup_ca_cert () |
303 | { | 173 | { |
304 | FILE *fd; | 174 | FILE *cert_fd; |
305 | 175 | ||
306 | if (NULL == (fd = fopen (ca_cert_file_name, "w+"))) | 176 | if (NULL == (cert_fd = fopen (ca_cert_file_name, "w+"))) |
307 | { | 177 | { |
308 | fprintf (stderr, "Error: failed to open `%s': %s\n", | 178 | fprintf (stderr, "Error: failed to open `%s': %s\n", |
309 | ca_cert_file_name, strerror (errno)); | 179 | ca_cert_file_name, strerror (errno)); |
310 | return NULL; | 180 | return NULL; |
311 | } | 181 | } |
312 | if (fwrite (ca_cert_pem, sizeof (char), strlen (ca_cert_pem), fd) | 182 | if (fwrite (ca_cert_pem, sizeof (char), strlen (ca_cert_pem), cert_fd) |
313 | != strlen (ca_cert_pem)) | 183 | != strlen (ca_cert_pem)) |
314 | { | 184 | { |
315 | fprintf (stderr, "Error: failed to write `%s. %s'\n", | 185 | fprintf (stderr, "Error: failed to write `%s. %s'\n", |
316 | ca_cert_file_name, strerror (errno)); | 186 | ca_cert_file_name, strerror (errno)); |
317 | fclose (fd); | 187 | fclose (cert_fd); |
318 | return NULL; | 188 | return NULL; |
319 | } | 189 | } |
320 | if (fflush (fd)) | 190 | if (fflush (cert_fd)) |
321 | { | 191 | { |
322 | fprintf (stderr, "Error: failed to flush ca cert file stream. %s\n", | 192 | fprintf (stderr, "Error: failed to flush ca cert file stream. %s\n", |
323 | strerror (errno)); | 193 | strerror (errno)); |
324 | fclose (fd); | 194 | fclose (cert_fd); |
325 | return NULL; | 195 | return NULL; |
326 | } | 196 | } |
327 | 197 | ||
328 | return fd; | 198 | return cert_fd; |
329 | } | 199 | } |
330 | 200 | ||
331 | int | 201 | int |
@@ -339,14 +209,12 @@ main (int argc, char *const *argv) | |||
339 | return -1; | 209 | return -1; |
340 | } | 210 | } |
341 | 211 | ||
342 | if ((test_fd = setupTestFile ()) == NULL) | 212 | if ((test_fd = setup_test_file ()) == NULL || setup_ca_cert () == NULL) |
343 | { | 213 | { |
344 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); | 214 | fprintf (stderr, MHD_E_TEST_FILE_CREAT); |
345 | return -1; | 215 | return -1; |
346 | } | 216 | } |
347 | 217 | ||
348 | setup_ca_cert (); | ||
349 | |||
350 | if (0 != curl_global_init (CURL_GLOBAL_ALL)) | 218 | if (0 != curl_global_init (CURL_GLOBAL_ALL)) |
351 | { | 219 | { |
352 | fprintf (stderr, "Error (code: %u)\n", errorCount); | 220 | fprintf (stderr, "Error (code: %u)\n", errorCount); |
@@ -357,13 +225,12 @@ main (int argc, char *const *argv) | |||
357 | errorCount += | 225 | errorCount += |
358 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); | 226 | test_secure_get (test_fd, "AES256-SHA", CURL_SSLVERSION_TLSv1); |
359 | 227 | ||
360 | if (errorCount != 0) | 228 | print_test_result (errorCount, argv[0]); |
361 | fprintf (stderr, "Failed test: %s.\n", argv[0]); | ||
362 | 229 | ||
363 | curl_global_cleanup (); | 230 | curl_global_cleanup (); |
364 | fclose (test_fd); | 231 | fclose (test_fd); |
365 | 232 | ||
366 | remove (test_file_name); | 233 | remove (TEST_FILE_NAME); |
367 | remove (ca_cert_file_name); | 234 | remove (ca_cert_file_name); |
368 | return errorCount != 0; | 235 | return errorCount != 0; |
369 | } | 236 | } |