1 files changed, 82 insertions, 55 deletions
diff --git a/src/testcurl/https/tls_daemon_options_test.c b/src/testcurl/https/tls_daemon_options_test.c
index 95accebb..59205199 100644
--- a/src/testcurl/https/tls_daemon_options_test.c
+++ b/src/testcurl/https/tls_daemon_options_test.c
@@ -32,6 +32,7 @@
 #include "gnutls.h"
 #include <curl/curl.h>
+#define DEBUG_CURL_VERBOSE 0
 #define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"
 #define MHD_E_MEM "Error: memory error\n"
@@ -42,6 +43,7 @@
 #include "tls_test_keys.h"
+const int DEBUG_GNUTLS_LOG_LEVEL = 0;
 const char *test_file_name = "https_test_file";
 const char test_file_data[] = "Hello World\n";
@@ -123,7 +125,7 @@ http_ahc (void *cls, struct MHD_Connection *connection,
 * @param test_fd: file to attempt transfering
 */
 static int
-test_https_transfer (FILE * test_fd, char * cipher_suite, int proto_version)
+test_https_transfer (FILE * test_fd, char *cipher_suite, int proto_version)
 {
  CURL *c;
  CURLcode errornum;
@@ -172,7 +174,7 @@ test_https_transfer (FILE * test_fd, char * cipher_suite, int proto_version)
           doc_path, test_file_name);
  c = curl_easy_init ();
-#ifdef DEBUG
+#if DEBUG_CURL_VERBOSE
  curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
 #endif
  curl_easy_setopt (c, CURLOPT_URL, url);
@@ -249,14 +251,11 @@ setupTestFile ()
 }
 static int
-setup (struct MHD_Daemon **d, enum MHD_OPTION option, void * value )
+setup (struct MHD_Daemon **d, va_list arg_list)
 {
-  *d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
+  *d = MHD_start_daemon_va (MHD_USE_THREAD_PER_CONNECTION | MHD_USE_SSL |
-                         MHD_USE_DEBUG, 42433,
+                            MHD_USE_DEBUG, 42433, "127.0.0.1",
-                         NULL, NULL, &http_ahc, NULL,
+                            NULL, NULL, &http_ahc, NULL, arg_list);
-                         MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
-                         MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
-                         option, value, MHD_OPTION_END);
  if (*d == NULL)
    {
@@ -273,19 +272,37 @@ teardown (struct MHD_Daemon *d)
  MHD_stop_daemon (d);
 }
+/* TODO test_wrap: change sig to (setup_func, test, va_list test_arg) & move to test_util.c */
 int
-test_wrap (int
+test_wrap (char *test_name, int
           (*test) (FILE * test_fd, char *cipher_suite, int proto_version),
-           FILE * test_fd, char *cipher_suite, int proto_version,
+           FILE * test_fd, char *cipher_suite, int proto_version, ...)
-           enum MHD_OPTION option, void * value)
 {
  int ret;
+  va_list arg_list;
  struct MHD_Daemon *d;
-  if (setup (&d, option, value) != 0)
+  va_start (arg_list, proto_version);
-    return -1;
+  if (setup (&d, arg_list) != 0)
+    {
+      va_end (arg_list);
+      return -1;
+    }
+  fprintf (stdout, "running test: %s ", test_name);
  ret = test (test_fd, cipher_suite, proto_version);
+  if (ret == 0)
+    {
+      fprintf (stdout, "[pass]\n");
+    }
+  else
+    {
+      fprintf (stdout, "[fail]\n");
+    }
  teardown (d);
+  va_end (arg_list);
  return ret;
 }
@@ -336,6 +353,9 @@ test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version)
  return ret;
 }
+/*
+ * test server refuses to negotiate connections with unsupported protocol versions
+ */
 int
 test_protocol_version (FILE * test_fd, char *cipher_suite,
                       int curl_proto_version)
@@ -344,7 +364,7 @@ test_protocol_version (FILE * test_fd, char *cipher_suite,
  CURLcode errornum;
  c = curl_easy_init ();
-#ifdef DEBUG
+#if DEBUG_CURL_VERBOSE
  curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
 #endif
  curl_easy_setopt (c, CURLOPT_URL, "https://localhost:42433/");
@@ -384,7 +404,7 @@ main (int argc, char *const *argv)
  FILE *test_fd;
  unsigned int errorCount = 0;
-  gnutls_global_set_log_level(11);
+  gnutls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL);
  if (curl_check_version (MHD_REQ_CURL_VERSION))
    {
@@ -403,54 +423,61 @@ main (int argc, char *const *argv)
      return -1;
    }
-  int mac[] = {MHD_GNUTLS_MAC_SHA1, 0};
+  int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 };
-  int p [] = {MHD_GNUTLS_SSL3, 0};
+  int p[] = { MHD_GNUTLS_SSL3, 0 };
  int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 };
-  int kx[] = { MHD_GNUTLS_KX_DHE_RSA, 0 };
+  int kx[] = { MHD_GNUTLS_KX_ANON_DH, 0 };
-//  errorCount +=
-//    test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
-//               CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0);
-//  errorCount +=
-//    test_wrap (&test_file_certificates, test_fd, "AES256-SHA",
-//               CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0);
-//
-//  errorCount +=
-//    test_wrap (&test_protocol_version, test_fd, "AES256-SHA",
-//               CURL_SSLVERSION_TLSv1, MHD_OPTION_PROTOCOL_VERSION, p);
-//
-//  errorCount +=
-//     test_wrap (&test_https_transfer, test_fd, "DES-CBC3-SHA",
-//                CURL_SSLVERSION_TLSv1, MHD_OPTION_CIPHER_ALGORITHM, cipher);
  errorCount +=
-          test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
+    test_wrap ("https_transfer", &test_https_transfer, test_fd, "AES256-SHA",
-                    CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, mac);
+               CURL_SSLVERSION_TLSv1,
+               MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
-  //  errorCount +=
+               MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
-  //         test_wrap (&test_https_transfer, test_fd, "EDH-RSA-DES-CBC3-SHA",
+               MHD_OPTION_END);
-  //                    CURL_SSLVERSION_TLSv1, MHD_OPTION_KX_PRIORITY, kx);
+  errorCount +=
+    test_wrap ("file certificates", &test_file_certificates, test_fd,
+               "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
+               srv_self_signed_cert_pem, MHD_OPTION_END);
+  errorCount +=
+    test_wrap ("protocol_version", &test_protocol_version, test_fd,
+               "AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
+               srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
+               srv_self_signed_cert_pem, MHD_OPTION_PROTOCOL_VERSION, p,
+               MHD_OPTION_END);
+  errorCount +=
+    test_wrap ("cipher DES-CBC3-SHA", &test_https_transfer, test_fd,
+               "DES-CBC3-SHA", CURL_SSLVERSION_TLSv1,
+               MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+               MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
+               MHD_OPTION_CIPHER_ALGORITHM, cipher, MHD_OPTION_END);
+  errorCount +=
+    test_wrap ("mac SH1", &test_https_transfer, test_fd, "AES256-SHA",
+               CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+               MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
+               MHD_OPTION_MAC_ALGO, mac, MHD_OPTION_END);
+  errorCount +=
+    test_wrap ("kx ANON_DH", &test_https_transfer, test_fd,
+               "ADH-DES-CBC3-SHA", CURL_SSLVERSION_TLSv1,
+               MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
+               MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
+               MHD_OPTION_CRED_TYPE, MHD_GNUTLS_CRD_ANON,
+               MHD_OPTION_CIPHER_ALGORITHM, cipher, MHD_OPTION_KX_PRIORITY,
+               kx, MHD_OPTION_END);
  /*gnutls_mac_algorithm_t mac[] = {
-                                  {MHD_GNUTLS_MAC_MD5, 0}, 0};
+     {MHD_GNUTLS_MAC_MD5, 0}, 0};
-  gnutls_mac_algorithm_t * cur_mac;
+     gnutls_mac_algorithm_t * cur_mac;
-  for ( cur_mac = &mac[0]; (*cur_mac) != 0; cur_mac++ ){
-    option[0] = MHD_GNUTLS_MAC_SHA1;
-    errorCount +=
-        test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
-                  CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, option);
-  }*/
+     for ( cur_mac = &mac[0]; (*cur_mac) != 0; cur_mac++ ){
+     option[0] = MHD_GNUTLS_MAC_SHA1;
+     errorCount +=
+     test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
+     CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, option);
+     } */
  if (errorCount != 0)
    fprintf (stderr, "Failed test: %s.\n", argv[0]);
-  else
-    {
-      fprintf (stderr, "ok\n");
-    }
  curl_global_cleanup ();
  fclose (test_fd);

diff --git a/src/testcurl/https/tls_daemon_options_test.c b/src/testcurl/https/tls_daemon_options_test.c index 95accebb..59205199 100644 --- a/src/testcurl/https/tls_daemon_options_test.c +++ b/src/testcurl/https/tls_daemon_options_test.c
@@ -32,6 +32,7 @@
32	#include "gnutls.h"	32	#include "gnutls.h"
33	#include <curl/curl.h>	33	#include <curl/curl.h>
34		34
		35	#define DEBUG_CURL_VERBOSE 0
35	#define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"	36	#define PAGE_NOT_FOUND "<html><head><title>File not found</title></head><body>File not found</body></html>"
36		37
37	#define MHD_E_MEM "Error: memory error\n"	38	#define MHD_E_MEM "Error: memory error\n"
@@ -42,6 +43,7 @@
42		43
43	#include "tls_test_keys.h"	44	#include "tls_test_keys.h"
44		45
		46	const int DEBUG_GNUTLS_LOG_LEVEL = 0;
45	const char *test_file_name = "https_test_file";	47	const char *test_file_name = "https_test_file";
46	const char test_file_data[] = "Hello World\n";	48	const char test_file_data[] = "Hello World\n";
47		49
@@ -123,7 +125,7 @@ http_ahc (void cls, struct MHD_Connection connection,
123	* @param test_fd: file to attempt transfering	125	* @param test_fd: file to attempt transfering
124	*/	126	*/
125	static int	127	static int
126	test_https_transfer (FILE * test_fd, char * cipher_suite, int proto_version)	128	test_https_transfer (FILE * test_fd, char *cipher_suite, int proto_version)
127	{	129	{
128	CURL *c;	130	CURL *c;
129	CURLcode errornum;	131	CURLcode errornum;
@@ -172,7 +174,7 @@ test_https_transfer (FILE * test_fd, char * cipher_suite, int proto_version)
172	doc_path, test_file_name);	174	doc_path, test_file_name);
173		175
174	c = curl_easy_init ();	176	c = curl_easy_init ();
175	#ifdef DEBUG	177	#if DEBUG_CURL_VERBOSE
176	curl_easy_setopt (c, CURLOPT_VERBOSE, 1);	178	curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
177	#endif	179	#endif
178	curl_easy_setopt (c, CURLOPT_URL, url);	180	curl_easy_setopt (c, CURLOPT_URL, url);
@@ -249,14 +251,11 @@ setupTestFile ()
249	}	251	}
250		252
251	static int	253	static int
252	setup (struct MHD_Daemon *d, enum MHD_OPTION option, void value )	254	setup (struct MHD_Daemon **d, va_list arg_list)
253	{	255	{
254	*d = MHD_start_daemon (MHD_USE_THREAD_PER_CONNECTION \| MHD_USE_SSL \|	256	*d = MHD_start_daemon_va (MHD_USE_THREAD_PER_CONNECTION \| MHD_USE_SSL \|
255	MHD_USE_DEBUG, 42433,	257	MHD_USE_DEBUG, 42433, "127.0.0.1",
256	NULL, NULL, &http_ahc, NULL,	258	NULL, NULL, &http_ahc, NULL, arg_list);
257	MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
258	MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
259	option, value, MHD_OPTION_END);
260		259
261	if (*d == NULL)	260	if (*d == NULL)
262	{	261	{
@@ -273,19 +272,37 @@ teardown (struct MHD_Daemon *d)
273	MHD_stop_daemon (d);	272	MHD_stop_daemon (d);
274	}	273	}
275		274
		275	/* TODO test_wrap: change sig to (setup_func, test, va_list test_arg) & move to test_util.c */
276	int	276	int
277	test_wrap (int	277	test_wrap (char *test_name, int
278	(test) (FILE test_fd, char *cipher_suite, int proto_version),	278	(test) (FILE test_fd, char *cipher_suite, int proto_version),
279	FILE * test_fd, char *cipher_suite, int proto_version,	279	FILE * test_fd, char *cipher_suite, int proto_version, ...)
280	enum MHD_OPTION option, void * value)
281	{	280	{
282	int ret;	281	int ret;
		282	va_list arg_list;
283	struct MHD_Daemon *d;	283	struct MHD_Daemon *d;
284		284
285	if (setup (&d, option, value) != 0)	285	va_start (arg_list, proto_version);
286	return -1;	286	if (setup (&d, arg_list) != 0)
		287	{
		288	va_end (arg_list);
		289	return -1;
		290	}
		291
		292	fprintf (stdout, "running test: %s ", test_name);
287	ret = test (test_fd, cipher_suite, proto_version);	293	ret = test (test_fd, cipher_suite, proto_version);
		294
		295	if (ret == 0)
		296	{
		297	fprintf (stdout, "[pass]\n");
		298	}
		299	else
		300	{
		301	fprintf (stdout, "[fail]\n");
		302	}
		303
288	teardown (d);	304	teardown (d);
		305	va_end (arg_list);
289	return ret;	306	return ret;
290	}	307	}
291		308
@@ -336,6 +353,9 @@ test_file_certificates (FILE * test_fd, char *cipher_suite, int proto_version)
336	return ret;	353	return ret;
337	}	354	}
338		355
		356	/*
		357	* test server refuses to negotiate connections with unsupported protocol versions
		358	*/
339	int	359	int
340	test_protocol_version (FILE * test_fd, char *cipher_suite,	360	test_protocol_version (FILE * test_fd, char *cipher_suite,
341	int curl_proto_version)	361	int curl_proto_version)
@@ -344,7 +364,7 @@ test_protocol_version (FILE * test_fd, char *cipher_suite,
344	CURLcode errornum;	364	CURLcode errornum;
345		365
346	c = curl_easy_init ();	366	c = curl_easy_init ();
347	#ifdef DEBUG	367	#if DEBUG_CURL_VERBOSE
348	curl_easy_setopt (c, CURLOPT_VERBOSE, 1);	368	curl_easy_setopt (c, CURLOPT_VERBOSE, 1);
349	#endif	369	#endif
350	curl_easy_setopt (c, CURLOPT_URL, "https://localhost:42433/");	370	curl_easy_setopt (c, CURLOPT_URL, "https://localhost:42433/");
@@ -384,7 +404,7 @@ main (int argc, char const argv)
384	FILE *test_fd;	404	FILE *test_fd;
385	unsigned int errorCount = 0;	405	unsigned int errorCount = 0;
386		406
387	gnutls_global_set_log_level(11);	407	gnutls_global_set_log_level (DEBUG_GNUTLS_LOG_LEVEL);
388		408
389	if (curl_check_version (MHD_REQ_CURL_VERSION))	409	if (curl_check_version (MHD_REQ_CURL_VERSION))
390	{	410	{
@@ -403,54 +423,61 @@ main (int argc, char const argv)
403	return -1;	423	return -1;
404	}	424	}
405		425
406	int mac[] = {MHD_GNUTLS_MAC_SHA1, 0};	426	int mac[] = { MHD_GNUTLS_MAC_SHA1, 0 };
407	int p [] = {MHD_GNUTLS_SSL3, 0};	427	int p[] = { MHD_GNUTLS_SSL3, 0 };
408	int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 };	428	int cipher[] = { MHD_GNUTLS_CIPHER_3DES_CBC, 0 };
409	int kx[] = { MHD_GNUTLS_KX_DHE_RSA, 0 };	429	int kx[] = { MHD_GNUTLS_KX_ANON_DH, 0 };
410
411
412	// errorCount +=
413	// test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
414	// CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0);
415	// errorCount +=
416	// test_wrap (&test_file_certificates, test_fd, "AES256-SHA",
417	// CURL_SSLVERSION_TLSv1, MHD_OPTION_END, 0);
418	//
419	// errorCount +=
420	// test_wrap (&test_protocol_version, test_fd, "AES256-SHA",
421	// CURL_SSLVERSION_TLSv1, MHD_OPTION_PROTOCOL_VERSION, p);
422	//
423	// errorCount +=
424	// test_wrap (&test_https_transfer, test_fd, "DES-CBC3-SHA",
425	// CURL_SSLVERSION_TLSv1, MHD_OPTION_CIPHER_ALGORITHM, cipher);
426		430
427	errorCount +=	431	errorCount +=
428	test_wrap (&test_https_transfer, test_fd, "AES256-SHA",	432	test_wrap ("https_transfer", &test_https_transfer, test_fd, "AES256-SHA",
429	CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, mac);	433	CURL_SSLVERSION_TLSv1,
430		434	MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
431	// errorCount +=	435	MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
432	// test_wrap (&test_https_transfer, test_fd, "EDH-RSA-DES-CBC3-SHA",	436	MHD_OPTION_END);
433	// CURL_SSLVERSION_TLSv1, MHD_OPTION_KX_PRIORITY, kx);	437	errorCount +=
		438	test_wrap ("file certificates", &test_file_certificates, test_fd,
		439	"AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
		440	srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
		441	srv_self_signed_cert_pem, MHD_OPTION_END);
		442	errorCount +=
		443	test_wrap ("protocol_version", &test_protocol_version, test_fd,
		444	"AES256-SHA", CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY,
		445	srv_key_pem, MHD_OPTION_HTTPS_MEM_CERT,
		446	srv_self_signed_cert_pem, MHD_OPTION_PROTOCOL_VERSION, p,
		447	MHD_OPTION_END);
		448	errorCount +=
		449	test_wrap ("cipher DES-CBC3-SHA", &test_https_transfer, test_fd,
		450	"DES-CBC3-SHA", CURL_SSLVERSION_TLSv1,
		451	MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
		452	MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
		453	MHD_OPTION_CIPHER_ALGORITHM, cipher, MHD_OPTION_END);
		454	errorCount +=
		455	test_wrap ("mac SH1", &test_https_transfer, test_fd, "AES256-SHA",
		456	CURL_SSLVERSION_TLSv1, MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
		457	MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
		458	MHD_OPTION_MAC_ALGO, mac, MHD_OPTION_END);
		459	errorCount +=
		460	test_wrap ("kx ANON_DH", &test_https_transfer, test_fd,
		461	"ADH-DES-CBC3-SHA", CURL_SSLVERSION_TLSv1,
		462	MHD_OPTION_HTTPS_MEM_KEY, srv_key_pem,
		463	MHD_OPTION_HTTPS_MEM_CERT, srv_self_signed_cert_pem,
		464	MHD_OPTION_CRED_TYPE, MHD_GNUTLS_CRD_ANON,
		465	MHD_OPTION_CIPHER_ALGORITHM, cipher, MHD_OPTION_KX_PRIORITY,
		466	kx, MHD_OPTION_END);
434		467
435	/*gnutls_mac_algorithm_t mac[] = {	468	/*gnutls_mac_algorithm_t mac[] = {
436	{MHD_GNUTLS_MAC_MD5, 0}, 0};	469	{MHD_GNUTLS_MAC_MD5, 0}, 0};
437	gnutls_mac_algorithm_t * cur_mac;	470	gnutls_mac_algorithm_t * cur_mac;
438
439	for ( cur_mac = &mac[0]; (*cur_mac) != 0; cur_mac++ ){
440	option[0] = MHD_GNUTLS_MAC_SHA1;
441	errorCount +=
442	test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
443	CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, option);
444	}*/
445
446		471
		472	for ( cur_mac = &mac[0]; (*cur_mac) != 0; cur_mac++ ){
		473	option[0] = MHD_GNUTLS_MAC_SHA1;
		474	errorCount +=
		475	test_wrap (&test_https_transfer, test_fd, "AES256-SHA",
		476	CURL_SSLVERSION_TLSv1, MHD_OPTION_MAC_ALGO, option);
		477	} */
447		478
448	if (errorCount != 0)	479	if (errorCount != 0)
449	fprintf (stderr, "Failed test: %s.\n", argv[0]);	480	fprintf (stderr, "Failed test: %s.\n", argv[0]);
450	else
451	{
452	fprintf (stderr, "ok\n");
453	}
454		481
455	curl_global_cleanup ();	482	curl_global_cleanup ();
456	fclose (test_fd);	483	fclose (test_fd);