tests/ssl-test.c

   1 #ifdef HAVE_CONFIG_H
   2 #include "config.h"
   3 #endif
   4
   5 #include "libsoup/soup.h"
   6
   7 #include "test-utils.h"
   8
   9 static void
  10 do_properties_test_for_session (SoupSession *session, char *uri)
  11 {
  12         SoupMessage *msg;
  13         GTlsCertificate *cert;
  14         GTlsCertificateFlags flags;
  15
  16         msg = soup_message_new ("GET", uri);
  17         soup_session_send_message (session, msg);
  18         if (msg->status_code != SOUP_STATUS_OK) {
  19                 debug_printf (1, "    FAILED: %d %s\n",
  20                               msg->status_code, msg->reason_phrase);
  21                 errors++;
  22         }
  23
  24         if (soup_message_get_https_status (msg, &cert, &flags)) {
  25                 if (!G_IS_TLS_CERTIFICATE (cert)) {
  26                         debug_printf (1, "    No certificate?\n");
  27                         errors++;
  28                 }
  29                 if (flags != G_TLS_CERTIFICATE_UNKNOWN_CA) {
  30                         debug_printf (1, "    Wrong cert flags (got %x, wanted %x)\n",
  31                                       flags, G_TLS_CERTIFICATE_UNKNOWN_CA);
  32                         errors++;
  33                 }
  34         } else {
  35                 debug_printf (1, "    Response not https\n");
  36                 errors++;
  37         }
  38
  39         g_object_unref (msg);
  40 }
  41
  42 static void
  43 do_properties_tests (char *uri)
  44 {
  45         SoupSession *session;
  46
  47         debug_printf (1, "\nSoupMessage properties\n");
  48
  49         debug_printf (1, "  async\n");
  50         session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
  51         g_object_set (G_OBJECT (session),
  52                       SOUP_SESSION_SSL_CA_FILE, "/dev/null",
  53                       SOUP_SESSION_SSL_STRICT, FALSE,
  54                       NULL);
  55         do_properties_test_for_session (session, uri);
  56         soup_test_session_abort_unref (session);
  57
  58         debug_printf (1, "  sync\n");
  59         session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
  60         g_object_set (G_OBJECT (session),
  61                       SOUP_SESSION_SSL_CA_FILE, "/dev/null",
  62                       SOUP_SESSION_SSL_STRICT, FALSE,
  63                       NULL);
  64         do_properties_test_for_session (session, uri);
  65         soup_test_session_abort_unref (session);
  66 }
  67
  68 static void
  69 do_one_strict_test (SoupSession *session, char *uri,
  70                     gboolean strict, gboolean with_ca_list,
  71                     guint expected_status)
  72 {
  73         SoupMessage *msg;
  74
  75         /* Note that soup_test_session_new() sets
  76          * SOUP_SESSION_SSL_CA_FILE by default, and turns off
  77          * SOUP_SESSION_SSL_STRICT.
  78          */
  79
  80         g_object_set (G_OBJECT (session),
  81                       SOUP_SESSION_SSL_STRICT, strict,
  82                       SOUP_SESSION_SSL_CA_FILE, with_ca_list ? SRCDIR "/test-cert.pem" : "/dev/null",
  83                       NULL);
  84         /* Close existing connections with old params */
  85         soup_session_abort (session);
  86
  87         msg = soup_message_new ("GET", uri);
  88         soup_session_send_message (session, msg);
  89         if (msg->status_code != expected_status) {
  90                 debug_printf (1, "      FAILED: %d %s (expected %d %s)\n",
  91                               msg->status_code, msg->reason_phrase,
  92                               expected_status,
  93                               soup_status_get_phrase (expected_status));
  94                 if (msg->status_code == SOUP_STATUS_SSL_FAILED) {
  95                         GTlsCertificateFlags flags = 0;
  96
  97                         soup_message_get_https_status (msg, NULL, &flags);
  98                         debug_printf (1, "              tls error flags: 0x%x\n", flags);
  99                 }
 100                 errors++;
 101         }
 102         g_object_unref (msg);
 103 }
 104
 105 static void
 106 do_strict_tests (char *uri)
 107 {
 108         SoupSession *session;
 109
 110         debug_printf (1, "strict/nonstrict\n");
 111
 112         session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
 113         debug_printf (1, "  async with CA list\n");
 114         do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
 115         debug_printf (1, "  async without CA list\n");
 116         do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
 117         debug_printf (1, "  async non-strict with CA list\n");
 118         do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
 119         debug_printf (1, "  async non-strict without CA list\n");
 120         do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
 121         soup_test_session_abort_unref (session);
 122
 123         session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
 124         debug_printf (1, "  sync with CA list\n");
 125         do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
 126         debug_printf (1, "  sync without CA list\n");
 127         do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
 128         debug_printf (1, "  sync non-strict with CA list\n");
 129         do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
 130         debug_printf (1, "  sync non-strict without CA list\n");
 131         do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
 132         soup_test_session_abort_unref (session);
 133 }
 134
 135 static void
 136 server_handler (SoupServer        *server,
 137                 SoupMessage       *msg,
 138                 const char        *path,
 139                 GHashTable        *query,
 140                 SoupClientContext *client,
 141                 gpointer           user_data)
 142 {
 143         soup_message_set_status (msg, SOUP_STATUS_OK);
 144         soup_message_set_response (msg, "text/plain",
 145                                    SOUP_MEMORY_STATIC,
 146                                    "ok\r\n", 4);
 147 }
 148
 149 int
 150 main (int argc, char **argv)
 151 {
 152         SoupServer *server;
 153         char *uri;
 154
 155         test_init (argc, argv, NULL);
 156
 157         if (tls_available) {
 158                 server = soup_test_server_new_ssl (TRUE);
 159                 soup_server_add_handler (server, NULL, server_handler, NULL, NULL);
 160                 uri = g_strdup_printf ("https://127.0.0.1:%u/",
 161                                        soup_server_get_port (server));
 162
 163                 do_strict_tests (uri);
 164                 do_properties_tests (uri);
 165
 166                 g_free (uri);
 167                 soup_test_server_quit_unref (server);
 168         }
 169
 170         test_cleanup ();
 171         return errors != 0;
 172 }