1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
3 #include "test-utils.h"
6 do_properties_test_for_session (SoupSession *session, char *uri)
10 GTlsCertificateFlags flags;
12 msg = soup_message_new ("GET", uri);
13 soup_session_send_message (session, msg);
14 if (msg->status_code != SOUP_STATUS_OK) {
15 debug_printf (1, " FAILED: %d %s\n",
16 msg->status_code, msg->reason_phrase);
20 if (soup_message_get_https_status (msg, &cert, &flags)) {
21 if (!G_IS_TLS_CERTIFICATE (cert)) {
22 debug_printf (1, " No certificate?\n");
25 if (flags != G_TLS_CERTIFICATE_UNKNOWN_CA) {
26 debug_printf (1, " Wrong cert flags (got %x, wanted %x)\n",
27 flags, G_TLS_CERTIFICATE_UNKNOWN_CA);
31 debug_printf (1, " Response not https\n");
34 if (soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
35 debug_printf (1, " CERTIFICATE_TRUSTED set?\n");
43 do_properties_tests (char *uri)
47 debug_printf (1, "\nSoupMessage properties\n");
49 debug_printf (1, " async\n");
50 session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
51 g_object_set (G_OBJECT (session),
52 SOUP_SESSION_SSL_CA_FILE, "/dev/null",
53 SOUP_SESSION_SSL_STRICT, FALSE,
55 do_properties_test_for_session (session, uri);
56 soup_test_session_abort_unref (session);
58 debug_printf (1, " sync\n");
59 session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
60 g_object_set (G_OBJECT (session),
61 SOUP_SESSION_SSL_CA_FILE, "/dev/null",
62 SOUP_SESSION_SSL_STRICT, FALSE,
64 do_properties_test_for_session (session, uri);
65 soup_test_session_abort_unref (session);
69 do_one_strict_test (SoupSession *session, char *uri,
70 gboolean strict, gboolean with_ca_list,
71 guint expected_status)
75 /* Note that soup_test_session_new() sets
76 * SOUP_SESSION_SSL_CA_FILE by default, and turns off
77 * SOUP_SESSION_SSL_STRICT.
80 g_object_set (G_OBJECT (session),
81 SOUP_SESSION_SSL_STRICT, strict,
82 SOUP_SESSION_SSL_CA_FILE, with_ca_list ? SRCDIR "/test-cert.pem" : "/dev/null",
84 /* Close existing connections with old params */
85 soup_session_abort (session);
87 msg = soup_message_new ("GET", uri);
88 soup_session_send_message (session, msg);
89 if (msg->status_code != expected_status) {
90 debug_printf (1, " FAILED: %d %s (expected %d %s)\n",
91 msg->status_code, msg->reason_phrase,
93 soup_status_get_phrase (expected_status));
94 if (msg->status_code == SOUP_STATUS_SSL_FAILED) {
95 GTlsCertificateFlags flags = 0;
97 soup_message_get_https_status (msg, NULL, &flags);
98 debug_printf (1, " tls error flags: 0x%x\n", flags);
101 } else if (with_ca_list && SOUP_STATUS_IS_SUCCESSFUL (msg->status_code)) {
102 if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)) {
103 debug_printf (1, " CERTIFICATE_TRUSTED not set?\n");
107 if (with_ca_list && soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
108 debug_printf (1, " CERTIFICATE_TRUSTED set?\n");
113 g_object_unref (msg);
117 do_strict_tests (char *uri)
119 SoupSession *session;
121 debug_printf (1, "\nstrict/nonstrict\n");
123 session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
124 debug_printf (1, " async with CA list\n");
125 do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
126 debug_printf (1, " async without CA list\n");
127 do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
128 debug_printf (1, " async non-strict with CA list\n");
129 do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
130 debug_printf (1, " async non-strict without CA list\n");
131 do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
132 soup_test_session_abort_unref (session);
134 session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
135 debug_printf (1, " sync with CA list\n");
136 do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
137 debug_printf (1, " sync without CA list\n");
138 do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
139 debug_printf (1, " sync non-strict with CA list\n");
140 do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
141 debug_printf (1, " sync non-strict without CA list\n");
142 do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
143 soup_test_session_abort_unref (session);
147 property_changed (GObject *object, GParamSpec *param, gpointer user_data)
149 gboolean *changed = user_data;
155 do_session_property_tests (void)
157 gboolean use_system_changed, tlsdb_changed, ca_file_changed;
161 SoupSession *session;
163 debug_printf (1, "session properties\n");
165 session = soup_session_async_new ();
166 g_signal_connect (session, "notify::ssl-use-system-ca-file",
167 G_CALLBACK (property_changed), &use_system_changed);
168 g_signal_connect (session, "notify::tls-database",
169 G_CALLBACK (property_changed), &tlsdb_changed);
170 g_signal_connect (session, "notify::ssl-ca-file",
171 G_CALLBACK (property_changed), &ca_file_changed);
173 g_object_get (G_OBJECT (session),
174 "ssl-use-system-ca-file", &use_system,
175 "tls-database", &tlsdb,
176 "ssl-ca-file", &ca_file,
179 debug_printf (1, " ssl-use-system-ca-file defaults to TRUE?\n");
183 debug_printf (1, " tls-database set by default?\n");
185 g_object_unref (tlsdb);
188 debug_printf (1, " ca-file set by default?\n");
193 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
194 g_object_set (G_OBJECT (session),
195 "ssl-use-system-ca-file", TRUE,
197 g_object_get (G_OBJECT (session),
198 "ssl-use-system-ca-file", &use_system,
199 "tls-database", &tlsdb,
200 "ssl-ca-file", &ca_file,
203 debug_printf (1, " setting ssl-use-system-ca-file failed\n");
207 debug_printf (1, " setting ssl-use-system-ca-file didn't set tls-database\n");
210 g_object_unref (tlsdb);
212 debug_printf (1, " setting ssl-use-system-ca-file set ssl-ca-file\n");
216 if (!use_system_changed) {
217 debug_printf (1, " setting ssl-use-system-ca-file didn't emit notify::ssl-use-system-ca-file\n");
220 if (!tlsdb_changed) {
221 debug_printf (1, " setting ssl-use-system-ca-file didn't emit notify::tls-database\n");
224 if (ca_file_changed) {
225 debug_printf (1, " setting ssl-use-system-ca-file emitted notify::ssl-ca-file\n");
229 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
230 g_object_set (G_OBJECT (session),
231 "ssl-ca-file", SRCDIR "/test-cert.pem",
233 g_object_get (G_OBJECT (session),
234 "ssl-use-system-ca-file", &use_system,
235 "tls-database", &tlsdb,
236 "ssl-ca-file", &ca_file,
239 debug_printf (1, " setting ssl-ca-file left ssl-use-system-ca-file set\n");
243 debug_printf (1, " setting ssl-ca-file didn't set tls-database\n");
246 g_object_unref (tlsdb);
248 debug_printf (1, " setting ssl-ca-file failed\n");
252 if (!use_system_changed) {
253 debug_printf (1, " setting ssl-ca-file didn't emit notify::ssl-use-system-ca-file\n");
256 if (!tlsdb_changed) {
257 debug_printf (1, " setting ssl-ca-file didn't emit notify::tls-database\n");
260 if (!ca_file_changed) {
261 debug_printf (1, " setting ssl-ca-file didn't emit notify::ssl-ca-file\n");
265 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
266 g_object_set (G_OBJECT (session),
267 "tls-database", NULL,
269 g_object_get (G_OBJECT (session),
270 "ssl-use-system-ca-file", &use_system,
271 "tls-database", &tlsdb,
272 "ssl-ca-file", &ca_file,
275 debug_printf (1, " setting tls-database NULL left ssl-use-system-ca-file set\n");
279 debug_printf (1, " setting tls-database NULL failed\n");
281 g_object_unref (tlsdb);
284 debug_printf (1, " setting tls-database didn't clear ssl-ca-file\n");
288 if (use_system_changed) {
289 debug_printf (1, " setting tls-database emitted notify::ssl-use-system-ca-file\n");
292 if (!tlsdb_changed) {
293 debug_printf (1, " setting tls-database didn't emit notify::tls-database\n");
296 if (!ca_file_changed) {
297 debug_printf (1, " setting tls-database didn't emit notify::ssl-ca-file\n");
301 soup_test_session_abort_unref (session);
305 server_handler (SoupServer *server,
309 SoupClientContext *client,
312 soup_message_set_status (msg, SOUP_STATUS_OK);
313 soup_message_set_response (msg, "text/plain",
319 main (int argc, char **argv)
324 test_init (argc, argv, NULL);
327 server = soup_test_server_new_ssl (TRUE);
328 soup_server_add_handler (server, NULL, server_handler, NULL, NULL);
329 uri = g_strdup_printf ("https://127.0.0.1:%u/",
330 soup_server_get_port (server));
332 do_session_property_tests ();
333 do_strict_tests (uri);
334 do_properties_tests (uri);
337 soup_test_server_quit_unref (server);