5 #include "libsoup/soup.h"
7 #include "test-utils.h"
10 do_properties_test_for_session (SoupSession *session, char *uri)
13 GTlsCertificate *cert;
14 GTlsCertificateFlags flags;
16 msg = soup_message_new ("GET", uri);
17 soup_session_send_message (session, msg);
18 if (msg->status_code != SOUP_STATUS_OK) {
19 debug_printf (1, " FAILED: %d %s\n",
20 msg->status_code, msg->reason_phrase);
24 if (soup_message_get_https_status (msg, &cert, &flags)) {
25 if (!G_IS_TLS_CERTIFICATE (cert)) {
26 debug_printf (1, " No certificate?\n");
29 if (flags != G_TLS_CERTIFICATE_UNKNOWN_CA) {
30 debug_printf (1, " Wrong cert flags (got %x, wanted %x)\n",
31 flags, G_TLS_CERTIFICATE_UNKNOWN_CA);
35 debug_printf (1, " Response not https\n");
38 if (soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
39 debug_printf (1, " CERTIFICATE_TRUSTED set?\n");
47 do_properties_tests (char *uri)
51 debug_printf (1, "\nSoupMessage properties\n");
53 debug_printf (1, " async\n");
54 session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
55 g_object_set (G_OBJECT (session),
56 SOUP_SESSION_SSL_CA_FILE, "/dev/null",
57 SOUP_SESSION_SSL_STRICT, FALSE,
59 do_properties_test_for_session (session, uri);
60 soup_test_session_abort_unref (session);
62 debug_printf (1, " sync\n");
63 session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
64 g_object_set (G_OBJECT (session),
65 SOUP_SESSION_SSL_CA_FILE, "/dev/null",
66 SOUP_SESSION_SSL_STRICT, FALSE,
68 do_properties_test_for_session (session, uri);
69 soup_test_session_abort_unref (session);
73 do_one_strict_test (SoupSession *session, char *uri,
74 gboolean strict, gboolean with_ca_list,
75 guint expected_status)
79 /* Note that soup_test_session_new() sets
80 * SOUP_SESSION_SSL_CA_FILE by default, and turns off
81 * SOUP_SESSION_SSL_STRICT.
84 g_object_set (G_OBJECT (session),
85 SOUP_SESSION_SSL_STRICT, strict,
86 SOUP_SESSION_SSL_CA_FILE, with_ca_list ? SRCDIR "/test-cert.pem" : "/dev/null",
88 /* Close existing connections with old params */
89 soup_session_abort (session);
91 msg = soup_message_new ("GET", uri);
92 soup_session_send_message (session, msg);
93 if (msg->status_code != expected_status) {
94 debug_printf (1, " FAILED: %d %s (expected %d %s)\n",
95 msg->status_code, msg->reason_phrase,
97 soup_status_get_phrase (expected_status));
98 if (msg->status_code == SOUP_STATUS_SSL_FAILED) {
99 GTlsCertificateFlags flags = 0;
101 soup_message_get_https_status (msg, NULL, &flags);
102 debug_printf (1, " tls error flags: 0x%x\n", flags);
105 } else if (with_ca_list && SOUP_STATUS_IS_SUCCESSFUL (msg->status_code)) {
106 if (!(soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)) {
107 debug_printf (1, " CERTIFICATE_TRUSTED not set?\n");
111 if (with_ca_list && soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED) {
112 debug_printf (1, " CERTIFICATE_TRUSTED set?\n");
117 g_object_unref (msg);
121 do_strict_tests (char *uri)
123 SoupSession *session;
125 debug_printf (1, "\nstrict/nonstrict\n");
127 session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
128 debug_printf (1, " async with CA list\n");
129 do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
130 debug_printf (1, " async without CA list\n");
131 do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
132 debug_printf (1, " async non-strict with CA list\n");
133 do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
134 debug_printf (1, " async non-strict without CA list\n");
135 do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
136 soup_test_session_abort_unref (session);
138 session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
139 debug_printf (1, " sync with CA list\n");
140 do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK);
141 debug_printf (1, " sync without CA list\n");
142 do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED);
143 debug_printf (1, " sync non-strict with CA list\n");
144 do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK);
145 debug_printf (1, " sync non-strict without CA list\n");
146 do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK);
147 soup_test_session_abort_unref (session);
151 property_changed (GObject *object, GParamSpec *param, gpointer user_data)
153 gboolean *changed = user_data;
159 do_session_property_tests (void)
161 gboolean use_system_changed, tlsdb_changed, ca_file_changed;
165 SoupSession *session;
167 debug_printf (1, "session properties\n");
169 session = soup_session_async_new ();
170 g_signal_connect (session, "notify::ssl-use-system-ca-file",
171 G_CALLBACK (property_changed), &use_system_changed);
172 g_signal_connect (session, "notify::tls-database",
173 G_CALLBACK (property_changed), &tlsdb_changed);
174 g_signal_connect (session, "notify::ssl-ca-file",
175 G_CALLBACK (property_changed), &ca_file_changed);
177 g_object_get (G_OBJECT (session),
178 "ssl-use-system-ca-file", &use_system,
179 "tls-database", &tlsdb,
180 "ssl-ca-file", &ca_file,
183 debug_printf (1, " ssl-use-system-ca-file defaults to TRUE?\n");
187 debug_printf (1, " tls-database set by default?\n");
189 g_object_unref (tlsdb);
192 debug_printf (1, " ca-file set by default?\n");
197 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
198 g_object_set (G_OBJECT (session),
199 "ssl-use-system-ca-file", TRUE,
201 g_object_get (G_OBJECT (session),
202 "ssl-use-system-ca-file", &use_system,
203 "tls-database", &tlsdb,
204 "ssl-ca-file", &ca_file,
207 debug_printf (1, " setting ssl-use-system-ca-file failed\n");
211 debug_printf (1, " setting ssl-use-system-ca-file didn't set tls-database\n");
214 g_object_unref (tlsdb);
216 debug_printf (1, " setting ssl-use-system-ca-file set ssl-ca-file\n");
220 if (!use_system_changed) {
221 debug_printf (1, " setting ssl-use-system-ca-file didn't emit notify::ssl-use-system-ca-file\n");
224 if (!tlsdb_changed) {
225 debug_printf (1, " setting ssl-use-system-ca-file didn't emit notify::tls-database\n");
228 if (ca_file_changed) {
229 debug_printf (1, " setting ssl-use-system-ca-file emitted notify::ssl-ca-file\n");
233 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
234 g_object_set (G_OBJECT (session),
235 "ssl-ca-file", SRCDIR "/test-cert.pem",
237 g_object_get (G_OBJECT (session),
238 "ssl-use-system-ca-file", &use_system,
239 "tls-database", &tlsdb,
240 "ssl-ca-file", &ca_file,
243 debug_printf (1, " setting ssl-ca-file left ssl-use-system-ca-file set\n");
247 debug_printf (1, " setting ssl-ca-file didn't set tls-database\n");
250 g_object_unref (tlsdb);
252 debug_printf (1, " setting ssl-ca-file failed\n");
256 if (!use_system_changed) {
257 debug_printf (1, " setting ssl-ca-file didn't emit notify::ssl-use-system-ca-file\n");
260 if (!tlsdb_changed) {
261 debug_printf (1, " setting ssl-ca-file didn't emit notify::tls-database\n");
264 if (!ca_file_changed) {
265 debug_printf (1, " setting ssl-ca-file didn't emit notify::ssl-ca-file\n");
269 use_system_changed = tlsdb_changed = ca_file_changed = FALSE;
270 g_object_set (G_OBJECT (session),
271 "tls-database", NULL,
273 g_object_get (G_OBJECT (session),
274 "ssl-use-system-ca-file", &use_system,
275 "tls-database", &tlsdb,
276 "ssl-ca-file", &ca_file,
279 debug_printf (1, " setting tls-database NULL left ssl-use-system-ca-file set\n");
283 debug_printf (1, " setting tls-database NULL failed\n");
285 g_object_unref (tlsdb);
288 debug_printf (1, " setting tls-database didn't clear ssl-ca-file\n");
292 if (use_system_changed) {
293 debug_printf (1, " setting tls-database emitted notify::ssl-use-system-ca-file\n");
296 if (!tlsdb_changed) {
297 debug_printf (1, " setting tls-database didn't emit notify::tls-database\n");
300 if (!ca_file_changed) {
301 debug_printf (1, " setting tls-database didn't emit notify::ssl-ca-file\n");
305 soup_test_session_abort_unref (session);
309 server_handler (SoupServer *server,
313 SoupClientContext *client,
316 soup_message_set_status (msg, SOUP_STATUS_OK);
317 soup_message_set_response (msg, "text/plain",
323 main (int argc, char **argv)
328 test_init (argc, argv, NULL);
331 server = soup_test_server_new_ssl (TRUE);
332 soup_server_add_handler (server, NULL, server_handler, NULL, NULL);
333 uri = g_strdup_printf ("https://127.0.0.1:%u/",
334 soup_server_get_port (server));
336 do_session_property_tests ();
337 do_strict_tests (uri);
338 do_properties_tests (uri);
341 soup_test_server_quit_unref (server);