diff options
author | Dan Winship <danw@gnome.org> | 2011-09-19 18:03:33 -0400 |
---|---|---|
committer | Dan Winship <danw@gnome.org> | 2011-09-19 18:03:33 -0400 |
commit | 2e63943561e774a385be66e7bc5864bb58ead14c (patch) | |
tree | a2b17b34e14d9d9faa1373614f58dd69baa56815 /tests | |
parent | 5b272126556b18bbe6614a71ff552946e32b3a40 (diff) | |
download | libsoup-2e63943561e774a385be66e7bc5864bb58ead14c.tar.gz libsoup-2e63943561e774a385be66e7bc5864bb58ead14c.tar.bz2 libsoup-2e63943561e774a385be66e7bc5864bb58ead14c.zip |
tests/ssl-test: belatedly commit this
Diffstat (limited to 'tests')
-rw-r--r-- | tests/ssl-test.c | 166 |
1 files changed, 166 insertions, 0 deletions
diff --git a/tests/ssl-test.c b/tests/ssl-test.c new file mode 100644 index 00000000..bdc8ae86 --- /dev/null +++ b/tests/ssl-test.c @@ -0,0 +1,166 @@ +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include "libsoup/soup.h" + +#include "test-utils.h" + +static void +do_properties_test_for_session (SoupSession *session, char *uri) +{ + SoupMessage *msg; + GTlsCertificate *cert; + GTlsCertificateFlags flags; + + msg = soup_message_new ("GET", uri); + soup_session_send_message (session, msg); + if (msg->status_code != SOUP_STATUS_OK) { + debug_printf (1, " FAILED: %d %s\n", + msg->status_code, msg->reason_phrase); + errors++; + } + + if (soup_message_get_https_status (msg, &cert, &flags)) { + if (!G_IS_TLS_CERTIFICATE (cert)) { + debug_printf (1, " No certificate?\n"); + errors++; + } + if (flags != G_TLS_CERTIFICATE_UNKNOWN_CA) { + debug_printf (1, " Wrong cert flags (got %x, wanted %x)\n", + flags, G_TLS_CERTIFICATE_UNKNOWN_CA); + errors++; + } + } else { + debug_printf (1, " Response not https\n"); + errors++; + } + + g_object_unref (msg); +} + +static void +do_properties_tests (char *uri) +{ + SoupSession *session; + + debug_printf (1, "\nSoupMessage properties\n"); + + debug_printf (1, " async\n"); + session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); + g_object_set (G_OBJECT (session), + SOUP_SESSION_SSL_CA_FILE, "/dev/null", + SOUP_SESSION_SSL_STRICT, FALSE, + NULL); + do_properties_test_for_session (session, uri); + soup_test_session_abort_unref (session); + + debug_printf (1, " sync\n"); + session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL); + g_object_set (G_OBJECT (session), + SOUP_SESSION_SSL_CA_FILE, "/dev/null", + SOUP_SESSION_SSL_STRICT, FALSE, + NULL); + do_properties_test_for_session (session, uri); + soup_test_session_abort_unref (session); +} + +static void +do_one_strict_test (SoupSession *session, char *uri, + gboolean strict, gboolean with_ca_list, + guint expected_status) +{ + SoupMessage *msg; + + /* Note that soup_test_session_new() sets + * SOUP_SESSION_SSL_CA_FILE by default, and turns off + * SOUP_SESSION_SSL_STRICT. + */ + + g_object_set (G_OBJECT (session), + SOUP_SESSION_SSL_STRICT, strict, + SOUP_SESSION_SSL_CA_FILE, with_ca_list ? SRCDIR "/test-cert.pem" : "/dev/null", + NULL); + /* Close existing connections with old params */ + soup_session_abort (session); + + msg = soup_message_new ("GET", uri); + soup_session_send_message (session, msg); + if (msg->status_code != expected_status) { + debug_printf (1, " FAILED: %d %s (expected %d %s)\n", + msg->status_code, msg->reason_phrase, + expected_status, + soup_status_get_phrase (expected_status)); + errors++; + } + g_object_unref (msg); +} + +static void +do_strict_tests (char *uri) +{ + SoupSession *session; + + debug_printf (1, "strict/nonstrict\n"); + + session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL); + debug_printf (1, " async with CA list\n"); + do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK); + debug_printf (1, " async without CA list\n"); + do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED); + debug_printf (1, " async non-strict with CA list\n"); + do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK); + debug_printf (1, " async non-strict without CA list\n"); + do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK); + soup_test_session_abort_unref (session); + + session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL); + debug_printf (1, " sync with CA list\n"); + do_one_strict_test (session, uri, TRUE, TRUE, SOUP_STATUS_OK); + debug_printf (1, " sync without CA list\n"); + do_one_strict_test (session, uri, TRUE, FALSE, SOUP_STATUS_SSL_FAILED); + debug_printf (1, " sync non-strict with CA list\n"); + do_one_strict_test (session, uri, FALSE, TRUE, SOUP_STATUS_OK); + debug_printf (1, " sync non-strict without CA list\n"); + do_one_strict_test (session, uri, FALSE, FALSE, SOUP_STATUS_OK); + soup_test_session_abort_unref (session); +} + +static void +server_handler (SoupServer *server, + SoupMessage *msg, + const char *path, + GHashTable *query, + SoupClientContext *client, + gpointer user_data) +{ + soup_message_set_status (msg, SOUP_STATUS_OK); + soup_message_set_response (msg, "text/plain", + SOUP_MEMORY_STATIC, + "ok\r\n", 4); +} + +int +main (int argc, char **argv) +{ + SoupServer *server; + char *uri; + + test_init (argc, argv, NULL); + + if (tls_available) { + server = soup_test_server_new_ssl (TRUE); + soup_server_add_handler (server, NULL, server_handler, NULL, NULL); + uri = g_strdup_printf ("https://127.0.0.1:%u/", + soup_server_get_port (server)); + + do_strict_tests (uri); + do_properties_tests (uri); + + g_free (uri); + soup_test_server_quit_unref (server); + } + + test_cleanup (); + return errors != 0; +} |