[libsoup/carlosgc/simplify-ssl-interaction-test] test: simplify /ssl/tls-interaction test by using SoupServer
- From: Carlos Garcia Campos <carlosgc src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsoup/carlosgc/simplify-ssl-interaction-test] test: simplify /ssl/tls-interaction test by using SoupServer
- Date: Tue, 23 Feb 2021 09:05:54 +0000 (UTC)
commit bd6de90343839125bd07c43c97e1000deb0b40c3
Author: Carlos Garcia Campos <cgarcia igalia com>
Date: Tue Feb 23 10:02:21 2021 +0100
test: simplify /ssl/tls-interaction test by using SoupServer
The test is still flaky, but due to a glib-networking bug.
libsoup/server/soup-socket.c | 8 +++
libsoup/server/soup-socket.h | 1 +
tests/ssl-test.c | 134 +++++++++++++------------------------------
3 files changed, 50 insertions(+), 93 deletions(-)
---
diff --git a/libsoup/server/soup-socket.c b/libsoup/server/soup-socket.c
index 96f4e058..6dd9f8cc 100644
--- a/libsoup/server/soup-socket.c
+++ b/libsoup/server/soup-socket.c
@@ -733,3 +733,11 @@ soup_socket_get_remote_address (SoupSocket *sock)
return priv->remote_addr;
}
+
+GIOStream *
+soup_socket_get_connection (SoupSocket *sock)
+{
+ SoupSocketPrivate *priv = soup_socket_get_instance_private (sock);
+
+ return priv->conn;
+}
diff --git a/libsoup/server/soup-socket.h b/libsoup/server/soup-socket.h
index 89f72da2..42f3bff9 100644
--- a/libsoup/server/soup-socket.h
+++ b/libsoup/server/soup-socket.h
@@ -22,6 +22,7 @@ gboolean soup_socket_is_ssl (SoupSocket *sock);
void soup_socket_disconnect (SoupSocket *sock);
gboolean soup_socket_is_connected (SoupSocket *sock);
+GIOStream *soup_socket_get_connection (SoupSocket *sock);
GSocket *soup_socket_get_gsocket (SoupSocket *sock);
GSocket *soup_socket_steal_gsocket (SoupSocket *sock);
GIOStream *soup_socket_get_iostream (SoupSocket *sock);
diff --git a/tests/ssl-test.c b/tests/ssl-test.c
index ecd173dd..359d72d0 100644
--- a/tests/ssl-test.c
+++ b/tests/ssl-test.c
@@ -1,6 +1,7 @@
/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
#include "test-utils.h"
+#include "soup-server-message-private.h"
GUri *uri;
@@ -106,19 +107,9 @@ test_tls_interaction_request_certificate (GTlsInteraction *interact
GError **error)
{
GTlsCertificate *cert;
- const char *ssl_cert_file, *ssl_key_file;
- GError *my_error = NULL;
-
- /* Yes, we use the same certificate for the client as for the server. Shrug */
- ssl_cert_file = g_test_get_filename (G_TEST_DIST, "test-cert.pem", NULL);
- ssl_key_file = g_test_get_filename (G_TEST_DIST, "test-key.pem", NULL);
- cert = g_tls_certificate_new_from_files (ssl_cert_file,
- ssl_key_file,
- &my_error);
- g_assert_no_error (my_error);
+ cert = g_object_get_data (G_OBJECT (interaction), "certificate");
g_tls_connection_set_certificate (connection, cert);
- g_object_unref (cert);
return G_TLS_INTERACTION_HANDLED;
}
@@ -132,102 +123,54 @@ test_tls_interaction_class_init (TestTlsInteractionClass *klass)
}
-#define INTERACTION_TEST_HTTP_RESPONSE "HTTP/1.1 200 OK\r\nConnection: close\r\n\r\nOK\r\n"
-
static gboolean
accept_client_certificate (GTlsConnection *server,
GTlsCertificate *client_cert,
GTlsCertificateFlags errors)
{
- return TRUE;
+ return errors == 0;
}
static void
-got_connection (GThreadedSocketService *service,
- GSocketConnection *connection,
- GObject *source_object)
+server_request_started (SoupServer *server,
+ SoupServerMessage *msg,
+ GTlsDatabase *tls_db)
{
- GIOStream *tls;
- GTlsCertificate *server_cert;
- GError *error = NULL;
- const char *ssl_cert_file, *ssl_key_file;
- GMainContext *thread_context;
-
- thread_context = g_main_context_new ();
- g_main_context_push_thread_default (thread_context);
-
- ssl_cert_file = g_test_get_filename (G_TEST_DIST, "test-cert.pem", NULL);
- ssl_key_file = g_test_get_filename (G_TEST_DIST, "test-key.pem", NULL);
- server_cert = g_tls_certificate_new_from_files (ssl_cert_file,
- ssl_key_file,
- &error);
- g_assert_no_error (error);
-
- tls = g_tls_server_connection_new (G_IO_STREAM (connection),
- server_cert, &error);
- g_assert_no_error (error);
- g_object_unref (server_cert);
-
- g_object_set (G_OBJECT (tls),
- "authentication-mode", G_TLS_AUTHENTICATION_REQUIRED,
- NULL);
- g_signal_connect (tls, "accept-certificate",
- G_CALLBACK (accept_client_certificate), NULL);
-
- if (g_tls_connection_handshake (G_TLS_CONNECTION (tls), NULL, &error)) {
- g_output_stream_write_all (g_io_stream_get_output_stream (tls),
- INTERACTION_TEST_HTTP_RESPONSE,
- strlen (INTERACTION_TEST_HTTP_RESPONSE),
- NULL, NULL, &error);
- g_assert_no_error (error);
- } else {
- g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
- g_clear_error (&error);
- }
-
- g_io_stream_close (tls, NULL, &error);
- g_assert_no_error (error);
-
- g_object_unref (tls);
-
- g_main_context_pop_thread_default (thread_context);
- g_main_context_unref (thread_context);
+ SoupSocket *sock;
+ GIOStream *conn;
+
+ sock = soup_server_message_get_soup_socket (msg);
+ conn = soup_socket_get_connection (sock);
+ g_tls_connection_set_database (G_TLS_CONNECTION (conn), tls_db);
+ g_object_set (conn, "authentication-mode", G_TLS_AUTHENTICATION_REQUIRED, NULL);
+ g_signal_connect (conn, "accept-certificate",
+ G_CALLBACK (accept_client_certificate),
+ NULL);
}
static void
-do_tls_interaction_test (void)
+do_tls_interaction_test (gconstpointer data)
{
- GSocketService *service;
- GSocketAddress *address, *bound_address;
+ SoupServer *server = (SoupServer *)data;
SoupSession *session;
SoupMessage *msg;
GBytes *body;
+ GTlsDatabase *tls_db;
+ GTlsCertificate *certificate;
GTlsInteraction *interaction;
- GUri *test_uri;
GError *error = NULL;
SOUP_TEST_SKIP_IF_NO_TLS;
- service = g_threaded_socket_service_new (1);
- address = g_inet_socket_address_new_from_string ("127.0.0.1", 0);
- g_socket_listener_add_address (G_SOCKET_LISTENER (service), address,
- G_SOCKET_TYPE_STREAM,
- G_SOCKET_PROTOCOL_TCP,
- NULL, &bound_address, &error);
- g_assert_no_error (error);
- g_object_unref (address);
- g_signal_connect (service, "run", G_CALLBACK (got_connection), NULL);
- g_socket_service_start (service);
-
- test_uri = g_uri_build (SOUP_HTTP_URI_FLAGS, "https", NULL, "127.0.0.1",
- g_inet_socket_address_get_port (G_INET_SOCKET_ADDRESS (bound_address)),
- "/", NULL, NULL);
- g_object_unref (bound_address);
-
session = soup_test_session_new (NULL);
+ g_object_get (session, "tls-database", &tls_db, NULL);
+
+ g_signal_connect (server, "request-started",
+ G_CALLBACK (server_request_started),
+ tls_db);
/* Without a GTlsInteraction */
- msg = soup_message_new_from_uri ("GET", test_uri);
+ msg = soup_message_new_from_uri ("GET", uri);
body = soup_test_session_async_send (session, msg, NULL, &error);
g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
g_clear_error (&error);
@@ -235,24 +178,29 @@ do_tls_interaction_test (void)
g_object_unref (msg);
interaction = g_object_new (test_tls_interaction_get_type (), NULL);
- g_object_set (G_OBJECT (session),
- "tls-interaction", interaction,
- NULL);
+ /* Yes, we use the same certificate for the client as for the server. Shrug */
+ g_object_get (server, "tls-certificate", &certificate, NULL);
+ g_object_set_data_full (G_OBJECT (interaction),
+ "certificate",
+ g_object_ref (certificate),
+ g_object_unref);
+ g_object_set (session, "tls-interaction", interaction, NULL);
g_object_unref (interaction);
/* With a GTlsInteraction */
- msg = soup_message_new_from_uri ("GET", test_uri);
- body = soup_test_session_async_send (session, msg, NULL, NULL);
+ msg = soup_message_new_from_uri ("GET", uri);
+ body = soup_test_session_async_send (session, msg, NULL, &error);
+ g_assert_no_error (error);
soup_test_assert_message_status (msg, SOUP_STATUS_OK);
g_assert_nonnull (soup_message_get_tls_certificate (msg));
g_bytes_unref (body);
g_object_unref (msg);
- g_uri_unref (test_uri);
- soup_test_session_abort_unref (session);
+ g_signal_handlers_disconnect_by_data (server, tls_db);
- g_socket_service_stop (service);
- g_object_unref (service);
+ soup_test_session_abort_unref (session);
+ g_object_unref (tls_db);
+ g_object_unref (certificate);
}
static void
@@ -283,7 +231,7 @@ main (int argc, char **argv)
} else
uri = NULL;
- g_test_add_func ("/ssl/tls-interaction", do_tls_interaction_test);
+ g_test_add_data_func ("/ssl/tls-interaction", server, do_tls_interaction_test);
for (i = 0; i < G_N_ELEMENTS (strictness_tests); i++) {
g_test_add_data_func (strictness_tests[i].name,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
