diff options
| author | Garrett D'Amore <garrett@damore.org> | 2024-10-20 23:43:44 -0700 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2024-10-20 23:43:44 -0700 |
| commit | 53e8dbbe3c2bd82fb7ac8583a45e7fcfec173cc1 (patch) | |
| tree | 173a51c6094fc9aecb9f8baea550a5c3ac29974c | |
| parent | d05ff4934e57c55841a12a41eea41934267150ae (diff) | |
| download | nng-53e8dbbe3c2bd82fb7ac8583a45e7fcfec173cc1.tar.gz nng-53e8dbbe3c2bd82fb7ac8583a45e7fcfec173cc1.tar.bz2 nng-53e8dbbe3c2bd82fb7ac8583a45e7fcfec173cc1.zip | |
remove legacy support for configuration of transport options on socket
Transport specific options should be configured on the end point.
This has the most impact for TLS, as TLS dialers and listeners will
need to be allocated apriori, to configure TLS options.
Some legacy tests were removed... we're going to remove the legacy
libnanomsg compatibility layer anyway.
| -rw-r--r-- | src/compat/nanomsg/compat_tcp_test.c | 29 | ||||
| -rw-r--r-- | src/core/sock_test.c | 71 | ||||
| -rw-r--r-- | src/core/socket.c | 83 | ||||
| -rw-r--r-- | src/platform/posix/posix_tcpdial.c | 3 | ||||
| -rw-r--r-- | src/platform/posix/posix_tcplisten.c | 3 | ||||
| -rw-r--r-- | src/platform/windows/win_tcpdial.c | 1 | ||||
| -rw-r--r-- | src/sp/transport/tcp/tcp_test.c | 30 | ||||
| -rw-r--r-- | src/sp/transport/tls/tls_tran_test.c | 128 | ||||
| -rw-r--r-- | tests/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | tests/tls.c | 634 |
10 files changed, 57 insertions, 926 deletions
diff --git a/src/compat/nanomsg/compat_tcp_test.c b/src/compat/nanomsg/compat_tcp_test.c index d090463f..a23c878d 100644 --- a/src/compat/nanomsg/compat_tcp_test.c +++ b/src/compat/nanomsg/compat_tcp_test.c @@ -94,32 +94,6 @@ test_bad_addresses(void) } void -test_no_delay(void) -{ - int s; - int opt; - size_t sz; - NUTS_TRUE((s = nn_socket(AF_SP, NN_PAIR)) >= 0); - - sz = sizeof(opt); - NUTS_NN_PASS(nn_getsockopt(s, NN_TCP, NN_TCP_NODELAY, &opt, &sz)); - NUTS_TRUE(sz == sizeof(opt)); - NUTS_TRUE(opt == 0); - opt = 2; - NUTS_NN_FAIL( - nn_setsockopt(s, NN_TCP, NN_TCP_NODELAY, &opt, sz), EINVAL); - - opt = 1; - NUTS_NN_PASS(nn_setsockopt(s, NN_TCP, NN_TCP_NODELAY, &opt, sz)); - - opt = 3; - NUTS_NN_PASS(nn_getsockopt(s, NN_TCP, NN_TCP_NODELAY, &opt, &sz)); - NUTS_TRUE(sz == sizeof(opt)); - NUTS_TRUE(opt == 1); - NUTS_NN_PASS(nn_close(s)); -} - -void test_ping_pong(void) { int sb, sc, p1, p2; @@ -201,7 +175,7 @@ test_max_recv_size(void) int n; size_t sz; char buf[64]; - char *addr; + char *addr; NUTS_ADDR(addr, "tcp"); @@ -251,7 +225,6 @@ TEST_LIST = { { "compat tcp connect and close ", test_connect_and_close }, { "compat tcp bind and connect ", test_bind_and_connect }, { "compat tcp invalid addresses", test_bad_addresses }, - { "compat tcp no delay option", test_no_delay }, { "compat tcp ping pong", test_ping_pong }, { "compat tcp pair reject", test_pair_reject }, { "compat tcp addr in use", test_addr_in_use }, diff --git a/src/core/sock_test.c b/src/core/sock_test.c index fbf70537..f785d9c0 100644 --- a/src/core/sock_test.c +++ b/src/core/sock_test.c @@ -15,7 +15,7 @@ test_recv_timeout(void) { nng_socket s1; uint64_t now; - nng_msg * msg = NULL; + nng_msg *msg = NULL; NUTS_OPEN(s1); NUTS_PASS(nng_socket_set_ms(s1, NNG_OPT_RECVTIMEO, 10)); @@ -32,7 +32,7 @@ test_recv_nonblock(void) { nng_socket s1; uint64_t now; - nng_msg * msg = NULL; + nng_msg *msg = NULL; NUTS_OPEN(s1); NUTS_PASS(nng_socket_set_ms(s1, NNG_OPT_RECVTIMEO, 10)); @@ -48,7 +48,7 @@ test_send_timeout(void) { nng_socket s1; uint64_t now; - nng_msg * msg; + nng_msg *msg; NUTS_OPEN(s1); NUTS_PASS(nng_msg_alloc(&msg, 0)); @@ -66,7 +66,7 @@ test_send_nonblock(void) { nng_socket s1; uint64_t now; - nng_msg * msg; + nng_msg *msg; NUTS_OPEN(s1); NUTS_PASS(nng_msg_alloc(&msg, 0)); @@ -108,9 +108,9 @@ test_socket_name(void) { nng_socket s1; char name[128]; // 64 is max - char * str; + char *str; long id; - char * end; + char *end; size_t sz; sz = sizeof(name); @@ -175,8 +175,8 @@ test_send_recv(void) int len; size_t sz; nng_duration to = 3000; // 3 seconds - char * buf; - char * a = "inproc://t1"; + char *buf; + char *a = "inproc://t1"; NUTS_OPEN(s1); NUTS_OPEN(s2); @@ -215,8 +215,8 @@ test_send_recv_zero_length(void) int len; size_t sz; nng_duration to = 3000; // 3 seconds - char * buf; - char * a = "inproc://send-recv-zero-length"; + char *buf; + char *a = "inproc://send-recv-zero-length"; NUTS_OPEN(s1); NUTS_OPEN(s2); @@ -259,11 +259,11 @@ test_connection_refused(void) void test_late_connection(void) { - char * buf; + char *buf; size_t sz; nng_socket s1; nng_socket s2; - char * a = "inproc://asy"; + char *a = "inproc://asy"; NUTS_OPEN(s1); NUTS_OPEN(s2); @@ -287,7 +287,7 @@ test_late_connection(void) void test_address_busy(void) { - char * a = "inproc://eaddrinuse"; + char *a = "inproc://eaddrinuse"; nng_listener l = NNG_LISTENER_INITIALIZER; nng_dialer d = NNG_DIALER_INITIALIZER; nng_socket s1; @@ -323,7 +323,7 @@ test_endpoint_types(void) nng_listener l = NNG_LISTENER_INITIALIZER; nng_dialer d2; nng_listener l2; - char * a = "inproc://mumble..."; + char *a = "inproc://mumble..."; bool b; NUTS_OPEN(s1); @@ -400,30 +400,10 @@ test_listener_options(void) NUTS_OPEN(s1); -#ifndef NNG_ELIDE_DEPRECATED - // Create a listener with the specified options - NUTS_PASS(nng_socket_set_size(s1, NNG_OPT_RECVMAXSZ, 543)); NUTS_PASS(nng_listener_create(&l, s1, "inproc://listener_opts")); - NUTS_PASS(nng_listener_get_size(l, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 543); - - // Verify endpoint overrides NUTS_PASS(nng_listener_set_size(l, NNG_OPT_RECVMAXSZ, 678)); NUTS_PASS(nng_listener_get_size(l, NNG_OPT_RECVMAXSZ, &sz)); NUTS_TRUE(sz == 678); - NUTS_PASS(nng_socket_get_size(s1, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 543); - - // And socket overrides again - NUTS_PASS(nng_socket_set_size(s1, NNG_OPT_RECVMAXSZ, 911)); - NUTS_PASS(nng_listener_get_size(l, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 911); -#else - NUTS_PASS(nng_listener_create(&l, s1, "inproc://listener_opts")); - NUTS_PASS(nng_listener_set_size(l, NNG_OPT_RECVMAXSZ, 678)); - NUTS_PASS(nng_listener_get_size(l, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 678); -#endif // Cannot set invalid options NUTS_FAIL(nng_listener_set_size(l, "BAD_OPT", 1), NNG_ENOTSUP); @@ -456,31 +436,10 @@ test_dialer_options(void) NUTS_OPEN(s1); -#ifndef NNG_ELIDE_DEPRECATED - // NOTE: This test will fail if eliding deprecated behavior. - // Create a dialer with the specified options - NUTS_PASS(nng_socket_set_size(s1, NNG_OPT_RECVMAXSZ, 543)); NUTS_PASS(nng_dialer_create(&d, s1, "inproc://dialer_opts")); - NUTS_PASS(nng_dialer_get_size(d, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 543); - - // Verify endpoint overrides NUTS_PASS(nng_dialer_set_size(d, NNG_OPT_RECVMAXSZ, 678)); NUTS_PASS(nng_dialer_get_size(d, NNG_OPT_RECVMAXSZ, &sz)); NUTS_TRUE(sz == 678); - NUTS_PASS(nng_socket_get_size(s1, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 543); - - // And socket overrides again - NUTS_PASS(nng_socket_set_size(s1, NNG_OPT_RECVMAXSZ, 911)); - NUTS_PASS(nng_dialer_get_size(d, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 911); -#else - NUTS_PASS(nng_dialer_create(&d, s1, "inproc://dialer_opts")); - NUTS_PASS(nng_dialer_set_size(d, NNG_OPT_RECVMAXSZ, 678)); - NUTS_PASS(nng_dialer_get_size(d, NNG_OPT_RECVMAXSZ, &sz)); - NUTS_TRUE(sz == 678); -#endif // Cannot set invalid options NUTS_FAIL(nng_dialer_set_size(d, "BAD_OPT", 1), NNG_ENOTSUP); @@ -588,7 +547,7 @@ test_size_options(void) nng_socket s1; size_t val; size_t sz; - char * opt; + char *opt; char *cases[] = { NNG_OPT_RECVMAXSZ, diff --git a/src/core/socket.c b/src/core/socket.c index c4e16f70..88a11382 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -1036,57 +1036,6 @@ nni_sock_setopt( 0) { return (rv); } - -#if !defined(NNG_ELIDE_DEPRECATED) - // TCP options, set via socket is deprecated. - } else if ((strcmp(name, NNG_OPT_TCP_KEEPALIVE) == 0) || - (strcmp(name, NNG_OPT_TCP_NODELAY)) == 0) { - if ((rv = nni_copyin_bool(NULL, v, sz, t)) != 0) { - return (rv); - } -#endif - -#if defined(NNG_SUPP_TLS) && !defined(NNG_ELIDE_DEPRECATED) - // TLS options may not be supported if TLS is not - // compiled in. Supporting all these is deprecated. - } else if (strcmp(name, NNG_OPT_TLS_CONFIG) == 0) { - nng_tls_config *tc; - if ((rv = nni_copyin_ptr((void **) &tc, v, sz, t)) != 0) { - return (rv); - } - // place a hold on this configuration object - nng_tls_config_hold(tc); - - } else if ((strcmp(name, NNG_OPT_TLS_SERVER_NAME) == 0) || - (strcmp(name, NNG_OPT_TLS_CA_FILE) == 0) || - (strcmp(name, NNG_OPT_TLS_CERT_KEY_FILE) == 0)) { - if ((t != NNI_TYPE_OPAQUE) && (t != NNI_TYPE_STRING)) { - return (NNG_EBADTYPE); - } - if (nni_strnlen(v, sz) >= sz) { - return (NNG_EINVAL); - } - } else if ((strcmp(name, NNG_OPT_TLS_AUTH_MODE) == 0)) { - // 0, 1, or 2 (none, optional, required) - if ((rv = nni_copyin_int(NULL, v, sz, 0, 2, t)) != 0) { - return (rv); - } -#endif - -#if defined(NNG_PLATFORM_POSIX) && !defined(NNG_ELIDE_DEPRECATED) - } else if (strcmp(name, NNG_OPT_IPC_PERMISSIONS) == 0) { - // UNIX mode bits are 0777, but allow set id and sticky bits - if ((rv = nni_copyin_int(NULL, v, sz, 0, 07777, t)) != 0) { - return (rv); - } -#endif - -#if defined(NNG_PLATFORM_WINDOWS) && !defined(NNG_ELIDE_DEPRECATED) - } else if (strcmp(name, NNG_OPT_IPC_SECURITY_DESCRIPTOR) == 0) { - if ((rv = nni_copyin_ptr(NULL, v, sz, t)) == 0) { - return (rv); - } -#endif } // Prepare a copy of the socket option. @@ -1122,38 +1071,6 @@ nni_sock_setopt( } } -#ifndef NNG_ELIDE_DEPRECATED - nni_dialer *d; - nni_listener *l; - - // Apply the options. Failure to set any option on any - // transport (other than ENOTSUP) stops the operation - // altogether. Its important that transport wide checks - // properly pre-validate. - NNI_LIST_FOREACH (&s->s_listeners, l) { - int x; - x = nni_listener_setopt(l, optv->name, optv->data, sz, t); - if (x != NNG_ENOTSUP) { - if ((rv = x) != 0) { - nni_mtx_unlock(&s->s_mx); - nni_free_opt(optv); - return (rv); - } - } - } - NNI_LIST_FOREACH (&s->s_dialers, d) { - int x; - x = nni_dialer_setopt(d, optv->name, optv->data, sz, t); - if (x != NNG_ENOTSUP) { - if ((rv = x) != 0) { - nni_mtx_unlock(&s->s_mx); - nni_free_opt(optv); - return (rv); - } - } - } -#endif - if (rv == 0) { // Remove and toss the old value; we are using a new one. if (oldv != NULL) { diff --git a/src/platform/posix/posix_tcpdial.c b/src/platform/posix/posix_tcpdial.c index cf3d9368..6aea8ae5 100644 --- a/src/platform/posix/posix_tcpdial.c +++ b/src/platform/posix/posix_tcpdial.c @@ -37,7 +37,8 @@ nni_tcp_dialer_init(nni_tcp_dialer **dp) return (NNG_ENOMEM); } nni_mtx_init(&d->mtx); - d->closed = false; + d->closed = false; + d->nodelay = true; nni_aio_list_init(&d->connq); nni_atomic_init_bool(&d->fini); nni_atomic_init64(&d->ref); diff --git a/src/platform/posix/posix_tcplisten.c b/src/platform/posix/posix_tcplisten.c index 95be4beb..a38411c5 100644 --- a/src/platform/posix/posix_tcplisten.c +++ b/src/platform/posix/posix_tcplisten.c @@ -1,5 +1,5 @@ // -// Copyright 2020 Staysail Systems, Inc. <info@staysail.tech> +// Copyright 2024 Staysail Systems, Inc. <info@staysail.tech> // Copyright 2018 Capitar IT Group BV <info@capitar.com> // Copyright 2018 Devolutions <info@devolutions.net> // @@ -56,6 +56,7 @@ nni_tcp_listener_init(nni_tcp_listener **lp) l->pfd = NULL; l->closed = false; l->started = false; + l->nodelay = true; nni_aio_list_init(&l->acceptq); *lp = l; diff --git a/src/platform/windows/win_tcpdial.c b/src/platform/windows/win_tcpdial.c index bc5d6f5d..dbdd0762 100644 --- a/src/platform/windows/win_tcpdial.c +++ b/src/platform/windows/win_tcpdial.c @@ -43,6 +43,7 @@ nni_tcp_dialer_init(nni_tcp_dialer **dp) ZeroMemory(d, sizeof(*d)); nni_mtx_init(&d->mtx); nni_aio_list_init(&d->aios); + d->nodelay = true; // Create a scratch socket for use with ioctl. s = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP); diff --git a/src/sp/transport/tcp/tcp_test.c b/src/sp/transport/tcp/tcp_test.c index 005fd2b0..5a4e5647 100644 --- a/src/sp/transport/tcp/tcp_test.c +++ b/src/sp/transport/tcp/tcp_test.c @@ -144,10 +144,6 @@ test_tcp_no_delay_option(void) NUTS_ADDR(addr, "tcp"); NUTS_OPEN(s); -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v); -#endif NUTS_PASS(nng_dialer_create(&d, s, addr)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v)); NUTS_TRUE(v); @@ -178,17 +174,6 @@ test_tcp_no_delay_option(void) NUTS_PASS(nng_dialer_close(d)); NUTS_PASS(nng_listener_close(l)); - // Make sure socket wide defaults apply. -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, true)); - v = false; - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v); - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, false)); - NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v == false); -#endif NUTS_CLOSE(s); } @@ -204,10 +189,6 @@ test_tcp_keep_alive_option(void) NUTS_ADDR(addr, "tcp"); NUTS_OPEN(s); -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v == false); -#endif NUTS_PASS(nng_dialer_create(&d, s, addr)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v)); NUTS_TRUE(v == false); @@ -230,17 +211,6 @@ test_tcp_keep_alive_option(void) NUTS_PASS(nng_dialer_close(d)); NUTS_PASS(nng_listener_close(l)); - // Make sure socket wide defaults apply. -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, false)); - v = true; - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v == false); - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, true)); - NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v); -#endif NUTS_CLOSE(s); } diff --git a/src/sp/transport/tls/tls_tran_test.c b/src/sp/transport/tls/tls_tran_test.c index d2425b09..ee11d8b9 100644 --- a/src/sp/transport/tls/tls_tran_test.c +++ b/src/sp/transport/tls/tls_tran_test.c @@ -49,18 +49,15 @@ tls_client_config(void) static void test_tls_wild_card_connect_fail(void) { - nng_socket s; - nng_tls_config *c; - char addr[NNG_MAXADDRLEN]; + nng_socket s; + nng_dialer d; + char addr[NNG_MAXADDRLEN]; NUTS_OPEN(s); - c = tls_client_config(); - nng_socket_set_ptr(s, NNG_OPT_TLS_CONFIG, c); (void) snprintf( addr, sizeof(addr), "tls+tcp://*:%u", nuts_next_port()); - NUTS_FAIL(nng_dial(s, addr, NULL, 0), NNG_EADDRINVAL); + NUTS_FAIL(nng_dialer_create(&d, s, addr), NNG_EADDRINVAL); NUTS_CLOSE(s); - nng_tls_config_free(c); } void @@ -68,6 +65,8 @@ test_tls_wild_card_bind(void) { nng_socket s1; nng_socket s2; + nng_listener l; + nng_dialer d; char addr[NNG_MAXADDRLEN]; uint16_t port; nng_tls_config *cc; @@ -81,11 +80,13 @@ test_tls_wild_card_bind(void) NUTS_OPEN(s1); NUTS_OPEN(s2); (void) snprintf(addr, sizeof(addr), "tls+tcp4://*:%u", port); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, sc); - nng_socket_set_ptr(s2, NNG_OPT_TLS_CONFIG, cc); - NUTS_PASS(nng_listen(s1, addr, NULL, 0)); + NUTS_PASS(nng_listener_create(&l, s1, addr)); + NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, sc)); + NUTS_PASS(nng_listener_start(l, 0)); (void) snprintf(addr, sizeof(addr), "tls+tcp://127.0.0.1:%u", port); - NUTS_PASS(nng_dial(s2, addr, NULL, 0)); + NUTS_PASS(nng_dialer_create(&d, s2, addr)); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, cc)); + NUTS_PASS(nng_dialer_start(d, 0)); NUTS_CLOSE(s2); NUTS_CLOSE(s1); nng_tls_config_free(cc); @@ -100,22 +101,25 @@ test_tls_port_zero_bind(void) nng_tls_config *c1, *c2; nng_sockaddr sa; nng_listener l; + nng_dialer d; char *addr; c1 = tls_server_config(); c2 = tls_client_config(); NUTS_OPEN(s1); NUTS_OPEN(s2); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1); - nng_socket_set_ptr(s2, NNG_OPT_TLS_CONFIG, c2); - NUTS_PASS(nng_listen(s1, "tls+tcp://127.0.0.1:0", &l, 0)); + NUTS_PASS(nng_listener_create(&l, s1, "tls+tcp://127.0.0.1:0")); + NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_listener_start(l, 0)); NUTS_PASS(nng_listener_get_string(l, NNG_OPT_URL, &addr)); NUTS_TRUE(memcmp(addr, "tls+tcp://", 6) == 0); NUTS_PASS(nng_listener_get_addr(l, NNG_OPT_LOCADDR, &sa)); NUTS_TRUE(sa.s_in.sa_family == NNG_AF_INET); NUTS_TRUE(sa.s_in.sa_port != 0); NUTS_TRUE(sa.s_in.sa_addr = nuts_be32(0x7f000001)); - NUTS_PASS(nng_dial(s2, addr, NULL, 0)); + NUTS_PASS(nng_dialer_create(&d, s2, addr)); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_dialer_start(d, 0)); nng_strfree(addr); NUTS_CLOSE(s2); NUTS_CLOSE(s1); @@ -130,6 +134,8 @@ test_tls_local_address_connect(void) nng_socket s1; nng_socket s2; nng_tls_config *c1, *c2; + nng_dialer d; + nng_listener l; char addr[NNG_MAXADDRLEN]; uint16_t port; @@ -137,14 +143,16 @@ test_tls_local_address_connect(void) c2 = tls_client_config(); NUTS_OPEN(s1); NUTS_OPEN(s2); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1); - nng_socket_set_ptr(s2, NNG_OPT_TLS_CONFIG, c2); port = nuts_next_port(); (void) snprintf(addr, sizeof(addr), "tls+tcp://127.0.0.1:%u", port); - NUTS_PASS(nng_listen(s1, addr, NULL, 0)); + NUTS_PASS(nng_listener_create(&l, s1, addr)); + NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_listener_start(l, 0)); (void) snprintf( addr, sizeof(addr), "tls+tcp://127.0.0.1;127.0.0.1:%u", port); - NUTS_PASS(nng_dial(s2, addr, NULL, 0)); + NUTS_PASS(nng_dialer_create(&d, s2, addr)); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c2)); + NUTS_PASS(nng_dialer_start(d, 0)); NUTS_CLOSE(s2); NUTS_CLOSE(s1); nng_tls_config_free(c1); @@ -152,47 +160,11 @@ test_tls_local_address_connect(void) } void -test_tls_bad_local_interface(void) -{ - nng_socket s1; - nng_tls_config *c1; - int rv; - - c1 = tls_client_config(); - NUTS_OPEN(s1); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1); - nng_tls_config_free(c1); // ref count held by socket - rv = nng_dial(s1, "tcp://bogus1;127.0.0.1:80", NULL, 0), - NUTS_TRUE(rv != 0); - NUTS_TRUE(rv != NNG_ECONNREFUSED); - NUTS_CLOSE(s1); -} - -void -test_tls_non_local_address(void) -{ - nng_socket s1; - nng_tls_config *c1; - - c1 = tls_client_config(); - NUTS_OPEN(s1); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1); - NUTS_FAIL(nng_dial(s1, "tls+tcp://8.8.8.8;127.0.0.1:80", NULL, 0), - NNG_EADDRINVAL); - NUTS_CLOSE(s1); - nng_tls_config_free(c1); -} - -void test_tls_malformed_address(void) { - nng_socket s1; - nng_tls_config *c1; + nng_socket s1; NUTS_OPEN(s1); - c1 = tls_client_config(); - nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1); - nng_tls_config_free(c1); NUTS_FAIL( nng_dial(s1, "tls+tcp://127.0.0.1", NULL, 0), NNG_EADDRINVAL); NUTS_FAIL( @@ -222,10 +194,6 @@ test_tls_no_delay_option(void) lc = tls_server_config(); NUTS_OPEN(s); -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v); -#endif NUTS_PASS(nng_dialer_create(&d, s, addr)); NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, dc)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v)); @@ -258,17 +226,6 @@ test_tls_no_delay_option(void) NUTS_PASS(nng_dialer_close(d)); NUTS_PASS(nng_listener_close(l)); - // Make sure socket wide defaults apply. -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, true)); - v = false; - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v); - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, false)); - NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v)); - NUTS_TRUE(v == false); -#endif NUTS_CLOSE(s); nng_tls_config_free(lc); nng_tls_config_free(dc); @@ -289,10 +246,6 @@ test_tls_keep_alive_option(void) lc = tls_server_config(); NUTS_ADDR(addr, "tls+tcp"); NUTS_OPEN(s); -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v == false); -#endif NUTS_PASS(nng_dialer_create(&d, s, addr)); NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, dc)); NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v)); @@ -317,17 +270,6 @@ test_tls_keep_alive_option(void) NUTS_PASS(nng_dialer_close(d)); NUTS_PASS(nng_listener_close(l)); - // Make sure socket wide defaults apply. -#ifndef NNG_ELIDE_DEPRECATED - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, false)); - v = true; - NUTS_PASS(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v == false); - NUTS_PASS(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, true)); - NUTS_PASS(nng_dialer_create(&d, s, addr)); - NUTS_PASS(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v)); - NUTS_TRUE(v); -#endif NUTS_CLOSE(s); nng_tls_config_free(lc); nng_tls_config_free(dc); @@ -342,6 +284,7 @@ test_tls_recv_max(void) nng_socket s1; nng_tls_config *c0, *c1; nng_listener l; + nng_dialer d; size_t sz; char *addr; @@ -360,8 +303,9 @@ test_tls_recv_max(void) NUTS_PASS(nng_listener_start(l, 0)); NUTS_OPEN(s1); - NUTS_PASS(nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1)); - NUTS_PASS(nng_dial(s1, addr, NULL, 0)); + NUTS_PASS(nng_dialer_create(&d, s1, addr)); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_dialer_start(d, 0)); NUTS_PASS(nng_send(s1, msg, 95, 0)); NUTS_PASS(nng_socket_set_ms(s1, NNG_OPT_SENDTIMEO, 100)); NUTS_PASS(nng_recv(s0, buf, &sz, 0)); @@ -383,6 +327,7 @@ test_tls_psk(void) nng_socket s1; nng_tls_config *c0, *c1; nng_listener l; + nng_dialer d; size_t sz; char *addr; uint8_t key[32]; @@ -402,8 +347,9 @@ test_tls_psk(void) NUTS_PASS(nng_listener_start(l, 0)); NUTS_OPEN(s1); - NUTS_PASS(nng_socket_set_ptr(s1, NNG_OPT_TLS_CONFIG, c1)); - NUTS_PASS(nng_dial(s1, addr, NULL, 0)); + NUTS_PASS(nng_dialer_create(&d, s1, addr)); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c1)); + NUTS_PASS(nng_dialer_start(d, 0)); NUTS_PASS(nng_send(s1, msg, 95, 0)); NUTS_PASS(nng_recv(s0, buf, &sz, 0)); NUTS_TRUE(sz == 95); @@ -419,8 +365,6 @@ NUTS_TESTS = { { "tls wild card bind", test_tls_wild_card_bind }, { "tls port zero bind", test_tls_port_zero_bind }, { "tls local address connect", test_tls_local_address_connect }, - { "tls bad local interface", test_tls_bad_local_interface }, - { "tls non-local address", test_tls_non_local_address }, { "tls malformed address", test_tls_malformed_address }, { "tls no delay option", test_tls_no_delay_option }, { "tls keep alive option", test_tls_keep_alive_option }, diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 40828eff..35a3b44f 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -138,7 +138,6 @@ add_nng_test(pipe 5) add_nng_test(pollfd 5) add_nng_test(scalability 20 ON) add_nng_test(synch 5) -add_nng_test(tls 60) add_nng_test(tcpsupp 10) add_nng_test(tcp 180) add_nng_test(tcp6 60) diff --git a/tests/tls.c b/tests/tls.c deleted file mode 100644 index c218a5a6..00000000 --- a/tests/tls.c +++ /dev/null @@ -1,634 +0,0 @@ -// -// Copyright 2018 Capitar IT Group BV <info@capitar.com> -// Copyright 2024 Staysail Systems, Inc. <info@staysail.tech> -// -// This software is supplied under the terms of the MIT License, a -// copy of which should be located in the distribution where this -// file was obtained (LICENSE.txt). A copy of the license may also be -// found online at https://opensource.org/licenses/MIT. -// - -// TLS tests. - -#ifndef _WIN32 -#include <arpa/inet.h> -#endif - -#include <nng/nng.h> -#include <nng/protocol/pair1/pair.h> -#include <nng/supplemental/tls/tls.h> - -#include "convey.h" -#include "stubs.h" -#include "trantest.h" - -// These keys are for demonstration purposes ONLY. DO NOT USE. -// The certificate is valid for 100 years, because I don't want to -// have to regenerate it ever again. The CN is 127.0.0.1, and self-signed. -// - -static const char cert[] = - "-----BEGIN CERTIFICATE-----\n" - "MIIDRzCCAi8CFCOIJGs6plMawgBYdDuCRV7UuJuyMA0GCSqGSIb3DQEBCwUAMF8x\n" - "CzAJBgNVBAYTAlhYMQ8wDQYDVQQIDAZVdG9waWExETAPBgNVBAcMCFBhcmFkaXNl\n" - "MRgwFgYDVQQKDA9OTkcgVGVzdHMsIEluYy4xEjAQBgNVBAMMCWxvY2FsaG9zdDAg\n" - "Fw0yMDA1MjMyMzMxMTlaGA8yMTIwMDQyOTIzMzExOVowXzELMAkGA1UEBhMCWFgx\n" - "DzANBgNVBAgMBlV0b3BpYTERMA8GA1UEBwwIUGFyYWRpc2UxGDAWBgNVBAoMD05O\n" - "RyBUZXN0cywgSW5jLjESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0B\n" - "AQEFAAOCAQ8AMIIBCgKCAQEAyPdnRbMrQj9902TGQsmMbG6xTSl9XKbJr55BcnyZ\n" - "ifsrqA7BbNSkndVw9Qq+OJQIDBTfRhGdG+o9j3h6SDVvIb62fWtwJ5Fe0eUmeYwP\n" - "c1PKQzOmMFlMYekXiZsx60yu5LeuUhGlb84+csImH+m3NbutInPJcStSq0WfSV6V\n" - "Nk6DN3535ex66zV2Ms6ikys1vCC434YqIpe1VxUh+IC2widJcLDCxmmJt3TOlx5f\n" - "9OcKMkxuH4fMAzgjIEpIrUjdb19CGNVvsNrEEB2CShBMgBdqMaAnKFxpKgfzS0JF\n" - "ulxRGNtpsrweki+j+a4sJXTv40kELkRQS6uB6wWZNjcPywIDAQABMA0GCSqGSIb3\n" - "DQEBCwUAA4IBAQA86Fqrd4aiih6R3fwiMLwV6IQJv+u5rQeqA4D0xu6v6siP42SJ\n" - "YMaI2DkNGrWdSFVSHUK/efceCrhnMlW7VM8I1cyl2F/qKMfnT72cxqqquiKtQKdT\n" - "NDTzv61QMUP9n86HxMzGS7jg0Pknu55BsIRNK6ndDvI3D/K/rzZs4xbqWSSfNfQs\n" - "fNFBbOuDrkS6/1h3p8SY1uPM18WLVv3GO2T3aeNMHn7YJAKSn+sfaxzAPyPIK3UT\n" - "W8ecGQSHOqBJJQELyUfMu7lx/FCYKUhN7/1uhU5Qf1pCR8hkIMegtqr64yVBNMOn\n" - "248fuiHbs9BRknuA/PqjxIDDZTwtDrfVSO/S\n" - "-----END CERTIFICATE-----\n"; - -static const char key[] = - "-----BEGIN RSA PRIVATE KEY-----\n" - "MIIEowIBAAKCAQEAyPdnRbMrQj9902TGQsmMbG6xTSl9XKbJr55BcnyZifsrqA7B\n" - "bNSkndVw9Qq+OJQIDBTfRhGdG+o9j3h6SDVvIb62fWtwJ5Fe0eUmeYwPc1PKQzOm\n" - "MFlMYekXiZsx60yu5LeuUhGlb84+csImH+m3NbutInPJcStSq0WfSV6VNk6DN353\n" - "5ex66zV2Ms6ikys1vCC434YqIpe1VxUh+IC2widJcLDCxmmJt3TOlx5f9OcKMkxu\n" - "H4fMAzgjIEpIrUjdb19CGNVvsNrEEB2CShBMgBdqMaAnKFxpKgfzS0JFulxRGNtp\n" - "srweki+j+a4sJXTv40kELkRQS6uB6wWZNjcPywIDAQABAoIBAQCGSUsot+BgFCzv\n" - "5JbWafb7Pbwb421xS8HZJ9Zzue6e1McHNVTqc+zLyqQAGX2iMMhvykKnf32L+anJ\n" - "BKgxOANaeSVYCUKYLfs+JfDfp0druMGexhR2mjT/99FSkfF5WXREQLiq/j+dxiLU\n" - "bActq+5QaWf3bYddp6VF7O/TBvCNqBfD0+S0o0wtBdvxXItrKPTD5iKr9JfLWdAt\n" - "YNAk2QgFywFtY5zc2wt4queghF9GHeBzzZCuVj9QvPA4WdVq0mePaPTmvTYQUD0j\n" - "GT6X5j9JhqCwfh7trb/HfkmLHwwc62zPDFps+Dxao80+vss5b/EYZ4zY3S/K3vpG\n" - "f/e42S2BAoGBAP51HQYFJGC/wsNtOcX8RtXnRo8eYmyboH6MtBFrZxWl6ERigKCN\n" - "5Tjni7EI3nwi3ONg0ENPFkoQ8h0bcVFS7iW5kz5te73WaOFtpkU9rmuFDUz37eLP\n" - "d+JLZ5Kwfn2FM9HoiSAZAHowE0MIlmmIEXSnFtqA2zzorPQLO/4QlR+VAoGBAMov\n" - "R0yaHg3qPlxmCNyLXKiGaGNzvsvWjYw825uCGmVZfhzDhOiCFMaMb51BS5Uw/gwm\n" - "zHxmJjoqak8JjxaQ1qKPoeY1TJ5ps1+TRq9Wzm2/zGqJHOXnRPlqwBQ6AFllAMgt\n" - "Rlp5uqb8QJ+YEo6/1kdGhw9kZWCZEEue6MNQjxnfAoGARLkUkZ+p54di7qz9QX+V\n" - "EghYgibOpk6R1hviNiIvwSUByhZgbvxjwC6pB7NBg31W8wIevU8K0g4plbrnq/Md\n" - "5opsPhwLo4XY5albkq/J/7f7k6ISWYN2+WMsIe4Q+42SJUsMXeLiwh1h1mTnWrEp\n" - "JbxK69CJZbXhoDe4iDGqVNECgYAjlgS3n9ywWE1XmAHxR3osk1OmRYYMfJv3VfLV\n" - "QSYCNqkyyNsIzXR4qdkvVYHHJZNhcibFsnkB/dsuRCFyOFX+0McPLMxqiXIv3U0w\n" - "qVe2C28gRTfX40fJmpdqN/c9xMBJe2aJoClRIM8DCBIkG/HMI8a719DcGrS6iqKv\n" - "VeuKAwKBgEgD+KWW1KtoSjCBlS0NP8HjC/Rq7j99YhKE6b9h2slIa7JTO8RZKCa0\n" - "qbuomdUeJA3R8h+5CFkEKWqO2/0+dUdLNOjG+CaTFHaUJevzHOzIjpn+VsfCLV13\n" - "yupGzHG+tGtdrWgLn9Dzdp67cDfSnsSh+KODPECAAFfo+wPvD8DS\n" - "-----END RSA PRIVATE KEY-----\n"; - -static int -check_props_v4(nng_msg *msg) -{ - nng_pipe p; - size_t z; - bool b; - nng_sockaddr la; - nng_sockaddr ra; - - p = nng_msg_get_pipe(msg); - So(nng_pipe_id(p) > 0); - - // Typed access - So(nng_pipe_get_addr(p, NNG_OPT_LOCADDR, &la) == 0); - So(la.s_family == NNG_AF_INET); - So(la.s_in.sa_port == htons(trantest_port - 1)); - So(la.s_in.sa_port != 0); - So(la.s_in.sa_addr == htonl(0x7f000001)); - - // Untyped access - z = sizeof(nng_sockaddr); - So(nng_pipe_get(p, NNG_OPT_REMADDR, &ra, &z) == 0); - So(z == sizeof(ra)); - So(ra.s_family == NNG_AF_INET); - So(ra.s_in.sa_port != 0); - So(ra.s_in.sa_addr == htonl(0x7f000001)); - - So(nng_pipe_get_bool(p, NNG_OPT_TCP_KEEPALIVE, &b) == 0); - So(b == false); // default - - So(nng_pipe_get_bool(p, NNG_OPT_TCP_NODELAY, &b) == 0); - So(b == true); // default - - // Check for type enforcement - int i; - So(nng_pipe_get_int(p, NNG_OPT_REMADDR, &i) == NNG_EBADTYPE); - - z = 1; - So(nng_pipe_get(p, NNG_OPT_REMADDR, &ra, &z) == NNG_EINVAL); - - return (0); -} - -static int -init_dialer_tls_ex(nng_dialer d, bool own_cert) -{ - nng_tls_config *cfg; - int rv; - - if ((rv = nng_tls_config_alloc(&cfg, NNG_TLS_MODE_CLIENT)) != 0) { - return (rv); - } - - if ((rv = nng_tls_config_ca_chain(cfg, cert, NULL)) != 0) { - goto out; - } - - if ((rv = nng_tls_config_server_name(cfg, "localhost")) != 0) { - goto out; - } - nng_tls_config_auth_mode(cfg, NNG_TLS_AUTH_MODE_REQUIRED); - - if (own_cert) { - if ((rv = nng_tls_config_own_cert(cfg, cert, key, NULL)) != - 0) { - goto out; - } - } - - rv = nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, cfg); - -out: - nng_tls_config_free(cfg); - return (rv); -} - -static int -init_dialer_tls(nng_dialer d) -{ - return (init_dialer_tls_ex(d, false)); -} - -static int -init_listener_tls_ex(nng_listener l, int auth_mode) -{ - nng_tls_config *cfg; - int rv; - - if ((rv = nng_tls_config_alloc(&cfg, NNG_TLS_MODE_SERVER)) != 0) { - return (rv); - } - if ((rv = nng_tls_config_own_cert(cfg, cert, key, NULL)) != 0) { - goto out; - } - if ((rv = nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, cfg)) != 0) { - goto out; - } - switch (auth_mode) { - case NNG_TLS_AUTH_MODE_REQUIRED: - case NNG_TLS_AUTH_MODE_OPTIONAL: - if ((rv = nng_tls_config_ca_chain(cfg, cert, NULL)) != 0) { - goto out; - } - break; - default: - break; - } - if ((rv = nng_tls_config_auth_mode(cfg, auth_mode)) != 0) { - goto out; - } -out: - nng_tls_config_free(cfg); - return (0); -} - -static int -init_listener_tls(nng_listener l) -{ - return (init_listener_tls_ex(l, NNG_TLS_AUTH_MODE_NONE)); -} - -static int -init_dialer_tls_file(nng_dialer d) -{ - int rv; - char *tmpdir; - char *pth; - - if ((tmpdir = nni_plat_temp_dir()) == NULL) { - return (NNG_ENOTSUP); - } - if ((pth = nni_file_join(tmpdir, "tls_test_cacert.pem")) == NULL) { - nni_strfree(tmpdir); - return (NNG_ENOMEM); - } - nni_strfree(tmpdir); - - if ((rv = nni_file_put(pth, cert, strlen(cert))) != 0) { - nni_strfree(pth); - return (rv); - } - - rv = nng_dialer_set_string(d, NNG_OPT_TLS_CA_FILE, pth); - nni_file_delete(pth); - nni_strfree(pth); - - return (rv); -} - -static int -init_listener_tls_file(nng_listener l) -{ - int rv; - char *tmpdir; - char *pth; - char *certkey; - - if ((tmpdir = nni_plat_temp_dir()) == NULL) { - return (NNG_ENOTSUP); - } - - if ((pth = nni_file_join(tmpdir, "tls_test_certkey.pem")) == NULL) { - nni_strfree(tmpdir); - return (NNG_ENOMEM); - } - nni_strfree(tmpdir); - - if ((rv = nni_asprintf(&certkey, "%s\r\n%s\r\n", cert, key)) != 0) { - nni_strfree(pth); - return (rv); - } - - rv = nni_file_put(pth, certkey, strlen(certkey)); - nni_strfree(certkey); - if (rv != 0) { - nni_strfree(pth); - return (rv); - } - - rv = nng_listener_set_string(l, NNG_OPT_TLS_CERT_KEY_FILE, pth); - if (rv != 0) { - // We can wind up with EBUSY from the server already - // running. - if (rv == NNG_EBUSY) { - rv = 0; - } - } - - nni_file_delete(pth); - nni_strfree(pth); - return (rv); -} - -TestMain("TLS Transport", { - static trantest tt; - - nng_log_set_logger(nng_stderr_logger); - nng_log_set_level(NNG_LOG_INFO); - - if (strcmp(nng_tls_engine_name(), "none") == 0) { - Skip("TLS not enabled"); - } - - tt.dialer_init = init_dialer_tls; - tt.listener_init = init_listener_tls; - tt.tmpl = "tls+tcp://127.0.0.1:"; - tt.proptest = check_props_v4; - - trantest_test(&tt); - - Convey("We cannot connect to wild cards", { - nng_socket s; - char addr[NNG_MAXADDRLEN]; - - So(nng_pair_open(&s) == 0); - Reset({ nng_close(s); }); - trantest_next_address(addr, "tls+tcp://*:"); - So(nng_dial(s, addr, NULL, 0) == NNG_EADDRINVAL); - }); - - Convey("We can bind to wild card", { - nng_socket s1; - nng_socket s2; - char addr[NNG_MAXADDRLEN]; - nng_listener l; - nng_dialer d; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - trantest_next_address(addr, "tls+tcp://*:"); - So(nng_listener_create(&l, s1, addr) == 0); - So(init_listener_tls(l) == 0); - // reset port back one - trantest_prev_address(addr, "tls+tcp://127.0.0.1:"); - So(nng_dialer_create(&d, s2, addr) == 0); - So(init_dialer_tls(d) == 0); - So(nng_dialer_set_int( - d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_NONE) == 0); - So(nng_listener_start(l, 0) == 0); - So(nng_dialer_start(d, 0) == 0); - }); - - SkipConvey("We can bind to port zero", { - nng_socket s1; - nng_socket s2; - nng_listener l; - nng_dialer d; - char *addr; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - So(nng_listener_create(&l, s1, "tls+tcp://127.0.0.1:0") == 0); - So(init_listener_tls(l) == 0); - So(nng_listener_start(l, 0) == 0); - So(nng_listener_get_string(l, NNG_OPT_URL, &addr) == 0); - So(nng_dialer_create(&d, s2, addr) == 0); - So(init_dialer_tls(d) == 0); - So(nng_dialer_set_int( - d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_NONE) == 0); - So(nng_dialer_start(d, 0) == 0); - nng_strfree(addr); - }); - - Convey("Malformed TLS addresses do not panic", { - nng_socket s1; - - So(nng_pair_open(&s1) == 0); - Reset({ nng_close(s1); }); - - // Note that if we listen to an unspecified port, then we - // get a random port. So we don't look at that. This allows - // a user to obtain a port at random and then query to see - // which one was chosen. - - So(nng_dial(s1, "tls+tcp://127.0.0.1", NULL, 0) == - NNG_EADDRINVAL); - So(nng_dial(s1, "tls+tcp://127.0.0.1.32", NULL, 0) == - NNG_EADDRINVAL); - So(nng_dial(s1, "tls+tcp://127.0.x.1.32", NULL, 0) == - NNG_EADDRINVAL); - So(nng_listen(s1, "tls+tcp://127.0.0.1.32", NULL, 0) == - NNG_EADDRINVAL); - So(nng_listen(s1, "tls+tcp://127.0.x.1.32", NULL, 0) == - NNG_EADDRINVAL); - }); - - Convey("We can use local interface to connect", { - nng_socket s1; - nng_socket s2; - nng_listener l; - nng_dialer d; - char addr[NNG_MAXADDRLEN]; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - trantest_next_address(addr, "tls+tcp://127.0.0.1:"); - So(nng_listener_create(&l, s1, addr) == 0); - So(init_listener_tls(l) == 0); - So(nng_listener_start(l, 0) == 0); - // reset port back one - trantest_prev_address(addr, "tls+tcp://127.0.0.1;127.0.0.1:"); - So(nng_dialer_create(&d, s2, addr) == 0); - So(init_dialer_tls(d) == 0); - So(nng_dialer_start(d, 0) == 0); - }); - - Convey("Botched local interfaces fail reasonably", { - nng_socket s1; - - So(nng_pair_open(&s1) == 0); - Reset({ nng_close(s1); }); - So(nng_dial(s1, "tcp://1x.2;127.0.0.1:80", NULL, 0) == - NNG_EADDRINVAL); - }); - - Convey("Can't specify address that isn't ours", { - nng_socket s1; - - So(nng_pair_open(&s1) == 0); - Reset({ nng_close(s1); }); - So(nng_dial(s1, "tcp://8.8.8.8;127.0.0.1:80", NULL, 0) == - NNG_EADDRINVAL); - }); - - // We really need to have pipe start/negotiate as one of the key steps - // during connect establish. Until that happens, we cannot verify the - // peer. See bug #208. - SkipConvey("Verify works", { - nng_socket s1; - nng_socket s2; - nng_listener l; - size_t sz; - char addr[NNG_MAXADDRLEN]; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - trantest_next_address(addr, "tls+tcp://:"); - So(nng_listener_create(&l, s1, addr) == 0); - So(init_listener_tls_file(NULL, l) == 0); - So(nng_listener_start(l, 0) == 0); - nng_msleep(100); - - // reset port back one - trantest_prev_address(addr, "tls+tcp://127.0.0.1:"); - So(nng_socket_set_int(s2, NNG_OPT_TLS_AUTH_MODE, - NNG_TLS_AUTH_MODE_REQUIRED) == 0); - - So(nng_dial(s2, addr, NULL, 0) == NNG_EPEERAUTH); - }); - - Convey("No verify works", { - nng_socket s1; // server - nng_socket s2; // client - nng_listener l; - char addr[NNG_MAXADDRLEN]; - nng_msg *msg; - nng_pipe p; - bool b; - nng_dialer d; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - trantest_next_address(addr, "tls+tcp://*:"); - So(nng_listener_create(&l, s1, addr) == 0); - So(init_listener_tls_file(l) == 0); - So(nng_listener_set_int(l, NNG_OPT_TLS_AUTH_MODE, - NNG_TLS_AUTH_MODE_OPTIONAL) == 0); - So(nng_listener_start(l, 0) == 0); - nng_msleep(100); - - // reset port back one - trantest_prev_address(addr, "tls+tcp://127.0.0.1:"); - So(nng_socket_set_ms(s2, NNG_OPT_RECVTIMEO, 200) == 0); - So(nng_dialer_create(&d, s2, addr) == 0); - So(init_dialer_tls_file(d) == 0); - So(nng_dialer_set_string( - d, NNG_OPT_TLS_SERVER_NAME, "localhost") == 0); - So(nng_dialer_start(d, 0) == 0); - - So(nng_send(s2, "hello", 6, 0) == 0); - So(nng_recvmsg(s1, &msg, 0) == 0); - So(msg != NULL); - So(nng_msg_len(msg) == 6); - So(strcmp(nng_msg_body(msg), "hello") == 0); - p = nng_msg_get_pipe(msg); - So(nng_pipe_id(p) > 0); - So(nng_pipe_get_bool(p, NNG_OPT_TLS_VERIFIED, &b) == 0); - So(b == false); - nng_msg_free(msg); - }); - - Convey("Valid verify works", { - nng_socket s1; - nng_socket s2; - nng_listener l; - nng_dialer d; - char addr[NNG_MAXADDRLEN]; - nng_msg *msg; - nng_pipe p; - bool b; - - So(nng_pair_open(&s1) == 0); - So(nng_pair_open(&s2) == 0); - Reset({ - nng_close(s2); - nng_close(s1); - }); - trantest_next_address(addr, "tls+tcp4://*:"); - So(nng_listener_create(&l, s1, addr) == 0); - So(init_listener_tls_ex(l, NNG_TLS_AUTH_MODE_REQUIRED) == 0); - So(nng_listener_start(l, 0) == 0); - - nng_msleep(100); - - // reset port back one - trantest_prev_address(addr, "tls+tcp4://localhost:"); - So(nng_dialer_create(&d, s2, addr) == 0); - So(init_dialer_tls_ex(d, true) == 0); - - So(nng_socket_set_ms(s2, NNG_OPT_RECVTIMEO, 200) == 0); - So(nng_dialer_start(d, 0) == 0); - nng_msleep(100); - - // send from the server to the client-- the client always - // verifies the server. - So(nng_send(s2, "hello", 6, 0) == 0); - So(nng_recvmsg(s1, &msg, 0) == 0); - So(msg != NULL); - So(nng_msg_len(msg) == 6); - So(strcmp(nng_msg_body(msg), "hello") == 0); - p = nng_msg_get_pipe(msg); - So(nng_pipe_id(p) > 0); - So(nng_pipe_get_bool(p, NNG_OPT_TLS_VERIFIED, &b) == 0); - So(b == true); - int i; - So(nng_pipe_get_int(p, NNG_OPT_TLS_VERIFIED, &i) == - NNG_EBADTYPE); - nng_msg_free(msg); - }); - - Convey("No delay option", { - nng_socket s; - nng_dialer d; - nng_listener l; - bool v; - int x; - - So(nng_pair_open(&s) == 0); - Reset({ nng_close(s); }); - So(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == true); - So(nng_dialer_create(&d, s, "tcp://127.0.0.1:4999") == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == true); - So(nng_dialer_set_bool(d, NNG_OPT_TCP_NODELAY, false) == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == false); - So(nng_dialer_get_int(d, NNG_OPT_TCP_NODELAY, &x) == - NNG_EBADTYPE); - x = 0; - So(nng_dialer_set_int(d, NNG_OPT_TCP_NODELAY, x) == - NNG_EBADTYPE); - // This assumes sizeof (bool) != sizeof (int) - So(nng_dialer_set(d, NNG_OPT_TCP_NODELAY, &x, sizeof(x)) == - NNG_EINVAL); - - So(nng_listener_create(&l, s, "tcp://127.0.0.1:4999") == 0); - So(nng_listener_get_bool(l, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == true); - x = 0; - So(nng_listener_set_int(l, NNG_OPT_TCP_NODELAY, x) == - NNG_EBADTYPE); - // This assumes sizeof (bool) != sizeof (int) - So(nng_listener_set(l, NNG_OPT_TCP_NODELAY, &x, sizeof(x)) == - NNG_EINVAL); - - nng_dialer_close(d); - nng_listener_close(l); - - // Make sure socket wide defaults apply. - So(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, true) == 0); - v = false; - So(nng_socket_get_bool(s, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == true); - So(nng_socket_set_bool(s, NNG_OPT_TCP_NODELAY, false) == 0); - So(nng_dialer_create(&d, s, "tcp://127.0.0.1:4999") == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_NODELAY, &v) == 0); - So(v == false); - }); - - Convey("Keepalive option", { - nng_socket s; - nng_dialer d; - nng_listener l; - bool v; - int x; - - So(nng_pair_open(&s) == 0); - Reset({ nng_close(s); }); - So(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == false); - So(nng_dialer_create(&d, s, "tcp://127.0.0.1:4999") == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == false); - So(nng_dialer_set_bool(d, NNG_OPT_TCP_KEEPALIVE, true) == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == true); - So(nng_dialer_get_int(d, NNG_OPT_TCP_KEEPALIVE, &x) == - NNG_EBADTYPE); - x = 1; - So(nng_dialer_set_int(d, NNG_OPT_TCP_KEEPALIVE, x) == - NNG_EBADTYPE); - - So(nng_listener_create(&l, s, "tcp://127.0.0.1:4999") == 0); - So(nng_listener_get_bool(l, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == false); - x = 1; - So(nng_listener_set_int(l, NNG_OPT_TCP_KEEPALIVE, x) == - NNG_EBADTYPE); - - nng_dialer_close(d); - nng_listener_close(l); - - // Make sure socket wide defaults apply. - So(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, false) == 0); - v = true; - So(nng_socket_get_bool(s, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == false); - So(nng_socket_set_bool(s, NNG_OPT_TCP_KEEPALIVE, true) == 0); - So(nng_dialer_create(&d, s, "tcp://127.0.0.1:4999") == 0); - So(nng_dialer_get_bool(d, NNG_OPT_TCP_KEEPALIVE, &v) == 0); - So(v == true); - }); -}) |