diff options
| author | Garrett D'Amore <garrett@damore.org> | 2024-10-27 22:51:29 -0700 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2024-10-28 07:06:29 -0700 |
| commit | cbd8c5573ef6816d585d00d63568cf98aa6a97b8 (patch) | |
| tree | 52c2242be427f63dd862394de644394a4bc8c352 /src/supplemental/websocket | |
| parent | ef1cf275eded10ccfe24c44089eb044dd5cd48b4 (diff) | |
| download | nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.tar.gz nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.tar.bz2 nng-cbd8c5573ef6816d585d00d63568cf98aa6a97b8.zip | |
tls: Remove the individual TLS configuration options
This is a breaking change.
TLS configuration changes are to be made using TLS configuration
objects, and then set on a listener or dialer with NNG_OPT_TLS_CONFIG.
This should be a bit less racy, and allows for simpler code.
Diffstat (limited to 'src/supplemental/websocket')
| -rw-r--r-- | src/supplemental/websocket/wssfile_test.c | 46 |
1 files changed, 22 insertions, 24 deletions
diff --git a/src/supplemental/websocket/wssfile_test.c b/src/supplemental/websocket/wssfile_test.c index 51b78645..b449a6bf 100644 --- a/src/supplemental/websocket/wssfile_test.c +++ b/src/supplemental/websocket/wssfile_test.c @@ -9,6 +9,7 @@ // #include "core/nng_impl.h" +#include "nng/supplemental/tls/tls.h" #include <nuts.h> @@ -20,26 +21,30 @@ static void init_dialer_wss_file(nng_dialer d) { - char *tmpdir; - char *pth; + char *tmpdir; + char *pth; + nng_tls_config *c; NUTS_ASSERT((tmpdir = nni_plat_temp_dir()) != NULL); NUTS_ASSERT((pth = nni_file_join(tmpdir, CACERT)) != NULL); nng_strfree(tmpdir); NUTS_PASS(nni_file_put(pth, nuts_server_crt, strlen(nuts_server_crt))); - NUTS_PASS(nng_dialer_set_string(d, NNG_OPT_TLS_CA_FILE, pth)); - NUTS_PASS( - nng_dialer_set_string(d, NNG_OPT_TLS_SERVER_NAME, "localhost")); + NUTS_PASS(nng_tls_config_alloc(&c, NNG_TLS_MODE_CLIENT)); + NUTS_PASS(nng_tls_config_ca_file(c, pth)); + NUTS_PASS(nng_tls_config_server_name(c, "localhost")); + NUTS_PASS(nng_dialer_set_ptr(d, NNG_OPT_TLS_CONFIG, c)); nni_file_delete(pth); nng_strfree(pth); + nng_tls_config_free(c); } static void init_listener_wss_file(nng_listener l) { - char *tmpdir; - char *pth; - char *cert_key; + char *tmpdir; + char *pth; + char *cert_key; + nng_tls_config *c; NUTS_ASSERT((tmpdir = nni_plat_temp_dir()) != NULL); NUTS_ASSERT((pth = nni_file_join(tmpdir, CERT_KEY)) != NULL); @@ -50,10 +55,13 @@ init_listener_wss_file(nng_listener l) NUTS_PASS(nni_file_put(pth, cert_key, strlen(cert_key))); nng_strfree(cert_key); - NUTS_PASS(nng_listener_set_string(l, NNG_OPT_TLS_CERT_KEY_FILE, pth)); + NUTS_PASS(nng_tls_config_alloc(&c, NNG_TLS_MODE_SERVER)); + NUTS_PASS(nng_tls_config_cert_key_file(c, pth, pth)); + NUTS_PASS(nng_listener_set_ptr(l, NNG_OPT_TLS_CONFIG, c)); nni_file_delete(pth); nng_strfree(pth); + nng_tls_config_free(c); } static void @@ -85,8 +93,6 @@ test_invalid_verify(void) int rv; NUTS_PASS(nng_dialer_create(&d, s2, addr)); - NUTS_PASS(nng_dialer_set_int( - d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_REQUIRED)); rv = nng_dialer_start(d, 0); NUTS_TRUE(rv != 0); @@ -126,10 +132,6 @@ test_no_verify(void) snprintf(addr, sizeof(addr), "wss://127.0.0.1:%u/test", port); NUTS_PASS(nng_dialer_create(&d, s2, addr)); init_dialer_wss_file(d); - NUTS_PASS(nng_dialer_set_int( - d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_OPTIONAL)); - NUTS_PASS( - nng_dialer_set_string(d, NNG_OPT_TLS_SERVER_NAME, "localhost")); NUTS_PASS(nng_dialer_start(d, 0)); nng_msleep(100); @@ -203,17 +205,13 @@ test_verify_works(void) static void test_cert_file_not_present(void) { - nng_socket s1; - nng_listener l; - - NUTS_PASS(nng_pair_open(&s1)); - NUTS_PASS(nng_listener_create(&l, s1, "wss4://:0/test")); + nng_tls_config *c; - NUTS_FAIL(nng_listener_set_string( - l, NNG_OPT_TLS_CERT_KEY_FILE, "no-such-file.pem"), + NUTS_PASS(nng_tls_config_alloc(&c, NNG_TLS_MODE_SERVER)); + NUTS_FAIL(nng_tls_config_cert_key_file( + c, "no-such-file.pem", "no-such-file.pem"), NNG_ENOENT); - - NUTS_PASS(nng_close(s1)); + nng_tls_config_free(c); } #endif |