aboutsummaryrefslogtreecommitdiff
path: root/src/supplemental/websocket
diff options
context:
space:
mode:
Diffstat (limited to 'src/supplemental/websocket')
-rw-r--r--src/supplemental/websocket/CMakeLists.txt4
-rw-r--r--src/supplemental/websocket/wssfile_test.c169
2 files changed, 42 insertions, 131 deletions
diff --git a/src/supplemental/websocket/CMakeLists.txt b/src/supplemental/websocket/CMakeLists.txt
index 8effa931..200aeee4 100644
--- a/src/supplemental/websocket/CMakeLists.txt
+++ b/src/supplemental/websocket/CMakeLists.txt
@@ -10,10 +10,8 @@
if (NNG_SUPP_WEBSOCKET)
nng_sources(websocket.c websocket.h)
- if (NNG_SUPP_TLS)
- nng_test(wssfile_test)
- endif ()
else ()
nng_sources(stub.c)
endif ()
+nng_test(wssfile_test)
nng_test(websocket_test)
diff --git a/src/supplemental/websocket/wssfile_test.c b/src/supplemental/websocket/wssfile_test.c
index b678ddb0..8a0f95b2 100644
--- a/src/supplemental/websocket/wssfile_test.c
+++ b/src/supplemental/websocket/wssfile_test.c
@@ -1,5 +1,5 @@
//
-// Copyright 2019 Staysail Systems, Inc. <info@staysail.tech>
+// Copyright 2020 Staysail Systems, Inc. <info@staysail.tech>
// Copyright 2018 Capitar IT Group BV <info@capitar.com>
//
// This software is supplied under the terms of the MIT License, a
@@ -19,6 +19,7 @@
#include "acutest.h"
#include "testutil.h"
+#ifdef NNG_SUPP_TLS
// These keys are for demonstration purposes ONLY. DO NOT USE.
// The certificate is valid for 100 years, because I don't want to
// have to regenerate it ever again. The CN is 127.0.0.1, and self-signed.
@@ -96,105 +97,8 @@ static const char key[] =
"cL9dYcwse5FhNMjrQ/OKv6B38SIXpoKQUtjgkaMtmpK8cXX1eqEMNkM=\n"
"-----END RSA PRIVATE KEY-----\n";
-#if 0
-static int
-validloopback(nng_sockaddr *sa)
-{
- char ipv6[16];
- memset(ipv6, 0, sizeof(ipv6));
- ipv6[15] = 1;
-
- switch (sa->s_family) {
- case NNG_AF_INET:
- if (sa->s_in.sa_port == 0) {
- return (0);
- }
- if (sa->s_in.sa_addr != htonl(0x7f000001)) {
- return (0);
- }
- return (1);
-
- case NNG_AF_INET6:
- if (sa->s_in6.sa_port == 0) {
- return (0);
- }
- if (memcmp(sa->s_in6.sa_addr, ipv6, sizeof(ipv6)) != 0) {
- return (0);
- }
- return (1);
-
- default:
- return (0);
- }
-}
-
-static int
-check_props(nng_msg *msg)
-{
- nng_pipe p;
- size_t z;
- nng_sockaddr la;
- nng_sockaddr ra;
- char * buf;
- size_t len;
-
- p = nng_msg_get_pipe(msg);
- So(nng_pipe_id(p) > 0);
-
- // Typed
- z = sizeof(nng_sockaddr);
- So(nng_pipe_getopt_sockaddr(p, NNG_OPT_LOCADDR, &la) == 0);
- So(z == sizeof(la));
- So(validloopback(&la));
-
- // Untyped
- z = sizeof(nng_sockaddr);
- So(nng_pipe_getopt(p, NNG_OPT_REMADDR, &ra, &z) == 0);
- So(z == sizeof(ra));
- So(validloopback(&ra));
-
- // Bad type
- So(nng_pipe_getopt_size(p, NNG_OPT_LOCADDR, &z) == NNG_EBADTYPE);
-
- // Request header
- z = 0;
- buf = NULL;
- So(nng_pipe_getopt(p, NNG_OPT_WS_REQUEST_HEADERS, buf, &z) ==
- NNG_EINVAL);
- So(z > 0);
- len = z;
- So((buf = nng_alloc(len)) != NULL);
- So(nng_pipe_getopt(p, NNG_OPT_WS_REQUEST_HEADERS, buf, &z) == 0);
- So(strstr(buf, "Sec-WebSocket-Key") != NULL);
- So(z == len);
- nng_free(buf, len);
- So(nng_pipe_getopt_string(p, NNG_OPT_WS_REQUEST_HEADERS, &buf) == 0);
- So(strlen(buf) == len - 1);
- nng_strfree(buf);
-
- // Response header
- z = 0;
- buf = NULL;
- So(nng_pipe_getopt(p, NNG_OPT_WS_RESPONSE_HEADERS, buf, &z) ==
- NNG_EINVAL);
- So(z > 0);
- len = z;
- So((buf = nng_alloc(len)) != NULL);
- So(nng_pipe_getopt(p, NNG_OPT_WS_RESPONSE_HEADERS, buf, &z) == 0);
- So(strstr(buf, "Sec-WebSocket-Accept") != NULL);
- So(z == len);
- nng_free(buf, len);
- So(nng_pipe_getopt_string(p, NNG_OPT_WS_RESPONSE_HEADERS, &buf) == 0);
- So(strlen(buf) == len - 1);
- nng_strfree(buf);
-
- return (0);
-}
-
-#endif
-
#define CACERT "wss_test_ca_cert.pem"
-#define CERTKEY "wss_test_certkey.pem"
+#define CERT_KEY "wss_test_cert_key.pem"
static void
init_dialer_wss_file(nng_dialer d)
@@ -206,7 +110,7 @@ init_dialer_wss_file(nng_dialer d)
TEST_ASSERT((pth = nni_file_join(tmpdir, CACERT)) != NULL);
nni_strfree(tmpdir);
TEST_NNG_PASS(nni_file_put(pth, cert, strlen(cert)));
- TEST_NNG_PASS(nng_dialer_setopt_string(d, NNG_OPT_TLS_CA_FILE, pth));
+ TEST_NNG_PASS(nng_dialer_set_string(d, NNG_OPT_TLS_CA_FILE, pth));
nni_file_delete(pth);
nni_strfree(pth);
}
@@ -216,18 +120,18 @@ init_listener_wss_file(nng_listener l)
{
char *tmpdir;
char *pth;
- char *certkey;
+ char *cert_key;
TEST_ASSERT((tmpdir = nni_plat_temp_dir()) != NULL);
- TEST_ASSERT((pth = nni_file_join(tmpdir, CERTKEY)) != NULL);
+ TEST_ASSERT((pth = nni_file_join(tmpdir, CERT_KEY)) != NULL);
nni_strfree(tmpdir);
- TEST_NNG_PASS(nni_asprintf(&certkey, "%s\r\n%s\r\n", cert, key));
+ TEST_NNG_PASS(nni_asprintf(&cert_key, "%s\r\n%s\r\n", cert, key));
- TEST_NNG_PASS(nni_file_put(pth, certkey, strlen(certkey)));
- nni_strfree(certkey);
+ TEST_NNG_PASS(nni_file_put(pth, cert_key, strlen(cert_key)));
+ nni_strfree(cert_key);
TEST_NNG_PASS(
- nng_listener_setopt_string(l, NNG_OPT_TLS_CERT_KEY_FILE, pth));
+ nng_listener_set_string(l, NNG_OPT_TLS_CERT_KEY_FILE, pth));
nni_file_delete(pth);
nni_strfree(pth);
@@ -240,9 +144,10 @@ test_invalid_verify(void)
nng_socket s1;
nng_socket s2;
nng_listener l;
- char addr[32];
+ nng_dialer d;
+ char addr[40];
- snprintf(addr, sizeof(addr), "wss://:%u/test", port);
+ (void) snprintf(addr, sizeof(addr), "wss4://:%u/test", port);
TEST_NNG_PASS(nng_pair_open(&s1));
TEST_NNG_PASS(nng_pair_open(&s2));
@@ -254,15 +159,18 @@ test_invalid_verify(void)
snprintf(addr, sizeof(addr), "wss://127.0.0.1:%u/test", port);
- TEST_NNG_PASS(nng_setopt_int(
- s2, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_REQUIRED));
-
// We find that sometimes this fails due to NNG_EPEERAUTH, but it
// can also fail due to NNG_ECLOSED. This seems to be timing
// dependent, based on receive vs. send timing most likely.
// Applications shouldn't really depend that much on this.
int rv;
rv = nng_dial(s2, addr, NULL, 0);
+
+ TEST_NNG_PASS(nng_dialer_create(&d, s2, addr));
+ TEST_NNG_PASS(nng_dialer_set_int(
+ d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_REQUIRED));
+ rv = nng_dialer_start(d, 0);
+
TEST_CHECK(rv != 0);
TEST_CHECK_((rv == NNG_EPEERAUTH) || (rv == NNG_ECLOSED) ||
(rv == NNG_ECRYPTO),
@@ -287,10 +195,12 @@ test_no_verify(void)
TEST_NNG_PASS(nng_pair_open(&s1));
TEST_NNG_PASS(nng_pair_open(&s2));
+ TEST_NNG_PASS(nng_socket_set_ms(s1, NNG_OPT_SENDTIMEO, 5000));
+ TEST_NNG_PASS(nng_socket_set_ms(s2, NNG_OPT_RECVTIMEO, 5000));
+
port = testutil_next_port();
- (void) snprintf(addr, sizeof(addr), "wss://:%u/test", port);
+ (void) snprintf(addr, sizeof(addr), "wss4://:%u/test", port);
TEST_NNG_PASS(nng_listener_create(&l, s1, addr));
- TEST_NNG_PASS(nng_setopt_ms(s1, NNG_OPT_SENDTIMEO, 5000));
init_listener_wss_file(l);
TEST_NNG_PASS(nng_listener_start(l, 0));
@@ -298,12 +208,11 @@ test_no_verify(void)
snprintf(addr, sizeof(addr), "wss://127.0.0.1:%u/test", port);
TEST_NNG_PASS(nng_dialer_create(&d, s2, addr));
init_dialer_wss_file(d);
- TEST_NNG_PASS(nng_dialer_setopt_int(
+ TEST_NNG_PASS(nng_dialer_set_int(
d, NNG_OPT_TLS_AUTH_MODE, NNG_TLS_AUTH_MODE_OPTIONAL));
- TEST_NNG_PASS(nng_dialer_setopt_string(
- d, NNG_OPT_TLS_SERVER_NAME, "example.com"));
+ TEST_NNG_PASS(
+ nng_dialer_set_string(d, NNG_OPT_TLS_SERVER_NAME, "example.com"));
- TEST_NNG_PASS(nng_setopt_ms(s2, NNG_OPT_RECVTIMEO, 5000));
TEST_NNG_PASS(nng_dialer_start(d, 0));
nng_msleep(100);
@@ -311,11 +220,11 @@ test_no_verify(void)
TEST_NNG_PASS(nng_recvmsg(s2, &msg, 0));
TEST_ASSERT(msg != NULL);
TEST_CHECK(nng_msg_len(msg) == 6);
- TEST_CHECK(strcmp(nng_msg_body(msg), "hello") == 0);
+ TEST_STREQUAL(nng_msg_body(msg), "hello");
p = nng_msg_get_pipe(msg);
TEST_CHECK(nng_pipe_id(p) > 0);
- TEST_NNG_PASS(nng_pipe_getopt_bool(p, NNG_OPT_TLS_VERIFIED, &b));
+ TEST_NNG_PASS(nng_pipe_get_bool(p, NNG_OPT_TLS_VERIFIED, &b));
TEST_CHECK(b == false);
nng_msg_free(msg);
@@ -338,20 +247,20 @@ test_verify_works(void)
TEST_NNG_PASS(nng_pair_open(&s1));
TEST_NNG_PASS(nng_pair_open(&s2));
+ TEST_NNG_PASS(nng_socket_set_ms(s1, NNG_OPT_SENDTIMEO, 5000));
+ TEST_NNG_PASS(nng_socket_set_ms(s2, NNG_OPT_RECVTIMEO, 5000));
port = testutil_next_port();
- (void) snprintf(addr, sizeof(addr), "wss://:%u/test", port);
+ (void) snprintf(addr, sizeof(addr), "wss4://:%u/test", port);
TEST_NNG_PASS(nng_listener_create(&l, s1, addr));
- TEST_NNG_PASS(nng_setopt_ms(s1, NNG_OPT_SENDTIMEO, 5000));
init_listener_wss_file(l);
TEST_NNG_PASS(nng_listener_start(l, 0));
// It can take a bit for the listener to start up in clouds.
nng_msleep(200);
- snprintf(addr, sizeof(addr), "wss://localhost:%u/test", port);
+ snprintf(addr, sizeof(addr), "wss4://localhost:%u/test", port);
TEST_NNG_PASS(nng_dialer_create(&d, s2, addr));
init_dialer_wss_file(d);
- TEST_NNG_PASS(nng_setopt_ms(s2, NNG_OPT_RECVTIMEO, 5000));
TEST_NNG_PASS(nng_dialer_start(d, 0));
nng_msleep(100);
@@ -359,11 +268,11 @@ test_verify_works(void)
TEST_NNG_PASS(nng_recvmsg(s2, &msg, 0));
TEST_ASSERT(msg != NULL);
TEST_CHECK(nng_msg_len(msg) == 6);
- TEST_CHECK(strcmp(nng_msg_body(msg), "hello") == 0);
+ TEST_STREQUAL(nng_msg_body(msg), "hello");
p = nng_msg_get_pipe(msg);
TEST_CHECK(nng_pipe_id(p) > 0);
- TEST_NNG_PASS(nng_pipe_getopt_bool(p, NNG_OPT_TLS_VERIFIED, &b));
+ TEST_NNG_PASS(nng_pipe_get_bool(p, NNG_OPT_TLS_VERIFIED, &b));
TEST_CHECK(b == true);
nng_msg_free(msg);
@@ -381,20 +290,24 @@ test_cert_file_not_present(void)
TEST_NNG_PASS(nng_pair_open(&s1));
port = testutil_next_port();
- (void) snprintf(addr, sizeof(addr), "wss://:%u/test", port);
+ (void) snprintf(addr, sizeof(addr), "wss4://:%u/test", port);
TEST_NNG_PASS(nng_listener_create(&l, s1, addr));
- TEST_NNG_FAIL(nng_listener_setopt_string(
+ TEST_NNG_FAIL(nng_listener_set_string(
l, NNG_OPT_TLS_CERT_KEY_FILE, "no-such-file.pem"),
NNG_ENOENT);
TEST_NNG_PASS(nng_close(s1));
}
+#endif
+
TEST_LIST = {
+#ifdef NNG_SUPP_TLS
{ "wss file invalid verify", test_invalid_verify },
{ "wss file no verify", test_no_verify },
{ "wss file verify works", test_verify_works },
- { "wss file cacert missing", test_cert_file_not_present },
+ { "wss file ca cert missing", test_cert_file_not_present },
+#endif
{ NULL, NULL },
};
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2026-01-18 11:50:14 +0000