summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorRoland Reichwein <mail@reichwein.it>2023-01-06 13:12:45 +0100
committerRoland Reichwein <mail@reichwein.it>2023-01-06 13:12:45 +0100
commitccbfd4b39162a6a320ed400635ebae2992cecd61 (patch)
tree5b1151b83571f92bba47c75eaa87c4744b9cc734
parente8a7c88b6cedbd05b183e85dff74c513bfcd774e (diff)
Certificate test
-rw-r--r--https.cpp4
-rw-r--r--tests/test-auth.cpp7
-rw-r--r--tests/test-config.cpp7
-rw-r--r--tests/test-webserver.cpp38
4 files changed, 13 insertions, 43 deletions
diff --git a/https.cpp b/https.cpp
index f096863..10f76e0 100644
--- a/https.cpp
+++ b/https.cpp
@@ -495,8 +495,8 @@ void load_server_certificate(boost::asio::ssl::context& ctx, const fs::path& cer
boost::asio::ssl::context::single_dh_use);
std::string cert;
- if (cert_path == "") {
- // generate dummy self signed certificate. Will be replaced by real
+ if (cert_path.empty()) {
+ // use dummy self signed certificate. Will be replaced by real
// certificate if configured upon respective session
cert =
"-----BEGIN CERTIFICATE-----\n"
diff --git a/tests/test-auth.cpp b/tests/test-auth.cpp
index 37bc02f..467dbda 100644
--- a/tests/test-auth.cpp
+++ b/tests/test-auth.cpp
@@ -20,13 +20,6 @@ public:
~AuthFixture(){}
void setup()
{
- int filedes[2];
- if (pipe(filedes) == -1)
- throw std::runtime_error("Pipe error");
- if (close(2) == -1)
- throw std::runtime_error("Can't close stderr");
- if (dup(filedes[1]) == -1)
- throw std::runtime_error("Replace stdout w/ pipe input");
}
void teardown(){}
};
diff --git a/tests/test-config.cpp b/tests/test-config.cpp
index ddae1c8..c16c519 100644
--- a/tests/test-config.cpp
+++ b/tests/test-config.cpp
@@ -26,13 +26,6 @@ public:
~ConfigFixture(){}
void setup()
{
- int filedes[2];
- if (pipe(filedes) == -1)
- throw std::runtime_error("Pipe error");
- if (close(1) == -1)
- throw std::runtime_error("Can't close stdout");
- if (dup(filedes[1]) == -1)
- throw std::runtime_error("Replace stdout w/ pipe input");
}
void teardown()
{
diff --git a/tests/test-webserver.cpp b/tests/test-webserver.cpp
index de38cf3..e9dba3a 100644
--- a/tests/test-webserver.cpp
+++ b/tests/test-webserver.cpp
@@ -29,9 +29,11 @@
#include <fmt/core.h>
#include <chrono>
+#include <exception>
#include <filesystem>
#include <iostream>
#include <sstream>
+#include <stdexcept>
#include <string>
#include <thread>
@@ -121,35 +123,16 @@ public:
throw std::runtime_error("Process already running, so it can't be started");
// connect stdout of new child process to stream of parent, via pipe
- int filedes[2];
- if (pipe(filedes) == -1)
- throw std::runtime_error("Pipe error");
-
m_pid = fork();
if (m_pid < 0)
throw std::runtime_error("Fork unsuccessful.");
if (m_pid == 0) { // child process branch
- //
- if (close(filedes[0]) == -1)
- throw std::runtime_error("Child can't close read end of pipe");
-
- // Replace stdout of child with pipe input (next 2 commands)
- if (close(1) == -1)
- throw std::runtime_error("Child can't close stdout");
- if (dup(filedes[1]) == -1)
- throw std::runtime_error("Child replace stdout w/ pipe input");
-
char* argv[] = {(char*)"webserver", (char*)"-c", (char*)"./webserver.conf"};
webserver(sizeof(argv) / sizeof(char*), argv);
exit(0);
}
- if (close(filedes[1]) == -1)
- throw std::runtime_error("Parent can't close read end of pipe");
- m_filebuf = std::make_shared<__gnu_cxx::stdio_filebuf<char>>(filedes[0], std::ios::in);
- m_is = std::make_shared<std::istream>(&(*m_filebuf));
-
// wait for server to start up
std::this_thread::sleep_for(std::chrono::milliseconds(100));
}
@@ -271,6 +254,12 @@ std::pair<std::string,std::string> HTTPGet(const std::string& target, bool ipv6
return {header_stream.str(), body_stream.str()};
}
+void load_root_certificates(boost::asio::ssl::context& ctx)
+{
+ std::string cert_chain{File::getFile("../cert.pem")};
+ ctx.add_certificate_authority(boost::asio::buffer(cert_chain.data(), cert_chain.size()));
+}
+
std::pair<std::string,std::string> HTTPSGet(const std::string& target, bool ipv6 = true, bool HTTP11 = true)
{
auto const host = ipv6 ? "::1" : "127.0.0.1";
@@ -290,10 +279,10 @@ std::pair<std::string,std::string> HTTPSGet(const std::string& target, bool ipv6
);
// This holds the root certificate used for verification
- //load_root_certificates(ctx);
+ load_root_certificates(ctx);
// Verify the remote server's certificate
- ctx.set_verify_mode(boost::asio::ssl::verify_none); // TODO: ssl::verify_peer w/ load_root_certificates() (above)
+ ctx.set_verify_mode(boost::asio::ssl::verify_peer);
// These objects perform our I/O
boost::asio::ip::tcp::resolver resolver(ioc);
@@ -365,12 +354,10 @@ BOOST_DATA_TEST_CASE_F(Fixture, http_get, data::make({false, true}) * data::make
WebserverProcess serverProcess;
BOOST_REQUIRE(serverProcess.isRunning());
- auto response{(https ? HTTPSGet("/webserver.conf") : HTTPGet("/webserver.conf"))};
+ std::pair<std::string,std::string> response{https ? HTTPSGet("/webserver.conf") : HTTPGet("/webserver.conf")};
BOOST_REQUIRE(serverProcess.isRunning());
BOOST_REQUIRE_EQUAL(response.first, "HTTP/1.1 200 OK\r\nServer: Reichwein.IT Webserver " VERSION "\r\nContent-Type: application/text\r\nContent-Length: 1021\r\n\r\n");
BOOST_REQUIRE_EQUAL(response.second, File::getFile(serverProcess.testConfigFilename));
- auto output{serverProcess.output()};
- BOOST_REQUIRE_MESSAGE(boost::algorithm::contains(output, "Serving"), "Bad output: "s + output);
}
BOOST_DATA_TEST_CASE_F(Fixture, http_get_file_not_found, data::make({false, true}) * data::make({false, true}) * data::make({false, true}), ipv6, http11, https)
@@ -383,7 +370,4 @@ BOOST_DATA_TEST_CASE_F(Fixture, http_get_file_not_found, data::make({false, true
BOOST_REQUIRE(serverProcess.isRunning());
BOOST_REQUIRE_EQUAL(response.first, "HTTP/1.1 404 Not Found\r\nServer: Reichwein.IT Webserver " VERSION "\r\nContent-Type: text/html\r\nContent-Length: 36\r\n\r\n");
BOOST_REQUIRE_EQUAL(response.second, "404 Not found: /webserver.confSUFFIX");
- auto output{serverProcess.output()};
- BOOST_REQUIRE_MESSAGE(boost::algorithm::contains(output, "Serving"), "Bad output: "s + output);
}
-