From ccbfd4b39162a6a320ed400635ebae2992cecd61 Mon Sep 17 00:00:00 2001 From: Roland Reichwein Date: Fri, 6 Jan 2023 13:12:45 +0100 Subject: Certificate test --- https.cpp | 4 ++-- tests/test-auth.cpp | 7 ------- tests/test-config.cpp | 7 ------- tests/test-webserver.cpp | 38 +++++++++++--------------------------- 4 files changed, 13 insertions(+), 43 deletions(-) diff --git a/https.cpp b/https.cpp index f096863..10f76e0 100644 --- a/https.cpp +++ b/https.cpp @@ -495,8 +495,8 @@ void load_server_certificate(boost::asio::ssl::context& ctx, const fs::path& cer boost::asio::ssl::context::single_dh_use); std::string cert; - if (cert_path == "") { - // generate dummy self signed certificate. Will be replaced by real + if (cert_path.empty()) { + // use dummy self signed certificate. Will be replaced by real // certificate if configured upon respective session cert = "-----BEGIN CERTIFICATE-----\n" diff --git a/tests/test-auth.cpp b/tests/test-auth.cpp index 37bc02f..467dbda 100644 --- a/tests/test-auth.cpp +++ b/tests/test-auth.cpp @@ -20,13 +20,6 @@ public: ~AuthFixture(){} void setup() { - int filedes[2]; - if (pipe(filedes) == -1) - throw std::runtime_error("Pipe error"); - if (close(2) == -1) - throw std::runtime_error("Can't close stderr"); - if (dup(filedes[1]) == -1) - throw std::runtime_error("Replace stdout w/ pipe input"); } void teardown(){} }; diff --git a/tests/test-config.cpp b/tests/test-config.cpp index ddae1c8..c16c519 100644 --- a/tests/test-config.cpp +++ b/tests/test-config.cpp @@ -26,13 +26,6 @@ public: ~ConfigFixture(){} void setup() { - int filedes[2]; - if (pipe(filedes) == -1) - throw std::runtime_error("Pipe error"); - if (close(1) == -1) - throw std::runtime_error("Can't close stdout"); - if (dup(filedes[1]) == -1) - throw std::runtime_error("Replace stdout w/ pipe input"); } void teardown() { diff --git a/tests/test-webserver.cpp b/tests/test-webserver.cpp index de38cf3..e9dba3a 100644 --- a/tests/test-webserver.cpp +++ b/tests/test-webserver.cpp @@ -29,9 +29,11 @@ #include #include +#include #include #include #include +#include #include #include @@ -121,35 +123,16 @@ public: throw std::runtime_error("Process already running, so it can't be started"); // connect stdout of new child process to stream of parent, via pipe - int filedes[2]; - if (pipe(filedes) == -1) - throw std::runtime_error("Pipe error"); - m_pid = fork(); if (m_pid < 0) throw std::runtime_error("Fork unsuccessful."); if (m_pid == 0) { // child process branch - // - if (close(filedes[0]) == -1) - throw std::runtime_error("Child can't close read end of pipe"); - - // Replace stdout of child with pipe input (next 2 commands) - if (close(1) == -1) - throw std::runtime_error("Child can't close stdout"); - if (dup(filedes[1]) == -1) - throw std::runtime_error("Child replace stdout w/ pipe input"); - char* argv[] = {(char*)"webserver", (char*)"-c", (char*)"./webserver.conf"}; webserver(sizeof(argv) / sizeof(char*), argv); exit(0); } - if (close(filedes[1]) == -1) - throw std::runtime_error("Parent can't close read end of pipe"); - m_filebuf = std::make_shared<__gnu_cxx::stdio_filebuf>(filedes[0], std::ios::in); - m_is = std::make_shared(&(*m_filebuf)); - // wait for server to start up std::this_thread::sleep_for(std::chrono::milliseconds(100)); } @@ -271,6 +254,12 @@ std::pair HTTPGet(const std::string& target, bool ipv6 return {header_stream.str(), body_stream.str()}; } +void load_root_certificates(boost::asio::ssl::context& ctx) +{ + std::string cert_chain{File::getFile("../cert.pem")}; + ctx.add_certificate_authority(boost::asio::buffer(cert_chain.data(), cert_chain.size())); +} + std::pair HTTPSGet(const std::string& target, bool ipv6 = true, bool HTTP11 = true) { auto const host = ipv6 ? "::1" : "127.0.0.1"; @@ -290,10 +279,10 @@ std::pair HTTPSGet(const std::string& target, bool ipv6 ); // This holds the root certificate used for verification - //load_root_certificates(ctx); + load_root_certificates(ctx); // Verify the remote server's certificate - ctx.set_verify_mode(boost::asio::ssl::verify_none); // TODO: ssl::verify_peer w/ load_root_certificates() (above) + ctx.set_verify_mode(boost::asio::ssl::verify_peer); // These objects perform our I/O boost::asio::ip::tcp::resolver resolver(ioc); @@ -365,12 +354,10 @@ BOOST_DATA_TEST_CASE_F(Fixture, http_get, data::make({false, true}) * data::make WebserverProcess serverProcess; BOOST_REQUIRE(serverProcess.isRunning()); - auto response{(https ? HTTPSGet("/webserver.conf") : HTTPGet("/webserver.conf"))}; + std::pair response{https ? HTTPSGet("/webserver.conf") : HTTPGet("/webserver.conf")}; BOOST_REQUIRE(serverProcess.isRunning()); BOOST_REQUIRE_EQUAL(response.first, "HTTP/1.1 200 OK\r\nServer: Reichwein.IT Webserver " VERSION "\r\nContent-Type: application/text\r\nContent-Length: 1021\r\n\r\n"); BOOST_REQUIRE_EQUAL(response.second, File::getFile(serverProcess.testConfigFilename)); - auto output{serverProcess.output()}; - BOOST_REQUIRE_MESSAGE(boost::algorithm::contains(output, "Serving"), "Bad output: "s + output); } BOOST_DATA_TEST_CASE_F(Fixture, http_get_file_not_found, data::make({false, true}) * data::make({false, true}) * data::make({false, true}), ipv6, http11, https) @@ -383,7 +370,4 @@ BOOST_DATA_TEST_CASE_F(Fixture, http_get_file_not_found, data::make({false, true BOOST_REQUIRE(serverProcess.isRunning()); BOOST_REQUIRE_EQUAL(response.first, "HTTP/1.1 404 Not Found\r\nServer: Reichwein.IT Webserver " VERSION "\r\nContent-Type: text/html\r\nContent-Length: 36\r\n\r\n"); BOOST_REQUIRE_EQUAL(response.second, "404 Not found: /webserver.confSUFFIX"); - auto output{serverProcess.output()}; - BOOST_REQUIRE_MESSAGE(boost::algorithm::contains(output, "Serving"), "Bad output: "s + output); } - -- cgit v1.2.3