1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
2
3 #include "test-utils.h"
4
5 static void
do_ssl_test_for_session(SoupSession * session,SoupURI * uri)6 do_ssl_test_for_session (SoupSession *session, SoupURI *uri)
7 {
8 SoupMessage *msg;
9 GTlsCertificate *cert = NULL;
10 GTlsCertificateFlags flags;
11 gboolean is_https;
12
13 msg = soup_message_new_from_uri ("GET", uri);
14 soup_session_send_message (session, msg);
15 soup_test_assert_message_status (msg, SOUP_STATUS_SSL_FAILED);
16
17 is_https = soup_message_get_https_status (msg, &cert, &flags);
18 soup_test_assert (!is_https, "get_http_status() returned TRUE? (flags %x)", flags);
19
20 g_assert_null (cert);
21 g_assert_false (soup_message_get_flags (msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED);
22
23 g_object_unref (msg);
24 }
25
26 static void
do_ssl_tests(gconstpointer data)27 do_ssl_tests (gconstpointer data)
28 {
29 SoupURI *uri = (SoupURI *)data;
30 SoupSession *session;
31
32 g_test_bug ("700518");
33
34 debug_printf (1, " plain\n");
35 session = soup_test_session_new (SOUP_TYPE_SESSION, NULL);
36 do_ssl_test_for_session (session, uri);
37 soup_test_session_abort_unref (session);
38
39 debug_printf (1, " async\n");
40 session = soup_test_session_new (SOUP_TYPE_SESSION_ASYNC, NULL);
41 do_ssl_test_for_session (session, uri);
42 soup_test_session_abort_unref (session);
43
44 debug_printf (1, " sync\n");
45 session = soup_test_session_new (SOUP_TYPE_SESSION_SYNC, NULL);
46 do_ssl_test_for_session (session, uri);
47 soup_test_session_abort_unref (session);
48 }
49
50 static void
do_session_property_tests(void)51 do_session_property_tests (void)
52 {
53 gboolean use_system;
54 GTlsDatabase *tlsdb;
55 char *ca_file;
56 SoupSession *session;
57 GParamSpec *pspec;
58
59 g_test_bug ("700518");
60
61 G_GNUC_BEGIN_IGNORE_DEPRECATIONS;
62 session = soup_session_async_new ();
63 G_GNUC_END_IGNORE_DEPRECATIONS;
64
65 /* Temporarily undeprecate SOUP_SESSION_SSL_CA_FILE to avoid warnings. */
66 pspec = g_object_class_find_property (g_type_class_peek (SOUP_TYPE_SESSION),
67 SOUP_SESSION_SSL_CA_FILE);
68 pspec->flags &= ~G_PARAM_DEPRECATED;
69
70 g_object_get (G_OBJECT (session),
71 "ssl-use-system-ca-file", &use_system,
72 "tls-database", &tlsdb,
73 "ssl-ca-file", &ca_file,
74 NULL);
75 soup_test_assert (!use_system, "ssl-use-system-ca-file defaults to TRUE");
76 soup_test_assert (tlsdb == NULL, "tls-database set by default");
77 soup_test_assert (ca_file == NULL, "ca-file set by default");
78
79 g_object_set (G_OBJECT (session),
80 "ssl-use-system-ca-file", TRUE,
81 NULL);
82 g_object_get (G_OBJECT (session),
83 "ssl-ca-file", &ca_file,
84 NULL);
85 soup_test_assert (ca_file == NULL, "setting ssl-use-system-ca-file set ssl-ca-file");
86
87 g_object_set (G_OBJECT (session),
88 "ssl-ca-file",
89 g_test_get_filename (G_TEST_DIST, "test-cert.pem", NULL),
90 NULL);
91 g_object_get (G_OBJECT (session),
92 "ssl-use-system-ca-file", &use_system,
93 "tls-database", &tlsdb,
94 "ssl-ca-file", &ca_file,
95 NULL);
96 soup_test_assert (ca_file == NULL, "setting ssl-ca-file did not fail");
97 soup_test_assert (!use_system, "setting ssl-ca-file set ssl-use-system-ca-file");
98 soup_test_assert (tlsdb == NULL, "setting ssl-ca-file set tls-database");
99
100 g_object_set (G_OBJECT (session),
101 "tls-database", NULL,
102 NULL);
103 g_object_get (G_OBJECT (session),
104 "ssl-use-system-ca-file", &use_system,
105 "tls-database", &tlsdb,
106 "ssl-ca-file", &ca_file,
107 NULL);
108 soup_test_assert (tlsdb == NULL, "setting tls-database NULL failed");
109 soup_test_assert (!use_system, "setting tls-database NULL set ssl-use-system-ca-file");
110 soup_test_assert (ca_file == NULL, "setting tls-database NULL set ssl-ca-file");
111
112 soup_test_session_abort_unref (session);
113
114 /* Re-deprecate SOUP_SESSION_SSL_CA_FILE */
115 pspec->flags |= G_PARAM_DEPRECATED;
116 }
117
118 static void
server_handler(SoupServer * server,SoupMessage * msg,const char * path,GHashTable * query,SoupClientContext * client,gpointer user_data)119 server_handler (SoupServer *server,
120 SoupMessage *msg,
121 const char *path,
122 GHashTable *query,
123 SoupClientContext *client,
124 gpointer user_data)
125 {
126 soup_message_set_status (msg, SOUP_STATUS_OK);
127 soup_message_set_response (msg, "text/plain",
128 SOUP_MEMORY_STATIC,
129 "ok\r\n", 4);
130 }
131
132 int
main(int argc,char ** argv)133 main (int argc, char **argv)
134 {
135 SoupServer *server;
136 SoupURI *uri;
137 guint port;
138 int ret;
139
140 /* Force this test to use the dummy TLS backend */
141 g_setenv ("GIO_USE_TLS", "dummy", TRUE);
142
143 test_init (argc, argv, NULL);
144
145 /* Make a non-SSL server and pretend that it's ssl, which is fine
146 * since we won't ever actually talk to it anyway. We don't
147 * currently test that failing to construct an SSL server works.
148 */
149 server = soup_test_server_new (TRUE);
150 soup_server_add_handler (server, NULL, server_handler, NULL, NULL);
151 uri = soup_test_server_get_uri (server, "http", NULL);
152 port = uri->port;
153 soup_uri_set_scheme (uri, SOUP_URI_SCHEME_HTTPS);
154 soup_uri_set_port (uri, port);
155
156 g_test_add_func ("/no-ssl/session-properties", do_session_property_tests);
157 g_test_add_data_func ("/no-ssl/request-error", uri, do_ssl_tests);
158
159 ret = g_test_run ();
160
161 soup_uri_free (uri);
162 soup_test_server_quit_unref (server);
163
164 test_cleanup ();
165 return ret;
166 }
167