diff options
author | Daniel Stenberg <daniel@haxx.se> | 2020-11-02 23:17:01 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-11-03 16:08:48 +0100 |
commit | 2cfc4ed98347047249b8f7f91ad513a4b0b84e45 (patch) | |
tree | 6e69f05aeeb76db0a7f15f9c8314f1e983ed42e8 /tests | |
parent | 7385610d0c74c6a254fea5e4cd6e1d559d848c8c (diff) | |
download | curl-2cfc4ed98347047249b8f7f91ad513a4b0b84e45.tar.gz |
hsts: add read/write callbacks
- read/write callback options
- man pages for the 4 new setopts
- test 1915 verifies the callbacks
Closes #5896
Diffstat (limited to 'tests')
-rw-r--r-- | tests/FILEFORMAT.md | 1 | ||||
-rw-r--r-- | tests/data/Makefile.inc | 2 | ||||
-rw-r--r-- | tests/data/test1915 | 50 | ||||
-rw-r--r-- | tests/libtest/Makefile.inc | 5 | ||||
-rw-r--r-- | tests/libtest/lib1915.c | 95 | ||||
-rwxr-xr-x | tests/libtest/mk-lib1521.pl | 2 | ||||
-rw-r--r-- | tests/unit/unit1660.c | 13 |
7 files changed, 160 insertions, 8 deletions
diff --git a/tests/FILEFORMAT.md b/tests/FILEFORMAT.md index 0f66de277..d0a6d3b21 100644 --- a/tests/FILEFORMAT.md +++ b/tests/FILEFORMAT.md @@ -340,6 +340,7 @@ Features testable here are: - `getrlimit` - `GnuTLS` - `GSS-API` +- `HSTS` - `HTTP-auth` - `http/2` - `idn` diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 04e23c6fc..97e5fd5eb 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -204,7 +204,7 @@ test1700 test1701 test1702 \ test1800 test1801 \ \ test1904 test1905 test1906 test1907 \ -test1908 test1909 test1910 test1911 test1912 test1913 test1914 \ +test1908 test1909 test1910 test1911 test1912 test1913 test1914 test1915 \ \ test2000 test2001 test2002 test2003 test2004 test2005 test2006 test2007 \ test2008 test2009 test2010 test2011 test2012 test2013 test2014 test2015 \ diff --git a/tests/data/test1915 b/tests/data/test1915 new file mode 100644 index 000000000..850213930 --- /dev/null +++ b/tests/data/test1915 @@ -0,0 +1,50 @@ +<testcase> +<info> +<keywords> +HTTP +HSTS +CURLOPT_HSTSREADFUNCTION +</keywords> +</info> + +# Server-side +<reply> +</reply> + +# Client-side +<client> +<features> +HSTS +http +</features> +<server> +none +</server> + +# require debug so that alt-svc can work over plain old HTTP +<name> +HSTS read/write callbacks +</name> +<tool> +lib1915 +</tool> + +<command> +http://%HOSTIP:%NOLISTENPORT/not-there/1915 +</command> +</client> + +# Verify data after the test has been "shot" +<verify> +# it fails because there's nothing on that port +<errorcode> +7 +</errorcode> +<stdout> +[0/4] 1.example.com 20300320 01:02:03 +[1/4] 2.example.com 20300320 01:02:03 +[2/4] 3.example.com 20300320 01:02:03 +[3/4] 4.example.com 20300320 01:02:03 +</stdout> +</verify> +</testcase> diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc index 98fd2ee9f..b18d6e58e 100644 --- a/tests/libtest/Makefile.inc +++ b/tests/libtest/Makefile.inc @@ -59,6 +59,7 @@ noinst_PROGRAMS = chkhostname libauthretry libntlmconnect \ lib1558 lib1559 lib1560 lib1564 lib1565 lib1567 \ lib1591 lib1592 lib1593 lib1594 lib1596 \ lib1905 lib1906 lib1907 lib1908 lib1910 lib1911 lib1912 lib1913 \ + lib1915 \ lib3010 chkdecimalpoint_SOURCES = chkdecimalpoint.c ../../lib/mprintf.c \ @@ -649,6 +650,10 @@ lib1913_SOURCES = lib1913.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib1913_LDADD = $(TESTUTIL_LIBS) lib1913_CPPFLAGS = $(AM_CPPFLAGS) +lib1915_SOURCES = lib1915.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) +lib1915_LDADD = $(TESTUTIL_LIBS) +lib1915_CPPFLAGS = $(AM_CPPFLAGS) + lib3010_SOURCES = lib3010.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS) lib3010_LDADD = $(TESTUTIL_LIBS) lib3010_CPPFLAGS = $(AM_CPPFLAGS) diff --git a/tests/libtest/lib1915.c b/tests/libtest/lib1915.c new file mode 100644 index 000000000..25da75d22 --- /dev/null +++ b/tests/libtest/lib1915.c @@ -0,0 +1,95 @@ +/*************************************************************************** + * _ _ ____ _ + * Project ___| | | | _ \| | + * / __| | | | |_) | | + * | (__| |_| | _ <| |___ + * \___|\___/|_| \_\_____| + * + * Copyright (C) 2020, Daniel Stenberg, <daniel@haxx.se>, et al. + * + * This software is licensed as described in the file COPYING, which + * you should have received as part of this distribution. The terms + * are also available at https://curl.haxx.se/docs/copyright.html. + * + * You may opt to use, copy, modify, merge, publish, distribute and/or sell + * copies of the Software, and permit persons to whom the Software is + * furnished to do so, under the terms of the COPYING file. + * + * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY + * KIND, either express or implied. + * + ***************************************************************************/ +#include "test.h" + +#include "testutil.h" +#include "warnless.h" +#include "memdebug.h" + +static const char *preload_hosts[] = { + "1.example.com", + "2.example.com", + "3.example.com", + "4.example.com", + NULL /* end of list marker */ +}; + +struct state { + int index; +}; + +/* "read" is from the point of the library, it wants data from us */ +static CURLSTScode hstsread(CURL *easy, struct curl_hstsentry *e, + void *userp) +{ + const char *host; + struct state *s = (struct state *)userp; + (void)easy; + host = preload_hosts[s->index++]; + + if(host && (strlen(host) < e->namelen)) { + strcpy(e->name, host); + e->includeSubDomains = FALSE; + strcpy(e->expire, "20300320 01:02:03"); /* curl turns 32 that day */ + fprintf(stderr, "add '%s'\n", host); + } + else + return CURLSTS_DONE; + return CURLSTS_OK; +} + +/* check that we get the hosts back in the save */ +static CURLSTScode hstswrite(CURL *easy, struct curl_hstsentry *e, + struct curl_index *i, void *userp) +{ + (void)easy; + (void)userp; + printf("[%u/%u] %s %s\n", i->index, i->total, e->name, e->expire); + return CURLSTS_OK; +} + +/* + * Read/write HSTS cache entries via callback. + */ + +int test(char *URL) +{ + CURLcode ret = CURLE_OK; + CURL *hnd; + struct state st = {0}; + + curl_global_init(CURL_GLOBAL_ALL); + + hnd = curl_easy_init(); + if(hnd) { + curl_easy_setopt(hnd, CURLOPT_URL, URL); + curl_easy_setopt(hnd, CURLOPT_HSTSREADFUNCTION, hstsread); + curl_easy_setopt(hnd, CURLOPT_HSTSREADDATA, &st); + curl_easy_setopt(hnd, CURLOPT_HSTSWRITEFUNCTION, hstswrite); + curl_easy_setopt(hnd, CURLOPT_HSTSWRITEDATA, &st); + curl_easy_setopt(hnd, CURLOPT_HSTS_CTRL, CURLHSTS_ENABLE); + ret = curl_easy_perform(hnd); + curl_easy_cleanup(hnd); + } + curl_global_cleanup(); + return (int)ret; +} diff --git a/tests/libtest/mk-lib1521.pl b/tests/libtest/mk-lib1521.pl index 9b57b64ee..fa2d38c9a 100755 --- a/tests/libtest/mk-lib1521.pl +++ b/tests/libtest/mk-lib1521.pl @@ -133,6 +133,8 @@ static curl_chunk_end_callback chunk_end_cb; static curl_fnmatch_callback fnmatch_cb; static curl_closesocket_callback closesocketcb; static curl_xferinfo_callback xferinfocb; +static curl_hstsread_callback hstsreadcb; +static curl_hstswrite_callback hstswritecb; static curl_resolver_start_callback resolver_start_cb; int test(char *URL) diff --git a/tests/unit/unit1660.c b/tests/unit/unit1660.c index 1687cafa1..28b724611 100644 --- a/tests/unit/unit1660.c +++ b/tests/unit/unit1660.c @@ -125,8 +125,11 @@ UNITTEST_START CURL *easy; if(!h) return 1; + easy = curl_easy_init(); + if(!easy) + return 1; - Curl_hsts_load(h, "log/input1660"); + Curl_hsts_loadfile(easy, h, "log/input1660"); for(i = 0; headers[i].host ; i++) { if(headers[i].hdr) { @@ -159,13 +162,9 @@ UNITTEST_START deltatime++; /* another second passed */ } - easy = curl_easy_init(); - if(easy) { - (void)Curl_hsts_save(easy, h, "log/hsts1660"); - curl_easy_cleanup(easy); - } - + (void)Curl_hsts_save(easy, h, "log/hsts1660"); Curl_hsts_cleanup(&h); + curl_easy_cleanup(easy); return unitfail; } UNITTEST_STOP |