Blame - tests/test_client_tls.c - github/CESNET/libnetconf2

blob: 2ead67b4575ee955fcdc8d3443d6ab1325cdcd2c [file] [log] [blame]

Michal Vasko	ba9f358	2023-02-22 10:26:32 +0100	[diff] [blame]	1	/**
				2	* @file test_client_tls.c
				3	* @author David Sedlák <xsedla1d@stud.fit.vutbr.cz>
				4	* @brief client TLS test
				5	*
				6	* Copyright (c) 2018 CESNET, z.s.p.o.
				7	*
				8	* This source code is licensed under BSD 3-Clause License (the "License").
				9	* You may not use this file except in compliance with the License.
				10	* You may obtain a copy of the License at
				11	*
				12	* https://opensource.org/licenses/BSD-3-Clause
				13	*/
				14
				15	#define _GNU_SOURCE
				16
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	17	#include <errno.h>
				18	#include <setjmp.h>
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	19	#include <stdio.h>
				20	#include <stdlib.h>
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	21	#include <sys/socket.h>
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	22	#include <sys/types.h>
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	23
				24	#include <cmocka.h>
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	25	#include <config.h>
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	26	#include <libyang/libyang.h>
				27	#include <log.h>
				28	#include <session_client.h>
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	29	#include "tests/config.h"
				30
				31	static int
				32	setup_f(void **state)
				33	{
				34	(void)state;
				35
				36	nc_verbosity(NC_VERB_VERBOSE);
				37
				38	return 0;
				39	}
				40
				41	static int
				42	teardown_f(void **state)
				43	{
				44	(void)state;
				45
				46	return 0;
				47	}
				48
				49	MOCK int
				50	__wrap_connect(int sockfd, const struct sockaddr *addr, socklen_t addrlen)
				51	{
				52	(void)sockfd;
				53	(void)addr;
				54	(void)addrlen;
				55
				56	return (int)mock();
				57	}
				58
				59	MOCK int
				60	__wrap_SSL_connect(SSL *ssl)
				61	{
				62	(void)ssl;
				63
				64	return (int)mock();
				65	}
				66
				67	MOCK int
				68	__wrap_nc_handshake_io(struct nc_session *session)
				69	{
				70	(void)session;
				71
				72	return (int)mock();
				73	}
				74
				75	MOCK int
				76	__wrap_nc_ctx_check_and_fill(struct nc_session *session)
				77	{
				78	(void)session;
				79
				80	return (int)mock();
				81	}
				82
				83	static void
				84	test_nc_client_tls_setting_cert_key_paths(void **state)
				85	{
				86	(void)state;
				87	const char cert, key;
				88	int ret;
				89
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	90	/* no certificats are set, nc_client_tls_get_cert_key_paths should output NULL */
				91	nc_client_tls_get_cert_key_paths(&cert, &key);
				92	assert_null(cert);
				93	assert_null(key);
				94
				95	/* set certificate path */
				96	ret = nc_client_tls_set_cert_key_paths("cert_path", "key_path");
				97	assert_int_equal(ret, 0);
				98	nc_client_tls_get_cert_key_paths(&cert, &key);
				99	assert_string_equal(cert, "cert_path");
				100	assert_string_equal(key, "key_path");
				101
				102	/* override certificate path */
				103	ret = nc_client_tls_set_cert_key_paths("cert_path1", "key_path1");
				104	assert_int_equal(ret, 0);
				105	nc_client_tls_get_cert_key_paths(&cert, &key);
				106	assert_string_equal(cert, "cert_path1");
				107	assert_string_equal(key, "key_path1");
				108	}
				109
				110	static void
				111	test_nc_client_tls_setting_trusted_ca_paths(void **state)
				112	{
				113	(void)state;
				114	const char file, dir;
				115	int ret;
				116
				117	ret = nc_client_tls_set_trusted_ca_paths("ca_file", "ca_dir");
				118	assert_int_equal(ret, 0);
				119	nc_client_tls_get_trusted_ca_paths(&file, &dir);
				120	assert_string_equal("ca_file", file);
				121	assert_string_equal("ca_dir", dir);
				122
				123	ret = nc_client_tls_set_trusted_ca_paths("ca_file1", "ca_dir1");
				124	assert_int_equal(ret, 0);
				125	nc_client_tls_get_trusted_ca_paths(&file, &dir);
				126	assert_string_equal("ca_file1", file);
				127	assert_string_equal("ca_dir1", dir);
				128	}
				129
				130	static void
				131	test_nc_connect_tls_succesfull(void **state)
				132	{
				133	(void)state;
				134	int ret;
				135	struct nc_session *session;
				136
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	137	ret = nc_client_tls_set_cert_key_paths(TESTS_DIR "/data/client.crt", TESTS_DIR "/data/client.key");
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	138	assert_int_equal(ret, 0);
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	139	ret = nc_client_tls_set_trusted_ca_paths(NULL, TESTS_DIR "/data");
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	140	assert_int_equal(ret, 0);
				141
				142	will_return(__wrap_connect, 0);
				143	will_return(__wrap_SSL_connect, 1);
				144
				145	/* fake succesfull handshake */
				146	will_return(__wrap_nc_handshake_io, 3);
				147	will_return(__wrap_nc_ctx_check_and_fill, 0);
				148	session = nc_connect_tls("0.0.0.0", 6001, NULL);
				149	assert_non_null(session);
				150
				151	nc_session_free(session, NULL);
				152	}
				153
				154	static void
				155	test_nc_client_tls_setting_crl_paths(void **state)
				156	{
				157	(void)state;
				158	const char file, dir;
				159	int ret;
				160
				161	nc_client_tls_get_crl_paths(&file, &dir);
				162	assert_null(file);
				163	assert_null(dir);
				164
				165	ret = nc_client_tls_set_crl_paths("file", "dir");
				166	assert_int_equal(ret, 0);
				167	nc_client_tls_get_crl_paths(&file, &dir);
				168	assert_string_equal(file, "file");
				169	assert_string_equal(dir, "dir");
				170
				171	ret = nc_client_tls_set_crl_paths("file1", "dir1");
				172	assert_int_equal(ret, 0);
				173	nc_client_tls_get_crl_paths(&file, &dir);
				174	assert_string_equal(file, "file1");
				175	assert_string_equal(dir, "dir1");
				176
				177	/* destroy client */
				178	nc_client_destroy();
				179	}
				180
				181	static void
				182	test_nc_connect_tls_handshake_failed(void **state)
				183	{
				184	(void)state;
				185	int ret;
				186	struct nc_session *session;
				187
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	188	ret = nc_client_tls_set_cert_key_paths(TESTS_DIR "/data/client.crt", TESTS_DIR "/data/client.key");
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	189	assert_int_equal(ret, 0);
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	190	ret = nc_client_tls_set_trusted_ca_paths(NULL, TESTS_DIR "/data");
David Sedlák	6fdf1ec	2018-09-30 21:42:31 +0200	[diff] [blame]	191	assert_int_equal(ret, 0);
				192
				193	will_return(__wrap_connect, 0);
				194	will_return(__wrap_SSL_connect, 1);
				195
				196	/* fake failed handshake */
				197	will_return(__wrap_nc_handshake_io, 0);
				198	session = nc_connect_tls("0.0.0.0", 6001, NULL);
				199	assert_null(session);
				200	}
				201
				202	int
				203	main(void)
				204	{
				205	const struct CMUnitTest tests[] = {
				206	cmocka_unit_test_setup_teardown(test_nc_client_tls_setting_cert_key_paths, setup_f, teardown_f),
				207	cmocka_unit_test_setup_teardown(test_nc_connect_tls_handshake_failed, setup_f, teardown_f),
				208	cmocka_unit_test_setup_teardown(test_nc_connect_tls_succesfull, setup_f, teardown_f),
				209	cmocka_unit_test_setup_teardown(test_nc_client_tls_setting_trusted_ca_paths, setup_f, teardown_f),
				210	cmocka_unit_test_setup_teardown(test_nc_client_tls_setting_crl_paths, setup_f, teardown_f),
				211	};
				212
				213	return cmocka_run_group_tests(tests, NULL, NULL);
Michal Vasko	b83a3fa	2021-05-26 09:53:42 +0200	[diff] [blame]	214	}