int
main (int argc, char **argv)
{
GMainLoop *loop;
SoupServer *server;
SoupURI *uri;
SoupAuthDomain *auth_domain;
test_init (argc, argv, no_test_entry);
server = soup_test_server_new (FALSE);
g_signal_connect (server, "request_started",
G_CALLBACK (request_started_callback), NULL);
soup_server_add_handler (server, NULL,
server_callback, NULL, NULL);
auth_domain = soup_auth_domain_basic_new (
SOUP_AUTH_DOMAIN_REALM, "server-auth-test",
SOUP_AUTH_DOMAIN_ADD_PATH, "/Basic",
SOUP_AUTH_DOMAIN_ADD_PATH, "/Any",
SOUP_AUTH_DOMAIN_REMOVE_PATH, "/Any/Not",
SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, basic_auth_callback,
NULL);
soup_server_add_auth_domain (server, auth_domain);
g_object_unref (auth_domain);
auth_domain = soup_auth_domain_digest_new (
SOUP_AUTH_DOMAIN_REALM, "server-auth-test",
SOUP_AUTH_DOMAIN_ADD_PATH, "/Digest",
SOUP_AUTH_DOMAIN_ADD_PATH, "/Any",
SOUP_AUTH_DOMAIN_REMOVE_PATH, "/Any/Not",
SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, digest_auth_callback,
NULL);
soup_server_add_auth_domain (server, auth_domain);
g_object_unref (auth_domain);
loop = g_main_loop_new (NULL, TRUE);
if (run_tests) {
uri = soup_uri_new ("http://127.0.0.1");
soup_uri_set_port (uri, soup_server_get_port (server));
do_auth_tests (uri);
soup_uri_free (uri);
} else {
printf ("Listening on port %d\n", soup_server_get_port (server));
g_main_loop_run (loop);
}
g_main_loop_unref (loop);
soup_test_server_quit_unref (server);
if (run_tests)
test_cleanup ();
return errors != 0;
}
int
run_server (guint * http_port, guint * https_port)
{
guint port = SOUP_ADDRESS_ANY_PORT;
guint ssl_port = SOUP_ADDRESS_ANY_PORT;
const char *ssl_cert_file = GST_TEST_FILES_PATH "/test-cert.pem";
const char *ssl_key_file = GST_TEST_FILES_PATH "/test-key.pem";
static int server_running = 0;
SoupAuthDomain *domain = NULL;
if (server_running)
return 0;
server_running = 1;
*http_port = *https_port = 0;
server = soup_server_new (SOUP_SERVER_PORT, port, NULL);
if (!server) {
GST_DEBUG ("Unable to bind to server port %u", port);
return 1;
}
*http_port = soup_server_get_port (server);
GST_INFO ("HTTP server listening on port %u", *http_port);
soup_server_add_handler (server, NULL, server_callback, NULL, NULL);
domain = soup_auth_domain_basic_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, basic_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, basic_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
domain = soup_auth_domain_digest_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, digest_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, digest_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
soup_server_run_async (server);
if (ssl_cert_file && ssl_key_file) {
ssl_server = soup_server_new (SOUP_SERVER_PORT, ssl_port,
SOUP_SERVER_SSL_CERT_FILE, ssl_cert_file,
SOUP_SERVER_SSL_KEY_FILE, ssl_key_file, NULL);
if (!ssl_server) {
GST_DEBUG ("Unable to bind to SSL server port %u", ssl_port);
return 1;
}
*https_port = soup_server_get_port (ssl_server);
GST_INFO ("HTTPS server listening on port %u", *https_port);
soup_server_add_handler (ssl_server, NULL, server_callback, NULL, NULL);
soup_server_run_async (ssl_server);
}
return 0;
}
static void
do_select_auth_test (void)
{
SoupServer *server;
SoupAuthDomain *basic_auth_domain, *digest_auth_domain;
SoupURI *uri;
debug_printf (1, "\nTesting selection among multiple auths:\n");
/* It doesn't seem to be possible to configure Apache to serve
* multiple auth types for a single URL. So we have to use
* SoupServer here. We know that SoupServer handles the server
* side of this scenario correctly, because we test it against
* curl in server-auth-test.
*/
server = soup_test_server_new (FALSE);
soup_server_add_handler (server, NULL,
server_callback, NULL, NULL);
uri = soup_uri_new ("http://127.0.0.1/");
soup_uri_set_port (uri, soup_server_get_port (server));
basic_auth_domain = soup_auth_domain_basic_new (
SOUP_AUTH_DOMAIN_REALM, "auth-test",
SOUP_AUTH_DOMAIN_ADD_PATH, "/",
SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, server_basic_auth_callback,
NULL);
soup_server_add_auth_domain (server, basic_auth_domain);
digest_auth_domain = soup_auth_domain_digest_new (
SOUP_AUTH_DOMAIN_REALM, "auth-test",
SOUP_AUTH_DOMAIN_ADD_PATH, "/",
SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, server_digest_auth_callback,
NULL);
soup_server_add_auth_domain (server, digest_auth_domain);
debug_printf (1, " Testing with no auth\n");
select_auth_test_one (uri, FALSE, NULL,
"Basic, Digest", "Digest",
NULL, NULL,
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing with bad password\n");
select_auth_test_one (uri, FALSE, "bad",
"Basic, Digest", "Digest",
"Basic, Digest", "Digest",
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing with good password\n");
select_auth_test_one (uri, FALSE, "good",
"Basic, Digest", "Digest",
NULL, NULL,
SOUP_STATUS_OK);
/* Test with Digest disabled in the client. */
debug_printf (1, " Testing without Digest with no auth\n");
select_auth_test_one (uri, TRUE, NULL,
"Basic, Digest", "Basic",
NULL, NULL,
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing without Digest with bad password\n");
select_auth_test_one (uri, TRUE, "bad",
"Basic, Digest", "Basic",
"Basic, Digest", "Basic",
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing without Digest with good password\n");
select_auth_test_one (uri, TRUE, "good-basic",
"Basic, Digest", "Basic",
NULL, NULL,
SOUP_STATUS_OK);
/* Now flip the order of the domains, verify that this flips
* the order of the headers, and make sure that digest auth
* *still* gets used.
*/
soup_server_remove_auth_domain (server, basic_auth_domain);
soup_server_remove_auth_domain (server, digest_auth_domain);
soup_server_add_auth_domain (server, digest_auth_domain);
soup_server_add_auth_domain (server, basic_auth_domain);
debug_printf (1, " Testing flipped with no auth\n");
select_auth_test_one (uri, FALSE, NULL,
"Digest, Basic", "Digest",
NULL, NULL,
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing flipped with bad password\n");
select_auth_test_one (uri, FALSE, "bad",
"Digest, Basic", "Digest",
"Digest, Basic", "Digest",
SOUP_STATUS_UNAUTHORIZED);
debug_printf (1, " Testing flipped with good password\n");
select_auth_test_one (uri, FALSE, "good",
"Digest, Basic", "Digest",
NULL, NULL,
SOUP_STATUS_OK);
g_object_unref (basic_auth_domain);
g_object_unref (digest_auth_domain);
soup_uri_free (uri);
soup_test_server_quit_unref (server);
}
static gboolean
run_server (guint * http_port, guint * https_port)
{
guint port = SOUP_ADDRESS_ANY_PORT;
guint ssl_port = SOUP_ADDRESS_ANY_PORT;
const char *ssl_cert_file = GST_TEST_FILES_PATH "/test-cert.pem";
const char *ssl_key_file = GST_TEST_FILES_PATH "/test-key.pem";
static int server_running = 0;
GSocketAddress *address;
GError *err = NULL;
SoupAuthDomain *domain = NULL;
if (server_running)
return TRUE;
server_running = 1;
*http_port = *https_port = 0;
server = soup_server_new (NULL, NULL);
if (!server) {
GST_DEBUG ("Unable to create server");
return FALSE;
}
soup_server_add_handler (server, NULL, server_callback, NULL, NULL);
domain = soup_auth_domain_basic_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, basic_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, basic_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
domain = soup_auth_domain_digest_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, digest_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, digest_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
address = g_inet_socket_address_new_from_string ("0.0.0.0", port);
soup_server_listen (server, address, 0, &err);
g_object_unref (address);
if (err) {
stop_server ();
g_clear_error (&err);
return FALSE;
}
*http_port = get_port_from_server (server);
GST_DEBUG ("HTTP server listening on port %u", *http_port);
if (ssl_cert_file && ssl_key_file) {
GTlsBackend *backend = g_tls_backend_get_default ();
if (backend != NULL && g_tls_backend_supports_tls (backend)) {
ssl_server = soup_server_new (SOUP_SERVER_SSL_CERT_FILE, ssl_cert_file,
SOUP_SERVER_SSL_KEY_FILE, ssl_key_file, NULL);
} else {
GST_INFO ("No TLS support");
}
if (ssl_server) {
GST_INFO ("HTTPS server listening on port %u", *https_port);
soup_server_add_handler (ssl_server, NULL, server_callback, NULL, NULL);
address = g_inet_socket_address_new_from_string ("0.0.0.0", ssl_port);
soup_server_listen (ssl_server, address, SOUP_SERVER_LISTEN_HTTPS, &err);
g_object_unref (address);
if (err) {
GST_ERROR ("Failed to start HTTPS server: %s", err->message);
stop_server ();
g_clear_error (&err);
return FALSE;
}
*https_port = get_port_from_server (ssl_server);
GST_DEBUG ("HTTPS server listening on port %u", *https_port);
}
}
/* check if we can connect to our local http server */
{
GSocketConnection *conn;
GSocketClient *client;
client = g_socket_client_new ();
g_socket_client_set_timeout (client, 2);
conn = g_socket_client_connect_to_host (client, "127.0.0.1", *http_port,
NULL, NULL);
if (conn == NULL) {
GST_INFO ("Couldn't connect to http server 127.0.0.1:%u", *http_port);
g_object_unref (client);
stop_server ();
return FALSE;
}
g_object_unref (conn);
if (ssl_server == NULL)
goto skip_https_check;
conn = g_socket_client_connect_to_host (client, "127.0.0.1", *https_port,
NULL, NULL);
if (conn == NULL) {
GST_INFO ("Couldn't connect to https server 127.0.0.1:%u", *https_port);
g_object_unref (client);
stop_server ();
return FALSE;
}
g_object_unref (conn);
skip_https_check:
g_object_unref (client);
}
return TRUE;
}