コード例 #1
0
ファイル: us901.c プロジェクト: StephenWall/libest
/*
 * This test attempts to use a client certificate to
 * verify the TLS client authentiaiton is working.
 * The certificate used is signed by the explicit cert
 * chain. Invalid HTTP authentication credentials are
 * also provided.  This should fail with a 401 response.
 */
static void us901_test22(void) {
    long rv;
    int st_rv;

    st_rv = us901_start_server('D');
    if (st_rv) {
        return;
    }

    LOG_FUNC_NM
    ;

    SLEEP(1);
    rv = curl_http_post_certuid(US901_ENROLL_URL,
    US901_PKCS10_CT,
    US901_PKCS10_REQ,
    US901_UIDPWD_BAD,
    US901_EXPLICIT_CERT,
    US901_EXPLICIT_KEY,
    US901_CACERTS,
    NULL);
    /*
     * Since we passed in an invalid userID/password,
     * we expect the server to respond with 401
     */
    CU_ASSERT(rv == 401);
    st_stop();
    SLEEP(1);
}
コード例 #2
0
ファイル: us894.c プロジェクト: DDvO/libest
/*
 * This test attempts to use a client certificate to
 * verify the TLS client authentiaiton is working.  
 * The certificate used is signed by the explicit cert
 * chain. Invalid HTTP authentication credentials are
 * also provided.  This should fail with a 401 response.
 */
static void us894_test22 (void)
{
    long rv;

    LOG_FUNC_NM;
    
    sleep(1);
    rv = curl_http_post_certuid(US894_ENROLL_URL, 
	US894_PKCS10_CT, 
	US894_PKCS10_REQ, 
	US894_UIDPWD_BAD,
        US894_EXPLICIT_CERT, 
	US894_EXPLICIT_KEY,
	US894_CACERTS,
	NULL);
    /* 
     * Since we passed in an invalid userID/password,
     * we expect the server to respond with 401
     */
    CU_ASSERT(rv == 401);
}
コード例 #3
0
ファイル: us1060.c プロジェクト: JamesLinus/libest
/*
 * This is our worker for each entry in the test matrix above.
 * We read the configuration from the entry, configure the
 * server and client as needed, and attempt a simple enroll
 * using Curl as the client.
 * The argument i is the index of the entry in the table above.
 */
static void us1060_test_matrix_item (int i) 
{
    long rv;

    LOG_FUNC_NM;

    printf("\nRunning matrix test %s\n", test_matrix[i].test_name);

    /*
     * Stop the server and restart it to make sure 
     * it's in the correct mode.
     */
    st_stop();
    if (test_matrix[i].server_srp == SRP_ON) {
	rv = us1060_start_server(US1060_SERVER_CERTKEY, US1060_SERVER_CERTKEY, 0, 0, 1);
    } else {
	rv = us1060_start_server(US1060_SERVER_CERTKEY, US1060_SERVER_CERTKEY, 0, 0, 0);
    }
    CU_ASSERT(rv == 0);


    /*
     * Set the server HTTP auth configuration
     */
    switch (test_matrix[i].server_http) {
    case HTTP_OFF:
	st_disable_http_auth();
        break;
    case HTTP_OPTIONAL:
	st_enable_http_auth();
	st_set_http_auth_optional();
        break;
    case HTTP_REQUIRED:
	st_enable_http_auth();
	st_set_http_auth_required();
        break;
    }


    switch (test_matrix[i].curl_srp) {
    case SRP_GOOD:
	rv = curl_http_post_srp(US1060_ENROLL_URL, US1060_PKCS10_CT, US1060_PKCS10_REQ, 
				test_matrix[i].curl_http_auth, NULL, CURLAUTH_BASIC, 
				NULL, "srp_user", "srp_pwd", NULL, NULL);
	break;
    case SRP_BAD:
	rv = curl_http_post_srp(US1060_ENROLL_URL, US1060_PKCS10_CT, US1060_PKCS10_REQ, 
				test_matrix[i].curl_http_auth, NULL, CURLAUTH_BASIC, 
				NULL, "srp_user", "boguspwd", NULL, NULL);
	break;
    case SRP_NONE:
	/*
	 * Some of the SRP disabled test cases use a client
	 * certificate.
	 */
	if (test_matrix[i].curl_cert) {
	    rv = curl_http_post_certuid(US1060_ENROLL_URL, US1060_PKCS10_CT, US1060_PKCS10_REQ, 
					test_matrix[i].curl_http_auth, 
					test_matrix[i].curl_cert, test_matrix[i].curl_key,  
					US1060_CACERTS, NULL);
	} else {
	    rv = curl_http_post(US1060_ENROLL_URL, US1060_PKCS10_CT, US1060_PKCS10_REQ, 
				test_matrix[i].curl_http_auth, US1060_CACERTS, CURLAUTH_BASIC, 
				NULL, NULL, NULL);
	}
	break;
    }    
    CU_ASSERT(rv == test_matrix[i].expected_http_result);
    if (rv != test_matrix[i].expected_http_result) {
	printf("\nMatrix test %s failed with rv = %d\n", test_matrix[i].test_name, (int)rv);
    }
}