mirror of
https://github.com/apple/foundationdb.git
synced 2025-05-14 18:02:31 +08:00
53e8a84bef
This does not integrate it into the FoundationDB build system at all, though the original Makefile exists and could be used to build this plugin.
566 lines
19 KiB
C++
566 lines
19 KiB
C++
#include <exception>
|
|
#include <fstream>
|
|
#include <iostream>
|
|
#include <sstream>
|
|
#include <string>
|
|
#include <vector>
|
|
|
|
#include <stdarg.h>
|
|
#include <dlfcn.h>
|
|
|
|
#include <boost/circular_buffer.hpp>
|
|
|
|
#include "ITLSPlugin.h"
|
|
#include "ReferenceCounted.h"
|
|
|
|
#include "FDBLibTLSPlugin.h"
|
|
|
|
#define TESTDATA "./testdata/"
|
|
|
|
static std::string load_file(std::string path)
|
|
{
|
|
std::ifstream fs(path);
|
|
std::stringstream ss;
|
|
|
|
ss << fs.rdbuf();
|
|
fs.close();
|
|
|
|
return ss.str();
|
|
}
|
|
|
|
struct FDBLibTLSClientServerTest {
|
|
FDBLibTLSClientServerTest(bool client_success, bool server_success, std::string client_path, std::string server_path, std::string client_verify, std::string server_verify):
|
|
client_success(client_success), server_success(server_success), client_verify(client_verify), server_verify(server_verify) {
|
|
client_data = load_file(TESTDATA + client_path);
|
|
server_data = load_file(TESTDATA + server_path);
|
|
}
|
|
~FDBLibTLSClientServerTest() {}
|
|
|
|
bool client_success;
|
|
bool server_success;
|
|
|
|
std::string client_data;
|
|
std::string client_verify;
|
|
std::string server_data;
|
|
std::string server_verify;
|
|
};
|
|
|
|
struct FDBLibTLSPluginTest {
|
|
FDBLibTLSPluginTest(Reference<ITLSPlugin> plugin, ITLSLogFunc logf);
|
|
~FDBLibTLSPluginTest();
|
|
|
|
Reference<ITLSPlugin> plugin;
|
|
ITLSLogFunc logf;
|
|
|
|
boost::circular_buffer<uint8_t> client_buffer;
|
|
boost::circular_buffer<uint8_t> server_buffer;
|
|
|
|
int circular_read(boost::circular_buffer<uint8_t> *cb, uint8_t* buf, int len);
|
|
int circular_write(boost::circular_buffer<uint8_t> *cb, const uint8_t* buf, int len);
|
|
int client_read(uint8_t* buf, int len);
|
|
int client_write(const uint8_t* buf, int len);
|
|
int server_read(uint8_t* buf, int len);
|
|
int server_write(const uint8_t* buf, int len);
|
|
|
|
Reference<ITLSPolicy> create_policy(void);
|
|
Reference<ITLSSession> create_client_session(Reference<ITLSPolicy> policy);
|
|
Reference<ITLSSession> create_server_session(Reference<ITLSPolicy> policy);
|
|
|
|
void circular_reset(void);
|
|
void circular_self_test(void);
|
|
|
|
int client_server_test(FDBLibTLSClientServerTest const& cst);
|
|
int set_cert_data_test(void);
|
|
};
|
|
|
|
FDBLibTLSPluginTest::FDBLibTLSPluginTest(Reference<ITLSPlugin> plugin, ITLSLogFunc logf) :
|
|
plugin(plugin), logf(logf)
|
|
{
|
|
circular_reset();
|
|
circular_self_test();
|
|
}
|
|
|
|
FDBLibTLSPluginTest::~FDBLibTLSPluginTest()
|
|
{
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::circular_read(boost::circular_buffer<uint8_t> *cb, uint8_t* buf, int len)
|
|
{
|
|
int n = 0;
|
|
|
|
for (n = 0; n < len; n++) {
|
|
if (cb->empty())
|
|
break;
|
|
buf[n] = (*cb)[0];
|
|
cb->pop_front();
|
|
}
|
|
|
|
return n;
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::circular_write(boost::circular_buffer<uint8_t> *cb, const uint8_t* buf, int len)
|
|
{
|
|
int n = 0;
|
|
|
|
for (n = 0; n < len; n++) {
|
|
if (cb->full())
|
|
break;
|
|
cb->push_back(buf[n]);
|
|
}
|
|
|
|
return n;
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::client_read(uint8_t* buf, int len)
|
|
{
|
|
// Read bytes from the server from the client's buffer.
|
|
return circular_read(&client_buffer, buf, len);
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::client_write(const uint8_t* buf, int len)
|
|
{
|
|
// Write bytes from the client into the server's buffer.
|
|
return circular_write(&server_buffer, buf, len);
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::server_read(uint8_t* buf, int len)
|
|
{
|
|
// Read bytes from the client from the server's buffer.
|
|
return circular_read(&server_buffer, buf, len);
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::server_write(const uint8_t* buf, int len)
|
|
{
|
|
// Write bytes from the server into the client's buffer.
|
|
return circular_write(&client_buffer, buf, len);
|
|
}
|
|
|
|
void FDBLibTLSPluginTest::circular_reset()
|
|
{
|
|
client_buffer = boost::circular_buffer<uint8_t>(1024);
|
|
server_buffer = boost::circular_buffer<uint8_t>(1024);
|
|
}
|
|
|
|
void FDBLibTLSPluginTest::circular_self_test()
|
|
{
|
|
uint8_t buf[1024] = {1, 2, 3};
|
|
|
|
std::cerr << "INFO: running circular buffer self tests...\n";
|
|
|
|
assert(server_read(buf, 3) == 0);
|
|
|
|
buf[0] = 1, buf[1] = 2, buf[2] = 3;
|
|
assert(client_write(buf, 2) == 2);
|
|
|
|
buf[0] = buf[1] = buf[2] = 255;
|
|
assert(server_read(buf, 3) == 2);
|
|
assert(buf[0] == 1 && buf[1] == 2 && buf[2] == 255);
|
|
|
|
assert(client_write(buf, 1024) == 1024);
|
|
assert(client_write(buf, 1) == 0);
|
|
assert(server_read(buf, 1) == 1);
|
|
assert(client_write(buf, 1) == 1);
|
|
assert(client_write(buf, 1) == 0);
|
|
assert(server_read(buf, 1024) == 1024);
|
|
assert(server_read(buf, 1024) == 0);
|
|
|
|
assert(client_read(buf, 3) == 0);
|
|
|
|
buf[0] = 1, buf[1] = 2, buf[2] = 3;
|
|
assert(server_write(buf, 2) == 2);
|
|
|
|
buf[0] = buf[1] = buf[2] = 255;
|
|
assert(client_read(buf, 3) == 2);
|
|
assert(buf[0] == 1 && buf[1] == 2 && buf[2] == 255);
|
|
|
|
assert(server_write(buf, 1024) == 1024);
|
|
assert(server_write(buf, 1) == 0);
|
|
assert(client_read(buf, 1) == 1);
|
|
assert(server_write(buf, 1) == 1);
|
|
assert(server_write(buf, 1) == 0);
|
|
assert(client_read(buf, 1024) == 1024);
|
|
assert(client_read(buf, 1024) == 0);
|
|
}
|
|
|
|
Reference<ITLSPolicy> FDBLibTLSPluginTest::create_policy(void)
|
|
{
|
|
return Reference<ITLSPolicy>(plugin->create_policy((ITLSLogFunc)logf));
|
|
}
|
|
|
|
static int client_send_func(void* ctx, const uint8_t* buf, int len) {
|
|
FDBLibTLSPluginTest *pt = (FDBLibTLSPluginTest *)ctx;
|
|
try {
|
|
return pt->client_write(buf, len);
|
|
} catch ( const std::runtime_error& e ) {
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
static int client_recv_func(void* ctx, uint8_t* buf, int len) {
|
|
FDBLibTLSPluginTest *pt = (FDBLibTLSPluginTest *)ctx;
|
|
try {
|
|
return pt->client_read(buf, len);
|
|
} catch ( const std::runtime_error& e ) {
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
Reference<ITLSSession> FDBLibTLSPluginTest::create_client_session(Reference<ITLSPolicy> policy)
|
|
{
|
|
return Reference<ITLSSession>(policy->create_session(true, client_send_func, this, client_recv_func, this, NULL));
|
|
}
|
|
|
|
static int server_send_func(void* ctx, const uint8_t* buf, int len) {
|
|
FDBLibTLSPluginTest *pt = (FDBLibTLSPluginTest *)ctx;
|
|
try {
|
|
return pt->server_write(buf, len);
|
|
} catch ( const std::runtime_error& e ) {
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
static int server_recv_func(void* ctx, uint8_t* buf, int len) {
|
|
FDBLibTLSPluginTest *pt = (FDBLibTLSPluginTest *)ctx;
|
|
try {
|
|
return pt->server_read(buf, len);
|
|
} catch ( const std::runtime_error& e ) {
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
Reference<ITLSSession> FDBLibTLSPluginTest::create_server_session(Reference<ITLSPolicy> policy)
|
|
{
|
|
return Reference<ITLSSession>(policy->create_session(false, server_send_func, this, server_recv_func, this, NULL));
|
|
}
|
|
|
|
int FDBLibTLSPluginTest::client_server_test(FDBLibTLSClientServerTest const& cst)
|
|
{
|
|
circular_reset();
|
|
|
|
Reference<ITLSPolicy> client_policy = create_policy();
|
|
if (!client_policy->set_cert_data((const uint8_t*)&cst.client_data[0], cst.client_data.size())) {
|
|
std::cerr << "FAIL: failed to set client cert data\n";
|
|
return 1;
|
|
}
|
|
if (!client_policy->set_key_data((const uint8_t*)&cst.client_data[0], cst.client_data.size())) {
|
|
std::cerr << "FAIL: failed to set client key data\n";
|
|
return 1;
|
|
}
|
|
if (!client_policy->set_verify_peers((const uint8_t*)&cst.client_verify[0], cst.client_verify.size())) {
|
|
std::cerr << "FAIL: failed to set client key data\n";
|
|
return 1;
|
|
}
|
|
|
|
Reference<ITLSPolicy> server_policy = create_policy();
|
|
if (!server_policy->set_cert_data((const uint8_t*)&cst.server_data[0], cst.server_data.size())) {
|
|
std::cerr << "FAIL: failed to set server cert data\n";
|
|
return 1;
|
|
}
|
|
if (!server_policy->set_key_data((const uint8_t*)&cst.server_data[0], cst.server_data.size())) {
|
|
std::cerr << "FAIL: failed to set server key data\n";
|
|
return 1;
|
|
}
|
|
if (!server_policy->set_verify_peers((const uint8_t*)&cst.server_verify[0], cst.server_verify.size())) {
|
|
std::cerr << "FAIL: failed to set client key data\n";
|
|
return 1;
|
|
}
|
|
|
|
Reference<ITLSSession> client_session = create_client_session(client_policy);
|
|
Reference<ITLSSession> server_session = create_server_session(server_policy);
|
|
|
|
if (client_session.getPtr() == NULL || server_session.getPtr() == NULL)
|
|
return 1;
|
|
|
|
std::cerr << "INFO: starting TLS handshake...\n";
|
|
|
|
bool client_done = false, server_done = false;
|
|
bool client_failed = false, server_failed = false;
|
|
int rc, i = 0;
|
|
do {
|
|
if (!client_done) {
|
|
rc = client_session->handshake();
|
|
if (rc == ITLSSession::SUCCESS) {
|
|
client_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
if (cst.client_success) {
|
|
std::cerr << "FAIL: failed to complete client handshake\n";
|
|
return 1;
|
|
} else {
|
|
std::cerr << "INFO: failed to complete client handshake (as expected)\n";
|
|
client_failed = true;
|
|
client_done = true;
|
|
}
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: client handshake returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
if (!server_done) {
|
|
rc = server_session->handshake();
|
|
if (rc == ITLSSession::SUCCESS) {
|
|
server_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
if (cst.server_success) {
|
|
std::cerr << "FAIL: failed to complete server handshake\n";
|
|
return 1;
|
|
} else {
|
|
std::cerr << "INFO: failed to complete server handshake (as expected)\n";
|
|
server_failed = true;
|
|
server_done = true;
|
|
}
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: server handshake returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
} while (i++ < 100 && (!client_done || !server_done));
|
|
|
|
if (!client_done || !server_done) {
|
|
std::cerr << "FAIL: failed to complete handshake\n";
|
|
return 1;
|
|
}
|
|
|
|
if (!cst.client_success && !client_failed)
|
|
std::cerr << "FAIL: client handshake succeeded when it should have failed\n";
|
|
if (!cst.server_success && !server_failed)
|
|
std::cerr << "FAIL: server handshake succeeded when it should have failed\n";
|
|
if (!cst.client_success || !cst.server_success)
|
|
return 0;
|
|
|
|
std::cerr << "INFO: handshake completed successfully\n";
|
|
|
|
//
|
|
// Write on client and read on server.
|
|
//
|
|
std::cerr << "INFO: starting client write test...\n";
|
|
|
|
std::string client_msg("FDBLibTLSPlugin Client Write Test");
|
|
std::string server_msg;
|
|
size_t cn = 0, sn = 0;
|
|
uint8_t buf[16];
|
|
|
|
client_done = false, server_done = false;
|
|
i = 0;
|
|
do {
|
|
if (!client_done) {
|
|
rc = client_session->write((const uint8_t*)&client_msg[cn], client_msg.size()-cn);
|
|
if (rc > 0) {
|
|
cn += rc;
|
|
if (cn >= client_msg.size())
|
|
client_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
std::cerr << "FAIL: failed to complete client write\n";
|
|
return 1;
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: client write returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
if (!server_done) {
|
|
rc = server_session->read(buf, sizeof(buf));
|
|
if (rc > 0) {
|
|
sn += rc;
|
|
for (int j = 0; j < rc; j++)
|
|
server_msg += buf[j];
|
|
if (sn >= client_msg.size())
|
|
server_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
std::cerr << "FAIL: failed to complete server read\n";
|
|
return 1;
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: server read returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
} while (i++ < 100 && (!client_done || !server_done));
|
|
|
|
if (client_msg != server_msg) {
|
|
std::cerr << "FAIL: got client msg '" << server_msg << "' want '" << client_msg << "'\n";
|
|
return 1;
|
|
}
|
|
|
|
std::cerr << "INFO: client write test completed successfully\n";
|
|
|
|
//
|
|
// Write on server and read on client.
|
|
//
|
|
std::cerr << "INFO: starting server write test...\n";
|
|
|
|
server_msg = "FDBLibTLSPlugin Server Write Test";
|
|
client_msg.clear();
|
|
cn = 0, sn = 0;
|
|
|
|
client_done = false, server_done = false;
|
|
i = 0;
|
|
do {
|
|
if (!server_done) {
|
|
rc = server_session->write((const uint8_t*)&server_msg[cn], server_msg.size()-cn);
|
|
if (rc > 0) {
|
|
cn += rc;
|
|
if (cn >= server_msg.size())
|
|
server_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
std::cerr << "FAIL: failed to complete server write\n";
|
|
return 1;
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: server write returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
if (!client_done) {
|
|
rc = client_session->read(buf, sizeof(buf));
|
|
if (rc > 0) {
|
|
sn += rc;
|
|
for (int j = 0; j < rc; j++)
|
|
client_msg += buf[j];
|
|
if (sn >= server_msg.size())
|
|
client_done = true;
|
|
} else if (rc == ITLSSession::FAILED) {
|
|
std::cerr << "FAIL: failed to complete client read\n";
|
|
return 1;
|
|
} else if (rc != ITLSSession::WANT_READ && rc != ITLSSession::WANT_WRITE) {
|
|
std::cerr << "FAIL: client read returned unknown value: " << rc << "\n";
|
|
return 1;
|
|
}
|
|
}
|
|
} while (i++ < 100 && (!client_done || !server_done));
|
|
|
|
if (server_msg != client_msg) {
|
|
std::cerr << "FAIL: got server msg '" << client_msg << "' want '" << server_msg << "'\n";
|
|
return 1;
|
|
}
|
|
|
|
std::cerr << "INFO: server write test completed successfully\n";
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void logf(const char* event, void* uid, int is_error, ...) {
|
|
va_list args;
|
|
|
|
std::string log_type ("INFO");
|
|
if (is_error)
|
|
log_type = "ERROR";
|
|
|
|
std::cerr << log_type << ": " << event;
|
|
|
|
va_start(args, is_error);
|
|
|
|
const char *s = va_arg(args, const char *);
|
|
while (s != NULL) {
|
|
std::cerr << " " << s;
|
|
s = va_arg(args, const char *);
|
|
}
|
|
|
|
std::cerr << "\n";
|
|
|
|
va_end(args);
|
|
}
|
|
|
|
int main(int argc, char **argv)
|
|
{
|
|
void *pluginSO = NULL;
|
|
void *(*getPlugin)(const char*);
|
|
int failed = 0;
|
|
|
|
if (argc != 2) {
|
|
std::cerr << "usage: " << argv[0] << " <plugin_path>\n";
|
|
exit(1);
|
|
}
|
|
|
|
pluginSO = dlopen(argv[1], RTLD_LAZY | RTLD_LOCAL);
|
|
if (pluginSO == NULL) {
|
|
std::cerr << "failed to load plugin '" << argv[1] << "': " << dlerror() << "\n";
|
|
exit(1);
|
|
}
|
|
|
|
getPlugin = (void*(*)(const char*))dlsym( pluginSO, "get_plugin" );
|
|
if (getPlugin == NULL) {
|
|
std::cerr << "plugin '" << argv[1] << "' does not provide get_plugin()\n";
|
|
exit(1);
|
|
}
|
|
|
|
Reference<ITLSPlugin> plugin = Reference<ITLSPlugin>((ITLSPlugin *)getPlugin(ITLSPlugin::get_plugin_type_name_and_version()));
|
|
|
|
std::vector<FDBLibTLSClientServerTest> tests = {
|
|
// Valid - all use single root CA.
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-1-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-2-client.pem", "test-2-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-2-client.pem", "test-1-server.pem", "", ""),
|
|
|
|
// Certificates terminate at different intermediate CAs.
|
|
FDBLibTLSClientServerTest(false, false, "test-4-client.pem", "test-5-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(false, false, "test-5-client.pem", "test-4-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-4-client.pem", "test-5-server.pem",
|
|
"Check.Valid=0", "Check.Valid=0"),
|
|
FDBLibTLSClientServerTest(true, true, "test-5-client.pem", "test-4-server.pem",
|
|
"Check.Valid=0", "Check.Valid=0"),
|
|
|
|
// Expired certificates.
|
|
FDBLibTLSClientServerTest(false, false, "test-1-client.pem", "test-3-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(false, false, "test-3-client.pem", "test-1-server.pem", "", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-3-server.pem", "Check.Unexpired=0", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-3-client.pem", "test-1-server.pem", "", "Check.Unexpired=0"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-3-server.pem", "Check.Valid=0", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-3-client.pem", "test-1-server.pem", "", "Check.Valid=0"),
|
|
|
|
// Match on specific subject and/or issuer.
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-1-server.pem", "C=US", ""),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-2-server.pem", "C=US", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem", "C=AU", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\03\\>", ""),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\04\\>", ""),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\81 \\<\\01\\+\\02=\\04\\>", ""),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\04", ""),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\03\\>",
|
|
"CN=FDB LibTLS Plugin Test Client 1"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-1-server.pem",
|
|
"", "CN=FDB LibTLS Plugin Test Client 1"),
|
|
FDBLibTLSClientServerTest(true, false, "test-2-client.pem", "test-1-server.pem",
|
|
"", "O=Apple Pty Limited,OU=FDC Team"),
|
|
FDBLibTLSClientServerTest(true, true, "test-2-client.pem", "test-1-server.pem",
|
|
"O=Apple Inc.,OU=FDB Team", "O=Apple Pty Limited,OU=FDB Team"),
|
|
FDBLibTLSClientServerTest(false, false, "test-2-client.pem", "test-1-server.pem",
|
|
"O=Apple Inc.,OU=FDC Team", "O=Apple Pty Limited,OU=FDC Team"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-1-server.pem",
|
|
"I.C=US,I.ST=California,I.L=Cupertino,I.O=Apple Inc.,I.OU=FDB Team",
|
|
"I.C=US,I.ST=California,I.L=Cupertino,I.O=Apple Inc.,I.OU=FDB Team"),
|
|
FDBLibTLSClientServerTest(false, false, "test-1-client.pem", "test-1-server.pem",
|
|
"I.C=US,I.ST=California,I.L=Cupertino,I.O=Apple Inc.,I.OU=FDC Team",
|
|
"I.C=US,I.ST=California,I.L=Cupertino,I.O=Apple Inc.,I.OU=FDC Team"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-1-server.pem",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1"),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-1-server.pem",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 2",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 2",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1"),
|
|
FDBLibTLSClientServerTest(true, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\03\\>,I.CN=FDB LibTLS Plugin Test Intermediate CA 2",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1,O=Apple Inc.,I.C=US,S.C=US"),
|
|
FDBLibTLSClientServerTest(false, true, "test-1-client.pem", "test-2-server.pem",
|
|
"CN=FDB LibTLS Plugin Test Server 2\\, \\80 \\<\\01\\+\\02=\\03\\>,I.CN=FDB LibTLS Plugin Test Intermediate CA 1",
|
|
"I.CN=FDB LibTLS Plugin Test Intermediate CA 1,O=Apple Inc.,I.C=US,S.C=US"),
|
|
};
|
|
|
|
FDBLibTLSPluginTest *pt = new FDBLibTLSPluginTest(plugin, (ITLSLogFunc)logf);
|
|
|
|
int test_num = 1;
|
|
for (auto &test: tests) {
|
|
std::cerr << "== Test " << test_num++ << " ==\n";
|
|
failed |= pt->client_server_test(test);
|
|
}
|
|
|
|
delete pt;
|
|
|
|
return (failed);
|
|
}
|