2 * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
3 * Copyright Siemens AG 2020
5 * Licensed under the Apache License 2.0 (the "License"). You may not use
6 * this file except in compliance with the License. You can obtain a copy
7 * in the file LICENSE in the source distribution or at
8 * https://www.openssl.org/source/license.html
11 #include <openssl/http.h>
12 #include <openssl/pem.h>
13 #include <openssl/x509v3.h>
18 static const ASN1_ITEM *x509_it = NULL;
19 static X509 *x509 = NULL;
20 #define SERVER "mock.server"
22 #define RPATH "path/any.crt"
23 static const char *rpath;
26 * pretty trivial HTTP mock server:
27 * for POST, copy request headers+body from mem BIO 'in' as response to 'out'
28 * for GET, first redirect the request then respond with 'rsp' of ASN1 type 'it'
30 static int mock_http_server(BIO *in, BIO *out,
31 ASN1_VALUE *rsp, const ASN1_ITEM *it)
34 long count = BIO_get_mem_data(in, (unsigned char **)&req);
35 const char *hdr = (char *)req;
36 int is_get = count >= 4 && strncmp(hdr, "GET ", 4) == 0;
39 /* first line should contain "<GET or POST> <rpath> HTTP/1.x" */
42 else if (TEST_true(count >= 5 && strncmp(hdr, "POST ", 5) == 0))
52 if (!TEST_strn_eq(hdr, rpath, len) || !TEST_char_eq(hdr++[len], ' '))
55 len = strlen("HTTP/1.");
56 if (!TEST_strn_eq(hdr, "HTTP/1.", len))
59 /* check for HTTP version 1.0 .. 1.1 */
60 if (!TEST_char_le('0', *hdr) || !TEST_char_le(*hdr++, '1'))
62 if (!TEST_char_eq(*hdr++, '\r') || !TEST_char_eq(*hdr++, '\n'))
65 if (count <= 0 || out == NULL)
68 if (is_get && strcmp(rpath, RPATH) == 0) {
69 rpath = "path/new.crt";
70 return BIO_printf(out, "HTTP/1.1 301 Moved Permanently\r\n"
71 "Location: /%s\r\n\r\n", rpath) > 0; /* same server */
73 if (BIO_printf(out, "HTTP/1.1 200 OK\r\n") <= 0)
75 if (is_get) { /* construct new header and body */
76 if ((len = ASN1_item_i2d(rsp, NULL, it)) <= 0)
78 if (BIO_printf(out, "Content-Type: application/x-x509-ca-cert\r\n"
79 "Content-Length: %d\r\n\r\n", len) <= 0)
81 return ASN1_item_i2d_bio(it, out, rsp);
83 return BIO_write(out, hdr, count) == count; /* echo header and body */
87 static long http_bio_cb_ex(BIO *bio, int oper, const char *argp, size_t len,
88 int cmd, long argl, int ret, size_t *processed)
91 if (oper == (BIO_CB_CTRL | BIO_CB_RETURN) && cmd == BIO_CTRL_FLUSH)
92 ret = mock_http_server(bio, (BIO *)BIO_get_callback_arg(bio),
93 (ASN1_VALUE *)x509, x509_it);
97 static int test_http_x509(int do_get)
100 BIO *wbio = BIO_new(BIO_s_mem());
101 BIO *rbio = BIO_new(BIO_s_mem());
102 STACK_OF(CONF_VALUE) *headers = NULL;
105 if (wbio == NULL || rbio == NULL)
107 BIO_set_callback_ex(wbio, http_bio_cb_ex);
108 BIO_set_callback_arg(wbio, (char *)rbio);
113 OSSL_HTTP_get_asn1("http://"SERVER":"PORT"/"RPATH,
114 NULL /* proxy */, NULL /* no_proxy */,
115 wbio, rbio, NULL /* bio_update_fn */, NULL,
116 headers, 0 /* maxline */,
117 0 /* max_resp_len */, 0 /* timeout */,
118 "application/x-x509-ca-cert", x509_it)
120 OSSL_HTTP_post_asn1(SERVER, PORT, RPATH, 0 /* use_ssl */,
121 NULL /* proxy */, NULL /* no_proxy */,
122 wbio, rbio, NULL /* bio_update_fn */, NULL,
123 headers, "application/x-x509-ca-cert",
124 (ASN1_VALUE *)x509, x509_it, 0 /* maxline */,
125 0 /* max_resp_len */, 0 /* timeout */,
126 "application/x-x509-ca-cert", x509_it)
128 res = TEST_ptr(rcert) && TEST_int_eq(X509_cmp(x509, rcert), 0);
134 sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
138 static int test_http_url_ok(const char *url, int exp_ssl, const char *exp_host,
139 const char *exp_port, const char *exp_path)
141 char *user, *host, *port, *path, *query, *frag;
142 int exp_num, num, ssl;
145 if (!TEST_int_eq(sscanf(exp_port, "%d", &exp_num), 1))
147 res = TEST_true(OSSL_HTTP_parse_url(url, &ssl, &user, &host, &port, &num,
148 &path, &query, &frag))
149 && TEST_str_eq(host, exp_host)
150 && TEST_str_eq(port, exp_port)
151 && TEST_int_eq(num, exp_num)
152 && TEST_str_eq(path, exp_path)
153 && TEST_int_eq(ssl, exp_ssl);
154 if (res && *user != '\0')
155 res = TEST_str_eq(user, "user:pass");
156 if (res && *frag != '\0')
157 res = TEST_str_eq(frag, "fr");
158 if (res && *query != '\0')
159 res = TEST_str_eq(query, "q");
169 static int test_http_url_path_query_ok(const char *url, const char *exp_path_qu)
174 res = TEST_true(OSSL_HTTP_parse_url(url, NULL, NULL, &host, NULL, NULL,
176 && TEST_str_eq(host, "host")
177 && TEST_str_eq(path, exp_path_qu);
183 static int test_http_url_dns(void)
185 return test_http_url_ok("host:65535/path", 0, "host", "65535", "/path");
188 static int test_http_url_path_query(void)
190 return test_http_url_path_query_ok("http://usr@host:1/p?q=x#frag", "/p?q=x")
191 && test_http_url_path_query_ok("http://host?query#frag", "/?query")
192 && test_http_url_path_query_ok("http://host:9999#frag", "/");
195 static int test_http_url_userinfo_query_fragment(void)
197 return test_http_url_ok("user:pass@host/p?q#fr", 0, "host", "80", "/p");
200 static int test_http_url_ipv4(void)
202 return test_http_url_ok("https://1.2.3.4/p/q", 1, "1.2.3.4", "443", "/p/q");
205 static int test_http_url_ipv6(void)
207 return test_http_url_ok("http://[FF01::101]:6", 0, "FF01::101", "6", "/");
210 static int test_http_url_invalid(const char *url)
212 char *host = "1", *port = "1", *path = "1";
213 int num = 1, ssl = 1;
216 res = TEST_false(OSSL_HTTP_parse_url(url, &ssl, NULL, &host, &port, &num,
218 && TEST_ptr_null(host)
219 && TEST_ptr_null(port)
220 && TEST_ptr_null(path);
229 static int test_http_url_invalid_prefix(void)
231 return test_http_url_invalid("htttps://1.2.3.4:65535/pkix");
234 static int test_http_url_invalid_port(void)
236 return test_http_url_invalid("https://1.2.3.4:65536/pkix");
239 static int test_http_url_invalid_path(void)
241 return test_http_url_invalid("https://[FF01::101]pkix");
244 static int test_http_get_x509(void)
246 return test_http_x509(1);
249 static int test_http_post_x509(void)
251 return test_http_x509(0);
254 void cleanup_tests(void)
259 int setup_tests(void)
261 if (!test_skip_common_options()) {
262 TEST_error("Error parsing test options\n");
266 x509_it = ASN1_ITEM_rptr(X509);
267 if (!TEST_ptr((x509 = load_cert_pem(test_get_argument(0), NULL))))
270 ADD_TEST(test_http_url_dns);
271 ADD_TEST(test_http_url_path_query);
272 ADD_TEST(test_http_url_userinfo_query_fragment);
273 ADD_TEST(test_http_url_ipv4);
274 ADD_TEST(test_http_url_ipv6);
275 ADD_TEST(test_http_url_invalid_prefix);
276 ADD_TEST(test_http_url_invalid_port);
277 ADD_TEST(test_http_url_invalid_path);
278 ADD_TEST(test_http_get_x509);
279 ADD_TEST(test_http_post_x509);