From 5408b641ddbddd9f40ec203901dd7cb1a7afa3c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Wed, 4 Mar 2015 22:32:16 +0100 Subject: Add connect() support for UDP sockets --- openssl/src/ssl/tests.rs | 70 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 52 insertions(+), 18 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 05c9fe79..1da42082 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -11,6 +11,7 @@ use std::fs::File; use crypto::hash::Type::{SHA256}; use ssl; +use ssl::SslMethod; use ssl::SslMethod::Sslv23; use ssl::{SslContext, SslStream, VerifyCallback}; use ssl::SSL_VERIFY_PEER; @@ -20,21 +21,23 @@ use x509::X509FileType; use x509::X509; use crypto::pkey::PKey; +const PROTOCOL:SslMethod = Sslv23; + #[test] fn test_new_ctx() { - SslContext::new(Sslv23).unwrap(); + SslContext::new(PROTOCOL).unwrap(); } #[test] fn test_new_sslstream() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - SslStream::new(&SslContext::new(Sslv23).unwrap(), stream).unwrap(); + SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); } #[test] fn test_verify_untrusted() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, None); match SslStream::new(&ctx, stream) { Ok(_) => panic!("expected failure"), @@ -45,8 +48,9 @@ fn test_verify_untrusted() { #[test] fn test_verify_trusted() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, None); + match ctx.set_CA_file(&Path::new("test/cert.pem")) { Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) @@ -63,8 +67,9 @@ fn test_verify_untrusted_callback_override_ok() { true } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + match SslStream::new(&ctx, stream) { Ok(_) => (), Err(err) => panic!("Expected success, got {:?}", err) @@ -77,8 +82,9 @@ fn test_verify_untrusted_callback_override_bad() { false } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + assert!(SslStream::new(&ctx, stream).is_err()); } @@ -88,8 +94,9 @@ fn test_verify_trusted_callback_override_ok() { true } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + match ctx.set_CA_file(&Path::new("test/cert.pem")) { Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) @@ -106,8 +113,9 @@ fn test_verify_trusted_callback_override_bad() { false } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + match ctx.set_CA_file(&Path::new("test/cert.pem")) { Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) @@ -122,8 +130,9 @@ fn test_verify_callback_load_certs() { true } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + assert!(SslStream::new(&ctx, stream).is_ok()); } @@ -134,8 +143,9 @@ fn test_verify_trusted_get_error_ok() { true } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + match ctx.set_CA_file(&Path::new("test/cert.pem")) { Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) @@ -150,8 +160,9 @@ fn test_verify_trusted_get_error_err() { false } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); + assert!(SslStream::new(&ctx, stream).is_err()); } @@ -168,7 +179,7 @@ fn test_verify_callback_data() { } } let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(Sslv23).unwrap(); + let mut ctx = SslContext::new(PROTOCOL).unwrap(); // Node id was generated as SHA256 hash of certificate "test/cert.pem" // in DER format. @@ -234,7 +245,7 @@ fn test_clear_ctx_options() { #[test] fn test_write() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut stream = SslStream::new(&SslContext::new(Sslv23).unwrap(), stream).unwrap(); + let mut stream = SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); stream.write_all("hello".as_bytes()).unwrap(); stream.flush().unwrap(); stream.write_all(" there".as_bytes()).unwrap(); @@ -244,7 +255,7 @@ fn test_write() { #[test] fn test_read() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut stream = SslStream::new(&SslContext::new(Sslv23).unwrap(), stream).unwrap(); + let mut stream = SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); stream.write_all("GET /\r\n\r\n".as_bytes()).unwrap(); stream.flush().unwrap(); println!("written"); @@ -261,7 +272,7 @@ fn test_connect_with_unilateral_npn() { ctx.set_verify(SSL_VERIFY_PEER, None); ctx.set_npn_protocols(&[b"http/1.1", b"spdy/3.1"]); match ctx.set_CA_file(&Path::new("test/cert.pem")) { - Ok(_)=> {} + Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) } let stream = match SslStream::new(&ctx, stream) { @@ -285,7 +296,7 @@ fn test_connect_with_npn_successful_multiple_matching() { ctx.set_verify(SSL_VERIFY_PEER, None); ctx.set_npn_protocols(&[b"spdy/3.1", b"http/1.1"]); match ctx.set_CA_file(&Path::new("test/cert.pem")) { - Ok(_)=> {} + Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) } let stream = match SslStream::new(&ctx, stream) { @@ -310,7 +321,7 @@ fn test_connect_with_npn_successful_single_match() { ctx.set_verify(SSL_VERIFY_PEER, None); ctx.set_npn_protocols(&[b"spdy/3.1"]); match ctx.set_CA_file(&Path::new("test/cert.pem")) { - Ok(_)=> {} + Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) } let stream = match SslStream::new(&ctx, stream) { @@ -350,7 +361,7 @@ fn test_npn_server_advertise_multiple() { ctx.set_verify(SSL_VERIFY_PEER, None); ctx.set_npn_protocols(&[b"spdy/3.1"]); match ctx.set_CA_file(&Path::new("test/cert.pem")) { - Ok(_)=> {} + Ok(_) => {} Err(err) => panic!("Unexpected error {:?}", err) } // Now connect to the socket and make sure the protocol negotiation works... @@ -362,3 +373,26 @@ fn test_npn_server_advertise_multiple() { // SPDY is selected since that's the only thing the client supports. assert_eq!(b"spdy/3.1", stream.get_selected_npn_protocol().unwrap()); } + +#[cfg(feature="dtlsv1")] +#[cfg(test)] +mod dtlsv1 { + use serialize::hex::FromHex; + use std::old_io::net::tcp::TcpStream; + use std::old_io::{Writer}; + use std::thread; + + use crypto::hash::Type::{SHA256}; + use ssl::SslMethod; + use ssl::SslMethod::Dtlsv1; + use ssl::{SslContext, SslStream, VerifyCallback}; + use ssl::SslVerifyMode::SSL_VERIFY_PEER; + use x509::{X509StoreContext}; + + const PROTOCOL:SslMethod = Dtlsv1; + + #[test] + fn test_new_ctx() { + SslContext::new(PROTOCOL).unwrap(); + } +} -- cgit v1.2.3 From 664600eadff8a0388bc9ab2544b382e56e4fae9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Tue, 10 Mar 2015 14:31:54 +0100 Subject: Add DTLSv1 and DTLSv1.2 support --- openssl/src/ssl/tests.rs | 215 +++++++++++++++++++++++++++++------------------ 1 file changed, 135 insertions(+), 80 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 1da42082..4d78e182 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -1,4 +1,5 @@ -use serialize::hex::FromHex; +#![allow(unused_imports)] + use std::net::TcpStream; use std::io; use std::io::prelude::*; @@ -13,6 +14,8 @@ use crypto::hash::Type::{SHA256}; use ssl; use ssl::SslMethod; use ssl::SslMethod::Sslv23; +#[cfg(feature="dtlsv1")] +use ssl::SslMethod::Dtlsv1; use ssl::{SslContext, SslStream, VerifyCallback}; use ssl::SSL_VERIFY_PEER; use x509::X509StoreContext; @@ -21,34 +24,89 @@ use x509::X509FileType; use x509::X509; use crypto::pkey::PKey; +#[cfg(feature="dtlsv1")] +use ssl::connected_socket::Connect; +#[cfg(feature="dtlsv1")] +use std::net::UdpSocket; + const PROTOCOL:SslMethod = Sslv23; +mod udp { + static mut udp_port:u16 = 15410; + + pub fn next_server<'a>() -> String { + unsafe { + udp_port += 1; + format!("127.0.0.1:{}", udp_port) + } + } +} + #[test] fn test_new_ctx() { SslContext::new(PROTOCOL).unwrap(); } -#[test] -fn test_new_sslstream() { - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); -} +macro_rules! run_test( + ($module:ident, $blk:expr) => ( + #[cfg(test)] + mod $module { + use ssl::tests::udp; + use std::io; + use std::io::prelude::*; + use std::path::Path; + use std::net::UdpSocket; + use std::net::TcpStream; + use ssl::SslMethod::Sslv23; + #[cfg(feature="dtlsv1")] + use ssl; + use ssl::SslMethod::Dtlsv1; + use ssl::{SslContext, SslStream, VerifyCallback}; + use ssl::connected_socket::Connect; + use ssl::SslVerifyMode::SSL_VERIFY_PEER; + use crypto::hash::Type::SHA256; + use x509::X509StoreContext; + use serialize::hex::FromHex; + use std::time::duration::Duration; + + #[test] + fn sslv23() { + let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); + $blk(Sslv23, stream); + } + + #[test] + #[cfg(feature="dtlsv1")] + fn dtlsv1() { + let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); + let stream = sock.connect(udp::next_server().as_slice()).unwrap(); + + $blk(Dtlsv1, stream); + } + } + ); +); -#[test] -fn test_verify_untrusted() { - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); +run_test!(new_ctx, |method, _| { + SslContext::new(method).unwrap(); +}); + +run_test!(new_sslstream, |method, stream| { + SslStream::new(&SslContext::new(method).unwrap(), stream).unwrap(); +}); + +run_test!(verify_untrusted, |method, stream| { + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, None); + match SslStream::new(&ctx, stream) { Ok(_) => panic!("expected failure"), Err(err) => println!("error {:?}", err) } -} +}); -#[test] -fn test_verify_trusted() { - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); +run_test!(verify_trusted, |method, stream| { + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, None); match ctx.set_CA_file(&Path::new("test/cert.pem")) { @@ -59,42 +117,39 @@ fn test_verify_trusted() { Ok(_) => (), Err(err) => panic!("Expected success, got {:?}", err) } -} +}); -#[test] -fn test_verify_untrusted_callback_override_ok() { +run_test!(verify_untrusted_callback_override_ok, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { true } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); match SslStream::new(&ctx, stream) { Ok(_) => (), Err(err) => panic!("Expected success, got {:?}", err) } -} +}); -#[test] -fn test_verify_untrusted_callback_override_bad() { +run_test!(verify_untrusted_callback_override_bad, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { false } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); assert!(SslStream::new(&ctx, stream).is_err()); -} +}); -#[test] -fn test_verify_trusted_callback_override_ok() { +run_test!(verify_trusted_callback_override_ok, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { true } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); match ctx.set_CA_file(&Path::new("test/cert.pem")) { @@ -105,15 +160,14 @@ fn test_verify_trusted_callback_override_ok() { Ok(_) => (), Err(err) => panic!("Expected success, got {:?}", err) } -} +}); -#[test] -fn test_verify_trusted_callback_override_bad() { +run_test!(verify_trusted_callback_override_bad, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { false } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); match ctx.set_CA_file(&Path::new("test/cert.pem")) { @@ -121,29 +175,27 @@ fn test_verify_trusted_callback_override_bad() { Err(err) => panic!("Unexpected error {:?}", err) } assert!(SslStream::new(&ctx, stream).is_err()); -} +}); -#[test] -fn test_verify_callback_load_certs() { +run_test!(verify_callback_load_certs, |method, stream| { fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { assert!(x509_ctx.get_current_cert().is_some()); true } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); assert!(SslStream::new(&ctx, stream).is_ok()); -} +}); -#[test] -fn test_verify_trusted_get_error_ok() { +run_test!(verify_trusted_get_error_ok, |method, stream| { fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { assert!(x509_ctx.get_error().is_none()); true } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); match ctx.set_CA_file(&Path::new("test/cert.pem")) { @@ -151,23 +203,21 @@ fn test_verify_trusted_get_error_ok() { Err(err) => panic!("Unexpected error {:?}", err) } assert!(SslStream::new(&ctx, stream).is_ok()); -} +}); -#[test] -fn test_verify_trusted_get_error_err() { +run_test!(verify_trusted_get_error_err, |method, stream| { fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext) -> bool { assert!(x509_ctx.get_error().is_some()); false } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + + let mut ctx = SslContext::new(method).unwrap(); ctx.set_verify(SSL_VERIFY_PEER, Some(callback as VerifyCallback)); assert!(SslStream::new(&ctx, stream).is_err()); -} +}); -#[test] -fn test_verify_callback_data() { +run_test!(verify_callback_data, |method, stream| { fn callback(_preverify_ok: bool, x509_ctx: &X509StoreContext, node_id: &Vec) -> bool { let cert = x509_ctx.get_current_cert(); match cert { @@ -178,8 +228,7 @@ fn test_verify_callback_data() { } } } - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut ctx = SslContext::new(PROTOCOL).unwrap(); + let mut ctx = SslContext::new(method).unwrap(); // Node id was generated as SHA256 hash of certificate "test/cert.pem" // in DER format. @@ -194,7 +243,7 @@ fn test_verify_callback_data() { Ok(_) => (), Err(err) => panic!("Expected success, got {:?}", err) } -} +}); #[test] fn test_set_certificate_and_private_key() { @@ -217,51 +266,46 @@ fn test_set_certificate_and_private_key() { assert!(ctx.check_private_key().is_ok()); } -#[test] -fn test_get_ctx_options() { - let mut ctx = SslContext::new(Sslv23).unwrap(); +run_test!(get_ctx_options, |method, _| { + let mut ctx = SslContext::new(method).unwrap(); ctx.get_options(); -} +}); -#[test] -fn test_set_ctx_options() { - let mut ctx = SslContext::new(Sslv23).unwrap(); +run_test!(set_ctx_options, |method, _| { + let mut ctx = SslContext::new(method).unwrap(); let opts = ctx.set_options(ssl::SSL_OP_NO_TICKET); assert!(opts.contains(ssl::SSL_OP_NO_TICKET)); assert!(!opts.contains(ssl::SSL_OP_CISCO_ANYCONNECT)); let more_opts = ctx.set_options(ssl::SSL_OP_CISCO_ANYCONNECT); assert!(more_opts.contains(ssl::SSL_OP_NO_TICKET)); assert!(more_opts.contains(ssl::SSL_OP_CISCO_ANYCONNECT)); -} +}); -#[test] -fn test_clear_ctx_options() { - let mut ctx = SslContext::new(Sslv23).unwrap(); +run_test!(clear_ctx_options, |method, _| { + let mut ctx = SslContext::new(method).unwrap(); ctx.set_options(ssl::SSL_OP_ALL); let opts = ctx.clear_options(ssl::SSL_OP_ALL); assert!(!opts.contains(ssl::SSL_OP_ALL)); -} +}); -#[test] -fn test_write() { - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut stream = SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); - stream.write_all("hello".as_bytes()).unwrap(); - stream.flush().unwrap(); - stream.write_all(" there".as_bytes()).unwrap(); - stream.flush().unwrap(); -} +run_test!(write, |method, stream| { + let mut s = SslStream::new(&SslContext::new(method).unwrap(), stream).unwrap(); + s.write_all("hello".as_bytes()).unwrap(); + s.flush().unwrap(); + s.write_all(" there".as_bytes()).unwrap(); + s.flush().unwrap(); +}); #[test] fn test_read() { - let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - let mut stream = SslStream::new(&SslContext::new(PROTOCOL).unwrap(), stream).unwrap(); + let tcp = TcpStream::connect("127.0.0.1:15418").unwrap(); + let mut stream = SslStream::new(&SslContext::new(Sslv23).unwrap(), tcp).unwrap(); stream.write_all("GET /\r\n\r\n".as_bytes()).unwrap(); stream.flush().unwrap(); - println!("written"); io::copy(&mut stream, &mut io::sink()).ok().expect("read error"); } + /// Tests that connecting with the client using NPN, but the server not does not /// break the existing connection behavior. #[test] @@ -396,3 +440,14 @@ mod dtlsv1 { SslContext::new(PROTOCOL).unwrap(); } } + +#[test] +#[cfg(feature = "dtlsv1")] +fn test_read_dtlsv1() { + let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); + let stream = sock.connect(udp::next_server().as_slice()).unwrap(); + + let mut stream = SslStream::new(&SslContext::new(Dtlsv1).unwrap(), stream).unwrap(); + let mut buf = [0u8;100]; + assert!(stream.read(&mut buf).is_ok()); +} -- cgit v1.2.3 From 8a0e9d6cca4459dd0d256fc2e1b9453a9e0c48f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Wed, 11 Mar 2015 14:08:48 +0100 Subject: Fix travis test setup for DTLS --- openssl/src/ssl/tests.rs | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 4d78e182..5a0ff9b5 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -58,8 +58,8 @@ macro_rules! run_test( use std::net::UdpSocket; use std::net::TcpStream; use ssl::SslMethod::Sslv23; - #[cfg(feature="dtlsv1")] use ssl; + #[cfg(feature="dtlsv1")] use ssl::SslMethod::Dtlsv1; use ssl::{SslContext, SslStream, VerifyCallback}; use ssl::connected_socket::Connect; @@ -288,13 +288,28 @@ run_test!(clear_ctx_options, |method, _| { assert!(!opts.contains(ssl::SSL_OP_ALL)); }); -run_test!(write, |method, stream| { - let mut s = SslStream::new(&SslContext::new(method).unwrap(), stream).unwrap(); - s.write_all("hello".as_bytes()).unwrap(); - s.flush().unwrap(); - s.write_all(" there".as_bytes()).unwrap(); - s.flush().unwrap(); -}); +#[test] +fn test_write() { + let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); + let mut stream = SslStream::new(&SslContext::new(Sslv23).unwrap(), stream).unwrap(); + stream.write_all("hello".as_bytes()).unwrap(); + stream.flush().unwrap(); + stream.write_all(" there".as_bytes()).unwrap(); + stream.flush().unwrap(); +} + +#[test] +#[cfg(feature = "dtlsv1")] +fn test_write_dtlsv1() { + let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); + let stream = sock.connect("127.0.0.1:15410").unwrap(); + + let mut stream = SslStream::new(&SslContext::new(Dtlsv1).unwrap(), stream).unwrap(); + stream.write_all("hello".as_bytes()).unwrap(); + stream.flush().unwrap(); + stream.write_all(" there".as_bytes()).unwrap(); + stream.flush().unwrap(); +} #[test] fn test_read() { -- cgit v1.2.3 From efbd4eee05d7f21ce2ffd1b1beaae1cde1de36ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Thu, 12 Mar 2015 19:24:16 +0100 Subject: Fix portability issue and typo --- openssl/src/ssl/tests.rs | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 5a0ff9b5..dcdc3c05 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -31,6 +31,7 @@ use std::net::UdpSocket; const PROTOCOL:SslMethod = Sslv23; +#[cfg(test)] mod udp { static mut udp_port:u16 = 15410; @@ -57,10 +58,8 @@ macro_rules! run_test( use std::path::Path; use std::net::UdpSocket; use std::net::TcpStream; - use ssl::SslMethod::Sslv23; use ssl; - #[cfg(feature="dtlsv1")] - use ssl::SslMethod::Dtlsv1; + use ssl::SslMethod; use ssl::{SslContext, SslStream, VerifyCallback}; use ssl::connected_socket::Connect; use ssl::SslVerifyMode::SSL_VERIFY_PEER; @@ -72,7 +71,7 @@ macro_rules! run_test( #[test] fn sslv23() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); - $blk(Sslv23, stream); + $blk(SslMethod::Sslv23, stream); } #[test] @@ -81,7 +80,7 @@ macro_rules! run_test( let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); let stream = sock.connect(udp::next_server().as_slice()).unwrap(); - $blk(Dtlsv1, stream); + $blk(SslMethod::Dtlsv1, stream); } } ); -- cgit v1.2.3 From 4f2978bbd312985bee7220ba26e2b6280734c5c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Thu, 12 Mar 2015 19:38:45 +0100 Subject: Adjust sin_len/sin6_len for non-linux platforms Fixing errors for platforms you don't own is really annoying ;) Fixing errors --- openssl/src/ssl/tests.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index dcdc3c05..fd587e30 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -52,7 +52,7 @@ macro_rules! run_test( ($module:ident, $blk:expr) => ( #[cfg(test)] mod $module { - use ssl::tests::udp; + use super::udp; use std::io; use std::io::prelude::*; use std::path::Path; -- cgit v1.2.3 From dbef985e328f97905ce58ef14914100bd7e55e62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Sun, 15 Mar 2015 15:52:09 +0100 Subject: Move connected_socket to its own crate and fix SSL_CTX_set_read_ahead() --- openssl/src/ssl/tests.rs | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index fd587e30..d1a91500 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -14,8 +14,6 @@ use crypto::hash::Type::{SHA256}; use ssl; use ssl::SslMethod; use ssl::SslMethod::Sslv23; -#[cfg(feature="dtlsv1")] -use ssl::SslMethod::Dtlsv1; use ssl::{SslContext, SslStream, VerifyCallback}; use ssl::SSL_VERIFY_PEER; use x509::X509StoreContext; @@ -29,7 +27,10 @@ use ssl::connected_socket::Connect; #[cfg(feature="dtlsv1")] use std::net::UdpSocket; -const PROTOCOL:SslMethod = Sslv23; +#[cfg(feature="dtlsv1")] +use ssl::SslMethod::Dtlsv1; +#[cfg(feature="dtlsv1")] +use connected_socket::Connect; #[cfg(test)] mod udp { @@ -61,7 +62,8 @@ macro_rules! run_test( use ssl; use ssl::SslMethod; use ssl::{SslContext, SslStream, VerifyCallback}; - use ssl::connected_socket::Connect; + #[cfg(feature="dtlsv1")] + use connected_socket::Connect; use ssl::SslVerifyMode::SSL_VERIFY_PEER; use crypto::hash::Type::SHA256; use x509::X509StoreContext; @@ -319,7 +321,6 @@ fn test_read() { io::copy(&mut stream, &mut io::sink()).ok().expect("read error"); } - /// Tests that connecting with the client using NPN, but the server not does not /// break the existing connection behavior. #[test] -- cgit v1.2.3 From 362a7dfc935bcace9d4d249e2bed853c315e256d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Sun, 15 Mar 2015 16:09:33 +0100 Subject: Debug halteproblem with tests --- openssl/src/ssl/tests.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index d1a91500..b9442010 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -119,7 +119,7 @@ run_test!(verify_trusted, |method, stream| { Err(err) => panic!("Expected success, got {:?}", err) } }); - +/* run_test!(verify_untrusted_callback_override_ok, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { true @@ -288,7 +288,7 @@ run_test!(clear_ctx_options, |method, _| { let opts = ctx.clear_options(ssl::SSL_OP_ALL); assert!(!opts.contains(ssl::SSL_OP_ALL)); }); - +*/ #[test] fn test_write() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); -- cgit v1.2.3 From 3c03dd9535f473c1553e6774e2f9a30516d066a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Thu, 19 Mar 2015 10:15:02 +0100 Subject: Add ability to load private keys from files and use raw keys and certificates for SslContext Conflicts: openssl/src/ssl/tests.rs --- openssl/src/ssl/tests.rs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index b9442010..8de0d448 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -26,6 +26,9 @@ use crypto::pkey::PKey; use ssl::connected_socket::Connect; #[cfg(feature="dtlsv1")] use std::net::UdpSocket; +use ssl::SslVerifyMode::SslVerifyPeer; +use x509::{X509StoreContext,X509}; +use crypto::pkey::PKey; #[cfg(feature="dtlsv1")] use ssl::SslMethod::Dtlsv1; @@ -119,7 +122,7 @@ run_test!(verify_trusted, |method, stream| { Err(err) => panic!("Expected success, got {:?}", err) } }); -/* + run_test!(verify_untrusted_callback_override_ok, |method, stream| { fn callback(_preverify_ok: bool, _x509_ctx: &X509StoreContext) -> bool { true @@ -288,7 +291,7 @@ run_test!(clear_ctx_options, |method, _| { let opts = ctx.clear_options(ssl::SSL_OP_ALL); assert!(!opts.contains(ssl::SSL_OP_ALL)); }); -*/ + #[test] fn test_write() { let stream = TcpStream::connect("127.0.0.1:15418").unwrap(); -- cgit v1.2.3 From fb98f482e23a7283458d44289db51c99fa74e480 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Thu, 19 Mar 2015 10:15:02 +0100 Subject: Add ability to load private keys from files and use raw keys and certificates for SslContext Conflicts: openssl/src/crypto/pkey.rs openssl/src/ssl/tests.rs --- openssl/src/ssl/tests.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 8de0d448..609bb3ce 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -26,7 +26,7 @@ use crypto::pkey::PKey; use ssl::connected_socket::Connect; #[cfg(feature="dtlsv1")] use std::net::UdpSocket; -use ssl::SslVerifyMode::SslVerifyPeer; +use ssl::SSL_VERIFY_PEER; use x509::{X509StoreContext,X509}; use crypto::pkey::PKey; -- cgit v1.2.3 From 912cacf4bc3ea28003c5aa41f6cfd7a5989ba7d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Fri, 3 Apr 2015 16:58:05 +0200 Subject: Fix rebase errors --- openssl/src/ssl/tests.rs | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 609bb3ce..2b3a007c 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -26,8 +26,6 @@ use crypto::pkey::PKey; use ssl::connected_socket::Connect; #[cfg(feature="dtlsv1")] use std::net::UdpSocket; -use ssl::SSL_VERIFY_PEER; -use x509::{X509StoreContext,X509}; use crypto::pkey::PKey; #[cfg(feature="dtlsv1")] @@ -47,11 +45,6 @@ mod udp { } } -#[test] -fn test_new_ctx() { - SslContext::new(PROTOCOL).unwrap(); -} - macro_rules! run_test( ($module:ident, $blk:expr) => ( #[cfg(test)] @@ -67,7 +60,7 @@ macro_rules! run_test( use ssl::{SslContext, SslStream, VerifyCallback}; #[cfg(feature="dtlsv1")] use connected_socket::Connect; - use ssl::SslVerifyMode::SSL_VERIFY_PEER; + use ssl::SSL_VERIFY_PEER; use crypto::hash::Type::SHA256; use x509::X509StoreContext; use serialize::hex::FromHex; -- cgit v1.2.3 From b3eae0e3f64a636eb7e4d121f8ef4d3de111956d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Manuel=20Sch=C3=B6lling?= Date: Mon, 6 Apr 2015 12:56:38 +0200 Subject: Adapt code for rust-1.0.0-beta --- openssl/src/ssl/tests.rs | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) (limited to 'openssl/src/ssl/tests.rs') diff --git a/openssl/src/ssl/tests.rs b/openssl/src/ssl/tests.rs index 2b3a007c..334482df 100644 --- a/openssl/src/ssl/tests.rs +++ b/openssl/src/ssl/tests.rs @@ -22,12 +22,8 @@ use x509::X509FileType; use x509::X509; use crypto::pkey::PKey; -#[cfg(feature="dtlsv1")] -use ssl::connected_socket::Connect; #[cfg(feature="dtlsv1")] use std::net::UdpSocket; -use crypto::pkey::PKey; - #[cfg(feature="dtlsv1")] use ssl::SslMethod::Dtlsv1; #[cfg(feature="dtlsv1")] @@ -64,7 +60,6 @@ macro_rules! run_test( use crypto::hash::Type::SHA256; use x509::X509StoreContext; use serialize::hex::FromHex; - use std::time::duration::Duration; #[test] fn sslv23() { @@ -76,7 +71,8 @@ macro_rules! run_test( #[cfg(feature="dtlsv1")] fn dtlsv1() { let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); - let stream = sock.connect(udp::next_server().as_slice()).unwrap(); + let server = udp::next_server(); + let stream = sock.connect(&server[..]).unwrap(); $blk(SslMethod::Dtlsv1, stream); } @@ -433,7 +429,7 @@ fn test_npn_server_advertise_multiple() { #[cfg(test)] mod dtlsv1 { use serialize::hex::FromHex; - use std::old_io::net::tcp::TcpStream; + use std::net::TcpStream; use std::old_io::{Writer}; use std::thread; @@ -441,7 +437,7 @@ mod dtlsv1 { use ssl::SslMethod; use ssl::SslMethod::Dtlsv1; use ssl::{SslContext, SslStream, VerifyCallback}; - use ssl::SslVerifyMode::SSL_VERIFY_PEER; + use ssl::SSL_VERIFY_PEER; use x509::{X509StoreContext}; const PROTOCOL:SslMethod = Dtlsv1; @@ -456,7 +452,8 @@ mod dtlsv1 { #[cfg(feature = "dtlsv1")] fn test_read_dtlsv1() { let sock = UdpSocket::bind("127.0.0.1:0").unwrap(); - let stream = sock.connect(udp::next_server().as_slice()).unwrap(); + let server = udp::next_server(); + let stream = sock.connect(&server[..]).unwrap(); let mut stream = SslStream::new(&SslContext::new(Dtlsv1).unwrap(), stream).unwrap(); let mut buf = [0u8;100]; -- cgit v1.2.3