http_test.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455
  1. /*
  2. * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
  3. * Copyright Siemens AG 2020
  4. *
  5. * Licensed under the Apache License 2.0 (the "License"). You may not use
  6. * this file except in compliance with the License. You can obtain a copy
  7. * in the file LICENSE in the source distribution or at
  8. * https://www.openssl.org/source/license.html
  9. */
  10. #include <openssl/http.h>
  11. #include <openssl/pem.h>
  12. #include <openssl/x509v3.h>
  13. #include <string.h>
  14. #include "testutil.h"
  15. static const ASN1_ITEM *x509_it = NULL;
  16. static X509 *x509 = NULL;
  17. #define RPATH "/path/result.crt"
  18. typedef struct {
  19. BIO *out;
  20. const char *content_type;
  21. const char *txt;
  22. char version;
  23. int keep_alive;
  24. } server_args;
  25. /*-
  26. * Pretty trivial HTTP mock server:
  27. * For POST, copy request headers+body from mem BIO |in| as response to |out|.
  28. * For GET, redirect to RPATH unless already there, else use |content_type| and
  29. * respond with |txt| if not NULL, else with |rsp| of ASN1 type |it|.
  30. * Response hdr has HTTP version 1.|version| and |keep_alive| (unless implicit).
  31. */
  32. static int mock_http_server(BIO *in, BIO *out, char version, int keep_alive,
  33. const char *content_type, const char *txt,
  34. ASN1_VALUE *rsp, const ASN1_ITEM *it)
  35. {
  36. const char *req, *path;
  37. long count = BIO_get_mem_data(in, (unsigned char **)&req);
  38. const char *hdr = (char *)req;
  39. int len;
  40. int is_get = count >= 4 && CHECK_AND_SKIP_PREFIX(hdr, "GET ");
  41. /* first line should contain "(GET|POST) <path> HTTP/1.x" */
  42. if (!is_get
  43. && !(TEST_true(count >= 5 && CHECK_AND_SKIP_PREFIX(hdr, "POST "))))
  44. return 0;
  45. path = hdr;
  46. hdr = strchr(hdr, ' ');
  47. if (hdr == NULL)
  48. return 0;
  49. len = strlen("HTTP/1.");
  50. if (!TEST_strn_eq(++hdr, "HTTP/1.", len))
  51. return 0;
  52. hdr += len;
  53. /* check for HTTP version 1.0 .. 1.1 */
  54. if (!TEST_char_le('0', *hdr) || !TEST_char_le(*hdr++, '1'))
  55. return 0;
  56. if (!TEST_char_eq(*hdr++, '\r') || !TEST_char_eq(*hdr++, '\n'))
  57. return 0;
  58. count -= (hdr - req);
  59. if (count < 0 || out == NULL)
  60. return 0;
  61. if (!HAS_PREFIX(path, RPATH)) {
  62. if (!is_get)
  63. return 0;
  64. return BIO_printf(out, "HTTP/1.%c 301 Moved Permanently\r\n"
  65. "Location: %s\r\n\r\n",
  66. version, RPATH) > 0; /* same server */
  67. }
  68. if (BIO_printf(out, "HTTP/1.%c 200 OK\r\n", version) <= 0)
  69. return 0;
  70. if ((version == '0') == keep_alive) /* otherwise, default */
  71. if (BIO_printf(out, "Connection: %s\r\n",
  72. version == '0' ? "keep-alive" : "close") <= 0)
  73. return 0;
  74. if (is_get) { /* construct new header and body */
  75. if (txt != NULL)
  76. len = strlen(txt);
  77. else if ((len = ASN1_item_i2d(rsp, NULL, it)) <= 0)
  78. return 0;
  79. if (BIO_printf(out, "Content-Type: %s\r\n"
  80. "Content-Length: %d\r\n\r\n", content_type, len) <= 0)
  81. return 0;
  82. if (txt != NULL)
  83. return BIO_puts(out, txt);
  84. return ASN1_item_i2d_bio(it, out, rsp);
  85. } else {
  86. if (CHECK_AND_SKIP_PREFIX(hdr, "Connection: ")) {
  87. /* skip req Connection header */
  88. hdr = strstr(hdr, "\r\n");
  89. if (hdr == NULL)
  90. return 0;
  91. hdr += 2;
  92. }
  93. /* echo remaining request header and body */
  94. return BIO_write(out, hdr, count) == count;
  95. }
  96. }
  97. static long http_bio_cb_ex(BIO *bio, int oper, const char *argp, size_t len,
  98. int cmd, long argl, int ret, size_t *processed)
  99. {
  100. server_args *args = (server_args *)BIO_get_callback_arg(bio);
  101. if (oper == (BIO_CB_CTRL | BIO_CB_RETURN) && cmd == BIO_CTRL_FLUSH)
  102. ret = mock_http_server(bio, args->out, args->version, args->keep_alive,
  103. args->content_type, args->txt,
  104. (ASN1_VALUE *)x509, x509_it);
  105. return ret;
  106. }
  107. #define text1 "test\n"
  108. #define text2 "more\n"
  109. #define REAL_SERVER_URL "http://httpbin.org/"
  110. #define DOCTYPE_HTML "<!DOCTYPE html>\n"
  111. static int test_http_method(int do_get, int do_txt)
  112. {
  113. BIO *wbio = BIO_new(BIO_s_mem());
  114. BIO *rbio = BIO_new(BIO_s_mem());
  115. server_args mock_args = { NULL, NULL, NULL, '0', 0 };
  116. BIO *req, *rsp;
  117. STACK_OF(CONF_VALUE) *headers = NULL;
  118. const char *content_type;
  119. int res = 0;
  120. int real_server = do_txt && 0; /* remove "&& 0" for using real server */
  121. if (do_txt) {
  122. content_type = "text/plain";
  123. req = BIO_new(BIO_s_mem());
  124. if (req == NULL
  125. || BIO_puts(req, text1) != sizeof(text1) - 1
  126. || BIO_puts(req, text2) != sizeof(text2) - 1) {
  127. BIO_free(req);
  128. req = NULL;
  129. }
  130. mock_args.txt = text1;
  131. } else {
  132. content_type = "application/x-x509-ca-cert";
  133. req = ASN1_item_i2d_mem_bio(x509_it, (ASN1_VALUE *)x509);
  134. mock_args.txt = NULL;
  135. }
  136. if (wbio == NULL || rbio == NULL || req == NULL)
  137. goto err;
  138. mock_args.out = rbio;
  139. mock_args.content_type = content_type;
  140. BIO_set_callback_ex(wbio, http_bio_cb_ex);
  141. BIO_set_callback_arg(wbio, (char *)&mock_args);
  142. rsp = do_get ?
  143. OSSL_HTTP_get(real_server ? REAL_SERVER_URL :
  144. do_txt ? RPATH : "/will-be-redirected",
  145. NULL /* proxy */, NULL /* no_proxy */,
  146. real_server ? NULL : wbio,
  147. real_server ? NULL : rbio,
  148. NULL /* bio_update_fn */, NULL /* arg */,
  149. 0 /* buf_size */, headers,
  150. real_server ? "text/html; charset=utf-8": content_type,
  151. !do_txt /* expect_asn1 */,
  152. OSSL_HTTP_DEFAULT_MAX_RESP_LEN, 0 /* timeout */)
  153. : OSSL_HTTP_transfer(NULL, NULL /* host */, NULL /* port */, RPATH,
  154. 0 /* use_ssl */,NULL /* proxy */, NULL /* no_pr */,
  155. wbio, rbio, NULL /* bio_fn */, NULL /* arg */,
  156. 0 /* buf_size */, headers, content_type,
  157. req, content_type, !do_txt /* expect_asn1 */,
  158. OSSL_HTTP_DEFAULT_MAX_RESP_LEN, 0 /* timeout */,
  159. 0 /* keep_alive */);
  160. if (rsp != NULL) {
  161. if (do_get && real_server) {
  162. char rtext[sizeof(DOCTYPE_HTML)];
  163. res = TEST_int_eq(BIO_gets(rsp, rtext, sizeof(rtext)),
  164. sizeof(DOCTYPE_HTML) - 1)
  165. && TEST_str_eq(rtext, DOCTYPE_HTML);
  166. } else if (do_txt) {
  167. char rtext[sizeof(text1) + 1 /* more space than needed */];
  168. res = TEST_int_eq(BIO_gets(rsp, rtext, sizeof(rtext)),
  169. sizeof(text1) - 1)
  170. && TEST_str_eq(rtext, text1);
  171. } else {
  172. X509 *rcert = d2i_X509_bio(rsp, NULL);
  173. res = TEST_ptr(rcert) && TEST_int_eq(X509_cmp(x509, rcert), 0);
  174. X509_free(rcert);
  175. }
  176. BIO_free(rsp);
  177. }
  178. err:
  179. BIO_free(req);
  180. BIO_free(wbio);
  181. BIO_free(rbio);
  182. sk_CONF_VALUE_pop_free(headers, X509V3_conf_free);
  183. return res;
  184. }
  185. static int test_http_keep_alive(char version, int keep_alive, int kept_alive)
  186. {
  187. BIO *wbio = BIO_new(BIO_s_mem());
  188. BIO *rbio = BIO_new(BIO_s_mem());
  189. BIO *rsp;
  190. const char *const content_type = "application/x-x509-ca-cert";
  191. server_args mock_args = { NULL, NULL, NULL, '0', 0 };
  192. OSSL_HTTP_REQ_CTX *rctx = NULL;
  193. int i, res = 0;
  194. if (wbio == NULL || rbio == NULL)
  195. goto err;
  196. mock_args.out = rbio;
  197. mock_args.content_type = content_type;
  198. mock_args.version = version;
  199. mock_args.keep_alive = kept_alive;
  200. BIO_set_callback_ex(wbio, http_bio_cb_ex);
  201. BIO_set_callback_arg(wbio, (char *)&mock_args);
  202. for (res = 1, i = 1; res && i <= 2; i++) {
  203. rsp = OSSL_HTTP_transfer(&rctx, NULL /* server */, NULL /* port */,
  204. RPATH, 0 /* use_ssl */,
  205. NULL /* proxy */, NULL /* no_proxy */,
  206. wbio, rbio, NULL /* bio_update_fn */, NULL,
  207. 0 /* buf_size */, NULL /* headers */,
  208. NULL /* content_type */, NULL /* req => GET */,
  209. content_type, 0 /* ASN.1 not expected */,
  210. 0 /* max_resp_len */, 0 /* timeout */,
  211. keep_alive);
  212. if (keep_alive == 2 && kept_alive == 0)
  213. res = res && TEST_ptr_null(rsp)
  214. && TEST_int_eq(OSSL_HTTP_is_alive(rctx), 0);
  215. else
  216. res = res && TEST_ptr(rsp)
  217. && TEST_int_eq(OSSL_HTTP_is_alive(rctx), keep_alive > 0);
  218. BIO_free(rsp);
  219. (void)BIO_reset(rbio); /* discard response contents */
  220. keep_alive = 0;
  221. }
  222. OSSL_HTTP_close(rctx, res);
  223. err:
  224. BIO_free(wbio);
  225. BIO_free(rbio);
  226. return res;
  227. }
  228. static int test_http_url_ok(const char *url, int exp_ssl, const char *exp_host,
  229. const char *exp_port, const char *exp_path)
  230. {
  231. char *user, *host, *port, *path, *query, *frag;
  232. int exp_num, num, ssl;
  233. int res;
  234. if (!TEST_int_eq(sscanf(exp_port, "%d", &exp_num), 1))
  235. return 0;
  236. res = TEST_true(OSSL_HTTP_parse_url(url, &ssl, &user, &host, &port, &num,
  237. &path, &query, &frag))
  238. && TEST_str_eq(host, exp_host)
  239. && TEST_str_eq(port, exp_port)
  240. && TEST_int_eq(num, exp_num)
  241. && TEST_str_eq(path, exp_path)
  242. && TEST_int_eq(ssl, exp_ssl);
  243. if (res && *user != '\0')
  244. res = TEST_str_eq(user, "user:pass");
  245. if (res && *frag != '\0')
  246. res = TEST_str_eq(frag, "fr");
  247. if (res && *query != '\0')
  248. res = TEST_str_eq(query, "q");
  249. OPENSSL_free(user);
  250. OPENSSL_free(host);
  251. OPENSSL_free(port);
  252. OPENSSL_free(path);
  253. OPENSSL_free(query);
  254. OPENSSL_free(frag);
  255. return res;
  256. }
  257. static int test_http_url_path_query_ok(const char *url, const char *exp_path_qu)
  258. {
  259. char *host, *path;
  260. int res;
  261. res = TEST_true(OSSL_HTTP_parse_url(url, NULL, NULL, &host, NULL, NULL,
  262. &path, NULL, NULL))
  263. && TEST_str_eq(host, "host")
  264. && TEST_str_eq(path, exp_path_qu);
  265. OPENSSL_free(host);
  266. OPENSSL_free(path);
  267. return res;
  268. }
  269. static int test_http_url_dns(void)
  270. {
  271. return test_http_url_ok("host:65535/path", 0, "host", "65535", "/path");
  272. }
  273. static int test_http_url_path_query(void)
  274. {
  275. return test_http_url_path_query_ok("http://usr@host:1/p?q=x#frag", "/p?q=x")
  276. && test_http_url_path_query_ok("http://host?query#frag", "/?query")
  277. && test_http_url_path_query_ok("http://host:9999#frag", "/");
  278. }
  279. static int test_http_url_userinfo_query_fragment(void)
  280. {
  281. return test_http_url_ok("user:pass@host/p?q#fr", 0, "host", "80", "/p");
  282. }
  283. static int test_http_url_ipv4(void)
  284. {
  285. return test_http_url_ok("https://1.2.3.4/p/q", 1, "1.2.3.4", "443", "/p/q");
  286. }
  287. static int test_http_url_ipv6(void)
  288. {
  289. return test_http_url_ok("http://[FF01::101]:6", 0, "[FF01::101]", "6", "/");
  290. }
  291. static int test_http_url_invalid(const char *url)
  292. {
  293. char *host = "1", *port = "1", *path = "1";
  294. int num = 1, ssl = 1;
  295. int res;
  296. res = TEST_false(OSSL_HTTP_parse_url(url, &ssl, NULL, &host, &port, &num,
  297. &path, NULL, NULL))
  298. && TEST_ptr_null(host)
  299. && TEST_ptr_null(port)
  300. && TEST_ptr_null(path);
  301. if (!res) {
  302. OPENSSL_free(host);
  303. OPENSSL_free(port);
  304. OPENSSL_free(path);
  305. }
  306. return res;
  307. }
  308. static int test_http_url_invalid_prefix(void)
  309. {
  310. return test_http_url_invalid("htttps://1.2.3.4:65535/pkix");
  311. }
  312. static int test_http_url_invalid_port(void)
  313. {
  314. return test_http_url_invalid("https://1.2.3.4:65536/pkix");
  315. }
  316. static int test_http_url_invalid_path(void)
  317. {
  318. return test_http_url_invalid("https://[FF01::101]pkix");
  319. }
  320. static int test_http_get_txt(void)
  321. {
  322. return test_http_method(1 /* GET */, 1);
  323. }
  324. static int test_http_post_txt(void)
  325. {
  326. return test_http_method(0 /* POST */, 1);
  327. }
  328. static int test_http_get_x509(void)
  329. {
  330. return test_http_method(1 /* GET */, 0); /* includes redirection */
  331. }
  332. static int test_http_post_x509(void)
  333. {
  334. return test_http_method(0 /* POST */, 0);
  335. }
  336. static int test_http_keep_alive_0_no_no(void)
  337. {
  338. return test_http_keep_alive('0', 0, 0);
  339. }
  340. static int test_http_keep_alive_1_no_no(void)
  341. {
  342. return test_http_keep_alive('1', 0, 0);
  343. }
  344. static int test_http_keep_alive_0_prefer_yes(void)
  345. {
  346. return test_http_keep_alive('0', 1, 1);
  347. }
  348. static int test_http_keep_alive_1_prefer_yes(void)
  349. {
  350. return test_http_keep_alive('1', 1, 1);
  351. }
  352. static int test_http_keep_alive_0_require_yes(void)
  353. {
  354. return test_http_keep_alive('0', 2, 1);
  355. }
  356. static int test_http_keep_alive_1_require_yes(void)
  357. {
  358. return test_http_keep_alive('1', 2, 1);
  359. }
  360. static int test_http_keep_alive_0_require_no(void)
  361. {
  362. return test_http_keep_alive('0', 2, 0);
  363. }
  364. static int test_http_keep_alive_1_require_no(void)
  365. {
  366. return test_http_keep_alive('1', 2, 0);
  367. }
  368. void cleanup_tests(void)
  369. {
  370. X509_free(x509);
  371. }
  372. OPT_TEST_DECLARE_USAGE("cert.pem\n")
  373. int setup_tests(void)
  374. {
  375. if (!test_skip_common_options())
  376. return 0;
  377. x509_it = ASN1_ITEM_rptr(X509);
  378. if (!TEST_ptr((x509 = load_cert_pem(test_get_argument(0), NULL))))
  379. return 0;
  380. ADD_TEST(test_http_url_dns);
  381. ADD_TEST(test_http_url_path_query);
  382. ADD_TEST(test_http_url_userinfo_query_fragment);
  383. ADD_TEST(test_http_url_ipv4);
  384. ADD_TEST(test_http_url_ipv6);
  385. ADD_TEST(test_http_url_invalid_prefix);
  386. ADD_TEST(test_http_url_invalid_port);
  387. ADD_TEST(test_http_url_invalid_path);
  388. ADD_TEST(test_http_get_txt);
  389. ADD_TEST(test_http_post_txt);
  390. ADD_TEST(test_http_get_x509);
  391. ADD_TEST(test_http_post_x509);
  392. ADD_TEST(test_http_keep_alive_0_no_no);
  393. ADD_TEST(test_http_keep_alive_1_no_no);
  394. ADD_TEST(test_http_keep_alive_0_prefer_yes);
  395. ADD_TEST(test_http_keep_alive_1_prefer_yes);
  396. ADD_TEST(test_http_keep_alive_0_require_yes);
  397. ADD_TEST(test_http_keep_alive_1_require_yes);
  398. ADD_TEST(test_http_keep_alive_0_require_no);
  399. ADD_TEST(test_http_keep_alive_1_require_no);
  400. return 1;
  401. }