security/manager/ssl/tests/unit/tlsserver/lib/TLSServer.h

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #ifndef TLSServer_h
   6 #define TLSServer_h
   7
   8 // This is a standalone server for testing SSL features of Gecko.
   9 // The client is expected to connect and initiate an SSL handshake (with SNI
  10 // to indicate which "server" to connect to). If all is good, the client then
  11 // sends one encrypted byte and receives that same byte back.
  12 // This server also has the ability to "call back" another process waiting on
  13 // it. That is, when the server is all set up and ready to receive connections,
  14 // it will connect to a specified port and issue a simple HTTP request.
  15
  16 #include <stdint.h>
  17
  18 #include "ScopedNSSTypes.h"
  19 #include "mozilla/Casting.h"
  20 #include "prio.h"
  21 #include "secerr.h"
  22 #include "ssl.h"
  23
  24 namespace mozilla {
  25
  26 MOZ_TYPE_SPECIFIC_UNIQUE_PTR_TEMPLATE(UniquePRDir, PRDir, PR_CloseDir);
  27
  28 }  // namespace mozilla
  29
  30 namespace mozilla {
  31 namespace test {
  32
  33 typedef SECStatus (*ServerConfigFunc)(PRFileDesc* fd);
  34
  35 enum DebugLevel { DEBUG_ERRORS = 1, DEBUG_WARNINGS = 2, DEBUG_VERBOSE = 3 };
  36
  37 extern DebugLevel gDebugLevel;
  38
  39 void PrintPRError(const char* aPrefix);
  40
  41 // The default certificate is trusted for localhost and *.example.com
  42 extern const char DEFAULT_CERT_NICKNAME[];
  43
  44 // ConfigSecureServerWithNamedCert sets up the hostname name provided. If the
  45 // extraData parameter is presented, extraData->certChain will be automatically
  46 // filled in using database information.
  47 // Pass DEFAULT_CERT_NICKNAME as certName unless you need a specific
  48 // certificate.
  49 SECStatus ConfigSecureServerWithNamedCert(
  50     PRFileDesc* fd, const char* certName,
  51     /*optional*/ UniqueCERTCertificate* cert,
  52     /*optional*/ SSLKEAType* kea,
  53     /*optional*/ SSLExtraServerCertData* extraData);
  54
  55 SECStatus InitializeNSS(const char* nssCertDBDir);
  56
  57 // StartServer initializes NSS, sockets, the SNI callback, and a default
  58 // certificate. configFunc (optional) is a pointer to an implementation-
  59 // defined configuration function, which is called on the model socket
  60 // prior to handling any connections.
  61 int StartServer(int argc, char* argv[], SSLSNISocketConfig sniSocketConfig,
  62                 void* sniSocketConfigArg,
  63                 ServerConfigFunc configFunc = nullptr);
  64
  65 template <typename Host>
  66 inline const Host* GetHostForSNI(const SECItem* aSrvNameArr,
  67                                  uint32_t aSrvNameArrSize, const Host* hosts) {
  68   for (uint32_t i = 0; i < aSrvNameArrSize; i++) {
  69     for (const Host* host = hosts; host->mHostName; ++host) {
  70       SECItem hostName;
  71       hostName.data = BitwiseCast<unsigned char*, const char*>(host->mHostName);
  72       hostName.len = strlen(host->mHostName);
  73       if (SECITEM_ItemsAreEqual(&hostName, &aSrvNameArr[i])) {
  74         if (gDebugLevel >= DEBUG_VERBOSE) {
  75           fprintf(stderr, "found pre-defined host '%s'\n", host->mHostName);
  76         }
  77         return host;
  78       }
  79     }
  80   }
  81
  82   if (gDebugLevel >= DEBUG_VERBOSE) {
  83     fprintf(stderr, "could not find host info from SNI\n");
  84   }
  85
  86   PR_SetError(SEC_ERROR_INVALID_ARGS, 0);
  87   return nullptr;
  88 }
  89
  90 }  // namespace test
  91 }  // namespace mozilla
  92
  93 #endif  // TLSServer_h