search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Use _DEFAULT_SOURCE where _BSD_SOURCE macro presents
[libisds.git] / test / simline / certificate_user_password_authentication.c
blob8c453d895a49a30356516df38b1db9ae2e00b79c
1 #ifndef _POSIX_SOURCE
2 #define _POSIX_SOURCE /* For getaddrinfo(3) */
3 #endif
4
5 #ifndef _BSD_SOURCE
6 #define _BSD_SOURCE /* For NI_MAXHOST up to glibc-2.19 */
7 #endif
8 #ifndef _DEFAULT_SOURCE
9 #define _DEFAULT_SOURCE /* For NI_MAXHOST since glibc-2.20 */
10 #endif
11
12 #ifndef _XOPEN_SOURCE
13 #define _XOPEN_SOURCE 600 /* For unsetenv(3) */
14 #endif
15
16 #include "../test.h"
17 #include "server.h"
18 #include "isds.h"
19
20 #define TLSDIR SRCDIR "/server/tls"
21 static const char *ca_certificate = TLSDIR "/ca.cert";
22 static char *server_certificate = TLSDIR "/server.cert";
23 static char *server_key = TLSDIR "/server.key";
24 static char *client_certificate = TLSDIR "/client.cert";
25 static char *client_key = TLSDIR "/client.key";
26 static const char *client_dn = "C=CZ,CN=The Client";
27 static const char *username = "douglas";
28 static const char *password = "42";
29
30
31 static int test_login(const isds_error error, struct isds_ctx *context,
32 const char *url, const char *username, const char *password,
33 const struct isds_pki_credentials *pki_credentials,
34 struct isds_otp *otp) {
35 isds_error err;
36
37 err = isds_login(context, url, username, password, pki_credentials, otp);
38 if (error != err)
39 FAIL_TEST("Wrong return code: expected=%s, returned=%s (%s)",
40 isds_strerror(error), isds_strerror(err),
41 isds_long_message(context));
42
43 isds_logout(context);
44 PASS_TEST;
45 }
46
47 int main(int argc, char **argv) {
48 int error;
49 pid_t server_process;
50 struct isds_ctx *context = NULL;
51 char *url = NULL;
52
53 INIT_TEST("authentication with client certificate and username and "
54 "password");
55
56 if (unsetenv("http_proxy")) {
57 ABORT_UNIT("Could not remove http_proxy variable from environment\n");
58 }
59 if (isds_init()) {
60 isds_cleanup();
61 ABORT_UNIT("isds_init() failed\n");
62 }
63 context = isds_ctx_create();
64 if (!context) {
65 isds_cleanup();
66 ABORT_UNIT("isds_ctx_create() failed\n");
67 }
68 if (isds_set_opt(context, IOPT_TLS_CA_FILE, ca_certificate)) {
69 isds_ctx_free(&context);
70 isds_cleanup();
71 ABORT_UNIT("Setting CA failed\n");
72 }
73 if (isds_set_opt(context, IOPT_TLS_VERIFY_SERVER, 0)) {
74 isds_ctx_free(&context);
75 isds_cleanup();
76 ABORT_UNIT("Disabling server hostname verification failed\n");
77 }
78
79 {
80 const struct service_configuration services[] = {
81 { SERVICE_DS_Dz_DummyOperation, NULL },
82 { SERVICE_END, NULL }
83 };
84 const struct arguments_basic_authentication server_arguments = {
85 .username = username,
86 .password = password,
87 .isds_deviations = 1,
88 .services = services
89 };
90 struct tls_authentication tls_arguments = {
91 .authority_certificate = ca_certificate,
92 .server_certificate = server_certificate,
93 .server_key = server_key,
94 .client_name = client_dn
95 };
96 struct isds_pki_credentials pki_credentials = {
97 .engine = NULL,
98 .certificate_format = PKI_FORMAT_PEM,
99 .certificate = server_certificate,
100 .key_format = PKI_FORMAT_PEM,
101 .key = server_key,
102 .passphrase = NULL
103 };
104 error = start_server(&server_process, &url,
105 server_certificate_with_password_authentication,
106 &server_arguments, &tls_arguments);
107 if (error == -1) {
108 isds_ctx_free(&context);
109 isds_cleanup();
110 ABORT_UNIT(server_error);
111 }
112
113 TEST("no client certificate", test_login, IE_SECURITY, context,
114 url, username, password, NULL, NULL);
115
116 TEST("wrong client certificate", test_login, IE_SECURITY, context,
117 url, username, password, &pki_credentials, NULL);
118
119 pki_credentials.certificate = client_certificate;
120 pki_credentials.key = client_key;
121
122 TEST("invalid username", test_login, IE_NOT_LOGGED_IN, context,
123 url, "7777777", "nbuusr1", &pki_credentials, NULL);
124
125 TEST("valid login", test_login, IE_SUCCESS, context,
126 url, username, password, &pki_credentials, NULL);
127
128 if (stop_server(server_process)) {
129 ABORT_UNIT(server_error);
130 }
131
132 free(url);
133 url = NULL;
134 }
135
136 {
137 struct tls_authentication tls_arguments = {
138 .authority_certificate = ca_certificate,
139 .server_certificate = server_certificate,
140 .server_key = server_key,
141 .client_name = client_dn
142 };
143 struct isds_pki_credentials pki_credentials = {
144 .engine = NULL,
145 .certificate_format = PKI_FORMAT_PEM,
146 .certificate = client_certificate,
147 .key_format = PKI_FORMAT_PEM,
148 .key = client_key,
149 .passphrase = NULL
150 };
151 error = start_server(&server_process, &url,
152 server_out_of_order, NULL, &tls_arguments);
153 if (error == -1) {
154 isds_ctx_free(&context);
155 isds_cleanup();
156 ABORT_UNIT(server_error);
157 }
158
159 TEST("log into out-of-order server", test_login, IE_SOAP, context,
160 url, username, password, &pki_credentials, NULL);
161
162 if (stop_server(server_process)) {
163 ABORT_UNIT(server_error);
164 }
165
166 free(url);
167 url = NULL;
168 }
169
170 isds_ctx_free(&context);
171 isds_cleanup();
172 SUM_TEST();
173 }
Client library for ISDS