Add forgotten ltmain.sh from libtool-2.4.6
[libisds.git] / test / simline / certificate_user_password_authentication.c
blobc0192ab6c5071856382be71d3de6061882e61049
1 #ifndef _POSIX_SOURCE
2 #define _POSIX_SOURCE /* For getaddrinfo(3) */
3 #endif
5 #ifndef _BSD_SOURCE
6 #define _BSD_SOURCE /* For NI_MAXHOST up to glibc-2.19 */
7 #endif
8 #ifndef _DEFAULT_SOURCE
9 #define _DEFAULT_SOURCE /* For NI_MAXHOST since glibc-2.20 */
10 #endif
12 #ifndef _XOPEN_SOURCE
13 #define _XOPEN_SOURCE 600 /* For unsetenv(3) */
14 #endif
16 #include "../test.h"
17 #include "server.h"
18 #include "isds.h"
20 #define TLSDIR SRCDIR "/server/tls"
21 static const char *ca_certificate = TLSDIR "/ca.cert";
22 static char *server_certificate = TLSDIR "/server.cert";
23 static char *server_key = TLSDIR "/server.key";
24 static char *client_certificate = TLSDIR "/client.cert";
25 static char *client_key = TLSDIR "/client.key";
26 static const char *client_dn = "CN=The Client,C=CZ";
27 static const char *username = "douglas";
28 static const char *password = "42";
31 static int test_login(const isds_error error, struct isds_ctx *context,
32 const char *url, const char *username, const char *password,
33 const struct isds_pki_credentials *pki_credentials,
34 struct isds_otp *otp) {
35 isds_error err;
37 err = isds_login(context, url, username, password, pki_credentials, otp);
38 if (error != err)
39 FAIL_TEST("Wrong return code: expected=%s, returned=%s (%s)",
40 isds_strerror(error), isds_strerror(err),
41 isds_long_message(context));
43 isds_logout(context);
44 PASS_TEST;
47 int main(void) {
48 int error;
49 pid_t server_process;
50 struct isds_ctx *context = NULL;
51 char *url = NULL;
53 INIT_TEST("authentication with client certificate and username and "
54 "password");
56 if (unsetenv("http_proxy")) {
57 ABORT_UNIT("Could not remove http_proxy variable from environment\n");
59 if (isds_init()) {
60 isds_cleanup();
61 ABORT_UNIT("isds_init() failed\n");
63 context = isds_ctx_create();
64 if (!context) {
65 isds_cleanup();
66 ABORT_UNIT("isds_ctx_create() failed\n");
68 if (isds_set_opt(context, IOPT_TLS_CA_FILE, ca_certificate)) {
69 isds_ctx_free(&context);
70 isds_cleanup();
71 ABORT_UNIT("Setting CA failed\n");
73 if (isds_set_opt(context, IOPT_TLS_VERIFY_SERVER, 0)) {
74 isds_ctx_free(&context);
75 isds_cleanup();
76 ABORT_UNIT("Disabling server hostname verification failed\n");
80 const struct service_configuration services[] = {
81 { SERVICE_DS_Dz_DummyOperation, NULL },
82 { SERVICE_END, NULL }
84 const struct arguments_basic_authentication server_arguments = {
85 .username = username,
86 .password = password,
87 .isds_deviations = 1,
88 .services = services
90 struct tls_authentication tls_arguments = {
91 .authority_certificate = ca_certificate,
92 .server_certificate = server_certificate,
93 .server_key = server_key,
94 .client_name = client_dn
96 struct isds_pki_credentials pki_credentials = {
97 .engine = NULL,
98 .certificate_format = PKI_FORMAT_PEM,
99 .certificate = server_certificate,
100 .key_format = PKI_FORMAT_PEM,
101 .key = server_key,
102 .passphrase = NULL
104 error = start_server(&server_process, &url,
105 server_certificate_with_password_authentication,
106 &server_arguments, &tls_arguments);
107 if (error == -1) {
108 isds_ctx_free(&context);
109 isds_cleanup();
110 ABORT_UNIT(server_error);
113 TEST("no client certificate", test_login, IE_SECURITY, context,
114 url, username, password, NULL, NULL);
116 TEST("wrong client certificate", test_login, IE_SECURITY, context,
117 url, username, password, &pki_credentials, NULL);
119 pki_credentials.certificate = client_certificate;
120 pki_credentials.key = client_key;
122 TEST("invalid username", test_login, IE_NOT_LOGGED_IN, context,
123 url, "7777777", "nbuusr1", &pki_credentials, NULL);
125 TEST("valid login", test_login, IE_SUCCESS, context,
126 url, username, password, &pki_credentials, NULL);
128 if (stop_server(server_process)) {
129 isds_ctx_free(&context);
130 isds_cleanup();
131 ABORT_UNIT(server_error);
134 free(url);
135 url = NULL;
139 struct tls_authentication tls_arguments = {
140 .authority_certificate = ca_certificate,
141 .server_certificate = server_certificate,
142 .server_key = server_key,
143 .client_name = client_dn
145 struct isds_pki_credentials pki_credentials = {
146 .engine = NULL,
147 .certificate_format = PKI_FORMAT_PEM,
148 .certificate = client_certificate,
149 .key_format = PKI_FORMAT_PEM,
150 .key = client_key,
151 .passphrase = NULL
153 error = start_server(&server_process, &url,
154 server_out_of_order, NULL, &tls_arguments);
155 if (error == -1) {
156 isds_ctx_free(&context);
157 isds_cleanup();
158 ABORT_UNIT(server_error);
161 TEST("log into out-of-order server", test_login, IE_SOAP, context,
162 url, username, password, &pki_credentials, NULL);
164 if (stop_server(server_process)) {
165 isds_ctx_free(&context);
166 isds_cleanup();
167 ABORT_UNIT(server_error);
170 free(url);
171 url = NULL;
174 isds_ctx_free(&context);
175 isds_cleanup();
176 SUM_TEST();