search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dates element are mandatory at DataBoxCreditInfo
[libisds.git] / test / simline / certificate_user_password_authentication.c
blobf328509cef9798fafe8a8c71445e781cb735bc49
1 #ifndef _POSIX_SOURCE
2 #define _POSIX_SOURCE /* For getaddrinfo(3) */
3 #endif
4
5 #ifndef _BSD_SOURCE
6 #define _BSD_SOURCE /* For NI_MAXHOST */
7 #endif
8
9 #ifndef _XOPEN_SOURCE
10 #define _XOPEN_SOURCE 600 /* For unsetenv(3) */
11 #endif
12
13 #include "../test.h"
14 #include "server.h"
15 #include "isds.h"
16
17 #define TLSDIR SRCDIR "/server/tls"
18 static const char *ca_certificate = TLSDIR "/ca.cert";
19 static char *server_certificate = TLSDIR "/server.cert";
20 static char *server_key = TLSDIR "/server.key";
21 static char *client_certificate = TLSDIR "/client.cert";
22 static char *client_key = TLSDIR "/client.key";
23 static const char *client_dn = "C=CZ,CN=The Client";
24 static const char *username = "douglas";
25 static const char *password = "42";
26
27
28 static int test_login(const isds_error error, struct isds_ctx *context,
29 const char *url, const char *username, const char *password,
30 const struct isds_pki_credentials *pki_credentials,
31 struct isds_otp *otp) {
32 isds_error err;
33
34 err = isds_login(context, url, username, password, pki_credentials, otp);
35 if (error != err)
36 FAIL_TEST("Wrong return code: expected=%s, returned=%s (%s)",
37 isds_strerror(error), isds_strerror(err),
38 isds_long_message(context));
39
40 isds_logout(context);
41 PASS_TEST;
42 }
43
44 int main(int argc, char **argv) {
45 int error;
46 pid_t server_process;
47 struct isds_ctx *context = NULL;
48 char *url = NULL;
49
50 INIT_TEST("authentication with client certificate and username and "
51 "password");
52
53 if (unsetenv("http_proxy")) {
54 ABORT_UNIT("Could not remove http_proxy variable from environment\n");
55 }
56 if (isds_init()) {
57 isds_cleanup();
58 ABORT_UNIT("isds_init() failed\n");
59 }
60 context = isds_ctx_create();
61 if (!context) {
62 isds_cleanup();
63 ABORT_UNIT("isds_ctx_create() failed\n");
64 }
65 if (isds_set_opt(context, IOPT_TLS_CA_FILE, ca_certificate)) {
66 isds_ctx_free(&context);
67 isds_cleanup();
68 ABORT_UNIT("Setting CA failed\n");
69 }
70 if (isds_set_opt(context, IOPT_TLS_VERIFY_SERVER, 0)) {
71 isds_ctx_free(&context);
72 isds_cleanup();
73 ABORT_UNIT("Disabling server hostname verification failed\n");
74 }
75
76 {
77 const struct service_configuration services[] = {
78 { SERVICE_DS_Dz_DummyOperation, NULL },
79 { SERVICE_END, NULL }
80 };
81 const struct arguments_basic_authentication server_arguments = {
82 .username = username,
83 .password = password,
84 .isds_deviations = 1,
85 .services = services
86 };
87 struct tls_authentication tls_arguments = {
88 .authority_certificate = ca_certificate,
89 .server_certificate = server_certificate,
90 .server_key = server_key,
91 .client_name = client_dn
92 };
93 struct isds_pki_credentials pki_credentials = {
94 .engine = NULL,
95 .certificate_format = PKI_FORMAT_PEM,
96 .certificate = server_certificate,
97 .key_format = PKI_FORMAT_PEM,
98 .key = server_key,
99 .passphrase = NULL
100 };
101 error = start_server(&server_process, &url,
102 server_certificate_with_password_authentication,
103 &server_arguments, &tls_arguments);
104 if (error == -1) {
105 isds_ctx_free(&context);
106 isds_cleanup();
107 ABORT_UNIT(server_error);
108 }
109
110 TEST("no client certificate", test_login, IE_SECURITY, context,
111 url, username, password, NULL, NULL);
112
113 TEST("wrong client certificate", test_login, IE_SECURITY, context,
114 url, username, password, &pki_credentials, NULL);
115
116 pki_credentials.certificate = client_certificate;
117 pki_credentials.key = client_key;
118
119 TEST("invalid username", test_login, IE_NOT_LOGGED_IN, context,
120 url, "7777777", "nbuusr1", &pki_credentials, NULL);
121
122 TEST("valid login", test_login, IE_SUCCESS, context,
123 url, username, password, &pki_credentials, NULL);
124
125 if (stop_server(server_process)) {
126 ABORT_UNIT(server_error);
127 }
128
129 free(url);
130 url = NULL;
131 }
132
133 {
134 struct tls_authentication tls_arguments = {
135 .authority_certificate = ca_certificate,
136 .server_certificate = server_certificate,
137 .server_key = server_key,
138 .client_name = client_dn
139 };
140 struct isds_pki_credentials pki_credentials = {
141 .engine = NULL,
142 .certificate_format = PKI_FORMAT_PEM,
143 .certificate = client_certificate,
144 .key_format = PKI_FORMAT_PEM,
145 .key = client_key,
146 .passphrase = NULL
147 };
148 error = start_server(&server_process, &url,
149 server_out_of_order, NULL, &tls_arguments);
150 if (error == -1) {
151 isds_ctx_free(&context);
152 isds_cleanup();
153 ABORT_UNIT(server_error);
154 }
155
156 TEST("log into out-of-order server", test_login, IE_SOAP, context,
157 url, username, password, &pki_credentials, NULL);
158
159 if (stop_server(server_process)) {
160 ABORT_UNIT(server_error);
161 }
162
163 free(url);
164 url = NULL;
165 }
166
167 isds_ctx_free(&context);
168 isds_cleanup();
169 SUM_TEST();
170 }
Client library for ISDS