Commit 4e8363df authored by Boleslav Brezovsky's avatar Boleslav Brezovsky Committed by Boleslav Březovský

References to api.turris.cz changed to repo.turris.cz or removed

parent ddb144c4
......@@ -114,12 +114,6 @@ test-locks: $(O)/bin/locks
valgrind-locks: $(O)/bin/locks
$(VALGRIND) $(O)/bin/locks
# In uri test we are connecting to api.turris.cz and this downloads us crl
test-lua-uri: $(S)/tests/api.turris.cz.crl.pem
# Always download to ensure that it won't timeout
$(S)/tests/api.turris.cz.crl.pem: FORCE
curl -k https://api.turris.cz/crl -o $@
test: test-locks
valgrind: valgrind-locks
check: test valgrind luac-autoload luacheck cppcheck
......
......@@ -262,53 +262,27 @@ START_TEST(command_stuff) {
}
END_TEST
static void download_done_callback_api(struct wait_id id __attribute__((unused)), void *data __attribute__((unused)), int status, size_t out_size __attribute__((unused)), const char *out) {
ck_assert_uint_eq(200, status);
const char *res = strstr(out, "Not for your eyes");
ck_assert(res);
}
static void download_done_callback_repo(struct wait_id id __attribute__((unused)), void *data __attribute__((unused)), int status, size_t out_size __attribute__((unused)), const char *out) {
ck_assert_uint_eq(200, status);
const char *res = strstr(out, "Index of /");
ck_assert(res);
}
static void download_failed_callback(struct wait_id id __attribute__((unused)), void *data __attribute__((unused)), int status, size_t out_size __attribute__((unused)), const char *out __attribute__((unused))) {
ck_assert_uint_eq(500, status);
}
// Just like the done callback, but download one more thing from within this callback (and wait for it).
static void download_recursive_callback(struct wait_id id, void *data, int status, size_t out_size, const char *out) {
download_done_callback_api(id, data, status, out_size, out);
struct wait_id new_id = download(data, download_done_callback_api, NULL, "https://api.turris.cz/index.html", NULL, NULL, false, false);
events_wait(data, 1, &new_id);
}
START_TEST(command_download) {
const char *s_dir = getenv("S");
if (!s_dir)
s_dir = ".";
const char *cert_file = aprintf("%s/tests/data/updater.pem", s_dir);
const size_t cnt = 2;
struct wait_id ids[cnt * 6];
struct wait_id ids[cnt];
struct events *events = events_new();
download_slot_count_set(events, 2);
for (size_t i = 0; i < cnt; i++) {
ids[i] = download(events, download_done_callback_api, NULL, "https://api.turris.cz/index.html", cert_file, NULL, false, true);
ids[i + cnt] = download(events, download_failed_callback, NULL, "https://api.turris.cz/does_not_exist.dat", cert_file, NULL, false, true);
ids[i + 2 * cnt] = download(events, download_recursive_callback, events, "https://api.turris.cz/index.html", cert_file, NULL, false, true);
// api has special ca so this should fail
ids[i + 3 * cnt] = download(events, download_failed_callback, NULL, "https://api.turris.cz/index.html", NULL, NULL, false, true);
// but with disabled ssl it should work
ids[i + 4 * cnt] = download(events, download_done_callback_api, NULL, "https://api.turris.cz/index.html", NULL, NULL, false, false);
// repo uses public ca so this should work with system one
ids[i + 5 * cnt] = download(events, download_done_callback_repo, NULL, "https://repo.turris.cz", NULL, NULL, false, true);
ids[i] = download(events, download_done_callback_repo, NULL, "https://repo.turris.cz", NULL, NULL, false, true);
}
events_wait(events, cnt * 6, ids);
events_wait(events, cnt, ids);
events_destroy(events);
}
END_TEST
......
......@@ -104,20 +104,3 @@ function test_run_util()
assert_equal(1, called)
end
function test_download()
local cert = (os.getenv("S") or ".") .. "/tests/data/updater.pem"
local called1 = 0
local id1 = download(function (status, answer)
assert_equal(200, status)
assert(answer:match("Not for your eyes"))
called1 = called1 + 1;
end, "https://api.turris.cz", cert);
local called2 = 0
local id2 = download(function (status, answer)
assert_equal(500, status)
called2 = called2 + 1
end, "https://api.turris.cz/does/not/exist", cert);
events_wait(id1, id2);
assert_equal(1, called1);
assert_equal(1, called2);
end
......@@ -44,11 +44,8 @@ function test_methods()
local context = sandbox.new("Local")
-- Check on success
local u1 = uri(context, "https://api.turris.cz/", {verification = 'none'})
-- Missing ca and crl files
local u2 = uri(context, "https://api.turris.cz/", {ca = "file:///tmp/missing.ca", crl = "file:///tmp/missing.pem", pubkey = "file:///tmp/missing.pub"})
local u1 = uri(context, "https://repo.turris.cz/", {verification = 'none'})
method_assert(u1)
method_assert(u2)
end
local function check_sync(level, input, output)
......@@ -145,8 +142,8 @@ end
function test_https()
local context = sandbox.new("Remote")
local u1 = uri(context, "https://api.turris.cz/", {verification = 'none'})
local u2 = uri(context, "https://api.turris.cz/does/not/exist", {verification = 'none'})
local u1 = uri(context, "https://repo.turris.cz/", {verification = 'none'})
local u2 = uri(context, "https://repo.turris.cz/does/not/exist", {verification = 'none'})
assert_false(u1.done)
assert_false(u2.done)
local called1 = false
......@@ -154,7 +151,7 @@ function test_https()
u1:cback(function (ok, content)
called1 = true
assert(ok)
assert(content:match("Not for your eyes"))
assert(content:match("Index of"))
end)
u2:cback(function (ok, err)
called2 = true
......@@ -167,55 +164,16 @@ function test_https()
local ok, content = u1:get()
assert(called1)
assert(ok)
assert(content:match("Not for your eyes"))
assert(content:match("Index of"))
uri.wait(u1, u2)
assert(called2)
local ok = u2:get()
assert_false(ok)
end
function test_https_cert()
local context = sandbox.new("Local")
local ca_file = "file://" .. dir .. "tests/data/updater.pem"
local crl_file = "file://" .. dir .. "tests/api.turris.cz.crl.pem"
-- It should succeed with the correct CA
local u1 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = ca_file, ocsp = false})
-- But should fail with a wrong one
local u2 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = "file:///dev/null", ocsp = false})
-- We may specify the ca as a table of possibilities
local u3 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = {"file:///dev/null", ca_file}, ocsp = false})
-- system_cas should result in failure as api has certificate not added to standard paths
local u4 = uri(context, "https://api.turris.cz/", {verification = "cert", ca = uri.system_cas, ocsp = false})
-- systam_cas should result in success on repo as it's signed by common authority
local u5 = uri(context, "https://repo.turris.cz/", {verification = "cert", ca = uri.system_cas})
local ok1 = u1:get()
assert(ok1)
local ok2 = u2:get()
assert_false(ok2)
local ok3 = u3:get()
assert(ok3)
local ok4 = u4:get()
assert_false(ok4)
local ok5 = u5:get()
assert(ok5)
-- Check we can put the verification stuff into the context
context.ca = ca_file
context.verification = "cert"
context.ocsp = false
u1 = uri(context, "https://api.turris.cz/")
u2 = uri(context, "https://api.turris.cz/", {ca = "file:///dev/null"})
ok1 = u1:get()
ok2 = u2:get()
assert(ok1)
assert_false(ok2)
-- It refuses local URIs inside the ca field if refered from the wrong context
context = sandbox.new("Remote")
assert_exception(function () uri(context, "https://api.turris.cz/", {verification = "cert", ca = ca_file}) end, "access violation")
end
function test_restricted()
local context = sandbox.new("Restricted")
context.restrict = 'https://api%.turris%.cz/.*'
context.restrict = 'https://repo%.turris%.cz/.*'
local function u(location)
local result = uri(context, location, {verification = 'none'})
--[[
......@@ -225,10 +183,8 @@ function test_restricted()
]]
result:get()
end
assert_pass(function () u("https://api.turris.cz/") end)
assert_pass(function () u("https://api.turris.cz/index.html") end)
assert_exception(function () u("https://api.turris.cz") end, "access violation")
assert_exception(function () u("http://api.turris.cz/index.html") end, "access violation")
assert_pass(function () u("https://repo.turris.cz/") end)
assert_exception(function () u("https://repo.turris.cz") end, "access violation")
assert_exception(function () u("https://www.turris.cz/index.html") end, "access violation")
end
......@@ -270,3 +226,4 @@ function test_vermode()
local context = sandbox.new("Restricted")
assert_exception(function () uri(context, "data:,data", {verification = 'typo'}) end, 'bad value')
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment