diff options
| author |  Julien Boeuf <jboeuf@google.com> | 2015-12-18 09:50:34 -0800 |
|---|---|---|
| committer | Julien Boeuf <jboeuf@google.com> | 2015-12-18 09:50:34 -0800 |
| commit | ee9d78b960f5c26181c9499412829a95fc972745 (patch) | |
| tree | 05ae2b53a25606a8f2824e389ec1d2e51f7f3a48 /test | |
| parent | 1d9ac6612d3a64f6598e69a4d41bdba6c01b6b2f (diff) | |
Unit testing the peer from auth context functionality.
Diffstat (limited to 'test')
| -rw-r--r-- | test/core/security/security_connector_test.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/test/core/security/security_connector_test.c b/test/core/security/security_connector_test.c index 2f417f891e..0dcffa40ce 100644 --- a/test/core/security/security_connector_test.c +++ b/test/core/security/security_connector_test.c @@ -60,8 +60,39 @@ static int check_transport_security_type(const grpc_auth_context *ctx) { return 1; } +static int check_peer_property(const tsi_peer *peer, + const tsi_peer_property *expected) { + size_t i; + for (i = 0; i < peer->property_count; i++) { + const tsi_peer_property *prop = &peer->properties[i]; + if ((strcmp(prop->name, expected->name) == 0) && + (prop->value.length == expected->value.length) && + (memcmp(prop->value.data, expected->value.data, + expected->value.length) == 0)) { + return 1; + } + } + return 0; /* Not found... */ +} + +static int check_ssl_peer_equivalence(const tsi_peer *original, + const tsi_peer *reconstructed) { + /* The reconstructed peer only has CN and SAN properties. */ + size_t i; + for (i = 0; i < original->property_count; i++) { + const tsi_peer_property *prop = &original->properties[i]; + if ((strcmp(prop->name, TSI_X509_SUBJECT_COMMON_NAME_PEER_PROPERTY) == 0) || + (strcmp(prop->name, TSI_X509_SUBJECT_ALTERNATIVE_NAME_PEER_PROPERTY) == + 0)) { + if (!check_peer_property(reconstructed, prop)) return 0; + } + } + return 1; +} + static void test_unauthenticated_ssl_peer(void) { tsi_peer peer; + tsi_peer rpeer; grpc_auth_context *ctx; GPR_ASSERT(tsi_construct_peer(1, &peer) == TSI_OK); GPR_ASSERT(tsi_construct_string_peer_property_from_cstring( @@ -72,6 +103,10 @@ static void test_unauthenticated_ssl_peer(void) { GPR_ASSERT(!grpc_auth_context_peer_is_authenticated(ctx)); GPR_ASSERT(check_transport_security_type(ctx)); + rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx); + GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer)); + + tsi_shallow_peer_destruct(&rpeer); tsi_peer_destruct(&peer); GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); } @@ -128,6 +163,7 @@ static int check_x509_cn(const grpc_auth_context *ctx, static void test_cn_only_ssl_peer_to_auth_context(void) { tsi_peer peer; + tsi_peer rpeer; grpc_auth_context *ctx; const char *expected_cn = "cn1"; GPR_ASSERT(tsi_construct_peer(2, &peer) == TSI_OK); @@ -144,12 +180,17 @@ static void test_cn_only_ssl_peer_to_auth_context(void) { GPR_ASSERT(check_transport_security_type(ctx)); GPR_ASSERT(check_x509_cn(ctx, expected_cn)); + rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx); + GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer)); + + tsi_shallow_peer_destruct(&rpeer); tsi_peer_destruct(&peer); GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); } static void test_cn_and_one_san_ssl_peer_to_auth_context(void) { tsi_peer peer; + tsi_peer rpeer; grpc_auth_context *ctx; const char *expected_cn = "cn1"; const char *expected_san = "san1"; @@ -171,12 +212,17 @@ static void test_cn_and_one_san_ssl_peer_to_auth_context(void) { GPR_ASSERT(check_transport_security_type(ctx)); GPR_ASSERT(check_x509_cn(ctx, expected_cn)); + rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx); + GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer)); + + tsi_shallow_peer_destruct(&rpeer); tsi_peer_destruct(&peer); GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); } static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) { tsi_peer peer; + tsi_peer rpeer; grpc_auth_context *ctx; const char *expected_cn = "cn1"; const char *expected_sans[] = {"san1", "san2", "san3"}; @@ -202,6 +248,10 @@ static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) { GPR_ASSERT(check_transport_security_type(ctx)); GPR_ASSERT(check_x509_cn(ctx, expected_cn)); + rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx); + GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer)); + + tsi_shallow_peer_destruct(&rpeer); tsi_peer_destruct(&peer); GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); } @@ -209,6 +259,7 @@ static void test_cn_and_multiple_sans_ssl_peer_to_auth_context(void) { static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context( void) { tsi_peer peer; + tsi_peer rpeer; grpc_auth_context *ctx; const char *expected_cn = "cn1"; const char *expected_sans[] = {"san1", "san2", "san3"}; @@ -238,6 +289,10 @@ static void test_cn_and_multiple_sans_and_others_ssl_peer_to_auth_context( GPR_ASSERT(check_transport_security_type(ctx)); GPR_ASSERT(check_x509_cn(ctx, expected_cn)); + rpeer = tsi_shallow_peer_from_ssl_auth_context(ctx); + GPR_ASSERT(check_ssl_peer_equivalence(&peer, &rpeer)); + + tsi_shallow_peer_destruct(&rpeer); tsi_peer_destruct(&peer); GRPC_AUTH_CONTEXT_UNREF(ctx, "test"); } |