ss: add api test with ctest integration

Tests via httpbin.org

minimal-examples/api-tests/api-test-secure-streams/CMakeLists.txt

@@ -0,0 +1,77 @@
+project(lws-api-test-secure-streams)
+cmake_minimum_required(VERSION 2.8)
+include(CheckCSourceCompiles)
+
+# If we are being built as part of lws, confirm current build config supports
+# reqconfig, else skip building ourselves.
+#
+# If we are being built externally, confirm installed lws was configured to
+# support reqconfig, else error out with a helpful message about the problem.
+#
+MACRO(require_lws_config reqconfig _val result)
+
+	if (DEFINED ${reqconfig})
+	if (${reqconfig})
+		set (rq 1)
+	else()
+		set (rq 0)
+	endif()
+	else()
+		set(rq 0)
+	endif()
+
+	if (${_val} EQUAL ${rq})
+		set(SAME 1)
+	else()
+		set(SAME 0)
+	endif()
+
+	if (LWS_WITH_MINIMAL_EXAMPLES AND NOT ${SAME})
+		if (${_val})
+			message("${SAMP}: skipping as lws being built without ${reqconfig}")
+		else()
+			message("${SAMP}: skipping as lws built with ${reqconfig}")
+		endif()
+		set(${result} 0)
+	else()
+		if (LWS_WITH_MINIMAL_EXAMPLES)
+			set(MET ${SAME})
+		else()
+			CHECK_C_SOURCE_COMPILES("#include <libwebsockets.h>\nint main(void) {\n#if defined(${reqconfig})\n return 0;\n#else\n fail;\n#endif\n return 0;\n}\n" HAS_${reqconfig})
+			if (NOT DEFINED HAS_${reqconfig} OR NOT HAS_${reqconfig})
+				set(HAS_${reqconfig} 0)
+			else()
+				set(HAS_${reqconfig} 1)
+			endif()
+			if ((HAS_${reqconfig} AND ${_val}) OR (NOT HAS_${reqconfig} AND NOT ${_val}))
+				set(MET 1)
+			else()
+				set(MET 0)
+			endif()
+		endif()
+		if (NOT MET)
+			if (${_val})
+				message(FATAL_ERROR "This project requires lws must have been configured with ${reqconfig}")
+			else()
+				message(FATAL_ERROR "Lws configuration of ${reqconfig} is incompatible with this project")
+			endif()
+		endif()
+	endif()
+ENDMACRO()
+
+
+set(requirements 1)
+require_lws_config(LWS_WITH_SECURE_STREAMS 1 requirements)
+
+if (requirements)
+
+	add_executable(${PROJECT_NAME} main.c)
+	
+	if (websockets_shared)
+		target_link_libraries(${PROJECT_NAME} websockets_shared)
+		add_dependencies(${PROJECT_NAME} websockets_shared)
+	else()
+		target_link_libraries(${PROJECT_NAME} websockets)
+	endif()
+
+endif()

minimal-examples/api-tests/api-test-secure-streams/README.md

@@ -0,0 +1,56 @@
+# lws api test lws_struct JSON
+
+Demonstrates how to use and performs selftests for lws_struct
+JSON serialization and deserialization
+
+## build
+
+```
+ $ cmake . && make
+```
+
+## usage
+
+Commandline option|Meaning
+---|---
+-d <loglevel>|Debug verbosity in decimal, eg, -d15
+
+```
+ $ ./lws-api-test-lws_struct-json
+[2019/03/30 22:09:09:2529] USER: LWS API selftest: lws_struct JSON
+[2019/03/30 22:09:09:2625] NOTICE: main: ++++++++++++++++ test 1
+[2019/03/30 22:09:09:2812] NOTICE: builder.hostname = 'learn', timeout = 1800, targets (2)
+[2019/03/30 22:09:09:2822] NOTICE:     target.name 'target1' (target 0x543a830)
+[2019/03/30 22:09:09:2824] NOTICE:     target.name 'target2' (target 0x543a860)
+[2019/03/30 22:09:09:2826] NOTICE: main:    .... strarting serialization of test 1
+[2019/03/30 22:09:09:2899] NOTICE: ser says 1
+{"schema":"com-warmcat-sai-builder","hostname":"learn","nspawn_timeout":1800,"targets":[{"name":"target1"},{"name":"target2"}]}
+[2019/03/30 22:09:09:2929] NOTICE: main: ++++++++++++++++ test 2
+[2019/03/30 22:09:09:2932] NOTICE: builder.hostname = 'learn', timeout = 0, targets (3)
+[2019/03/30 22:09:09:2932] NOTICE:     target.name 'target1' (target 0x543b060)
+[2019/03/30 22:09:09:2933] NOTICE:     target.name 'target2' (target 0x543b090)
+[2019/03/30 22:09:09:2933] NOTICE:     target.name 'target3' (target 0x543b0c0)
+[2019/03/30 22:09:09:2934] NOTICE: main:    .... strarting serialization of test 2
+[2019/03/30 22:09:09:2935] NOTICE: ser says 1
+{"schema":"com-warmcat-sai-builder","hostname":"learn","nspawn_timeout":0,"targets":[{"name":"target1"},{"name":"target2"},{"name":"target3"}]}
+[2019/03/30 22:09:09:2940] NOTICE: main: ++++++++++++++++ test 3
+[2019/03/30 22:09:09:2959] NOTICE: builder.hostname = 'learn', timeout = 1800, targets (2)
+[2019/03/30 22:09:09:2960] NOTICE:     target.name 'target1' (target 0x543b450)
+[2019/03/30 22:09:09:2961] NOTICE:       child 0x543b480, target.child.somename 'abc'
+[2019/03/30 22:09:09:2961] NOTICE:     target.name 'target2' (target 0x543b490)
+[2019/03/30 22:09:09:2962] NOTICE: main:    .... strarting serialization of test 3
+[2019/03/30 22:09:09:2969] NOTICE: ser says 1
+{"schema":"com-warmcat-sai-builder","hostname":"learn","nspawn_timeout":1800,"targets":[{"name":"target1","child":{"somename":"abc"}},{"name":"target2"}]}
+[2019/03/30 22:09:09:2970] NOTICE: main: ++++++++++++++++ test 4
+[2019/03/30 22:09:09:2971] NOTICE: builder.hostname = 'learn', timeout = 1800, targets (0)
+[2019/03/30 22:09:09:2971] NOTICE: main:    .... strarting serialization of test 4
+[2019/03/30 22:09:09:2973] NOTICE: ser says 1
+{"schema":"com-warmcat-sai-builder","hostname":"learn","nspawn_timeout":1800}
+[2019/03/30 22:09:09:2974] NOTICE: main: ++++++++++++++++ test 5
+[2019/03/30 22:09:09:2978] NOTICE: builder.hostname = '', timeout = 0, targets (0)
+[2019/03/30 22:09:09:2979] NOTICE: main:    .... strarting serialization of test 5
+[2019/03/30 22:09:09:2980] NOTICE: ser says 1
+{"schema":"com-warmcat-sai-builder","hostname":"","nspawn_timeout":0}
+[2019/03/30 22:09:09:2982] USER: Completed: PASS
+```
+

minimal-examples/api-tests/api-test-secure-streams/main.c

@@ -0,0 +1,384 @@
+/*
+ * lws-api-test-secure-streams
+ *
+ * Written in 2010-2020 by Andy Green <andy@warmcat.com>
+ *
+ * This file is made available under the Creative Commons CC0 1.0
+ * Universal Public Domain Dedication.
+ *
+ * Let's exercise some basic SS / h1 functionality against httpbin.org
+ */
+
+#include <libwebsockets.h>
+#include <string.h>
+#include <signal.h>
+
+static int interrupted, bad = 1;
+static lws_state_notify_link_t nl;
+static struct lws_context *context;
+
+static const char * const default_ss_policy =
+	"{"
+	  "\"release\":"			"\"01234567\","
+	  "\"product\":"			"\"myproduct\","
+	  "\"schema-version\":"			"1,"
+#if defined(VIA_LOCALHOST_SOCKS)
+	  "\"via-socks5\":"                     "\"127.0.0.1:1080\","
+#endif
+
+	  "\"retry\": ["	/* named backoff / retry strategies */
+		"{\"default\": {"
+			"\"backoff\": ["	 "1000,"
+						 "2000,"
+						 "3000,"
+						 "5000,"
+						"10000"
+				"],"
+			"\"conceal\":"		"5,"
+			"\"jitterpc\":"		"20,"
+			"\"svalidping\":"	"30,"
+			"\"svalidhup\":"	"35"
+		"}}"
+	  "],"
+	  "\"certs\": [" /* named individual certificates in BASE64 DER */
+		/*
+		 * Let's Encrypt certs for warmcat.com / libwebsockets.org
+		 *
+		 * We fetch the real policy from there using SS and switch to
+		 * using that.
+		 */
+
+		"{\"amz_root_ca1\": \""
+	"MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF"
+	"ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6"
+	"b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL"
+	"MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv"
+	"b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj"
+	"ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM"
+	"9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw"
+	"IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6"
+	"VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L"
+	"93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm"
+	"jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC"
+	"AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA"
+	"A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI"
+	"U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs"
+	"N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv"
+	"o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU"
+	"5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy"
+	"rqXRfboQnoZsG4q5WTP468SQvvG5"
+		"\"}"
+	  "],"
+	  "\"trust_stores\": [" /* named cert chains */
+		"{"
+			"\"name\": \"amz\","
+			"\"stack\": ["
+				"\"amz_root_ca1\""
+			"]"
+		"}"
+	  "],"
+	  "\"s\": ["
+	  	/*
+		 * "fetch_policy" decides from where the real policy
+		 * will be fetched, if present.  Otherwise the initial
+		 * policy is treated as the whole, hardcoded, policy.
+		 */
+		"{\"httpbin_get\": {"
+			"\"endpoint\":"		"\"httpbin.org\","
+			"\"port\":"		"443,"
+			"\"protocol\":"		"\"h1\","
+			"\"http_method\":"	"\"GET\","
+			"\"http_url\":"		"\"/get\","
+			"\"tls\":"		"true,"
+			"\"opportunistic\":"	"true,"
+			"\"retry\":"		"\"default\","
+			"\"tls_trust_store\":"	"\"amz\""
+		"}},"
+		"{\"httpbin_get404\": {"
+			"\"endpoint\":"		"\"httpbin.org\","
+			"\"port\":"		"443,"
+			"\"protocol\":"		"\"h1\","
+			"\"http_method\":"	"\"GET\","
+			"\"http_url\":"		"\"/status/404\","
+			"\"tls\":"		"true,"
+			"\"opportunistic\":"	"true,"
+			"\"retry\":"		"\"default\","
+			"\"tls_trust_store\":"	"\"amz\""
+		"}},"
+		"{\"httpbin_post\": {"
+			"\"endpoint\":"		"\"httpbin.org\","
+			"\"port\":"		"443,"
+			"\"protocol\":"		"\"h1\","
+			"\"http_method\":"	"\"POST\","
+			"\"http_url\":"		"\"/post\","
+			"\"tls\":"		"true,"
+			"\"opportunistic\":"	"true,"
+			"\"retry\":"		"\"default\","
+			"\"tls_trust_store\":"	"\"amz\""
+			"}}"
+                "}"
+	"]}"
+;
+
+typedef struct atss {
+	const lws_ss_info_t		*ssi;
+	size_t				send;
+	char				expect_nack;
+} atss_t;
+
+static const atss_t *next_test;
+
+typedef struct myss {
+	struct lws_ss_handle 		*ss;
+	void				*opaque_data;
+	/* ... application specific state ... */
+	lws_sorted_usec_list_t		sul;
+	size_t				payload;
+	size_t				sent;
+	char				seen_eom;
+	char				ended_well;
+} myss_t;
+
+/* secure streams payload interface */
+
+static int
+myss_rx(void *userobj, const uint8_t *buf, size_t len, int flags)
+{
+	myss_t *m = (myss_t *)userobj;
+
+	lwsl_hexdump_info(buf, len);
+
+	m->payload += len;
+
+	if (!(flags & LWSSS_FLAG_EOM))
+		m->seen_eom = 1;
+
+	return 0;
+}
+
+static int
+myss_tx_get(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf, size_t *len,
+	    int *flags)
+{
+	return 1; /* nothing to send */
+}
+
+static int
+myss_tx_post(void *userobj, lws_ss_tx_ordinal_t ord, uint8_t *buf, size_t *len,
+	     int *flags)
+{
+	myss_t *m = (myss_t *)userobj;
+	size_t budget = (next_test->send - m->sent);
+
+	if (!budget)
+		return 1;
+
+	if (*len < budget)
+		budget = *len;
+
+	if (!m->sent)
+		*flags |= LWSSS_FLAG_SOM;
+
+	memset(buf, 0x55, budget);
+	*len = budget;
+	m->sent += budget;
+	if (m->sent != next_test->send)
+		lws_ss_request_tx(m->ss);
+	else
+		*flags |= LWSSS_FLAG_EOM;
+
+	return 0;
+}
+
+static int
+myss_state(void *userobj, void *sh, lws_ss_constate_t state,
+	   lws_ss_tx_ordinal_t ack)
+{
+	myss_t *m = (myss_t *)userobj;
+
+	lwsl_notice("%s: %s, ord 0x%x\n", __func__, lws_ss_state_name(state),
+		  (unsigned int)ack);
+
+	switch (state) {
+	case LWSSSCS_CREATING:
+		lws_ss_client_connect(m->ss);
+		if (next_test->send)
+			lws_ss_request_tx_len(m->ss, next_test->send);
+		break;
+	case LWSSSCS_ALL_RETRIES_FAILED:
+		lwsl_notice("%s: Connection failed\n", __func__);
+		interrupted = 1;
+		break;
+	case LWSSSCS_QOS_NACK_REMOTE:
+		if (next_test->expect_nack)
+			goto happy;
+		lwsl_notice("%s: remote NACK\n", __func__);
+		interrupted = 1;
+		break;
+	case LWSSSCS_QOS_ACK_REMOTE:
+		/*
+		 * To be satisfied, we want to see the ACK_REMOTE indicating
+		 * that the transaction went through; that we had the payload
+		 * EOM; and that we saw at least 200 + posted bytes response
+		 */
+
+		if (!m->seen_eom || m->payload < 200 + next_test->send) {
+			lwsl_warn("%s: ACK_REMOTE but eom %d, payload %d\n",
+				  __func__, m->seen_eom, (int)m->payload);
+			interrupted = 1;
+			return -1;
+		}
+
+happy:
+		/* when we disconnect, we can go happily */
+		m->ended_well = 1;
+
+		if (!(++next_test)->ssi) {
+			lwsl_notice("%s: completed all tests\n", __func__);
+			bad = 0;
+			interrupted = 1;
+			break;
+		}
+		if (lws_ss_create(context, 0, next_test->ssi,
+				  NULL, NULL, NULL, NULL)) {
+			lwsl_err("%s: failed to create secure stream\n",
+				 __func__);
+			return -1;
+		}
+		break;
+
+	case LWSSSCS_DISCONNECTED:
+		if (!m->ended_well) {
+			lwsl_warn("%s: DISCONNECTED without good end\n",
+				  __func__);
+			interrupted = 1;
+		}
+		break;
+	default:
+		break;
+	}
+
+	return 0;
+}
+
+static const lws_ss_info_t ssi_get = {
+	.handle_offset			= offsetof(myss_t, ss),
+	.opaque_user_data_offset	= offsetof(myss_t, opaque_data),
+	.rx				= myss_rx,
+	.tx				= myss_tx_get,
+	.state				= myss_state,
+	.user_alloc			= sizeof(myss_t),
+	.streamtype			= "httpbin_get"
+}, ssi_get404 = {
+	.handle_offset			= offsetof(myss_t, ss),
+	.opaque_user_data_offset	= offsetof(myss_t, opaque_data),
+	.rx				= myss_rx,
+	.tx				= myss_tx_get,
+	.state				= myss_state,
+	.user_alloc			= sizeof(myss_t),
+	.streamtype			= "httpbin_get404"
+}, ssi_post = {
+	.handle_offset			= offsetof(myss_t, ss),
+	.opaque_user_data_offset	= offsetof(myss_t, opaque_data),
+	.rx				= myss_rx,
+	.tx				= myss_tx_post,
+	.state				= myss_state,
+	.user_alloc			= sizeof(myss_t),
+	.streamtype			= "httpbin_post"
+};
+
+static const atss_t test_list[] = {
+		{ .ssi = &ssi_get },
+		{ .ssi = &ssi_get404, .expect_nack = 1 },
+		{ .ssi = &ssi_post, .send = 4096 },
+		{}
+};
+
+
+static int
+app_system_state_nf(lws_state_manager_t *mgr, lws_state_notify_link_t *link,
+		    int current, int target)
+{
+	struct lws_context *context = lws_system_context_from_system_mgr(mgr);
+
+	/*
+	 * For the things we care about, let's notice if we are trying to get
+	 * past them when we haven't solved them yet, and make the system
+	 * state wait while we trigger the dependent action.
+	 */
+	switch (target) {
+
+	case LWS_SYSTATE_OPERATIONAL:
+		if (current == LWS_SYSTATE_OPERATIONAL) {
+
+			next_test = &test_list[0];
+
+			if (lws_ss_create(context, 0, next_test->ssi,
+					  NULL, NULL, NULL, NULL)) {
+				lwsl_err("%s: failed to create secure stream\n",
+					 __func__);
+				return -1;
+			}
+		}
+		break;
+	}
+
+	return 0;
+}
+
+static lws_state_notify_link_t * const app_notifier_list[] = {
+	&nl, NULL
+};
+
+static void
+sigint_handler(int sig)
+{
+	interrupted = 1;
+}
+
+int main(int argc, const char **argv)
+{
+	struct lws_context_creation_info info;
+	int n = 0;
+
+	signal(SIGINT, sigint_handler);
+
+	memset(&info, 0, sizeof info);
+	lws_cmdline_option_handle_builtin(argc, argv, &info);
+
+	lwsl_user("LWS secure streams test client [-d<verb>]\n");
+
+	/* these options are mutually exclusive if given */
+
+	info.fd_limit_per_thread = 1 + 6 + 1;
+	info.port = CONTEXT_PORT_NO_LISTEN;
+	info.pss_policies_json = default_ss_policy;
+	info.options = LWS_SERVER_OPTION_EXPLICIT_VHOSTS |
+		       LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT |
+		       LWS_SERVER_OPTION_H2_JUST_FIX_WINDOW_UPDATE_OVERFLOW;
+
+	/* integrate us with lws system state management when context created */
+
+	nl.name = "app";
+	nl.notify_cb = app_system_state_nf;
+	info.register_notifier_list = app_notifier_list;
+
+	/* create the context */
+
+	context = lws_create_context(&info);
+	if (!context) {
+		lwsl_err("lws init failed\n");
+		return 1;
+	}
+
+	/* the event loop */
+
+	while (n >= 0 && !interrupted)
+		n = lws_service(context, 0);
+
+	lws_context_destroy(context);
+
+	lwsl_user("Completed: %s\n", bad ? "failed" : "OK");
+
+	return bad;
+}