summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRemko Tronçon <git@el-tramo.be>2010-11-10 21:02:12 (GMT)
committerRemko Tronçon <git@el-tramo.be>2010-11-11 12:50:12 (GMT)
commit91b828a6e94f15c675e03baff4d45a7feb939eb9 (patch)
tree2ca432e79b05b58235b0f791fc8e4a6dd0e96db7 /Swiften/Client/UnitTest
parent2fec654b2345ba974b843a0868d580f9c12fdfea (diff)
downloadswift-91b828a6e94f15c675e03baff4d45a7feb939eb9.zip
swift-91b828a6e94f15c675e03baff4d45a7feb939eb9.tar.bz2
Added server identity check.
Diffstat (limited to 'Swiften/Client/UnitTest')
-rw-r--r--Swiften/Client/UnitTest/ClientSessionTest.cpp30
1 files changed, 29 insertions, 1 deletions
diff --git a/Swiften/Client/UnitTest/ClientSessionTest.cpp b/Swiften/Client/UnitTest/ClientSessionTest.cpp
index 11e4992..74f3376 100644
--- a/Swiften/Client/UnitTest/ClientSessionTest.cpp
+++ b/Swiften/Client/UnitTest/ClientSessionTest.cpp
@@ -24,6 +24,8 @@
#include "Swiften/Elements/EnableStreamManagement.h"
#include "Swiften/Elements/IQ.h"
#include "Swiften/Elements/ResourceBind.h"
+#include "Swiften/TLS/SimpleCertificate.h"
+#include "Swiften/TLS/BlindCertificateTrustChecker.h"
using namespace Swift;
@@ -33,6 +35,7 @@ class ClientSessionTest : public CppUnit::TestFixture {
CPPUNIT_TEST(testStartTLS);
CPPUNIT_TEST(testStartTLS_ServerError);
CPPUNIT_TEST(testStartTLS_ConnectError);
+ CPPUNIT_TEST(testStartTLS_InvalidIdentity);
CPPUNIT_TEST(testAuthenticate);
CPPUNIT_TEST(testAuthenticate_Unauthorized);
CPPUNIT_TEST(testAuthenticate_NoValidAuthMechanisms);
@@ -57,6 +60,11 @@ class ClientSessionTest : public CppUnit::TestFixture {
server = boost::shared_ptr<MockSessionStream>(new MockSessionStream());
sessionFinishedReceived = false;
needCredentials = false;
+ blindCertificateTrustChecker = new BlindCertificateTrustChecker();
+ }
+
+ void tearDown() {
+ delete blindCertificateTrustChecker;
}
void testStart_Error() {
@@ -71,6 +79,7 @@ class ClientSessionTest : public CppUnit::TestFixture {
void testStartTLS() {
boost::shared_ptr<ClientSession> session(createSession());
+ session->setCertificateTrustChecker(blindCertificateTrustChecker);
session->start();
server->receiveStreamStart();
server->sendStreamStart();
@@ -116,6 +125,24 @@ class ClientSessionTest : public CppUnit::TestFixture {
CPPUNIT_ASSERT(sessionFinishedError);
}
+ void testStartTLS_InvalidIdentity() {
+ boost::shared_ptr<ClientSession> session(createSession());
+ session->start();
+ server->receiveStreamStart();
+ server->sendStreamStart();
+ server->sendStreamFeaturesWithStartTLS();
+ server->receiveStartTLS();
+ CPPUNIT_ASSERT(!server->tlsEncrypted);
+ server->sendTLSProceed();
+ CPPUNIT_ASSERT(server->tlsEncrypted);
+ server->onTLSEncrypted();
+
+ CPPUNIT_ASSERT_EQUAL(ClientSession::Finished, session->getState());
+ CPPUNIT_ASSERT(sessionFinishedReceived);
+ CPPUNIT_ASSERT(sessionFinishedError);
+ CPPUNIT_ASSERT_EQUAL(CertificateVerificationError::InvalidServerIdentity, boost::dynamic_pointer_cast<CertificateVerificationError>(sessionFinishedError)->getType());
+ }
+
void testAuthenticate() {
boost::shared_ptr<ClientSession> session(createSession());
session->start();
@@ -284,7 +311,7 @@ class ClientSessionTest : public CppUnit::TestFixture {
}
virtual Certificate::ref getPeerCertificate() const {
- return Certificate::ref();
+ return Certificate::ref(new SimpleCertificate());
}
virtual boost::shared_ptr<CertificateVerificationError> getPeerCertificateVerificationError() const {
@@ -429,6 +456,7 @@ class ClientSessionTest : public CppUnit::TestFixture {
bool sessionFinishedReceived;
bool needCredentials;
boost::shared_ptr<Error> sessionFinishedError;
+ BlindCertificateTrustChecker* blindCertificateTrustChecker;
};
CPPUNIT_TEST_SUITE_REGISTRATION(ClientSessionTest);