diff options
| author | Anthony Neal <aneal@zeroc.com> | 2002-03-24 00:01:23 +0000 |
|---|---|---|
| committer | Anthony Neal <aneal@zeroc.com> | 2002-03-24 00:01:23 +0000 |
| commit | 58c14525c6df583c95eb77abb797bc3ab618aa72 (patch) | |
| tree | a075069a72f546c9b8e06f514254b443b3c8ad60 /cpp | |
| parent | Renaming file. (diff) | |
| download | ice-58c14525c6df583c95eb77abb797bc3ab618aa72.tar.bz2 ice-58c14525c6df583c95eb77abb797bc3ab618aa72.tar.xz ice-58c14525c6df583c95eb77abb797bc3ab618aa72.zip | |
Initial addition.
Diffstat (limited to 'cpp')
6 files changed, 741 insertions, 0 deletions
diff --git a/cpp/test/IceSSL/certificateVerification/Pinger.ice b/cpp/test/IceSSL/certificateVerification/Pinger.ice new file mode 100644 index 00000000000..90a7be5d2ab --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/Pinger.ice @@ -0,0 +1,29 @@ +// ********************************************************************** +// +// Copyright (c) 2002 +// MutableRealms, Inc. +// Huntsville, AL, USA +// +// All Rights Reserved +// +// ********************************************************************** + +#ifndef PINGER_ICE +#define PINGER_ICE +
+#include <Ice/BuiltinSequences.ice>
+
+class KeyManager
+{
+ void getServerCerts(; Ice::ByteSeq trusted, Ice::ByteSeq untrusted);
+ void getTrustedClientKeys(; Ice::ByteSeq key, Ice::ByteSeq cert);
+ void getUntrustedClientKeys(; Ice::ByteSeq key, Ice::ByteSeq cert);
+ void shutdown();
+};
+ +class Pinger +{ + void ping();
+}; + +#endif diff --git a/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp b/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp new file mode 100644 index 00000000000..6caa13ca340 --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/certificateverificationC.dsp @@ -0,0 +1,164 @@ +# Microsoft Developer Studio Project File - Name="certificateVerificationC" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=certificateVerificationC - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE
+!MESSAGE NMAKE /f "certificateVerificationC.mak".
+!MESSAGE
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "certificateVerificationC.mak" CFG="certificateVerificationC - Win32 Debug"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "certificateVerificationC - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "certificateVerificationC - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF "$(CFG)" == "certificateVerificationC - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c
+# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../include" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_UNICODE" /FD /c
+# SUBTRACT CPP /YX /Yc /Yu
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 /nologo /subsystem:console /machine:I386 /out:"client.exe" /libpath:"../../../lib"
+
+!ELSEIF "$(CFG)" == "certificateVerificationC - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /ZI /Od /I "." /I "../../include" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_UNICODE" /FD /GZ /c
+# SUBTRACT CPP /YX /Yc /Yu
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"client.exe" /pdbtype:sept /libpath:"../../../lib"
+
+!ENDIF
+
+# Begin Target
+
+# Name "certificateVerificationC - Win32 Release"
+# Name "certificateVerificationC - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE=.\client.cpp
+
+!IF "$(CFG)" == "certificateVerificationC - Win32 Release"
+
+# ADD CPP /D "_UNICODE"
+
+!ELSEIF "$(CFG)" == "certificateVerificationC - Win32 Debug"
+
+!ENDIF
+
+# End Source File
+# Begin Source File
+
+SOURCE=.\Pinger.cpp
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE=.\Pinger.h
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# Begin Source File
+
+SOURCE=.\Pinger.ice
+
+!IF "$(CFG)" == "certificateVerificationC - Win32 Release"
+
+USERDEP__PINGE="../../../bin/slice2cpp.exe"
+# Begin Custom Build
+InputPath=.\Pinger.ice
+
+BuildCmds= \
+ set PATH=%PATH%;..\..\..\lib \
+ ..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice \
+
+
+"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+
+"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+# End Custom Build
+
+!ELSEIF "$(CFG)" == "certificateVerificationC - Win32 Debug"
+
+USERDEP__PINGE="../../../bin/slice2cpp.exe"
+# Begin Custom Build
+InputPath=.\Pinger.ice
+
+BuildCmds= \
+ set PATH=%PATH%;..\..\..\lib \
+ ..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice \
+
+
+"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+
+"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+# End Custom Build
+
+!ENDIF
+
+# End Source File
+# End Group
+# End Target
+# End Project
diff --git a/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp b/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp new file mode 100644 index 00000000000..c5e195b8d58 --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/certificateverificationS.dsp @@ -0,0 +1,155 @@ +# Microsoft Developer Studio Project File - Name="certificateVerificationS" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 6.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=certificateVerificationS - Win32 Debug
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE
+!MESSAGE NMAKE /f "certificateVerificationS.mak".
+!MESSAGE
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE
+!MESSAGE NMAKE /f "certificateVerificationS.mak" CFG="certificateVerificationS - Win32 Debug"
+!MESSAGE
+!MESSAGE Possible choices for configuration are:
+!MESSAGE
+!MESSAGE "certificateVerificationS - Win32 Release" (based on "Win32 (x86) Console Application")
+!MESSAGE "certificateVerificationS - Win32 Debug" (based on "Win32 (x86) Console Application")
+!MESSAGE
+
+# Begin Project
+# PROP AllowPerConfigDependencies 0
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF "$(CFG)" == "certificateVerificationS - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "Release"
+# PROP Intermediate_Dir "Release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /c
+# ADD CPP /nologo /MD /W3 /WX /GR /GX /O2 /I "." /I "../../include" /D "NDEBUG" /D "WIN32" /D "_CONSOLE" /D "_UNICODE" /FD /c
+# SUBTRACT CPP /YX /Yc /Yu
+# ADD BASE RSC /l 0x409 /d "NDEBUG"
+# ADD RSC /l 0x409 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 /nologo /subsystem:console /machine:I386 /out:"server.exe" /libpath:"../../../lib"
+
+!ELSEIF "$(CFG)" == "certificateVerificationS - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "certificateVerificationS___Win32_Debug"
+# PROP BASE Intermediate_Dir "certificateVerificationS___Win32_Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "Debug"
+# PROP Intermediate_Dir "Debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /ZI /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /Yu"stdafx.h" /FD /GZ /c
+# ADD CPP /nologo /MDd /W3 /WX /Gm /GR /GX /ZI /Od /I "." /I "../../include" /D "_DEBUG" /D "WIN32" /D "_CONSOLE" /D "_UNICODE" /FD /GZ /c
+# SUBTRACT CPP /YX /Yc /Yu
+# ADD BASE RSC /l 0x409 /d "_DEBUG"
+# ADD RSC /l 0x409 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 /nologo /subsystem:console /debug /machine:I386 /out:"server.exe" /pdbtype:sept /libpath:"../../../lib"
+
+!ENDIF
+
+# Begin Target
+
+# Name "certificateVerificationS - Win32 Release"
+# Name "certificateVerificationS - Win32 Debug"
+# Begin Group "Source Files"
+
+# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;idl;hpj;bat"
+# Begin Source File
+
+SOURCE=.\server.cpp
+# End Source File
+# Begin Source File
+
+SOURCE=.\Pinger.cpp
+# End Source File
+# End Group
+# Begin Group "Header Files"
+
+# PROP Default_Filter "h;hpp;hxx;hm;inl"
+# Begin Source File
+
+SOURCE=.\Pinger.h
+# End Source File
+# End Group
+# Begin Group "Resource Files"
+
+# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe"
+# Begin Source File
+
+SOURCE=.\Pinger.ice
+
+!IF "$(CFG)" == "certificateVerificationS - Win32 Release"
+
+USERDEP__PINGE="../../../bin/slice2cpp.exe"
+# Begin Custom Build
+InputPath=.\Pinger.ice
+
+BuildCmds= \
+ set PATH=%PATH%;..\..\..\lib \
+ ..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice \
+
+
+"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+
+"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+# End Custom Build
+
+!ELSEIF "$(CFG)" == "certificateVerificationS - Win32 Debug"
+
+USERDEP__PINGE="../../../bin/slice2cpp.exe"
+# Begin Custom Build
+InputPath=.\Pinger.ice
+
+BuildCmds= \
+ set PATH=%PATH%;..\..\..\lib \
+ ..\..\..\bin\slice2cpp.exe -I../../../slice Pinger.ice \
+
+
+"Pinger.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+
+"Pinger.cpp" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+ $(BuildCmds)
+# End Custom Build
+
+!ENDIF
+
+# End Source File
+# End Group
+# End Target
+# End Project
diff --git a/cpp/test/IceSSL/certificateVerification/client.cpp b/cpp/test/IceSSL/certificateVerification/client.cpp new file mode 100644 index 00000000000..b6609aa3e89 --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/client.cpp @@ -0,0 +1,169 @@ +// **********************************************************************
+//
+// Copyright (c) 2002
+// MutableRealms, Inc.
+// Huntsville, AL, USA
+//
+// All Rights Reserved
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+#include <Ice/System.h>
+#include <Ice/SslException.h>
+#include <TestCommon.h>
+#include <Pinger.h>
+
+using namespace std;
+
+int
+run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
+{
+ string ref = "pinger:ssl -p 12345 -t 2000";
+
+ KeyManagerPrx km = KeyManagerPrx::checkedCast(communicator->stringToProxy("keyManager:tcp -p 12344 -t 2000"));
+
+ Ice::ByteSeq serverTrustedCert;
+ Ice::ByteSeq serverUntrustedCert;
+ Ice::ByteSeq clientTrustedKey;
+ Ice::ByteSeq clientTrustedCert;
+ Ice::ByteSeq clientUntrustedKey;
+ Ice::ByteSeq clientUntrustedCert;
+
+ km->getServerCerts(serverTrustedCert,serverUntrustedCert);
+ km->getTrustedClientKeys(clientTrustedKey,clientTrustedCert);
+ km->getUntrustedClientKeys(clientUntrustedKey,clientUntrustedCert);
+
+ IceSSL::SystemPtr sslSystem = communicator->getSslSystem();
+
+ Ice::PropertiesPtr properties = communicator->getProperties();
+ properties->setProperty("Ice.SSL.Client.CertPath","../certs");
+ properties->setProperty("Ice.SSL.Client.Config", "sslconfig_7.xml");
+
+ cout << "client and server do not trust each other... ";
+
+ // Neither Client nor Server will trust.
+ sslSystem->configure(IceSSL::Client);
+ sslSystem->addTrustedCertificate(IceSSL::Client, serverUntrustedCert);
+ sslSystem->setRSAKeys(IceSSL::Client, clientUntrustedKey, clientUntrustedCert);
+ try
+ {
+ PingerPrx pinger = PingerPrx::checkedCast(communicator->stringToProxy(ref));
+ pinger->ping();
+ km->shutdown();
+ test(false);
+ }
+ catch(const IceSSL::CertificateVerificationException&)
+ {
+ cout << "ok" << endl;
+ }
+ catch(const Ice::LocalException&)
+ {
+ km->shutdown();
+ test(false);
+ }
+
+ cout << "client trusted, server not trusted... ";
+
+ // Client will not trust Server, but Server will trust Client.
+ sslSystem->setRSAKeys(IceSSL::Client, clientTrustedKey, clientTrustedCert);
+ try
+ {
+ PingerPrx pinger = PingerPrx::checkedCast(communicator->stringToProxy(ref));
+ pinger->ping();
+ km->shutdown();
+ test(false);
+ }
+ catch(const IceSSL::CertificateVerificationException&)
+ {
+ cout << "ok" << endl;
+ }
+ catch(const Ice::LocalException&)
+ {
+ km->shutdown();
+ test(false);
+ }
+
+ cout << "client trusts server, server does not trust client... ";
+
+ // Client trusts, Server does not.
+ sslSystem->configure(IceSSL::Client);
+ sslSystem->addTrustedCertificate(IceSSL::Client, serverTrustedCert);
+ sslSystem->setRSAKeys(IceSSL::Client, clientUntrustedKey, clientUntrustedCert);
+ try
+ {
+ PingerPrx pinger = PingerPrx::checkedCast(communicator->stringToProxy(ref));
+ pinger->ping();
+ cout << "fail" << endl;
+ km->shutdown();
+ test(false);
+ }
+ catch(const IceSSL::ProtocolException&)
+ {
+ // Note: We expect that the server will send an alert 48 back to the client,
+ // generating this exception.
+ cout << "ok" << endl;
+ }
+ catch(const Ice::LocalException&)
+ {
+ km->shutdown();
+ test(false);
+ }
+
+ cout << "both client and server trust each other... ";
+
+ // Both Client and Server trust.
+ sslSystem->setRSAKeys(IceSSL::Client, clientTrustedKey, clientTrustedCert);
+
+ try
+ {
+ PingerPrx pinger = PingerPrx::checkedCast(communicator->stringToProxy(ref));
+ pinger->ping();
+ cout << "ok" << endl;
+ }
+ catch(const Ice::LocalException&)
+ {
+ cout << "fail" << endl;
+ km->shutdown();
+ test(false);
+ }
+
+ cout << "shutting down... ";
+ km->shutdown();
+ cout << "ok" << endl;
+
+ return EXIT_SUCCESS;
+}
+
+int
+main(int argc, char* argv[])
+{
+ int status;
+ Ice::CommunicatorPtr communicator;
+
+ try
+ {
+ communicator = Ice::initialize(argc, argv);
+ status = run(argc, argv, communicator);
+ }
+ catch(const Ice::Exception& ex)
+ {
+ cerr << ex << endl;
+ status = EXIT_FAILURE;
+ }
+
+ if (communicator)
+ {
+ try
+ {
+ communicator->destroy();
+ }
+ catch(const Ice::Exception& ex)
+ {
+ cerr << ex << endl;
+ status = EXIT_FAILURE;
+ }
+ }
+
+ return status;
+}
diff --git a/cpp/test/IceSSL/certificateVerification/run.py b/cpp/test/IceSSL/certificateVerification/run.py new file mode 100755 index 00000000000..4ee41d77182 --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/run.py @@ -0,0 +1,27 @@ +#!/usr/bin/env python +# ********************************************************************** +# +# Copyright (c) 2001 +# MutableRealms, Inc. +# Huntsville, AL, USA +# +# All Rights Reserved +# +# ********************************************************************** + +import os, sys + +for toplevel in [".", "..", "../..", "../../..", "../../../.."]: + toplevel = os.path.normpath(toplevel) + if os.path.exists(os.path.join(toplevel, "config", "TestUtil.py")): + break +else: + raise "can't find toplevel directory!" + +sys.path.append(os.path.join(toplevel, "config")) +import TestUtil + +name = os.path.join("IceSSL", "certificateVerification") + +TestUtil.clientServerTest(toplevel, name) +sys.exit(0) diff --git a/cpp/test/IceSSL/certificateVerification/server.cpp b/cpp/test/IceSSL/certificateVerification/server.cpp new file mode 100644 index 00000000000..a1ce4447fe7 --- /dev/null +++ b/cpp/test/IceSSL/certificateVerification/server.cpp @@ -0,0 +1,197 @@ +// **********************************************************************
+//
+// Copyright (c) 2002
+// MutableRealms, Inc.
+// Huntsville, AL, USA
+//
+// All Rights Reserved
+//
+// **********************************************************************
+
+#include <Ice/Ice.h>
+#include <Ice/RSACertificateGen.h>
+#include <Ice/RSAKeyPair.h>
+#include <Ice/System.h>
+#include <Pinger.h>
+
+using namespace std;
+
+
+class KeyManagerI : public KeyManager
+{
+
+public:
+ KeyManagerI(const IceSSL::OpenSSL::RSAKeyPairPtr&, const IceSSL::OpenSSL::RSAKeyPairPtr&,
+ const IceSSL::OpenSSL::RSAKeyPairPtr&, const IceSSL::OpenSSL::RSAKeyPairPtr&,
+ const Ice::CommunicatorPtr&);
+
+ virtual void getServerCerts(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
+ virtual void getTrustedClientKeys(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
+ virtual void getUntrustedClientKeys(Ice::ByteSeq&, Ice::ByteSeq&, const ::Ice::Current&);
+ virtual void shutdown(const ::Ice::Current&);
+
+protected:
+ IceSSL::OpenSSL::RSAKeyPairPtr _serverTrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr _serverUntrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr _clientTrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr _clientUntrusted;
+ Ice::CommunicatorPtr _communicator;
+};
+
+KeyManagerI::KeyManagerI(const IceSSL::OpenSSL::RSAKeyPairPtr& serverTrusted,
+ const IceSSL::OpenSSL::RSAKeyPairPtr& serverUntrusted,
+ const IceSSL::OpenSSL::RSAKeyPairPtr& clientTrusted,
+ const IceSSL::OpenSSL::RSAKeyPairPtr& clientUntrusted,
+ const Ice::CommunicatorPtr& communicator) :
+ _serverTrusted(serverTrusted), _serverUntrusted(serverUntrusted),
+ _clientTrusted(clientTrusted), _clientUntrusted(clientUntrusted),
+ _communicator(communicator)
+{
+}
+
+void
+KeyManagerI::getServerCerts(Ice::ByteSeq& trusted, Ice::ByteSeq& untrusted, const ::Ice::Current&)
+{
+ _serverTrusted->certToByteSeq(trusted);
+ _serverUntrusted->certToByteSeq(untrusted);
+}
+
+void
+KeyManagerI::getTrustedClientKeys(Ice::ByteSeq& key, Ice::ByteSeq& cert, const ::Ice::Current&)
+{
+ _clientTrusted->keyToByteSeq(key);
+ _clientTrusted->certToByteSeq(cert);
+}
+
+void
+KeyManagerI::getUntrustedClientKeys(Ice::ByteSeq& key, Ice::ByteSeq& cert, const ::Ice::Current&)
+{
+ _clientUntrusted->keyToByteSeq(key);
+ _clientUntrusted->certToByteSeq(cert);
+}
+
+void
+KeyManagerI::shutdown(const ::Ice::Current&)
+{
+ _communicator->shutdown();
+}
+
+class PingerI : public Pinger
+{
+
+public:
+ PingerI();
+ virtual void ping(const ::Ice::Current&);
+};
+
+PingerI::PingerI()
+{
+}
+
+void
+PingerI::ping(const ::Ice::Current&)
+{
+ std::cout << "ping." << std::endl;
+}
+
+int
+run(int argc, char* argv[], const Ice::CommunicatorPtr& communicator)
+{
+ Ice::PropertiesPtr properties = communicator->getProperties();
+ properties->setProperty("Ice.SSL.Client.CertPath","../certs");
+ properties->setProperty("Ice.SSL.Client.Config", "sslconfig_8.xml");
+
+ IceSSL::SystemPtr sslSystem = communicator->getSslSystem();
+ sslSystem->configure(IceSSL::Server);
+
+ IceSSL::OpenSSL::RSACertificateGen certGen;
+
+ IceSSL::OpenSSL::RSACertificateGenContext certGenContext;
+
+ // Base setup.
+ certGenContext.setCountry("US");
+ certGenContext.setStateProvince("DC");
+ certGenContext.setLocality("Washington");
+ certGenContext.setOrganization("Some Company Inc.");
+ certGenContext.setOrgainizationalUnit("Sales");
+ certGenContext.setBitStrength(1024);
+ certGenContext.setSecondsValid(IceSSL::OpenSSL::RSACertificateGenContext::hoursToSeconds(1));
+
+ IceSSL::OpenSSL::RSAKeyPairPtr serverTrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr serverUntrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr clientTrusted;
+ IceSSL::OpenSSL::RSAKeyPairPtr clientUntrusted;
+
+ certGenContext.setCommonName("Server Trusted");
+ serverTrusted = certGen.generate(certGenContext);
+
+ certGenContext.setCommonName("Server Untrusted");
+ serverUntrusted = certGen.generate(certGenContext);
+
+ certGenContext.setCommonName("Client Trusted");
+ clientTrusted = certGen.generate(certGenContext);
+
+ certGenContext.setCommonName("Client Untrusted");
+ clientUntrusted = certGen.generate(certGenContext);
+
+ Ice::ObjectPtr object = new KeyManagerI(serverTrusted, serverUntrusted,
+ clientTrusted, clientUntrusted,
+ communicator);
+
+ Ice::ByteSeq trustedCertificate;
+ Ice::ByteSeq serverCertificate;
+ Ice::ByteSeq serverKey;
+
+ clientTrusted->certToByteSeq(trustedCertificate);
+ serverTrusted->certToByteSeq(serverCertificate);
+ serverTrusted->keyToByteSeq(serverKey);
+
+ sslSystem->addTrustedCertificate(IceSSL::Server, trustedCertificate);
+ sslSystem->setRSAKeys(IceSSL::Server, serverKey, serverCertificate);
+
+ string kmEndpts = "tcp -p 12344 -t 2000";
+ Ice::ObjectAdapterPtr kmAdapter = communicator->createObjectAdapterWithEndpoints("KeyManagerAdapter", kmEndpts);
+ kmAdapter->add(object, Ice::stringToIdentity("keyManager"));
+ kmAdapter->activate();
+
+ string endpts = "ssl -p 12345 -t 2000";
+ Ice::ObjectAdapterPtr adapter = communicator->createObjectAdapterWithEndpoints("PingerAdapter", endpts);
+ adapter->add(new PingerI(), Ice::stringToIdentity("pinger"));
+ adapter->activate();
+ communicator->waitForShutdown();
+ return EXIT_SUCCESS;
+}
+
+int
+main(int argc, char* argv[])
+{
+ int status;
+ Ice::CommunicatorPtr communicator;
+
+ try
+ {
+ communicator = Ice::initialize(argc, argv);
+ status = run(argc, argv, communicator);
+
+ }
+ catch(const Ice::Exception& ex)
+ {
+ cerr << ex << endl;
+ status = EXIT_FAILURE;
+ }
+
+ if (communicator)
+ {
+ try
+ {
+ communicator->destroy();
+ }
+ catch(const Ice::Exception& ex)
+ {
+ cerr << ex << endl;
+ status = EXIT_FAILURE;
+ }
+ }
+
+ return status;
+}
|