diff options
Diffstat (limited to 'cpp/test/IceSSL/configuration/AllTests.cpp')
| -rw-r--r-- | cpp/test/IceSSL/configuration/AllTests.cpp | 561 |
1 files changed, 527 insertions, 34 deletions
diff --git a/cpp/test/IceSSL/configuration/AllTests.cpp b/cpp/test/IceSSL/configuration/AllTests.cpp index 8052d5c35c2..8253617ae75 100644 --- a/cpp/test/IceSSL/configuration/AllTests.cpp +++ b/cpp/test/IceSSL/configuration/AllTests.cpp @@ -1137,8 +1137,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.TrustOnly", "C=US, ST=Florida, O=ZeroC\\, Inc.," "OU=Ice, emailAddress=info@zeroc.com, CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1164,11 +1162,37 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "!C=US, ST=Florida, O=ZeroC\\, Inc.," + "OU=Ice, emailAddress=info@zeroc.com, CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); initData.properties->setProperty("IceSSL.TrustOnly", "C=US, ST=Florida, O=\"ZeroC, Inc.\"," "OU=Ice, emailAddress=info@zeroc.com, CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1196,8 +1220,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1225,10 +1247,35 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly"] = "!C=US, ST=Florida, O=ZeroC\\, Inc., OU=Ice, emailAddress=info@zeroc.com, CN=Client"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); initData.properties->setProperty("IceSSL.TrustOnly", "CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1254,10 +1301,35 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "!CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1284,10 +1356,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); - initData.properties->setProperty("IceSSL.TrustOnly", "CN=Client"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1295,6 +1364,7 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) d["IceSSL.CertAuthFile"] = "cacert1.pem"; d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly"] = "!CN=Client"; Test::ServerPrx server = fact->createServer(d); try { @@ -1313,10 +1383,34 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "CN=Client"); + CommunicatorPtr comm = initialize(initData); + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1345,8 +1439,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); initData.properties->setProperty("IceSSL.TrustOnly", "C=Canada,CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1372,10 +1464,35 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "!C=Canada,CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); initData.properties->setProperty("IceSSL.TrustOnly", "C=Canada;CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1396,6 +1513,87 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) comm->destroy(); } { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "!C=Canada;!CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "!CN=Server1"); // Should not match "Server" + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly"] = "!CN=Client1"; // Should not match "Client" + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } + { // // Test rejection when client does not supply a certificate. // @@ -1404,8 +1602,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) CommunicatorPtr comm = initialize(initData); initData.properties->setProperty("IceSSL.Ciphers", "ADH"); initData.properties->setProperty("IceSSL.VerifyPeer", "0"); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1425,6 +1621,94 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) fact->destroyServer(server); comm->destroy(); } + { + // + // Test rejection when client does not supply a certificate. + // + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + CommunicatorPtr comm = initialize(initData); + initData.properties->setProperty("IceSSL.Ciphers", "ADH"); + initData.properties->setProperty("IceSSL.VerifyPeer", "0"); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.TrustOnly"] = "!C=US, ST=Florida, O=ZeroC\\, Inc.,OU=Ice, emailAddress=info@zeroc.com, CN=Client"; + d["IceSSL.Ciphers"] = "ADH"; + d["IceSSL.VerifyPeer"] = "0"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + // + // Rejection takes precedence (client). + // + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly", "ST=Florida;!CN=Server;C=US"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + // + // Rejection takes precedence (server). + // + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly"] = "C=US;!CN=Client;ST=Florida"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } cout << "ok" << endl; cout << "testing IceSSL.TrustOnly.Client... " << flush; @@ -1437,8 +1721,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.TrustOnly.Client", "C=US, ST=Florida, O=ZeroC\\, Inc.," "OU=Ice, emailAddress=info@zeroc.com, CN=Server"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1448,7 +1730,63 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; // Should have no effect. d["IceSSL.TrustOnly.Client"] = "C=US, ST=Florida, O=ZeroC\\, Inc., OU=Ice, emailAddress=info@zeroc.com," - "CN=Client"; + "CN=Server"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly.Client", "!C=US, ST=Florida, O=ZeroC\\, Inc.," + "OU=Ice, emailAddress=info@zeroc.com, CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + // Should have no effect. + d["IceSSL.TrustOnly.Client"] = "!CN=Client"; Test::ServerPrx server = fact->createServer(d); try { @@ -1469,8 +1807,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); initData.properties->setProperty("IceSSL.TrustOnly.Client", "CN=Client"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1490,6 +1826,33 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) fact->destroyServer(server); comm->destroy(); } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + initData.properties->setProperty("IceSSL.TrustOnly.Client", "!CN=Client"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } cout << "ok" << endl; cout << "testing IceSSL.TrustOnly.Server... " << flush; @@ -1503,8 +1866,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.TrustOnly.Server", "C=US, ST=Florida, O=ZeroC\\, Inc., OU=Ice," "emailAddress=info@zeroc.com,CN=Client"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1533,8 +1894,62 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly.Server"] = + "!C=US, ST=Florida, O=ZeroC\\, Inc., OU=Ice, emailAddress=info@zeroc.com, CN=Client"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + // Should have no effect. + initData.properties->setProperty("IceSSL.TrustOnly.Server", "!CN=Server"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1555,6 +1970,33 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) fact->destroyServer(server); comm->destroy(); } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly.Server"] = "!CN=Client"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } cout << "ok" << endl; cout << "testing IceSSL.TrustOnly.Server.<AdapterName>... " << flush; @@ -1565,8 +2007,6 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1596,8 +2036,34 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); CommunicatorPtr comm = initialize(initData); - IceSSL::PluginPtr plugin = IceSSL::PluginPtr::dynamicCast(comm->getPluginManager()->getPlugin("IceSSL")); - test(plugin); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly.Server.ServerAdapter"] = + "!C=US, ST=Florida, O=ZeroC\\, Inc., OU=Ice, emailAddress=info@zeroc.com, CN=Client"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + test(false); + } + catch(const LocalException&) + { + } + fact->destroyServer(server); + comm->destroy(); + } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); test(fact); @@ -1618,6 +2084,33 @@ allTests(const CommunicatorPtr& communicator, const string& testDir) fact->destroyServer(server); comm->destroy(); } + { + InitializationData initData; + initData.properties = createClientProps(defaultProperties, defaultDir, defaultHost); + initData.properties->setProperty("IceSSL.CertAuthFile", "cacert1.pem"); + initData.properties->setProperty("IceSSL.CertFile", "c_rsa_nopass_ca1_pub.pem"); + initData.properties->setProperty("IceSSL.KeyFile", "c_rsa_nopass_ca1_priv.pem"); + CommunicatorPtr comm = initialize(initData); + + Test::ServerFactoryPrx fact = Test::ServerFactoryPrx::checkedCast(comm->stringToProxy(factoryRef)); + test(fact); + Test::Properties d = createServerProps(defaultProperties, defaultDir, defaultHost); + d["IceSSL.CertAuthFile"] = "cacert1.pem"; + d["IceSSL.CertFile"] = "s_rsa_nopass_ca1_pub.pem"; + d["IceSSL.KeyFile"] = "s_rsa_nopass_ca1_priv.pem"; + d["IceSSL.TrustOnly.Server.ServerAdapter"] = "!CN=bogus"; + Test::ServerPrx server = fact->createServer(d); + try + { + server->ice_ping(); + } + catch(const LocalException&) + { + test(false); + } + fact->destroyServer(server); + comm->destroy(); + } cout << "ok" << endl; factory->shutdown(); |