diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:51:24 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 09:51:24 +0000 |
commit | f7548d6d28c313cf80e6f3ef89aed16a19815df1 (patch) | |
tree | a3f6f2a3f247293bee59ecd28e8cd8ceb6ca064a /src/lib-http/test-http-response-parser.c | |
parent | Initial commit. (diff) | |
download | dovecot-upstream.tar.xz dovecot-upstream.zip |
Adding upstream version 1:2.3.19.1+dfsg1.upstream/1%2.3.19.1+dfsg1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/lib-http/test-http-response-parser.c')
-rw-r--r-- | src/lib-http/test-http-response-parser.c | 406 |
1 files changed, 406 insertions, 0 deletions
diff --git a/src/lib-http/test-http-response-parser.c b/src/lib-http/test-http-response-parser.c new file mode 100644 index 0000000..3964a32 --- /dev/null +++ b/src/lib-http/test-http-response-parser.c @@ -0,0 +1,406 @@ +/* Copyright (c) 2013-2018 Dovecot authors, see the included COPYING file */ + +#include "test-lib.h" +#include "buffer.h" +#include "str.h" +#include "str-sanitize.h" +#include "istream.h" +#include "ostream.h" +#include "test-common.h" +#include "http-response-parser.h" + +#include <time.h> + +struct valid_parse_test_response { + unsigned char version_major; + unsigned char version_minor; + unsigned int status; + uoff_t content_length; + const char *payload; +}; + +struct valid_parse_test { + const char *input; + enum http_response_parse_flags flags; + + const struct valid_parse_test_response *responses; + unsigned int responses_count; +}; + +/* Valid response tests */ + +static const struct valid_parse_test_response valid_responses1[] = { + { + .status = 200, + .payload = "This is a piece of stupid text.\r\n" + } +}; + +static const struct valid_parse_test_response valid_responses2[] = { + { + .status = 200, + .payload = "This is a piece of stupid text.\r\n" + },{ + .status = 200, + .payload = "This is a piece of even more stupid text.\r\n" + } +}; + +static const struct valid_parse_test_response valid_responses3[] = { + { + .status = 401, + .payload = "Frop!" + } +}; + +static const struct valid_parse_test_response valid_responses4[] = { + { + .status = 200, + .payload = "Invalid date header" + } +}; + +static const struct valid_parse_test_response valid_responses5[] = { + { + .status = 200, + .payload = "Duplicate headers" + } +}; + +static const struct valid_parse_test +valid_response_parse_tests[] = { + { .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Oct 2012 13:02:27 GMT\r\n" + "Server: Apache/2.2.16 (Debian)\r\n" + "Last-Modified: Tue, 18 Sep 2012 19:31:41 GMT\r\n" + "Etag: \"2a8400c-10751f-4c9fef0858140\"\r\n" + "Accept-Ranges: bytes\r\n" + "Content-Length: 33\r\n" + "Keep-Alive: timeout=15, max=100\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/plain\r\n" + "\r\n" + "This is a piece of stupid text.\r\n", + .responses = valid_responses1, + .responses_count = N_ELEMENTS(valid_responses1) + },{ + .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Oct 2012 13:02:27 GMT\r\n" + "Server: Apache/2.2.16 (Debian)\r\n" + "Last-Modified: Tue, 18 Sep 2012 19:31:41 GMT\r\n" + "Etag: \"2a8400c-10751f-4c9fef0858140\"\r\n" + "Accept-Ranges: bytes\r\n" + "Content-Length: 33\r\n" + "Keep-Alive: timeout=15, max=100\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/plain\r\n" + "\r\n" + "This is a piece of stupid text.\r\n" + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Oct 2012 13:02:27 GMT\r\n" + "Server: Apache/2.2.16 (Debian)\r\n" + "Last-Modified: Tue, 18 Sep 2012 19:31:41 GMT\r\n" + "Etag: \"2a8400c-10751f-4c9fef0858140\"\r\n" + "Accept-Ranges: bytes\r\n" + "Content-Length: 43\r\n" + "Keep-Alive: timeout=15, max=100\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/plain\r\n" + "\r\n" + "This is a piece of even more stupid text.\r\n", + .responses = valid_responses2, + .responses_count = N_ELEMENTS(valid_responses2) + },{ + .input = + "HTTP/1.1 401 Authorization Required\r\n" + "Date: Sun, 07 Oct 2012 19:52:03 GMT\r\n" + "Server: Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze14\r\n" + "WWW-Authenticate: Basic realm=\"Munin\"\r\n" + "Vary: Accept-Encoding\r\n" + "Content-Encoding: gzip\r\n" + "Content-Length: 5\r\n" + "Keep-Alive: timeout=15, max=99\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/html; charset=iso-8859-1\r\n" + "\r\n" + "Frop!", + .responses = valid_responses3, + .responses_count = N_ELEMENTS(valid_responses3) + },{ + .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Ocu 2012 19:52:03 GMT\r\n" + "Content-Length: 19\r\n" + "Keep-Alive: timeout=15, max=99\r\n" + "Connection: Keep-Alive\r\n" + "Date: Sun, 13 Oct 2013 13:13:13 GMT\r\n" + "\r\n" + "Invalid date header", + .responses = valid_responses4, + .responses_count = N_ELEMENTS(valid_responses4) + },{ + .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Oct 2012 19:52:03 GMT\r\n" + "Server: Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze14\r\n" + "Content-Length: 17\r\n" + "Keep-Alive: timeout=15, max=99\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/html; charset=iso-8859-1\r\n" + "Date: Sun, 13 Oct 2013 13:13:13 GMT\r\n" + "\r\n" + "Duplicate headers", + .responses = valid_responses5, + .responses_count = N_ELEMENTS(valid_responses5) + } +}; + +static const unsigned int valid_response_parse_test_count = + N_ELEMENTS(valid_response_parse_tests); + +static void test_http_response_parse_valid(void) +{ + unsigned int i; + buffer_t *payload_buffer = buffer_create_dynamic(default_pool, 1024); + + for (i = 0; i < valid_response_parse_test_count; i++) T_BEGIN { + struct istream *input; + struct ostream *output; + const struct valid_parse_test *test; + const struct valid_parse_test_response *tresponse; + struct http_response_parser *parser; + struct http_response presponse; + const char *input_text, *payload, *error; + unsigned int j, pos, input_text_len; + int ret = 0; + + i_zero(&presponse); + test = &valid_response_parse_tests[i]; + input_text = test->input; + input_text_len = strlen(input_text); + input = test_istream_create_data(input_text, input_text_len); + parser = http_response_parser_init(input, NULL, + valid_response_parse_tests[i].flags); + + test_begin(t_strdup_printf("http response valid [%d]", i)); + + payload = NULL; + for (pos = 0; pos < input_text_len && ret == 0; pos++) { + test_istream_set_size(input, pos); + ret = http_response_parse_next(parser, + HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &presponse, &error); + } + test_istream_set_size(input, input_text_len); + i_stream_unref(&input); + + j = 0; + test_out("parse success", ret > 0); + while (ret > 0) { + if (presponse.payload != NULL) { + buffer_set_used_size(payload_buffer, 0); + output = o_stream_create_buffer(payload_buffer); + test_out("payload receive", + o_stream_send_istream(output, presponse.payload) + == OSTREAM_SEND_ISTREAM_RESULT_FINISHED); + o_stream_destroy(&output); + payload = str_c(payload_buffer); + } else { + payload = NULL; + } + + test_assert(j < test->responses_count); + if (j >= test->responses_count) + break; + tresponse = &test->responses[j]; + + /* verify last response only */ + test_out(t_strdup_printf("response->status = %d", + tresponse->status), + presponse.status == tresponse->status); + if (payload == NULL || tresponse->payload == NULL) { + test_out(t_strdup_printf("response->payload = %s", + str_sanitize(payload, 80)), + payload == tresponse->payload); + } else { + test_out(t_strdup_printf("response->payload = %s", + str_sanitize(payload, 80)), + strcmp(payload, tresponse->payload) == 0); + } + + ret = http_response_parse_next(parser, + HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &presponse, &error); + if (++j == test->responses_count) + test_out("parse end", ret == 0); + else + test_out("parse success", ret > 0); + } + + test_assert(ret == 0); + test_end(); + http_response_parser_deinit(&parser); + } T_END; + + buffer_free(&payload_buffer); +} + +/* + * Invalid response tests + */ + +struct invalid_parse_test { + const char *input; + enum http_response_parse_flags flags; +}; + +static struct invalid_parse_test invalid_response_parse_tests[] = { + { + .input = + "XMPP/1.0 302 Found\r\n" + "Location: http://www.example.nl/\r\n" + "Cache-Control: private\r\n" + },{ + .input = + "HTTP/1.1 302 Found\r\n" + "Location: http://www.example.nl/\r\n" + "Cache-Control: private\r\n" + },{ + .input = + "HTTP/1.1 ABC Found\r\n" + "Location: http://www.example.nl/\r\n" + "Cache-Control: private\r\n" + },{ + .input = + "HTTP/1.1 302 \177\r\n" + "Location: http://www.example.nl/\r\n" + "Cache-Control: private\r\n" + },{ + .input = + "HTTP/1.1 302 Found\n\r" + "Location: http://www.example.nl/\n\r" + "Cache-Control: private\n\r" + },{ + .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Ocu 2012 19:52:03 GMT\r\n" + "Content-Length: 19\r\n" + "Keep-Alive: timeout=15, max=99\r\n" + "Connection: Keep-Alive\r\n" + "\r\n" + "Invalid date header", + .flags = HTTP_RESPONSE_PARSE_FLAG_STRICT + },{ + .input = + "HTTP/1.1 200 OK\r\n" + "Date: Sun, 07 Oct 2012 19:52:03 GMT\r\n" + "Server: Apache/2.2.16 (Debian) PHP/5.3.3-7+squeeze14\r\n" + "Content-Length: 17\r\n" + "Keep-Alive: timeout=15, max=99\r\n" + "Connection: Keep-Alive\r\n" + "Content-Type: text/html; charset=iso-8859-1\r\n" + "Date: Sun, 13 Oct 2013 13:13:13 GMT\r\n" + "\r\n" + "Duplicate headers", + .flags = HTTP_RESPONSE_PARSE_FLAG_STRICT + } +}; + +static const unsigned int invalid_response_parse_test_count = + N_ELEMENTS(invalid_response_parse_tests); + +static void test_http_response_parse_invalid(void) +{ + struct http_response_parser *parser; + struct http_response response; + const char *response_text, *error; + struct istream *input; + int ret; + unsigned int i; + + for (i = 0; i < invalid_response_parse_test_count; i++) T_BEGIN { + const char *test; + + test = invalid_response_parse_tests[i].input; + response_text = test; + input = i_stream_create_from_data(response_text, strlen(response_text)); + parser = http_response_parser_init(input, NULL, + invalid_response_parse_tests[i].flags); + i_stream_unref(&input); + + test_begin(t_strdup_printf("http response invalid [%d]", i)); + + while ((ret=http_response_parse_next(parser, HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &response, &error)) > 0); + + test_out_reason("parse failure", ret < 0, error); + test_end(); + http_response_parser_deinit(&parser); + } T_END; +} + +/* + * Bad response tests + */ + +static const unsigned char bad_response_with_nuls[] = + "HTTP/1.1 200 OK\r\n" + "Server: text\0server\r\n" + "\r\n"; + +static void test_http_response_parse_bad(void) +{ + struct http_response_parser *parser; + struct http_response response; + const char *header, *error; + struct istream *input; + int ret; + + /* parse failure guarantees http_response_header.size equals + strlen(http_response_header.value) */ + + test_begin("http response with NULs (strict)"); + input = i_stream_create_from_data(bad_response_with_nuls, + sizeof(bad_response_with_nuls)-1); + parser = http_response_parser_init(input, NULL, + HTTP_RESPONSE_PARSE_FLAG_STRICT); + i_stream_unref(&input); + + while ((ret=http_response_parse_next(parser, + HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &response, &error)) > 0); + test_assert(ret < 0); + http_response_parser_deinit(&parser); + test_end(); + + /* even when lenient, bad characters like NUL must not be returned */ + test_begin("http response with NULs (lenient)"); + input = i_stream_create_from_data(bad_response_with_nuls, + sizeof(bad_response_with_nuls)-1); + parser = http_response_parser_init(input, NULL, 0); + i_stream_unref(&input); + + ret = http_response_parse_next(parser, + HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &response, &error); + test_out("parse success", ret > 0); + header = http_response_header_get(&response, "server"); + test_out("header present", header != NULL); + if (header != NULL) { + test_out(t_strdup_printf("header Server: %s", header), + strcmp(header, "textserver") == 0); + } + ret = http_response_parse_next(parser, + HTTP_RESPONSE_PAYLOAD_TYPE_ALLOWED, &response, &error); + test_out("parse end", ret == 0); + http_response_parser_deinit(&parser); + test_end(); +} + +int main(void) +{ + static void (*const test_functions[])(void) = { + test_http_response_parse_valid, + test_http_response_parse_invalid, + test_http_response_parse_bad, + NULL + }; + return test_run(test_functions); +} |