Adding upstream version 1.60.0.upstream/1.60.0

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-13 08:51:45 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-13 08:51:45 +0000
commit: b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8 (patch)
tree: e63c9ae918acedbe29bb3b67109da9615c08e5e6 /src/shrpx_tls_test.cc
parent: Adding upstream version 1.59.0. (diff)
download: nghttp2-b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8.tar.xz
nghttp2-b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8.zip
1 files changed, 73 insertions, 52 deletions
diff --git a/src/shrpx_tls_test.cc b/src/shrpx_tls_test.cc
index 02fb168..04d16da 100644
--- a/src/shrpx_tls_test.cc
+++ b/src/shrpx_tls_test.cc
@@ -24,7 +24,7 @@
  */
 #include "shrpx_tls_test.h"
 
-#include <CUnit/CUnit.h>
+#include "munitxx.h"
 
 #include "shrpx_tls.h"
 #include "shrpx_log.h"
@@ -35,6 +35,21 @@ using namespace nghttp2;
 
 namespace shrpx {
 
+namespace {
+const MunitTest tests[]{
+    munit_void_test(test_shrpx_tls_create_lookup_tree),
+    munit_void_test(test_shrpx_tls_cert_lookup_tree_add_ssl_ctx),
+    munit_void_test(test_shrpx_tls_tls_hostname_match),
+    munit_void_test(test_shrpx_tls_verify_numeric_hostname),
+    munit_void_test(test_shrpx_tls_verify_dns_hostname),
+    munit_test_end(),
+};
+} // namespace
+
+const MunitSuite tls_suite{
+    "/tls", tests, NULL, 1, MUNIT_SUITE_OPTION_NONE,
+};
+
 void test_shrpx_tls_create_lookup_tree(void) {
   auto tree = std::make_unique<tls::CertLookupTree>();
 
@@ -58,24 +73,24 @@ void test_shrpx_tls_create_lookup_tree(void) {
 
   tree->dump();
 
-  CU_ASSERT(0 == tree->lookup(hostnames[0]));
-  CU_ASSERT(1 == tree->lookup(hostnames[1]));
-  CU_ASSERT(2 == tree->lookup(StringRef::from_lit("2www.example.org")));
-  CU_ASSERT(-1 == tree->lookup(StringRef::from_lit("www2.example.org")));
-  CU_ASSERT(3 == tree->lookup(StringRef::from_lit("xy1.host.domain")));
+  assert_ssize(0, ==, tree->lookup(hostnames[0]));
+  assert_ssize(1, ==, tree->lookup(hostnames[1]));
+  assert_ssize(2, ==, tree->lookup(StringRef::from_lit("2www.example.org")));
+  assert_ssize(-1, ==, tree->lookup(StringRef::from_lit("www2.example.org")));
+  assert_ssize(3, ==, tree->lookup(StringRef::from_lit("xy1.host.domain")));
   // Does not match *yy.host.domain, because * must match at least 1
   // character.
-  CU_ASSERT(-1 == tree->lookup(StringRef::from_lit("yy.host.domain")));
-  CU_ASSERT(4 == tree->lookup(StringRef::from_lit("xyy.host.domain")));
-  CU_ASSERT(-1 == tree->lookup(StringRef{}));
-  CU_ASSERT(5 == tree->lookup(hostnames[5]));
-  CU_ASSERT(6 == tree->lookup(hostnames[6]));
+  assert_ssize(-1, ==, tree->lookup(StringRef::from_lit("yy.host.domain")));
+  assert_ssize(4, ==, tree->lookup(StringRef::from_lit("xyy.host.domain")));
+  assert_ssize(-1, ==, tree->lookup(StringRef{}));
+  assert_ssize(5, ==, tree->lookup(hostnames[5]));
+  assert_ssize(6, ==, tree->lookup(hostnames[6]));
   static constexpr char h6[] = "pdylay.sourceforge.net";
   for (int i = 0; i < 7; ++i) {
-    CU_ASSERT(-1 == tree->lookup(StringRef{h6 + i, str_size(h6) - i}));
+    assert_ssize(-1, ==, tree->lookup(StringRef{h6 + i, str_size(h6) - i}));
   }
-  CU_ASSERT(8 == tree->lookup(StringRef::from_lit("x.foo.bar")));
-  CU_ASSERT(9 == tree->lookup(hostnames[9]));
+  assert_ssize(8, ==, tree->lookup(StringRef::from_lit("x.foo.bar")));
+  assert_ssize(9, ==, tree->lookup(hostnames[9]));
 
   constexpr StringRef names[] = {
       StringRef::from_lit("rab"),  // 1
@@ -90,7 +105,7 @@ void test_shrpx_tls_create_lookup_tree(void) {
     tree->add_cert(names[idx], idx);
   }
   for (size_t i = 0; i < num; ++i) {
-    CU_ASSERT((ssize_t)i == tree->lookup(names[i]));
+    assert_ssize((ssize_t)i, ==, tree->lookup(names[i]));
   }
 }
 
@@ -128,7 +143,7 @@ void test_shrpx_tls_cert_lookup_tree_add_ssl_ctx(void) {
   SSL_CTX_set_app_data(nghttp2_ssl_ctx, nghttp2_tls_ctx_data.get());
   rv = SSL_CTX_use_certificate_chain_file(nghttp2_ssl_ctx, nghttp2_certfile);
 
-  CU_ASSERT(1 == rv);
+  assert_int(1, ==, rv);
 
   static constexpr char examples_certfile[] =
       NGHTTP2_SRC_DIR "/test.example.com.pem";
@@ -139,7 +154,7 @@ void test_shrpx_tls_cert_lookup_tree_add_ssl_ctx(void) {
   SSL_CTX_set_app_data(examples_ssl_ctx, examples_tls_ctx_data.get());
   rv = SSL_CTX_use_certificate_chain_file(examples_ssl_ctx, examples_certfile);
 
-  CU_ASSERT(1 == rv);
+  assert_int(1, ==, rv);
 
   tls::CertLookupTree tree;
   std::vector<std::vector<SSL_CTX *>> indexed_ssl_ctx;
@@ -147,18 +162,19 @@ void test_shrpx_tls_cert_lookup_tree_add_ssl_ctx(void) {
   rv = tls::cert_lookup_tree_add_ssl_ctx(&tree, indexed_ssl_ctx,
                                          nghttp2_ssl_ctx);
 
-  CU_ASSERT(0 == rv);
+  assert_int(0, ==, rv);
 
   rv = tls::cert_lookup_tree_add_ssl_ctx(&tree, indexed_ssl_ctx,
                                          examples_ssl_ctx);
 
-  CU_ASSERT(0 == rv);
+  assert_int(0, ==, rv);
 
-  CU_ASSERT(-1 == tree.lookup(StringRef::from_lit("not-used.nghttp2.org")));
-  CU_ASSERT(0 == tree.lookup(StringRef::from_lit("test.nghttp2.org")));
-  CU_ASSERT(1 == tree.lookup(StringRef::from_lit("w.test.nghttp2.org")));
-  CU_ASSERT(2 == tree.lookup(StringRef::from_lit("www.test.nghttp2.org")));
-  CU_ASSERT(3 == tree.lookup(StringRef::from_lit("test.example.com")));
+  assert_ssize(-1, ==,
+               tree.lookup(StringRef::from_lit("not-used.nghttp2.org")));
+  assert_ssize(0, ==, tree.lookup(StringRef::from_lit("test.nghttp2.org")));
+  assert_ssize(1, ==, tree.lookup(StringRef::from_lit("w.test.nghttp2.org")));
+  assert_ssize(2, ==, tree.lookup(StringRef::from_lit("www.test.nghttp2.org")));
+  assert_ssize(3, ==, tree.lookup(StringRef::from_lit("test.example.com")));
 }
 
 template <size_t N, size_t M>
@@ -168,30 +184,32 @@ bool tls_hostname_match_wrapper(const char (&pattern)[N],
 }
 
 void test_shrpx_tls_tls_hostname_match(void) {
-  CU_ASSERT(tls_hostname_match_wrapper("example.com", "example.com"));
-  CU_ASSERT(tls_hostname_match_wrapper("example.com", "EXAMPLE.com"));
+  assert_true(tls_hostname_match_wrapper("example.com", "example.com"));
+  assert_true(tls_hostname_match_wrapper("example.com", "EXAMPLE.com"));
 
   // check wildcard
-  CU_ASSERT(tls_hostname_match_wrapper("*.example.com", "www.example.com"));
-  CU_ASSERT(tls_hostname_match_wrapper("*w.example.com", "www.example.com"));
-  CU_ASSERT(tls_hostname_match_wrapper("www*.example.com", "www1.example.com"));
-  CU_ASSERT(
+  assert_true(tls_hostname_match_wrapper("*.example.com", "www.example.com"));
+  assert_true(tls_hostname_match_wrapper("*w.example.com", "www.example.com"));
+  assert_true(
+      tls_hostname_match_wrapper("www*.example.com", "www1.example.com"));
+  assert_true(
       tls_hostname_match_wrapper("www*.example.com", "WWW12.EXAMPLE.com"));
   // at least 2 dots are required after '*'
-  CU_ASSERT(!tls_hostname_match_wrapper("*.com", "example.com"));
-  CU_ASSERT(!tls_hostname_match_wrapper("*", "example.com"));
+  assert_false(tls_hostname_match_wrapper("*.com", "example.com"));
+  assert_false(tls_hostname_match_wrapper("*", "example.com"));
   // '*' must be in left most label
-  CU_ASSERT(
-      !tls_hostname_match_wrapper("blog.*.example.com", "blog.my.example.com"));
+  assert_false(
+      tls_hostname_match_wrapper("blog.*.example.com", "blog.my.example.com"));
   // prefix is wrong
-  CU_ASSERT(
-      !tls_hostname_match_wrapper("client*.example.com", "server.example.com"));
+  assert_false(
+      tls_hostname_match_wrapper("client*.example.com", "server.example.com"));
   // '*' must match at least one character
-  CU_ASSERT(!tls_hostname_match_wrapper("www*.example.com", "www.example.com"));
+  assert_false(
+      tls_hostname_match_wrapper("www*.example.com", "www.example.com"));
 
-  CU_ASSERT(!tls_hostname_match_wrapper("example.com", "nghttp2.org"));
-  CU_ASSERT(!tls_hostname_match_wrapper("www.example.com", "example.com"));
-  CU_ASSERT(!tls_hostname_match_wrapper("example.com", "www.example.com"));
+  assert_false(tls_hostname_match_wrapper("example.com", "nghttp2.org"));
+  assert_false(tls_hostname_match_wrapper("www.example.com", "example.com"));
+  assert_false(tls_hostname_match_wrapper("example.com", "www.example.com"));
 }
 
 static X509 *load_cert(const char *path) {
@@ -207,14 +225,17 @@ static Address parse_addr(const char *ipaddr) {
   addrinfo hints{};
 
   hints.ai_family = AF_UNSPEC;
-  hints.ai_flags = AI_NUMERICHOST | AI_NUMERICSERV;
+  hints.ai_flags = AI_NUMERICHOST;
+#ifdef AI_NUMERICSERV
+  hints.ai_flags |= AI_NUMERICSERV;
+#endif
 
   addrinfo *res = nullptr;
 
   auto rv = getaddrinfo(ipaddr, "443", &hints, &res);
 
-  CU_ASSERT(0 == rv);
-  CU_ASSERT(nullptr != res);
+  assert_int(0, ==, rv);
+  assert_not_null(res);
 
   Address addr;
   addr.len = res->ai_addrlen;
@@ -234,7 +255,7 @@ void test_shrpx_tls_verify_numeric_hostname(void) {
     auto rv =
         tls::verify_numeric_hostname(cert, StringRef::from_lit(ipaddr), &addr);
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
@@ -247,7 +268,7 @@ void test_shrpx_tls_verify_numeric_hostname(void) {
     auto rv =
         tls::verify_numeric_hostname(cert, StringRef::from_lit(ipaddr), &addr);
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
@@ -260,7 +281,7 @@ void test_shrpx_tls_verify_numeric_hostname(void) {
     auto rv =
         tls::verify_numeric_hostname(cert, StringRef::from_lit(ipaddr), &addr);
 
-    CU_ASSERT(-1 == rv);
+    assert_int(-1, ==, rv);
 
     X509_free(cert);
   }
@@ -273,7 +294,7 @@ void test_shrpx_tls_verify_numeric_hostname(void) {
     auto rv =
         tls::verify_numeric_hostname(cert, StringRef::from_lit(ipaddr), &addr);
 
-    CU_ASSERT(-1 == rv);
+    assert_int(-1, ==, rv);
 
     X509_free(cert);
   }
@@ -286,7 +307,7 @@ void test_shrpx_tls_verify_numeric_hostname(void) {
     auto rv =
         tls::verify_numeric_hostname(cert, StringRef::from_lit(ipaddr), &addr);
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
@@ -299,7 +320,7 @@ void test_shrpx_tls_verify_dns_hostname(void) {
     auto rv = tls::verify_dns_hostname(
         cert, StringRef::from_lit("nghttp2.example.com"));
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
@@ -310,7 +331,7 @@ void test_shrpx_tls_verify_dns_hostname(void) {
     auto rv = tls::verify_dns_hostname(
         cert, StringRef::from_lit("www.nghttp2.example.com"));
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
@@ -320,7 +341,7 @@ void test_shrpx_tls_verify_dns_hostname(void) {
     auto cert = load_cert(NGHTTP2_SRC_DIR "/testdata/verify_hostname.crt");
     auto rv = tls::verify_dns_hostname(cert, StringRef::from_lit("localhost"));
 
-    CU_ASSERT(-1 == rv);
+    assert_int(-1, ==, rv);
 
     X509_free(cert);
   }
@@ -330,7 +351,7 @@ void test_shrpx_tls_verify_dns_hostname(void) {
     auto cert = load_cert(NGHTTP2_SRC_DIR "/testdata/nosan.crt");
     auto rv = tls::verify_dns_hostname(cert, StringRef::from_lit("localhost"));
 
-    CU_ASSERT(0 == rv);
+    assert_int(0, ==, rv);
 
     X509_free(cert);
   }
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-13 08:51:45 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-13 08:51:45 +0000
commit	b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8 (patch)
tree	e63c9ae918acedbe29bb3b67109da9615c08e5e6 /src/shrpx_tls_test.cc
parent	Adding upstream version 1.59.0. (diff)
download	nghttp2-b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8.tar.xz nghttp2-b008a9f667dfbe92c7275adec7d9b9d6b05c3ec8.zip