diff options
Diffstat (limited to 'test/basicserver')
-rw-r--r-- | test/basicserver/testbasicserver.cpp | 130 | ||||
-rwxr-xr-x[-rw-r--r--] | test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh | 0 | ||||
-rw-r--r-- | test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf | 1 | ||||
-rwxr-xr-x[-rw-r--r--] | test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh | 0 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv3-insecure-daemon.conf | 9 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv3-seclevel2-sha1.conf | 1 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv3-seclevel2-sha256.conf | 1 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv4-noseclevel.conf (renamed from test/basicserver/testfiles/srv4.conf) | 1 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv4-seclevel1.conf | 7 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv4-seclevel2-insecure.conf | 7 | ||||
-rw-r--r-- | test/basicserver/testfiles/srv4-seclevel2-secure.conf | 7 |
11 files changed, 142 insertions, 22 deletions
diff --git a/test/basicserver/testbasicserver.cpp b/test/basicserver/testbasicserver.cpp index 4aeded6c..b940b30f 100644 --- a/test/basicserver/testbasicserver.cpp +++ b/test/basicserver/testbasicserver.cpp @@ -15,18 +15,17 @@ #include <typeinfo> -#include "Test.h" -#include "Daemon.h" +#include "CollectInBufferStream.h" #include "Configuration.h" -#include "ServerStream.h" -#include "SocketStream.h" +#include "Daemon.h" #include "IOStreamGetLine.h" +#include "ServerControl.h" +#include "ServerStream.h" #include "ServerTLS.h" -#include "CollectInBufferStream.h" - +#include "SocketStream.h" +#include "Test.h" #include "TestContext.h" #include "autogen_TestProtocol.h" -#include "ServerControl.h" #include "MemLeakFindOn.h" @@ -98,7 +97,7 @@ void testservers_connection(SocketStream &rStream) while(!getline.IsEOF()) { std::string line; - while(!getline.GetLine(line)) + while(!getline.GetLine(line, false, SHORT_TIMEOUT)) ; if(line == "QUIT") { @@ -208,11 +207,16 @@ const ConfigurationVerify *testserver::GetConfigVerify() const } }; + static ConfigurationVerifyKey root_keys[] = + { + ssl_security_level_key, + }; + static ConfigurationVerify verify = { "root", /* mName */ verifyserver, /* mpSubConfigurations */ - 0, /* mpKeys */ + root_keys, // mpKeys ConfigTest_Exists | ConfigTest_LastEntry, 0 }; @@ -449,7 +453,7 @@ void TestStreamReceive(TestProtocolClient &protocol, int value, bool uncertainst TEST_THAT(count == (24273*3)); // over 64 k of data, definately } -bool test_security_level(int cert_level) +bool test_security_level(int cert_level, int test_level, bool expect_failure_on_connect = false) { int old_num_failures = num_failures; @@ -460,21 +464,24 @@ bool test_security_level(int cert_level) context.Initialise(false /* client */, "testfiles/clientCerts.pem", "testfiles/clientPrivKey.pem", - "testfiles/clientTrustedCAs.pem"); + "testfiles/clientTrustedCAs.pem", + test_level); // SecurityLevel } else if(cert_level == 1) { context.Initialise(false /* client */, "testfiles/seclevel2-sha1/ca/clients/1234567-cert.pem", "testfiles/seclevel2-sha1/bbackupd/1234567-key.pem", - "testfiles/seclevel2-sha1/ca/roots/serverCA.pem"); + "testfiles/seclevel2-sha1/ca/roots/serverCA.pem", + test_level); // SecurityLevel } else if(cert_level == 2) { context.Initialise(false /* client */, "testfiles/seclevel2-sha256/ca/clients/1234567-cert.pem", "testfiles/seclevel2-sha256/bbackupd/1234567-key.pem", - "testfiles/seclevel2-sha256/ca/roots/serverCA.pem"); + "testfiles/seclevel2-sha256/ca/roots/serverCA.pem", + test_level); // SecurityLevel } else { @@ -483,7 +490,17 @@ bool test_security_level(int cert_level) } SocketStreamTLS conn; - conn.Open(context, Socket::TypeINET, "localhost", 2003); + + if(expect_failure_on_connect) + { + TEST_CHECK_THROWS( + conn.Open(context, Socket::TypeINET, "localhost", 2003), + ConnectionException, TLSPeerWeakCertificate); + } + else + { + conn.Open(context, Socket::TypeINET, "localhost", 2003); + } return (num_failures == old_num_failures); // no new failures -> good } @@ -495,7 +512,25 @@ bool test_ancient_certificates() int old_num_failures = num_failures; // Level -1 (allow weaker, with warning) should pass with any certificates: - TEST_THAT(test_security_level(0)); // cert_level + TEST_THAT(test_security_level(0, -1)); // cert_level, test_level + + // We do not test level 0 (system-wide default) because the system + // may have it set high, and our old certificate will not be usable + // in that case, and the user has no way to fix that, so it's not a + // useful test. + + // Level 1 (allow weaker, without a warning) should pass with any certificates: + TEST_THAT(test_security_level(0, 1)); // cert_level, test_level + +#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL + // Level 2 (disallow weaker, without a warning) should NOT pass with old certificates: + TEST_CHECK_THROWS( + test_security_level(0, 2), // cert_level, test_level + ServerException, TLSServerWeakCertificate); +#else + // We have no way to increase the security level, so it should still pass: + test_security_level(0, 2); // cert_level, test_level +#endif return (num_failures == old_num_failures); // no new failures -> good } @@ -507,18 +542,58 @@ bool test_old_certificates() int old_num_failures = num_failures; // Level -1 (allow weaker, with warning) should pass with any certificates: - TEST_THAT(test_security_level(1)); // cert_level + TEST_THAT(test_security_level(1, -1)); // cert_level, test_level + + // We do not test level 0 (system-wide default) because the system + // may have it set high, and our old certificate will not be usable + // in that case, and the user has no way to fix that, so it's not a + // useful test. + + // Level 1 (allow weaker, without a warning) should pass with any certificates: + TEST_THAT(test_security_level(1, 1)); // cert_level, test_level + +#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL + // Level 2 (disallow weaker, without a warning) should NOT pass with old certificates: + TEST_CHECK_THROWS( + test_security_level(1, 2), // cert_level, test_level + ServerException, TLSServerWeakCertificate); +#else + // We have no way to increase the security level, so it should still pass: + test_security_level(1, 2); // cert_level, test_level +#endif return (num_failures == old_num_failures); // no new failures -> good } -bool test_new_certificates() +bool test_new_certificates(bool expect_failure_level_2) { int old_num_failures = num_failures; // Level -1 (allow weaker, with warning) should pass with any certificates: - TEST_THAT(test_security_level(2)); // cert_level + TEST_THAT(test_security_level(2, -1)); // cert_level, test_level + + // Level 0 (system dependent). This will fail if the user (or their + // distro) sets the system-wide security level very high. We check + // this because *we* may need to update Box Backup if this happens + // again, as it did when Debian increased the default level. + // Newly generated certificates may need to be strengthened. + // And we may need to update the documentation. + TEST_THAT(test_security_level(2, 0)); // cert_level, test_level + + // Level 1 (allow weaker, without a warning) should pass with any certificates: + TEST_THAT(test_security_level(2, 1)); // cert_level, test_level + +#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL + // Level 2 (disallow weaker, without a warning) should pass with new certificates, + // but might fail to connect to a peer with weak (insecure) certificates: + TEST_THAT(test_security_level(2, 2, expect_failure_level_2)); + // cert_level, test_level, expect_failure +#else + // We have no way to increase the security level, so it should not fail to connect to a + // daemon with weak certificates: + test_security_level(2, 2, false); // cert_level, test_level, expect_failure +#endif return (num_failures == old_num_failures); // no new failures -> good } @@ -588,7 +663,7 @@ int test(int argc, const char *argv[]) // Move the config file over #ifdef WIN32 - TEST_THAT(::unlink("testfiles" + TEST_THAT(EMU_UNLINK("testfiles" DIRECTORY_SEPARATOR "srv1.conf") != -1); #endif @@ -718,6 +793,7 @@ int test(int argc, const char *argv[]) "testfiles/clientCerts.pem", "testfiles/clientPrivKey.pem", "testfiles/clientTrustedCAs.pem"); + // SecurityLevel == -1 by default (old security + warnings) SocketStreamTLS conn1; conn1.Open(context, Socket::TypeINET, "localhost", 2003); @@ -786,7 +862,19 @@ int test(int argc, const char *argv[]) pid = LaunchServer(cmd, "testfiles/srv3.pid"); TEST_THAT(pid != -1 && pid != 0); - TEST_THAT(test_new_certificates()); + TEST_THAT(test_new_certificates(false)); // !expect_failure_level_2 + TEST_THAT(KillServer(pid)); + + // Start a daemon using old, insecure certificates. We should get an error when we + // try to connect to it: + + cmd = TEST_EXECUTABLE " --test-daemon-args="; + cmd += test_args; + cmd += " srv3 testfiles/srv3-insecure-daemon.conf"; + pid = LaunchServer(cmd, "testfiles/srv3.pid"); + + TEST_THAT(pid != -1 && pid != 0); + TEST_THAT(test_new_certificates(true)); // expect_failure_level_2 TEST_THAT(KillServer(pid)); } @@ -795,7 +883,7 @@ int test(int argc, const char *argv[]) { std::string cmd = TEST_EXECUTABLE " --test-daemon-args="; cmd += test_args; - cmd += " srv4 testfiles/srv4.conf"; + cmd += " srv4 testfiles/srv4-seclevel1.conf"; int pid = LaunchServer(cmd, "testfiles/srv4.pid"); TEST_THAT(pid != -1 && pid != 0); diff --git a/test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh b/test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh index 48e8cf8e..48e8cf8e 100644..100755 --- a/test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh +++ b/test/basicserver/testfiles/seclevel2-sha1/bbackupd/NotifySysadmin.sh diff --git a/test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf b/test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf index e8f2c104..671a13ac 100644 --- a/test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf +++ b/test/basicserver/testfiles/seclevel2-sha256/bbackupd.conf @@ -6,6 +6,7 @@ KeysFile = ./bbackupd/1234567-FileEncKeys.raw CertificateFile = ./bbackupd/1234567-cert.pem PrivateKeyFile = ./bbackupd/1234567-key.pem TrustedCAsFile = ./bbackupd/serverCA.pem +SSLSecurityLevel = 2 DataDirectory = /home/chris/boxbackup/test/basicserver/testfiles/seclevel2 diff --git a/test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh b/test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh index 48e8cf8e..48e8cf8e 100644..100755 --- a/test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh +++ b/test/basicserver/testfiles/seclevel2-sha256/bbackupd/NotifySysadmin.sh diff --git a/test/basicserver/testfiles/srv3-insecure-daemon.conf b/test/basicserver/testfiles/srv3-insecure-daemon.conf new file mode 100644 index 00000000..09cf352d --- /dev/null +++ b/test/basicserver/testfiles/srv3-insecure-daemon.conf @@ -0,0 +1,9 @@ +Server +{ + PidFile = testfiles/srv3.pid + ListenAddresses = inet:localhost,unix:testfiles/srv3.sock + CertificateFile = testfiles/seclevel2-sha256/ca/servers/localhost-cert-sha1.pem + PrivateKeyFile = testfiles/seclevel2-sha256/bbstored/localhost-key.pem + TrustedCAsFile = testfiles/seclevel2-sha256/ca/roots/clientCA.pem +} + diff --git a/test/basicserver/testfiles/srv3-seclevel2-sha1.conf b/test/basicserver/testfiles/srv3-seclevel2-sha1.conf index 01e0fe6d..93c0f99f 100644 --- a/test/basicserver/testfiles/srv3-seclevel2-sha1.conf +++ b/test/basicserver/testfiles/srv3-seclevel2-sha1.conf @@ -6,3 +6,4 @@ Server PrivateKeyFile = testfiles/seclevel2-sha1/bbstored/localhost-key.pem TrustedCAsFile = testfiles/seclevel2-sha1/ca/roots/clientCA.pem } + diff --git a/test/basicserver/testfiles/srv3-seclevel2-sha256.conf b/test/basicserver/testfiles/srv3-seclevel2-sha256.conf index 4db52361..58c267d4 100644 --- a/test/basicserver/testfiles/srv3-seclevel2-sha256.conf +++ b/test/basicserver/testfiles/srv3-seclevel2-sha256.conf @@ -6,3 +6,4 @@ Server PrivateKeyFile = testfiles/seclevel2-sha256/bbstored/localhost-key.pem TrustedCAsFile = testfiles/seclevel2-sha256/ca/roots/clientCA.pem } + diff --git a/test/basicserver/testfiles/srv4.conf b/test/basicserver/testfiles/srv4-noseclevel.conf index f05dff75..db22e95f 100644 --- a/test/basicserver/testfiles/srv4.conf +++ b/test/basicserver/testfiles/srv4-noseclevel.conf @@ -3,4 +3,3 @@ Server PidFile = testfiles/srv4.pid ListenAddresses = unix:testfiles/srv4.sock,inet:localhost } - diff --git a/test/basicserver/testfiles/srv4-seclevel1.conf b/test/basicserver/testfiles/srv4-seclevel1.conf new file mode 100644 index 00000000..cd90566c --- /dev/null +++ b/test/basicserver/testfiles/srv4-seclevel1.conf @@ -0,0 +1,7 @@ +Server +{ + PidFile = testfiles/srv4.pid + ListenAddresses = unix:testfiles/srv4.sock,inet:localhost +} + +SSLSecurityLevel = 1 diff --git a/test/basicserver/testfiles/srv4-seclevel2-insecure.conf b/test/basicserver/testfiles/srv4-seclevel2-insecure.conf new file mode 100644 index 00000000..5d8b1149 --- /dev/null +++ b/test/basicserver/testfiles/srv4-seclevel2-insecure.conf @@ -0,0 +1,7 @@ +Server +{ + PidFile = testfiles/srv4.pid + ListenAddresses = unix:testfiles/srv4.sock,inet:localhost +} + +SSLSecurityLevel = 2 diff --git a/test/basicserver/testfiles/srv4-seclevel2-secure.conf b/test/basicserver/testfiles/srv4-seclevel2-secure.conf new file mode 100644 index 00000000..5d8b1149 --- /dev/null +++ b/test/basicserver/testfiles/srv4-seclevel2-secure.conf @@ -0,0 +1,7 @@ +Server +{ + PidFile = testfiles/srv4.pid + ListenAddresses = unix:testfiles/srv4.sock,inet:localhost +} + +SSLSecurityLevel = 2 |