3party/libzmq
0
0
Fork 0
mirror of https://github.com/zeromq/libzmq.git synced 2025-03-20 02:17:55 +00:00
Code Issues Packages Projects Releases Wiki Activity

test failed CURVE auth

Browse Source 
adds expect_bounce_fail test function

which is like bounce, but fails if messages arrive.
This commit is contained in:
MinRK 2013-08-30 17:56:59 -07:00
parent 0cac56fe52
commit 9d94640edc
3 changed files with 119 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
tests/test_security.cpp
View File

@ -248,22 +248,7 @@ int main (void)
assert (rc == 0); assert (rc == 0);
// Send message from inauthenticated client to server // Send message from inauthenticated client to server
const char *content = "12345678ABCDEFGH12345678abcdefgh"; expect_bounce_fail(server, client);
rc = zmq_send (client, content, 32, 0);
assert (rc == 32);
// Receive message at server side (shouldn't arrive)
// Set timeout
optsize = sizeof (int);
int timeout = 1000;
rc = zmq_setsockopt(server, ZMQ_RCVTIMEO, &timeout, optsize);
assert (rc == 0);
char buffer [32];
// Should raise EAGAIN, inauthenticated message should never arrive
rc = zmq_recv (server, buffer, 32, 0);
assert (rc == -1);
assert (zmq_errno() == EAGAIN);
rc = zmq_close (client); rc = zmq_close (client);
assert (rc == 0); assert (rc == 0);

81
tests/test_security_curve.cpp
View File

@ -25,7 +25,17 @@
static void zap_handler (void *zap) static void zap_handler (void *zap)
{ {
int timeout = 250;
int rc;
rc = zmq_setsockopt(zap, ZMQ_RCVTIMEO, &timeout, sizeof (int));
assert (rc == 0);
char *version = s_recv (zap); char *version = s_recv (zap);
if (version == NULL) {
printf("ZAP timeout\n");
rc = zmq_close(zap);
assert (rc == 0);
return;
}
char *sequence = s_recv (zap); char *sequence = s_recv (zap);
char *domain = s_recv (zap); char *domain = s_recv (zap);
char *address = s_recv (zap); char *address = s_recv (zap);
@ -52,10 +62,11 @@ static void zap_handler (void *zap)
free (mechanism); free (mechanism);
free (client_key); free (client_key);
int rc = zmq_close (zap); rc = zmq_close (zap);
assert (rc == 0); assert (rc == 0);
} }
int main (void) int main (void)
{ {
#ifndef HAVE_LIBSODIUM #ifndef HAVE_LIBSODIUM
@ -142,6 +153,74 @@ int main (void)
// Wait until ZAP handler terminates. // Wait until ZAP handler terminates.
zmq_threadclose(zap_thread); zmq_threadclose(zap_thread);
// Test that Curve rejects inauthenticated connections
// Use the wrong client key
strcpy(client_public, "1111222233334444555566667777888899990000");
// Server socket will accept connections
server = zmq_socket (ctx, ZMQ_DEALER);
assert (server);
// Client socket that will try to connect to server
client = zmq_socket (ctx, ZMQ_DEALER);
assert (client);
as_server = 1;
rc = zmq_setsockopt (server, ZMQ_CURVE_SERVER, &as_server, sizeof (int));
assert (rc == 0);
rc = zmq_setsockopt (server, ZMQ_CURVE_SECRETKEY, server_secret, 40);
assert (rc == 0);
rc = zmq_setsockopt(server, ZMQ_IDENTITY, "IDENT", 6);
assert (rc == 0);
rc = zmq_setsockopt (client, ZMQ_CURVE_SERVERKEY, server_public, 40);
assert (rc == 0);
rc = zmq_setsockopt (client, ZMQ_CURVE_PUBLICKEY, client_public, 40);
assert (rc == 0);
rc = zmq_setsockopt (client, ZMQ_CURVE_SECRETKEY, client_secret, 40);
assert (rc == 0);
// Test the client and server both have the right mechanism.
optsize = sizeof (int);
rc = zmq_getsockopt (client, ZMQ_MECHANISM, &mechanism, &optsize);
assert (rc == 0);
assert (mechanism == ZMQ_CURVE);
rc = zmq_getsockopt (server, ZMQ_MECHANISM, &mechanism, &optsize);
assert (rc == 0);
assert (mechanism == ZMQ_CURVE);
// Test the server bit on both client and server.
rc = zmq_getsockopt (client, ZMQ_CURVE_SERVER, &as_server, &optsize);
assert (rc == 0);
assert (as_server == 0);
rc = zmq_getsockopt (server, ZMQ_CURVE_SERVER, &as_server, &optsize);
assert (rc == 0);
assert (as_server == 1);
// Create and bind ZAP socket
zap = zmq_socket (ctx, ZMQ_REP);
assert (zap);
rc = zmq_bind (zap, "inproc://zeromq.zap.01");
assert (rc == 0);
zap_thread = zmq_threadstart(&zap_handler, zap);
rc = zmq_bind (server, "tcp://*:9997");
assert (rc == 0);
rc = zmq_connect (client, "tcp://localhost:9997");
assert (rc == 0);
expect_bounce_fail(server, client);
close_zero_linger (client);
rc = zmq_close (server);
assert (rc == 0);
// Wait until ZAP handler terminates.
zmq_threadclose(zap_thread);
// Shutdown // Shutdown
rc = zmq_ctx_term (ctx); rc = zmq_ctx_term (ctx);
assert (rc == 0); assert (rc == 0);

37
tests/testutil.hpp
View File

@ -83,6 +83,43 @@ bounce (void *server, void *client)
assert (memcmp (buffer, content, 32) == 0); assert (memcmp (buffer, content, 32) == 0);
} }
// Same as bounce, but expect messages to never arrive
// for security or subscriber reasons.
void
expect_bounce_fail (void *server, void *client)
{
const char *content = "12345678ABCDEFGH12345678abcdefgh";
char buffer [32];
// Send message from client to server
int rc = zmq_send (client, content, 32, ZMQ_SNDMORE);
assert (rc == 32);
rc = zmq_send (client, content, 32, 0);
assert (rc == 32);
// Receive message at server side (should not succeed)
int timeout = 250;
rc = zmq_setsockopt(server, ZMQ_RCVTIMEO, &timeout, sizeof (int));
assert (rc == 0);
rc = zmq_setsockopt(client, ZMQ_RCVTIMEO, &timeout, sizeof (int));
assert (rc == 0);
rc = zmq_recv (server, buffer, 32, 0);
assert (rc == -1);
assert (zmq_errno() == EAGAIN);
rc = zmq_send (server, content, 32, ZMQ_SNDMORE);
assert (rc == 32);
rc = zmq_send (server, content, 32, 0);
assert (rc == 32);
rc = zmq_recv (client, buffer, 32, 0);
assert (rc == -1);
assert (zmq_errno() == EAGAIN);
}
// Receive 0MQ string from socket and convert into C string // Receive 0MQ string from socket and convert into C string
// Caller must free returned string. Returns NULL if the context // Caller must free returned string. Returns NULL if the context
// is being terminated. // is being terminated.