2020-11-03 06:17:01 +08:00
|
|
|
/***************************************************************************
|
|
|
|
* _ _ ____ _
|
|
|
|
* Project ___| | | | _ \| |
|
|
|
|
* / __| | | | |_) | |
|
|
|
|
* | (__| |_| | _ <| |___
|
|
|
|
* \___|\___/|_| \_\_____|
|
|
|
|
*
|
2022-05-17 17:16:50 +08:00
|
|
|
* Copyright (C) 2020 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
|
2020-11-03 06:17:01 +08:00
|
|
|
*
|
|
|
|
* This software is licensed as described in the file COPYING, which
|
|
|
|
* you should have received as part of this distribution. The terms
|
2020-11-04 21:02:01 +08:00
|
|
|
* are also available at https://curl.se/docs/copyright.html.
|
2020-11-03 06:17:01 +08:00
|
|
|
*
|
|
|
|
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
|
|
|
* copies of the Software, and permit persons to whom the Software is
|
|
|
|
* furnished to do so, under the terms of the COPYING file.
|
|
|
|
*
|
|
|
|
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
|
|
|
* KIND, either express or implied.
|
|
|
|
*
|
2022-05-17 17:16:50 +08:00
|
|
|
* SPDX-License-Identifier: curl
|
|
|
|
*
|
2020-11-03 06:17:01 +08:00
|
|
|
***************************************************************************/
|
|
|
|
#include "curlcheck.h"
|
|
|
|
|
|
|
|
#include "urldata.h"
|
|
|
|
#include "hsts.h"
|
|
|
|
|
|
|
|
static CURLcode
|
|
|
|
unit_setup(void)
|
|
|
|
{
|
|
|
|
return CURLE_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
unit_stop(void)
|
|
|
|
{
|
|
|
|
curl_global_cleanup();
|
|
|
|
}
|
|
|
|
|
2021-03-08 15:30:32 +08:00
|
|
|
#if defined(CURL_DISABLE_HTTP) || defined(CURL_DISABLE_HSTS)
|
2020-11-03 06:17:01 +08:00
|
|
|
UNITTEST_START
|
|
|
|
{
|
|
|
|
return 0; /* nothing to do when HTTP or HSTS are disabled */
|
|
|
|
}
|
|
|
|
UNITTEST_STOP
|
|
|
|
#else
|
|
|
|
|
|
|
|
struct testit {
|
|
|
|
const char *host;
|
|
|
|
const char *chost; /* if non-NULL, use to lookup with */
|
|
|
|
const char *hdr; /* if NULL, just do the lookup */
|
|
|
|
const CURLcode result; /* parse result */
|
|
|
|
};
|
|
|
|
|
|
|
|
static const struct testit headers[] = {
|
|
|
|
/* two entries read from disk cache, verify first */
|
|
|
|
{ "-", "readfrom.example", NULL, CURLE_OK},
|
|
|
|
{ "-", "old.example", NULL, CURLE_OK},
|
|
|
|
/* delete the remaining one read from disk */
|
|
|
|
{ "readfrom.example", NULL, "max-age=\"0\"", CURLE_OK},
|
|
|
|
|
|
|
|
{ "example.com", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
|
|
|
|
{ "example.com", NULL, "max-age=\"21536000\"\r\n", CURLE_OK },
|
|
|
|
{ "example.com", NULL, "max-age=\"21536000\"; \r\n", CURLE_OK },
|
|
|
|
{ "example.com", NULL, "max-age=\"21536000\"; includeSubDomains\r\n",
|
|
|
|
CURLE_OK },
|
|
|
|
{ "example.org", NULL, "max-age=\"31536000\"\r\n", CURLE_OK },
|
|
|
|
{ "this.example", NULL, "max=\"31536\";", CURLE_BAD_FUNCTION_ARGUMENT },
|
|
|
|
{ "this.example", NULL, "max-age=\"31536", CURLE_BAD_FUNCTION_ARGUMENT },
|
|
|
|
{ "this.example", NULL, "max-age=31536\"", CURLE_OK },
|
|
|
|
/* max-age=0 removes the entry */
|
|
|
|
{ "this.example", NULL, "max-age=0", CURLE_OK },
|
|
|
|
{ "another.example", NULL, "includeSubDomains; ",
|
|
|
|
CURLE_BAD_FUNCTION_ARGUMENT },
|
|
|
|
|
|
|
|
/* Two max-age is illegal */
|
|
|
|
{ "example.com", NULL,
|
|
|
|
"max-age=\"21536000\"; includeSubDomains; max-age=\"3\";",
|
|
|
|
CURLE_BAD_FUNCTION_ARGUMENT },
|
|
|
|
/* Two includeSubDomains is illegal */
|
|
|
|
{ "2.example.com", NULL,
|
|
|
|
"max-age=\"21536000\"; includeSubDomains; includeSubDomains;",
|
|
|
|
CURLE_BAD_FUNCTION_ARGUMENT },
|
|
|
|
/* use a unknown directive "include" that should be ignored */
|
|
|
|
{ "3.example.com", NULL, "max-age=\"21536000\"; include; includeSubDomains;",
|
|
|
|
CURLE_OK },
|
|
|
|
/* remove the "3.example.com" one, should still match the example.com */
|
|
|
|
{ "3.example.com", NULL, "max-age=\"0\"; includeSubDomains;",
|
|
|
|
CURLE_OK },
|
|
|
|
{ "-", "foo.example.com", NULL, CURLE_OK},
|
|
|
|
{ "-", "foo.xample.com", NULL, CURLE_OK},
|
|
|
|
|
|
|
|
/* should not match */
|
|
|
|
{ "example.net", "forexample.net", "max-age=\"31536000\"\r\n", CURLE_OK },
|
|
|
|
|
|
|
|
/* should not match either, since forexample.net is not in the example.net
|
|
|
|
domain */
|
|
|
|
{ "example.net", "forexample.net",
|
|
|
|
"max-age=\"31536000\"; includeSubDomains\r\n", CURLE_OK },
|
|
|
|
/* remove example.net again */
|
|
|
|
{ "example.net", NULL, "max-age=\"0\"; includeSubDomains\r\n", CURLE_OK },
|
|
|
|
|
|
|
|
/* make this live for 7 seconds */
|
|
|
|
{ "expire.example", NULL, "max-age=\"7\"\r\n", CURLE_OK },
|
2022-07-21 07:04:39 +08:00
|
|
|
{ NULL, NULL, NULL, CURLE_OK }
|
2020-11-03 06:17:01 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static void showsts(struct stsentry *e, const char *chost)
|
|
|
|
{
|
|
|
|
if(!e)
|
|
|
|
printf("'%s' is not HSTS\n", chost);
|
|
|
|
else {
|
|
|
|
printf("%s [%s]: %" CURL_FORMAT_CURL_OFF_T "%s\n",
|
|
|
|
chost, e->host, e->expires,
|
|
|
|
e->includeSubDomains ? " includeSubDomains" : "");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
UNITTEST_START
|
|
|
|
{
|
|
|
|
CURLcode result;
|
|
|
|
struct stsentry *e;
|
|
|
|
struct hsts *h = Curl_hsts_init();
|
|
|
|
int i;
|
|
|
|
const char *chost;
|
|
|
|
CURL *easy;
|
|
|
|
if(!h)
|
|
|
|
return 1;
|
2021-01-05 07:03:31 +08:00
|
|
|
|
|
|
|
curl_global_init(CURL_GLOBAL_ALL);
|
2020-11-03 06:17:01 +08:00
|
|
|
easy = curl_easy_init();
|
2021-01-05 07:03:31 +08:00
|
|
|
if(!easy) {
|
|
|
|
Curl_hsts_cleanup(&h);
|
|
|
|
curl_global_cleanup();
|
2020-11-03 06:17:01 +08:00
|
|
|
return 1;
|
2021-01-05 07:03:31 +08:00
|
|
|
}
|
2020-11-03 06:17:01 +08:00
|
|
|
|
2020-11-03 06:17:01 +08:00
|
|
|
Curl_hsts_loadfile(easy, h, "log/input1660");
|
2020-11-03 06:17:01 +08:00
|
|
|
|
|
|
|
for(i = 0; headers[i].host ; i++) {
|
|
|
|
if(headers[i].hdr) {
|
|
|
|
result = Curl_hsts_parse(h, headers[i].host, headers[i].hdr);
|
|
|
|
|
|
|
|
if(result != headers[i].result) {
|
|
|
|
fprintf(stderr, "Curl_hsts_parse(%s) failed: %d\n",
|
|
|
|
headers[i].hdr, result);
|
|
|
|
unitfail++;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
else if(result) {
|
|
|
|
printf("Input %u: error %d\n", i, (int) result);
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
chost = headers[i].chost ? headers[i].chost : headers[i].host;
|
|
|
|
e = Curl_hsts(h, chost, TRUE);
|
|
|
|
showsts(e, chost);
|
|
|
|
}
|
|
|
|
|
2020-11-24 05:42:07 +08:00
|
|
|
printf("Number of entries: %zu\n", h->list.size);
|
2020-11-03 06:17:01 +08:00
|
|
|
|
|
|
|
/* verify that it is exists for 7 seconds */
|
|
|
|
chost = "expire.example";
|
|
|
|
for(i = 100; i < 110; i++) {
|
|
|
|
e = Curl_hsts(h, chost, TRUE);
|
|
|
|
showsts(e, chost);
|
|
|
|
deltatime++; /* another second passed */
|
|
|
|
}
|
|
|
|
|
2020-11-03 06:17:01 +08:00
|
|
|
(void)Curl_hsts_save(easy, h, "log/hsts1660");
|
2020-11-03 06:17:01 +08:00
|
|
|
Curl_hsts_cleanup(&h);
|
2020-11-03 06:17:01 +08:00
|
|
|
curl_easy_cleanup(easy);
|
2021-01-05 07:03:31 +08:00
|
|
|
curl_global_cleanup();
|
2020-11-03 06:17:01 +08:00
|
|
|
return unitfail;
|
|
|
|
}
|
|
|
|
UNITTEST_STOP
|
|
|
|
#endif
|