2
0

testwebsock.c 7.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309
  1. /*
  2. * Copyright (c) 2018-2023 SignalWire, Inc
  3. *
  4. * Permission is hereby granted, free of charge, to any person obtaining a copy
  5. * of this software and associated documentation files (the "Software"), to deal
  6. * in the Software without restriction, including without limitation the rights
  7. * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
  8. * copies of the Software, and to permit persons to whom the Software is
  9. * furnished to do so, subject to the following conditions:
  10. *
  11. * The above copyright notice and this permission notice shall be included in all
  12. * copies or substantial portions of the Software.
  13. *
  14. * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  15. * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  16. * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  17. * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  18. * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  19. * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
  20. * SOFTWARE.
  21. */
  22. #include "libks/ks.h"
  23. #include <tap.h>
  24. #ifdef _WINDOWS_
  25. #undef unlink
  26. #define unlink _unlink
  27. #endif
  28. static char v4[48] = "";
  29. static char v6[48] = "";
  30. static int mask = 0;
  31. static int tcp_port = 8090;
  32. static char __MSG[] = "TESTING................................................................................/TESTING";
  33. typedef struct ssl_profile_s {
  34. const SSL_METHOD *ssl_method;
  35. SSL_CTX *ssl_ctx;
  36. char cert[512];
  37. char key[512];
  38. char chain[512];
  39. } ssl_profile_t;
  40. static int init_ssl(ssl_profile_t *profile)
  41. {
  42. const char *err = "";
  43. profile->ssl_ctx = SSL_CTX_new(profile->ssl_method); /* create context */
  44. assert(profile->ssl_ctx);
  45. /* Disable SSLv2 */
  46. SSL_CTX_set_options(profile->ssl_ctx, SSL_OP_NO_SSLv2);
  47. /* Disable SSLv3 */
  48. SSL_CTX_set_options(profile->ssl_ctx, SSL_OP_NO_SSLv3);
  49. /* Disable TLSv1 */
  50. SSL_CTX_set_options(profile->ssl_ctx, SSL_OP_NO_TLSv1);
  51. /* Disable Compression CRIME (Compression Ratio Info-leak Made Easy) */
  52. SSL_CTX_set_options(profile->ssl_ctx, SSL_OP_NO_COMPRESSION);
  53. /* set the local certificate from CertFile */
  54. if (!ks_zstr(profile->chain)) {
  55. if (!SSL_CTX_use_certificate_chain_file(profile->ssl_ctx, profile->chain)) {
  56. err = "CERT CHAIN FILE ERROR";
  57. goto fail;
  58. }
  59. }
  60. if (!SSL_CTX_use_certificate_file(profile->ssl_ctx, profile->cert, SSL_FILETYPE_PEM)) {
  61. err = "CERT FILE ERROR";
  62. goto fail;
  63. }
  64. /* set the private key from KeyFile */
  65. if (!SSL_CTX_use_PrivateKey_file(profile->ssl_ctx, profile->key, SSL_FILETYPE_PEM)) {
  66. err = "PRIVATE KEY FILE ERROR";
  67. goto fail;
  68. }
  69. /* verify private key */
  70. if ( !SSL_CTX_check_private_key(profile->ssl_ctx) ) {
  71. err = "PRIVATE KEY FILE ERROR";
  72. goto fail;
  73. }
  74. SSL_CTX_set_cipher_list(profile->ssl_ctx, "HIGH:!DSS:!aNULL@STRENGTH");
  75. return 1;
  76. fail:
  77. ks_log(KS_LOG_ERROR, "SSL ERR: %s\n", err);
  78. return 0;
  79. }
  80. struct tcp_data {
  81. ks_socket_t sock;
  82. ks_sockaddr_t addr;
  83. int ready;
  84. char *ip;
  85. ks_pool_t *pool;
  86. int ssl;
  87. ssl_profile_t client_profile;
  88. ssl_profile_t server_profile;
  89. };
  90. void server_callback(ks_socket_t server_sock, ks_socket_t client_sock, ks_sockaddr_t *addr, void *user_data)
  91. {
  92. struct tcp_data *tcp_data = (struct tcp_data *) user_data;
  93. ks_size_t bytes;
  94. kws_t *kws = NULL;
  95. kws_opcode_t oc;
  96. uint8_t *data;
  97. if (tcp_data->ssl) {
  98. tcp_data->server_profile.ssl_method = SSLv23_server_method();
  99. ks_set_string(tcp_data->server_profile.cert, "./testwebsock.pem");
  100. ks_set_string(tcp_data->server_profile.key, "./testwebsock.pem");
  101. ks_set_string(tcp_data->server_profile.chain, "./testwebsock.pem");
  102. init_ssl(&tcp_data->server_profile);
  103. }
  104. printf("WS %s SERVER SOCK %d connection from %s:%u\n", tcp_data->ssl ? "SSL" : "PLAIN", (int)server_sock, addr->host, addr->port);
  105. if (kws_init(&kws, client_sock, tcp_data->server_profile.ssl_ctx, NULL, KWS_BLOCK, tcp_data->pool) != KS_STATUS_SUCCESS) {
  106. printf("WS SERVER CREATE FAIL\n");
  107. goto end;
  108. }
  109. do {
  110. bytes = kws_read_frame(kws, &oc, &data);
  111. if (bytes <= 0) {
  112. printf("WS SERVER BAIL %s\n", strerror(ks_errno()));
  113. break;
  114. }
  115. printf("WS SERVER READ %ld bytes [%s]\n", (long)bytes, (char *)data);
  116. } while(ks_zstr_buf((char *)data) || strcmp((char *)data, __MSG));
  117. bytes = kws_write_frame(kws, WSOC_TEXT, (char *)data, strlen((char *)data));
  118. printf("WS SERVER WRITE %ld bytes\n", (long)bytes);
  119. end:
  120. ks_socket_close(&client_sock);
  121. kws_destroy(&kws);
  122. if (tcp_data->ssl) {
  123. SSL_CTX_free(tcp_data->server_profile.ssl_ctx);
  124. }
  125. printf("WS SERVER COMPLETE\n");
  126. }
  127. static void *tcp_sock_server(ks_thread_t *thread, void *thread_data)
  128. {
  129. struct tcp_data *tcp_data = (struct tcp_data *) thread_data;
  130. tcp_data->ready = 1;
  131. ks_listen_sock(tcp_data->sock, &tcp_data->addr, 0, server_callback, tcp_data);
  132. printf("WS THREAD DONE\n");
  133. return NULL;
  134. }
  135. static int test_ws(char *ip, int ssl)
  136. {
  137. ks_thread_t *thread_p = NULL;
  138. ks_pool_t *pool;
  139. ks_sockaddr_t addr;
  140. int family = AF_INET;
  141. ks_socket_t cl_sock = KS_SOCK_INVALID;
  142. struct tcp_data tcp_data = { 0 };
  143. int r = 1, sanity = 100;
  144. kws_t *kws = NULL;
  145. ks_pool_open(&pool);
  146. tcp_data.pool = pool;
  147. if (ssl) {
  148. tcp_data.ssl = 1;
  149. tcp_data.client_profile.ssl_method = SSLv23_client_method();
  150. ks_set_string(tcp_data.client_profile.cert, "./testwebsock.pem");
  151. ks_set_string(tcp_data.client_profile.key, "./testwebsock.pem");
  152. ks_set_string(tcp_data.client_profile.chain, "./testwebsock.pem");
  153. init_ssl(&tcp_data.client_profile);
  154. }
  155. if (strchr(ip, ':')) {
  156. family = AF_INET6;
  157. }
  158. if (ks_addr_set(&tcp_data.addr, ip, tcp_port, family) != KS_STATUS_SUCCESS) {
  159. r = 0;
  160. printf("WS CLIENT Can't set ADDR\n");
  161. goto end;
  162. }
  163. if ((tcp_data.sock = socket(family, SOCK_STREAM, IPPROTO_TCP)) == KS_SOCK_INVALID) {
  164. r = 0;
  165. printf("WS CLIENT Can't create sock family %d\n", family);
  166. goto end;
  167. }
  168. ks_socket_option(tcp_data.sock, SO_REUSEADDR, KS_TRUE);
  169. ks_socket_option(tcp_data.sock, TCP_NODELAY, KS_TRUE);
  170. tcp_data.ip = ip;
  171. ks_thread_create(&thread_p, tcp_sock_server, &tcp_data, pool);
  172. while(!tcp_data.ready && --sanity > 0) {
  173. ks_sleep(10000);
  174. }
  175. ks_addr_set(&addr, ip, tcp_port, family);
  176. cl_sock = ks_socket_connect(SOCK_STREAM, IPPROTO_TCP, &addr);
  177. printf("WS %s CLIENT SOCKET %d %s %d\n", ssl ? "SSL" : "PLAIN", (int)cl_sock, addr.host, addr.port);
  178. if (kws_init(&kws, cl_sock, tcp_data.client_profile.ssl_ctx, "/verto:tatooine.freeswitch.org:verto", KWS_BLOCK, pool) != KS_STATUS_SUCCESS) {
  179. printf("WS CLIENT CREATE FAIL\n");
  180. goto end;
  181. }
  182. kws_write_frame(kws, WSOC_TEXT, __MSG, strlen(__MSG));
  183. kws_opcode_t oc;
  184. uint8_t *data;
  185. ks_ssize_t bytes;
  186. bytes = kws_read_frame(kws, &oc, &data);
  187. printf("WS CLIENT READ %ld bytes [%s]\n", (long)bytes, (char *)data);
  188. end:
  189. kws_destroy(&kws);
  190. if (ssl) {
  191. SSL_CTX_free(tcp_data.client_profile.ssl_ctx);
  192. }
  193. if (tcp_data.sock != KS_SOCK_INVALID) {
  194. ks_socket_shutdown(tcp_data.sock, 2);
  195. ks_socket_close(&tcp_data.sock);
  196. }
  197. if (thread_p) {
  198. ks_thread_join(thread_p);
  199. }
  200. ks_socket_close(&cl_sock);
  201. ks_pool_close(&pool);
  202. return r;
  203. }
  204. int main(void)
  205. {
  206. int have_v4 = 0, have_v6 = 0;
  207. ks_find_local_ip(v4, sizeof(v4), &mask, AF_INET, NULL);
  208. ks_find_local_ip(v6, sizeof(v6), NULL, AF_INET6, NULL);
  209. ks_init();
  210. printf("IPS: v4: [%s] v6: [%s]\n", v4, v6);
  211. have_v4 = ks_zstr_buf(v4) ? 0 : 1;
  212. have_v6 = ks_zstr_buf(v6) ? 0 : 1;
  213. plan((have_v4 * 2) + (have_v6 * 2) + 1);
  214. ok(have_v4 || have_v6);
  215. if (have_v4 || have_v6) {
  216. ks_gen_cert(".", "testwebsock.pem");
  217. }
  218. if (have_v4) {
  219. ok(test_ws(v4, 0));
  220. ok(test_ws(v4, 1));
  221. }
  222. if (have_v6) {
  223. ok(test_ws(v6, 0));
  224. ok(test_ws(v6, 1));
  225. }
  226. unlink("./testwebsock.pem");
  227. ks_shutdown();
  228. done_testing();
  229. }