1 /* This case tests client connect three times to server to see
2 if server actually clear the seesion materials.
3 */
4 #include "tx_api.h"
5 #include "nx_api.h"
6 #include "fx_api.h"
7 #include "nx_web_http_client.h"
8 #include "nx_web_http_server.h"
9
10 extern void test_control_return(UINT);
11
12 #if !defined(NX_DISABLE_IPV4) && defined(NX_WEB_HTTPS_ENABLE)
13
14 #include "test_device_cert.c"
15 #include "test_ca_cert.c"
16 #define ca_cert_der test_ca_cert_der
17 #define ca_cert_der_len test_ca_cert_der_len
18
19 #define DEMO_STACK_SIZE 4096
20
21 /* Set up FileX and file memory resources. */
22 static CHAR ram_disk_memory[4096];
23 static FX_MEDIA ram_disk;
24 static UCHAR media_memory[4096];
25
26 static UCHAR server_stack[16000];
27
28 /* Define device drivers. */
29 extern void _fx_ram_driver(FX_MEDIA *media_ptr);
30 extern void _nx_ram_network_driver_1024(NX_IP_DRIVER *driver_req_ptr);
31
32 /* Set up the HTTP client global variables. */
33
34 #define CLIENT_PACKET_SIZE (NX_WEB_HTTP_CLIENT_MIN_PACKET_SIZE * 2)
35
36 static TX_THREAD client_thread;
37 static NX_PACKET_POOL client_pool;
38 static NX_WEB_HTTP_CLIENT my_client;
39 static NX_IP client_ip;
40 static UINT error_counter;
41
42 /* Set up the HTTP server global variables */
43
44 #define SERVER_PACKET_SIZE (NX_WEB_HTTP_SERVER_MIN_PACKET_SIZE * 2)
45
46 static NX_WEB_HTTP_SERVER my_server;
47 static NX_PACKET_POOL server_pool;
48 static TX_THREAD server_thread;
49 static NX_IP server_ip;
50 static NXD_ADDRESS server_ip_address;
51
52 static void thread_client_entry(ULONG thread_input);
53 static void thread_server_entry(ULONG thread_input);
54
55 #define HTTP_SERVER_ADDRESS IP_ADDRESS(192,168,0,105)
56 #define HTTP_CLIENT_ADDRESS IP_ADDRESS(192,168,0,123)
57
58 static UINT https_server_start = 0;
59 static UINT https_client_stop = 0;
60 extern const NX_SECURE_TLS_CRYPTO nx_crypto_tls_ciphers;
61 static CHAR crypto_metadata_server[20000 * NX_WEB_HTTP_SERVER_SESSION_MAX];
62 static CHAR crypto_metadata_client[20000 * NX_WEB_HTTP_SERVER_SESSION_MAX];
63 static UCHAR tls_packet_buffer[18500];
64 static NX_SECURE_X509_CERT certificate;
65 static NX_SECURE_X509_CERT trusted_certificate;
66 static NX_SECURE_X509_CERT remote_certificate, remote_issuer;
67 static UCHAR remote_cert_buffer[2000];
68 static UCHAR remote_issuer_buffer[2000];
69
70
71 #ifdef CTEST
test_application_define(void * first_unused_memory)72 VOID test_application_define(void *first_unused_memory)
73 #else
74 void netx_web_secure_connect_fail_test_application_define(void *first_unused_memory)
75 #endif
76 {
77 CHAR *pointer;
78 UINT status;
79
80
81 error_counter = 0;
82
83 /* Setup the working pointer. */
84 pointer = (CHAR *) first_unused_memory;
85
86 /* Create a helper thread for the server. */
87 tx_thread_create(&server_thread, "HTTP Server thread", thread_server_entry, 0,
88 pointer, DEMO_STACK_SIZE,
89 NX_WEB_HTTP_SERVER_PRIORITY, NX_WEB_HTTP_SERVER_PRIORITY, TX_NO_TIME_SLICE, TX_AUTO_START);
90
91 pointer = pointer + DEMO_STACK_SIZE;
92
93 /* Initialize the NetX system. */
94 nx_system_initialize();
95
96 /* Create the server packet pool. */
97 status = nx_packet_pool_create(&server_pool, "HTTP Server Packet Pool", SERVER_PACKET_SIZE,
98 pointer, SERVER_PACKET_SIZE*8);
99 pointer = pointer + SERVER_PACKET_SIZE * 8;
100 if (status)
101 error_counter++;
102
103 /* Create an IP instance. */
104 status = nx_ip_create(&server_ip, "HTTP Server IP", HTTP_SERVER_ADDRESS,
105 0xFFFFFF00UL, &server_pool, _nx_ram_network_driver_1024,
106 pointer, 4096, 1);
107 pointer = pointer + 4096;
108 if (status)
109 error_counter++;
110
111 /* Enable ARP and supply ARP cache memory for the server IP instance. */
112 status = nx_arp_enable(&server_ip, (void *) pointer, 1024);
113 pointer = pointer + 1024;
114 if (status)
115 error_counter++;
116
117 /* Enable TCP traffic. */
118 status = nx_tcp_enable(&server_ip);
119 if (status)
120 error_counter++;
121
122 /* Create the HTTP Client thread. */
123 status = tx_thread_create(&client_thread, "HTTP Client", thread_client_entry, 0,
124 pointer, DEMO_STACK_SIZE,
125 NX_WEB_HTTP_SERVER_PRIORITY + 2, NX_WEB_HTTP_SERVER_PRIORITY + 2, TX_NO_TIME_SLICE, TX_AUTO_START);
126 pointer = pointer + DEMO_STACK_SIZE;
127 if (status)
128 error_counter++;
129
130 /* Create the Client packet pool. */
131 status = nx_packet_pool_create(&client_pool, "HTTP Client Packet Pool", CLIENT_PACKET_SIZE,
132 pointer, CLIENT_PACKET_SIZE*8);
133 pointer = pointer + CLIENT_PACKET_SIZE * 8;
134 if (status)
135 error_counter++;
136
137 /* Create an IP instance. */
138 status = nx_ip_create(&client_ip, "HTTP Client IP", HTTP_CLIENT_ADDRESS,
139 0xFFFFFF00UL, &client_pool, _nx_ram_network_driver_1024,
140 pointer, 2048, 1);
141 pointer = pointer + 2048;
142 if (status)
143 error_counter++;
144
145 status = nx_arp_enable(&client_ip, (void *) pointer, 1024);
146 pointer = pointer + 2048;
147 if (status)
148 error_counter++;
149
150 /* Enable TCP traffic. */
151 status = nx_tcp_enable(&client_ip);
152 if (status)
153 error_counter++;
154 }
155
156 /* Define the TLS setup callback function. */
tls_setup_callback(NX_WEB_HTTP_CLIENT * client_ptr,NX_SECURE_TLS_SESSION * tls_session)157 static UINT tls_setup_callback(NX_WEB_HTTP_CLIENT *client_ptr, NX_SECURE_TLS_SESSION *tls_session)
158 {
159 UINT status;
160
161
162 /* Initialize and create TLS session. */
163 status = nx_secure_tls_session_create(tls_session, &nx_crypto_tls_ciphers, crypto_metadata_client, sizeof(crypto_metadata_client));
164
165 /* Check status. */
166 if (status)
167 {
168 return(status);
169 }
170
171 /* Allocate space for packet reassembly. */
172 status = nx_secure_tls_session_packet_buffer_set(&(client_ptr -> nx_web_http_client_tls_session), tls_packet_buffer, sizeof(tls_packet_buffer));
173
174 /* Check status. */
175 if (status)
176 {
177 return(status);
178 }
179
180 /* Add a CA Certificate to our trusted store for verifying incoming server certificates. */
181 nx_secure_x509_certificate_initialize(&trusted_certificate, ca_cert_der, ca_cert_der_len, NX_NULL, 0, NULL, 0, NX_SECURE_X509_KEY_TYPE_NONE);
182 nx_secure_tls_trusted_certificate_add(&(client_ptr -> nx_web_http_client_tls_session), &trusted_certificate);
183
184 /* Need to allocate space for the certificate coming in from the remote host. */
185 nx_secure_tls_remote_certificate_allocate(&(client_ptr -> nx_web_http_client_tls_session), &remote_certificate, remote_cert_buffer, sizeof(remote_cert_buffer));
186 nx_secure_tls_remote_certificate_allocate(&(client_ptr -> nx_web_http_client_tls_session), &remote_issuer, remote_issuer_buffer, sizeof(remote_issuer_buffer));
187
188 return(NX_SUCCESS);
189 }
190
tls_setup_callback_fail(NX_WEB_HTTP_CLIENT * client_ptr,NX_SECURE_TLS_SESSION * tls_session)191 static UINT tls_setup_callback_fail(NX_WEB_HTTP_CLIENT *client_ptr, NX_SECURE_TLS_SESSION *tls_session)
192 {
193 return(1);
194 }
195
thread_client_entry(ULONG thread_input)196 void thread_client_entry(ULONG thread_input)
197 {
198 UINT status;
199 NX_PACKET *recv_packet;
200
201
202 /* Give IP task and driver a chance to initialize the system. */
203 tx_thread_sleep(NX_IP_PERIODIC_RATE);
204
205 /* Set server IP address. */
206 server_ip_address.nxd_ip_address.v4 = HTTP_SERVER_ADDRESS;
207 server_ip_address.nxd_ip_version = NX_IP_VERSION_V4;
208
209 /* Wait HTTPS server started. */
210 while (!https_server_start)
211 {
212 tx_thread_sleep(NX_IP_PERIODIC_RATE);
213 }
214
215 /* Create an HTTP client instance. */
216 status = nx_web_http_client_create(&my_client, "HTTP Client", &client_ip, &client_pool, 1536);
217
218 /* Check status. */
219 if (status)
220 error_counter++;
221
222 /* Secure connect fail. */
223 status = nx_web_http_client_secure_connect(&my_client, &server_ip_address, NX_WEB_HTTPS_SERVER_PORT,
224 tls_setup_callback_fail, NX_IP_PERIODIC_RATE);
225 if (!status)
226 error_counter++;
227
228 /* Send a GET request. */
229 status = nx_web_http_client_get_secure_start(&my_client, &server_ip_address,
230 NX_WEB_HTTPS_SERVER_PORT, "/index.htm",
231 "www.abc.com", "name", "password",
232 tls_setup_callback, NX_WAIT_FOREVER);
233
234 /* Check status. */
235 if (status)
236 error_counter++;
237
238 /* Get response from server. */
239 while (1)
240 {
241 status = nx_web_http_client_response_body_get(&my_client, &recv_packet, 1 * NX_IP_PERIODIC_RATE);
242
243 if (status)
244 break;
245 else
246 nx_packet_release(recv_packet);
247 }
248
249 /* Check status. */
250 if (status != NX_WEB_HTTP_GET_DONE)
251 error_counter++;
252 else
253 nx_packet_release(recv_packet);
254
255 status = nx_web_http_client_delete(&my_client);
256 if (status)
257 error_counter++;
258
259 /* Set the flag. */
260 https_client_stop = 1;
261 }
262
263
264 /* Define the helper HTTP server thread. */
thread_server_entry(ULONG thread_input)265 void thread_server_entry(ULONG thread_input)
266 {
267 UINT status;
268 FX_FILE my_file;
269 UINT server_port = NX_WEB_HTTPS_SERVER_PORT;
270
271
272 /* Print out test information banner. */
273 printf("NetX Test: Web Secure Connect Fail Test..............................");
274
275 /* Check for earlier error. */
276 if(error_counter)
277 {
278 printf("ERROR!\n");
279 test_control_return(1);
280 }
281
282 fx_media_format(&ram_disk,
283 _fx_ram_driver, // Driver entry
284 ram_disk_memory, // RAM disk memory pointer
285 media_memory, // Media buffer pointer
286 sizeof(media_memory), // Media buffer size
287 "MY_RAM_DISK", // Volume Name
288 1, // Number of FATs
289 32, // Directory Entries
290 0, // Hidden sectors
291 256, // Total sectors
292 512, // Sector size
293 8, // Sectors per cluster
294 1, // Heads
295 1); // Sectors per track
296
297 /* Open the RAM disk. */
298 status = fx_media_open(&ram_disk, "RAM DISK", _fx_ram_driver, ram_disk_memory, media_memory, sizeof(media_memory)) ;
299 status += fx_file_create(&ram_disk, "index.htm");
300 status += fx_file_open(&ram_disk, &my_file, "index.htm", FX_OPEN_FOR_WRITE);
301 status += fx_file_write(&my_file, "https server", 12);
302 status += fx_file_close(&my_file);
303 if(status)
304 error_counter++;
305
306 /* Give NetX a chance to initialize the system. */
307 tx_thread_sleep(NX_IP_PERIODIC_RATE);
308
309 /* Create the HTTP Server. */
310 status = nx_web_http_server_create(&my_server, "My HTTP Server", &server_ip, server_port, &ram_disk,
311 &server_stack, sizeof(server_stack), &server_pool,
312 NX_NULL, NX_NULL);
313 if (status)
314 error_counter++;
315
316 /* Initialize device certificate (used for all sessions in HTTPS server). */
317 memset(&certificate, 0, sizeof(certificate));
318 nx_secure_x509_certificate_initialize(&certificate, test_device_cert_der, test_device_cert_der_len, NX_NULL, 0, test_device_cert_key_der, test_device_cert_key_der_len, NX_SECURE_X509_KEY_TYPE_RSA_PKCS1_DER);
319
320 /* Setup TLS session data for the TCP server. */
321 status = nx_web_http_server_secure_configure(&my_server, &nx_crypto_tls_ciphers,
322 crypto_metadata_server, sizeof(crypto_metadata_server), tls_packet_buffer, sizeof(tls_packet_buffer),
323 &certificate, NX_NULL, 0, NX_NULL, 0, NX_NULL, 0);
324 if (status)
325 error_counter++;
326
327 /* OK to start the HTTP Server. */
328 status = nx_web_http_server_start(&my_server);
329 if (status)
330 error_counter++;
331
332 /* Set the flag. */
333 https_server_start = 1;
334
335 /* Wait HTTPS test finished. */
336 while (!https_client_stop)
337 {
338 tx_thread_sleep(NX_IP_PERIODIC_RATE);
339 }
340
341 status = nx_web_http_server_delete(&my_server);
342 if (status)
343 error_counter++;
344
345 /* Check packet pool. */
346 if (server_pool.nx_packet_pool_available != server_pool.nx_packet_pool_total)
347 {
348 error_counter++;
349 }
350
351 if (client_pool.nx_packet_pool_available != client_pool.nx_packet_pool_total)
352 {
353 error_counter++;
354 }
355
356 if(error_counter)
357 {
358 printf("ERROR!\n");
359 test_control_return(1);
360 }
361 else
362 {
363 printf("SUCCESS!\n");
364 test_control_return(0);
365 }
366 }
367 #else
368
369 #ifdef CTEST
test_application_define(void * first_unused_memory)370 VOID test_application_define(void *first_unused_memory)
371 #else
372 void netx_web_secure_connect_fail_test_application_define(void *first_unused_memory)
373 #endif
374 {
375
376 /* Print out test information banner. */
377 printf("NetX Test: Web Secure Connect Fail Test..............................N/A\n");
378
379 test_control_return(3);
380 }
381 #endif
382
