lib-ssl-iostream: Add support for creating server and client test SSL settings.

This is useful for building test cases with SSL support.

diff --git a/src/lib-ssl-iostream/Makefile.am b/src/lib-ssl-iostream/Makefile.am
index 81707d1a27a7bcb76d456330f0396528789f2ade..998a766e3486edbd45632176922514a089a1a7a4 100644 (file)
--- a/src/lib-ssl-iostream/Makefile.am
+++ b/src/lib-ssl-iostream/Makefile.am
@@ -23,7 +23,8 @@ endif
 
 libssl_iostream_la_SOURCES = \
        iostream-ssl.c \
-       iostream-ssl-context-cache.c
+       iostream-ssl-context-cache.c \
+       iostream-ssl-test.c
 
 noinst_HEADERS = \
        dovecot-openssl-common.h
@@ -31,7 +32,8 @@ noinst_HEADERS = \
 headers = \
        iostream-openssl.h \
        iostream-ssl.h \
-       iostream-ssl-private.h
+       iostream-ssl-private.h \
+       iostream-ssl-test.h
 
 pkginc_libdir=$(pkgincludedir)
 pkginc_lib_HEADERS = $(headers)

diff --git a/src/lib-ssl-iostream/iostream-ssl-test.c b/src/lib-ssl-iostream/iostream-ssl-test.c
new file mode 100644 (file)
index 0000000..30788ab
--- /dev/null
+++ b/src/lib-ssl-iostream/iostream-ssl-test.c
@@ -0,0 +1,157 @@
+/* Copyright (c) 2018 Dovecot authors, see the included COPYING file */
+
+#include "lib.h"
+
+#include "iostream-ssl.h"
+#include "iostream-ssl-test.h"
+
+static const char *test_ca_cert =
+       "-----BEGIN CERTIFICATE-----\n"
+       "MIIF4TCCA8mgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgYQxCzAJBgNVBAYTAk5M\n"
+       "MRMwEQYDVQQIDApHZWxkZXJsYW5kMRIwEAYDVQQHDAlCYXJuZXZlbGQxGjAYBgNV\n"
+       "BAoMEUNoaWNrZW4gQ29vcCBCLlYuMR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRo\n"
+       "b3JpdHkxEDAOBgNVBAMMB1Jvb3QgQ0EwIBcNMTgwMjA4MjEyODE2WhgPMjExODAx\n"
+       "MTUyMTI4MTZaMHgxCzAJBgNVBAYTAk5MMRMwEQYDVQQIDApHZWxkZXJsYW5kMRow\n"
+       "GAYDVQQKDBFDaGlja2VuIENvb3AgQi5WLjEeMBwGA1UECwwVQ2VydGlmaWNhdGUg\n"
+       "QXV0aG9yaXR5MRgwFgYDVQQDDA9JbnRlcm1lZGlhdGUgQ0EwggIiMA0GCSqGSIb3\n"
+       "DQEBAQUAA4ICDwAwggIKAoICAQDgwuwUQ387ALkBO2YAvLiOi0rhQMis+TY34tpN\n"
+       "96Xx9Jaa8gdiAW9y3l8hGFm1+Ens5ZukwMysUoP7rrI5s0XOgCTChzrB4dEnbWHj\n"
+       "2YUYUBVLTLqZ4PTbY6xyrjYHKol1govkU+wclmyeI+Os946U0HFubg+KuXGZ2oLM\n"
+       "iYAmur/oxickEwJX932KhzQS4xdT5o38cVv470ot6eNEAiZcufP/gBSjAyUd8Wge\n"
+       "bwpW64fE/0LyCXYZrK5LWG1dMPC8MpETb8uLAB33r6q3yLTcEWg79bes7SgNrQdx\n"
+       "ncUXBoh8YSJvniZQ6OhwENPGTNhZWzgltDZHASyKXY2ojV70D8iiy/uB+owPSTla\n"
+       "txnu7z8B4kVCBWhCUizk7upjZNA0aFutjEHyYLtxqbTon+iLYm7M4iaga23YBdMU\n"
+       "1QVtulmUY6dcjTJ8GG3uo+qglPKuSodLSb23ovxAdVdIF+BNukd18ZhEIAe08hbw\n"
+       "YBHUYsKNkTMYcwxSgK3yQ4tQw0Cky4wAdsDv1XBK0LZ8+wnuWjnrnO/TRvgLWRU4\n"
+       "qI36OEMk9T0bxi+UwP3mzu78OoMCCdf67ccZ2/zFfHg+dqTBc9zV0sYJ/RQvmEN1\n"
+       "KDgqJAhz+VkDzTBiQYxoztTgBv9yxYufFvwZX4uhsvtMXUuRfvoVwK16vPXnMHwF\n"
+       "muIvwwIDAQABo2YwZDAdBgNVHQ4EFgQUWv/zcVnDWf53C2iN9f6uyUmhp1EwHwYD\n"
+       "VR0jBBgwFoAUsSOnSayEpzvbN21MEQGEyVKx+kIwEgYDVR0TAQH/BAgwBgEB/wIB\n"
+       "ADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAJUlgJIHnnclDQMn\n"
+       "PSmruCl7bCRvLZYQtSiIv3/K4kPXJMYOvULoXGLA0+CdHoo06k8/TLk7gF1gNCPr\n"
+       "23z2+SCIuvVrVlveWyqD684yQ3UYeWoJnOv90F19267uELrWX4UMVE+z1r7iULyw\n"
+       "cxQokw6EGjw7xHiVETvNlHlmA0/8IuZv89CTztOP54NAXqu8WeloL/ipEhgj1HRx\n"
+       "TkuDf6SlTQ+mXKbiVJFiEA6rOsYFGGWE/SDNbLfx60OoHz0rQ95zw0rv/wPs1Oai\n"
+       "x71Ccuz/i2iI7ItXjQcUEcXvIDFJEMNXDaccIVmk1uda0Cm92W/sGc4vG2LUwEpl\n"
+       "LRj/x4Q39WaZTCrZzd6p2+6tYA45VnoblZ0enYU5XcQzryR/GC7VWFH1OvzOcSG5\n"
+       "NhpKIiWZvuMG5ilXyw7yh7cnWiPvGp8zCO7w1IOyk8sETQBstxuiALeEdrgdz6R5\n"
+       "jV5oIqsCmsIihfRgNufx/SImTJvue4uYgrKa4jo1tw+CFkEWPd7zXjferkxyU8C5\n"
+       "Y+Fr3yMuis5O4qa5mb94r0AQhc8MbCAuInSqNGX0Iu/UTg6Z+56omA2CnKGt6Rwd\n"
+       "LxLo2vhT9gTF88QwTMBPlhVjBbjTRhmY+mHv9gh3GczQ/i5VRXyYQH4h7EBtKFFI\n"
+       "t4mBWMavY+hS/zVkufYzUcUR7D1P\n"
+       "-----END CERTIFICATE-----\n"
+       "-----BEGIN CERTIFICATE-----\n"
+       "MIIF8jCCA9qgAwIBAgIJAN0zFa9E/xyxMA0GCSqGSIb3DQEBCwUAMIGEMQswCQYD\n"
+       "VQQGEwJOTDETMBEGA1UECAwKR2VsZGVybGFuZDESMBAGA1UEBwwJQmFybmV2ZWxk\n"
+       "MRowGAYDVQQKDBFDaGlja2VuIENvb3AgQi5WLjEeMBwGA1UECwwVQ2VydGlmaWNh\n"
+       "dGUgQXV0aG9yaXR5MRAwDgYDVQQDDAdSb290IENBMCAXDTE4MDIwODIxMjA1NloY\n"
+       "DzIyMTcxMjIyMjEyMDU2WjCBhDELMAkGA1UEBhMCTkwxEzARBgNVBAgMCkdlbGRl\n"
+       "cmxhbmQxEjAQBgNVBAcMCUJhcm5ldmVsZDEaMBgGA1UECgwRQ2hpY2tlbiBDb29w\n"
+       "IEIuVi4xHjAcBgNVBAsMFUNlcnRpZmljYXRlIEF1dGhvcml0eTEQMA4GA1UEAwwH\n"
+       "Um9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKMvVLNtj1C+\n"
+       "ZQ4ypNIA5+zB8oseN65k8VqpyhcPAQv0M/HvOB8jXzWH4v1VfKOYkTxQXqu4v0RP\n"
+       "6k0awe/6FH0GDlYhKUuPNDH2djlGOVbq+qBdSXpC3UjEcksxIuigCmzdkuytnlhW\n"
+       "qQYnLVl6kXwYtzjWsetTZBGseCpSYBWnvdtG/MGQNozi03VsGFkj/fbwuLK7ZHVp\n"
+       "64QLk9j3IPZRPHUaFlnT+v2ySMjO8OncsZ/fMZ/nxmt8GJ/68cMy9czydauz2KZs\n"
+       "pQEFS6s/HCmRXT1VQZ7zw5V/PBnF7ecveTaQtxJoNO4Pr7sh77El/ChUxN1Acw4N\n"
+       "2UH/06k6xnirLsvJonCRbVX3bxPBoDzGHjPqb7r0AKD0WBvrzgjeooSjobEtcIvA\n"
+       "LntiGKp4KtvWKcANPWkutH9X71U7M773oMmrz5fWvz9yv3wVuyblZSaMBwrV16GX\n"
+       "mcym6KF+Oj7j86jNq4wxNtjiQVV0QZcBijtnWpHaD5EMhI/TZvLK9oCFyAL92Wzi\n"
+       "t95r8g3D/8ue0CHqB/EpodH88MdVwr7sgxLQ40KibpErOXb93CJnq/7MVMO/EzTj\n"
+       "4XiGGUOo0elLqEPjzBO6AiGEgXAE2iNoghX79cbMQFtk9sK7XdMVLoXwBvt+Naaz\n"
+       "w96+7R+rZ4SsfrtlrP7xoCPJXbeQ4YI9AgMBAAGjYzBhMB0GA1UdDgQWBBSxI6dJ\n"
+       "rISnO9s3bUwRAYTJUrH6QjAfBgNVHSMEGDAWgBSxI6dJrISnO9s3bUwRAYTJUrH6\n"
+       "QjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF\n"
+       "AAOCAgEAQ30mub/GBwThYX3h9p01kQh+/eXXQ47h1xG3B870EwJ2y36wlGbAhZmE\n"
+       "7o1kDZwhNMR4NxT2PSWQHn8m6RiuSGAG9DU2q55tPEZg2DqkQmoCFvV3n2MVIAwL\n"
+       "rZ8c9EaoM5RkeeDBmuVo8H1aCvd5oLJ5j64z6wkgsSRwVXkxQLOAEdmRSVHN/c/6\n"
+       "QEdg0Uh5wkeC7R5wiwQUEkhLie+XwUPG7dIJHWp9g5oVO7IN+KWBLWiqbAJhVFhF\n"
+       "evOSqGDRV/Q2kfwSqDRrokk7CaE8KO/i+AUTF4TFQc/ewCLSeBSkvV7ORXBbe7ob\n"
+       "ShGViL7WEngpGAVoDZEsSViXQ36a5zxCvYcGjHcsKUITPMiD55x0aKNWjc0XfEg4\n"
+       "JtWvYWwygxTcefbs9pxHrmEnyCPpyDB8cPj866JAeaEAhxhDtSqaBE/ek576aJ+Z\n"
+       "ZaGjBQDDhRndLhTPAx1EXB8jgl/yjD+KMUqHs39UowKH25iBxMiW3R1XDIyYFGyi\n"
+       "+UFP+5NgokW/z6JfpUYd4W3jRcareS10UrLQC8tk4vvixk+1MuNKmzBy2eRITYZz\n"
+       "KiYX6NTvbvRt6XsKil8ypHKvWH+i2Cn3JrnTaCzJ4y66lnbRs4/ZnRceqRz35i39\n"
+       "rNT5Ier3SjmyIulxnmoYXHInIcS0TSV1+byyaTUCHKHLx12RxAM=\n"
+       "-----END CERTIFICATE-----\n";
+
+static const char *test_server_cert =
+       "-----BEGIN CERTIFICATE-----\n"
+       "MIIF+jCCA+KgAwIBAgICEAEwDQYJKoZIhvcNAQELBQAweDELMAkGA1UEBhMCTkwx\n"
+       "EzARBgNVBAgMCkdlbGRlcmxhbmQxGjAYBgNVBAoMEUNoaWNrZW4gQ29vcCBCLlYu\n"
+       "MR4wHAYDVQQLDBVDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxGDAWBgNVBAMMD0ludGVy\n"
+       "bWVkaWF0ZSBDQTAeFw0xODAyMDkwMDI4NThaFw0xOTAyMTkwMDI4NThaMIGzMQsw\n"
+       "CQYDVQQGEwJOTDETMBEGA1UECAwKR2VsZGVybGFuZDESMBAGA1UEBwwJQmFybmV2\n"
+       "ZWxkMRowGAYDVQQKDBFDaGlja2VuIENvb3AgQi5WLjEiMCAGA1UECwwZQ2hpY2tl\n"
+       "biBDb29wIFdlYiBTZXJ2aWNlczESMBAGA1UEAwwJMTI3LjAuMC4xMScwJQYJKoZI\n"
+       "hvcNAQkBFhhoZW5uaWVAY2hpY2tlbmNvb3AubG9jYWwwggEiMA0GCSqGSIb3DQEB\n"
+       "AQUAA4IBDwAwggEKAoIBAQCrOr07vb9pxtb6jNMrmYjRdia5hhIZ3/NOHCbA6c45\n"
+       "APxHMs8XULRjIdUz6eAHU/FlR7KwomiDne1fw6b9cLBvExBuD0siEyDXR9WL3FYs\n"
+       "FoWe0XGvZlSX1BSpJk1Z0UqwEnX+IXjoKzXXT3gRPPMuVK7KyYQEIh5iiq865VdB\n"
+       "kiOlOdvObbZtC1MGFlqF0SMfZUgTwJIbC3M5XwoyAsoGItQKqC9o08z1EfFyWWa+\n"
+       "8eOFl6PX0b//6D1KzOUR0PEFaYM+uhUrez1RQgv0INSgadPEWLXtCJduUwEXauoa\n"
+       "EOeOfl3/1a4mW9ne0308B8Fhdl7e6BCdhaY+vePjblQxAgMBAAGjggFQMIIBTDAJ\n"
+       "BgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIGQDAzBglghkgBhvhCAQ0EJhYkT3Bl\n"
+       "blNTTCBHZW5lcmF0ZWQgU2VydmVyIENlcnRpZmljYXRlMB0GA1UdDgQWBBQ88RqS\n"
+       "FxBcy0IDpJHe7C0yct9/ojCBsgYDVR0jBIGqMIGngBRa//NxWcNZ/ncLaI31/q7J\n"
+       "SaGnUaGBiqSBhzCBhDELMAkGA1UEBhMCTkwxEzARBgNVBAgMCkdlbGRlcmxhbmQx\n"
+       "EjAQBgNVBAcMCUJhcm5ldmVsZDEaMBgGA1UECgwRQ2hpY2tlbiBDb29wIEIuVi4x\n"
+       "HjAcBgNVBAsMFUNlcnRpZmljYXRlIEF1dGhvcml0eTEQMA4GA1UEAwwHUm9vdCBD\n"
+       "QYICEAAwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqG\n"
+       "SIb3DQEBCwUAA4ICAQCrhOLJSybqOKyijnVbmwqp7k/r/L1HJ/3Iq3EqhdmoPEN7\n"
+       "Yc9toBZDgQGbVXCVE+V138N2JfNAtBbS651UkpJVrT3lBnkd2H9FKCZlbl8AOW+0\n"
+       "rgcTau8bo32YzsApIaNhxnMRScyqN102eBzUOjuEtGfmtUuVIRki91oXulIJ329B\n"
+       "EblPdeaEwYN9IdT44QqjAc0iimcrO7aVqC5nBkemuVkIBrAtTic2E6uoNHuaL3yt\n"
+       "PtRbPJNsDUrm0T9xJq4HowQvZcXhjHl480K40zymh5e5JGsjyRwTMZps2Pqv8MFx\n"
+       "SaL7kFlHCHOWpH3jZxP9z/21vW4gSOS283BctC72otwTwqGhKJ4pCHhNHeRzNbU/\n"
+       "FoyrgJs0oVQk8uQdyLjxDsLoPq4/ebfvVn96Bp83qXPYADRvu891/IitAlDTq+1+\n"
+       "WXXlI3kPpH7WlsNCY5mntNs8ulANxAFhcGFqE9gaNdCKENfsn6J+cseLnZpB42nD\n"
+       "/ixngHK/Zn8CRCB9FqFh040IHNjTNYFYPOaSuoOZIbLbjUjOqPu3h1rLBmVFG9TW\n"
+       "0SqheVvD/OVme1jsZC0hJhnRlrM6ymPtx4nU0Hyipwour0tl4FXSRedmeNIMTvm4\n"
+       "LjZJlihGxHaWQx71q9Pz1z81+T/U6gguYYqVWHKWrZeFCIaB9HtwfmVkz45etw==\n"
+       "-----END CERTIFICATE-----\n";
+
+static const char *test_server_key =
+       "-----BEGIN RSA PRIVATE KEY-----\n"
+       "MIIEpQIBAAKCAQEAqzq9O72/acbW+ozTK5mI0XYmuYYSGd/zThwmwOnOOQD8RzLP\n"
+       "F1C0YyHVM+ngB1PxZUeysKJog53tX8Om/XCwbxMQbg9LIhMg10fVi9xWLBaFntFx\n"
+       "r2ZUl9QUqSZNWdFKsBJ1/iF46Cs11094ETzzLlSuysmEBCIeYoqvOuVXQZIjpTnb\n"
+       "zm22bQtTBhZahdEjH2VIE8CSGwtzOV8KMgLKBiLUCqgvaNPM9RHxcllmvvHjhZej\n"
+       "19G//+g9SszlEdDxBWmDProVK3s9UUIL9CDUoGnTxFi17QiXblMBF2rqGhDnjn5d\n"
+       "/9WuJlvZ3tN9PAfBYXZe3ugQnYWmPr3j425UMQIDAQABAoIBAQCl9P15zJOcEtND\n"
+       "7X+yT1HTKf+oarBakbtAZnqNGU794t2gqDcdcuQS/LSmZzPyBkL+Fbq0BgTkJAnw\n"
+       "ejH8i98FGOYgtgPtF7sJzJ7Fup1uh7mkT30vMjAlI7GOrAfmWLpZ4tqnn4uPAmph\n"
+       "r61Aj+Fmcz8iXqPsWaE3gxEJNUUXz9SN2I7HK8jtCvbVLYSsmDahUto4lNb5QoH7\n"
+       "OWslVpb7g38e0FmD/gou2+gUDh+pj99GHXzP4I1CJWIqQSpyRUtafGeFqmmoIj3K\n"
+       "0KTeJYDv173mwTA+B8OCAGC2SQvOAGVtxG8bEoGhHbmYuSvUMtEVChAttz/X0Eu1\n"
+       "vS8CBsaNAoGBAOC0Ss4RJm3h/LQeS2vGDirdNfFnUeSOyFwg/XenvvGwBY1PyWQ3\n"
+       "QLq4P8uLIGDGiB6okk65SVwfjjkMEw9wz3NlQEjeJXcc1tZprM2Om2kb8qbU1BSl\n"
+       "dyKiRSE4TXKvqY0bqSBFWpkgI5PQ8aaJaGB5mzkbgE+SDf+oU6sg1B7LAoGBAMMT\n"
+       "1OYKx1ZfLw6XnuoU36wuPLBQQ204VE+IUBJH98KMWBFOpaST+9/LfSAUYJb+WgX3\n"
+       "/hQJY26Mv6zk22+sRHrNIMKnNzXJkD0dQ8K3QxO5Z5l4JgoCglcpzqkZ7Arrh4V3\n"
+       "nALy2qEhe7nKTqd+VcOfyzskDtf4BUsNLQjthp1zAoGBAIpmwgR2j8LyhKG0XyP8\n"
+       "k1FXexg7WTd7snD8aOJAUd2vW1wUnqi5V4cqYTDPepvg7IplregLO+IgFYuRolPK\n"
+       "WhxratL28QCSpMjfwe3CPnrZGfYj9JTa7axJYmb5tMpE5Bvjw6H61binEQLEmXLI\n"
+       "A6AYhsD/7WIVRcYIObCXwc9NAoGARWrUMrwZLRIX87Bem1usMGAPtooJRF9sGRUf\n"
+       "sTGs56z7VcVPyl3inkOSFg1KRdDjBga2gjjJCjjJqGOT9owtnilKhBnu2pQMYML+\n"
+       "Ltb55pXuWL1Zg+xap1u4L5KK3WPsyMDEYoQ66mW42mc0UAPzzvYY4sW1BoM6lvds\n"
+       "VCX55iMCgYEApFY4OWHGp5z/camMwNurMte6O7vupRbqZl1+MP9Qm3oAtk8hF8FH\n"
+       "B1vRmoCZBS4kckBWwOJT8Mmky0jZr+zOPtMxiEhN895td2xg8kEj/mm/CM+1SUTk\n"
+       "l9buQrxmlDCOhCzVfl+xWvAYMAFpcgwec1J4K7AjszkZdcLlsKdTZ+s=\n"
+       "-----END RSA PRIVATE KEY-----\n";
+
+void ssl_iostream_test_settings_server(struct ssl_iostream_settings *test_set)
+{
+       i_zero(test_set);
+       test_set->ca = test_ca_cert;
+       test_set->cert.cert = test_server_cert;
+       test_set->cert.key = test_server_key;
+       test_set->skip_crl_check = TRUE;
+}
+
+void ssl_iostream_test_settings_client(struct ssl_iostream_settings *test_set)
+{
+       i_zero(test_set);
+       test_set->ca = test_ca_cert;
+       test_set->skip_crl_check = TRUE;
+}

diff --git a/src/lib-ssl-iostream/iostream-ssl-test.h b/src/lib-ssl-iostream/iostream-ssl-test.h
new file mode 100644 (file)
index 0000000..82c5811
--- /dev/null
+++ b/src/lib-ssl-iostream/iostream-ssl-test.h
@@ -0,0 +1,9 @@
+#ifndef IOSTREAM_SSL_TEST_H
+#define IOSTREAM_SSL_TEST_H
+
+struct ssl_iostream_settings;
+
+void ssl_iostream_test_settings_server(struct ssl_iostream_settings *test_set);
+void ssl_iostream_test_settings_client(struct ssl_iostream_settings *test_set);
+
+#endif