1 #include "async_resp.hpp" 2 #include "http/http2_connection.hpp" 3 #include "http/http_request.hpp" 4 #include "http/http_response.hpp" 5 6 #include <nghttp2/nghttp2.h> 7 #include <unistd.h> 8 9 #include <boost/asio/buffer.hpp> 10 #include <boost/asio/impl/write.hpp> 11 #include <boost/asio/io_context.hpp> 12 #include <boost/asio/steady_timer.hpp> 13 #include <boost/beast/_experimental/test/stream.hpp> 14 #include <boost/beast/http/field.hpp> 15 16 #include <bit> 17 #include <cstddef> 18 #include <cstdint> 19 #include <functional> 20 #include <memory> 21 #include <string> 22 #include <string_view> 23 #include <utility> 24 #include <vector> 25 26 #include "gmock/gmock.h" 27 #include "gtest/gtest.h" 28 namespace crow 29 { 30 31 namespace 32 { 33 34 using ::testing::Pair; 35 using ::testing::UnorderedElementsAre; 36 37 struct FakeHandler 38 { 39 bool called = false; 40 void handle(Request& req, 41 const std::shared_ptr<bmcweb::AsyncResp>& asyncResp) 42 { 43 called = true; 44 EXPECT_EQ(req.url().buffer(), "/redfish/v1/"); 45 EXPECT_EQ(req.methodString(), "GET"); 46 EXPECT_EQ(req.getHeaderValue(boost::beast::http::field::user_agent), 47 "curl/8.5.0"); 48 EXPECT_EQ(req.getHeaderValue(boost::beast::http::field::accept), "*/*"); 49 EXPECT_EQ(req.getHeaderValue(":authority"), "localhost:18080"); 50 asyncResp->res.write("StringOutput"); 51 } 52 }; 53 54 std::string getDateStr() 55 { 56 return "TestTime"; 57 } 58 59 void unpackHeaders(std::string_view dataField, 60 std::vector<std::pair<std::string, std::string>>& headers) 61 { 62 nghttp2_hd_inflater_ex inflater; 63 64 while (!dataField.empty()) 65 { 66 nghttp2_nv nv; 67 int inflateFlags = 0; 68 const uint8_t* data = std::bit_cast<const uint8_t*>(dataField.data()); 69 ssize_t parsed = inflater.hd2(&nv, &inflateFlags, data, 70 dataField.size(), 1); 71 72 ASSERT_GT(parsed, 0); 73 dataField.remove_prefix(static_cast<size_t>(parsed)); 74 if ((inflateFlags & NGHTTP2_HD_INFLATE_EMIT) > 0) 75 { 76 const char* namePtr = std::bit_cast<const char*>(nv.name); 77 std::string key(namePtr, nv.namelen); 78 const char* valPtr = std::bit_cast<const char*>(nv.value); 79 std::string value(valPtr, nv.valuelen); 80 headers.emplace_back(key, value); 81 } 82 if ((inflateFlags & NGHTTP2_HD_INFLATE_FINAL) > 0) 83 { 84 EXPECT_EQ(inflater.endHeaders(), 0); 85 break; 86 } 87 } 88 EXPECT_TRUE(dataField.empty()); 89 } 90 91 TEST(http_connection, RequestPropogates) 92 { 93 using namespace std::literals; 94 boost::asio::io_context io; 95 boost::beast::test::stream stream(io); 96 boost::beast::test::stream out(io); 97 stream.connect(out); 98 // This is a binary pre-encrypted stream captured from curl for a request to 99 // curl https://localhost:18080/redfish/v1/ 100 std::string_view toSend = 101 // Hello 102 "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n" 103 // 18 byte settings frame 104 "\x00\x00\x12\x04\x00\x00\x00\x00\x00" 105 // Settings 106 "\x00\x03\x00\x00\x00\x64\x00\x04\x00\xa0\x00\x00\x00\x02\x00\x00\x00\x00" 107 // Window update frame 108 "\x00\x00\x04\x08\x00\x00\x00\x00\x00" 109 // Window update 110 "\x3e\x7f\x00\x01" 111 // Header frame END_STREAM, END_HEADERS set 112 "\x00\x00\x29\x01\x05\x00\x00\x00" 113 // Header payload 114 "\x01\x82\x87\x41\x8b\xa0\xe4\x1d\x13\x9d\x09\xb8\x17\x80\xf0\x3f" 115 "\x04\x89\x62\xc2\xc9\x29\x91\x3b\x1d\xc2\xc7\x7a\x88\x25\xb6\x50" 116 "\xc3\xcb\xb6\xb8\x3f\x53\x03\x2a\x2f\x2a"sv; 117 118 boost::asio::write(out, boost::asio::buffer(toSend)); 119 120 FakeHandler handler; 121 boost::asio::steady_timer timer(io); 122 std::function<std::string()> date(getDateStr); 123 auto conn = std::make_shared< 124 HTTP2Connection<boost::beast::test::stream, FakeHandler>>( 125 std::move(stream), &handler, date); 126 conn->start(); 127 128 std::string_view expectedPrefix = 129 // Settings frame size 13 130 "\x00\x00\x0c\x04\x00\x00\x00\x00\x00" 131 // 4 max concurrent streams 132 "\x00\x03\x00\x00\x00\x04" 133 // Enable push = false 134 "\x00\x02\x00\x00\x00\x00" 135 // Settings ACK from server to client 136 "\x00\x00\x00\x04\x01\x00\x00\x00\x00" 137 138 // Start Headers frame stream 1, size 0x034b 139 "\x00\x03\x4b\x01\x04\x00\x00\x00\x01"sv; 140 141 std::string_view expectedPostfix = 142 // Data Frame, Length 12, Stream 1, End Stream flag set 143 "\x00\x00\x0c\x00\x01\x00\x00\x00\x01" 144 // The body expected 145 "StringOutput"sv; 146 147 std::string_view outStr; 148 constexpr size_t headerSize = 0x34b; 149 150 // Run until we receive the expected amount of data 151 while (outStr.size() < 152 expectedPrefix.size() + headerSize + expectedPostfix.size()) 153 { 154 io.run_one(); 155 outStr = out.str(); 156 } 157 EXPECT_TRUE(handler.called); 158 159 // check the stream output against expected 160 EXPECT_EQ(outStr.substr(0, expectedPrefix.size()), expectedPrefix); 161 outStr.remove_prefix(expectedPrefix.size()); 162 std::vector<std::pair<std::string, std::string>> headers; 163 unpackHeaders(outStr.substr(0, headerSize), headers); 164 outStr.remove_prefix(headerSize); 165 166 EXPECT_THAT( 167 headers, 168 UnorderedElementsAre( 169 Pair(":status", "200"), Pair("content-length", "12"), 170 Pair("strict-transport-security", 171 "max-age=31536000; includeSubdomains"), 172 Pair("x-frame-options", "DENY"), Pair("pragma", "no-cache"), 173 Pair("cache-control", "no-store, max-age=0"), 174 Pair("x-content-type-options", "nosniff"), 175 Pair("referrer-policy", "no-referrer"), 176 Pair( 177 "permissions-policy", 178 "accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),layout-animations=(self),legacy-image-formats=(self),magnetometer=(),microphone=(),midi=(),oversized-images=(self),payment=(),picture-in-picture=(),publickey-credentials-get=(),speaker-selection=(),sync-xhr=(self),unoptimized-images=(self),unsized-media=(self),usb=(),screen-wak-lock=(),web-share=(),xr-spatial-tracking=()"), 179 Pair("x-permitted-cross-domain-policies", "none"), 180 Pair("cross-origin-embedder-policy", "require-corp"), 181 Pair("cross-origin-opener-policy", "same-origin"), 182 Pair("cross-origin-resource-policy", "same-origin"), 183 Pair( 184 "content-security-policy", 185 "default-src 'none'; img-src 'self' data:; font-src 'self'; style-src 'self'; script-src 'self'; connect-src 'self' wss:; form-action 'none'; frame-ancestors 'none'; object-src 'none'; base-uri 'none'"), 186 Pair("date", "TestTime"))); 187 188 EXPECT_EQ(outStr, expectedPostfix); 189 } 190 191 } // namespace 192 } // namespace crow 193