test: simplify /ssl/tls-interaction test by using SoupServer

The test is still flaky, but due to a glib-networking bug.

libsoup/server/soup-socket.c

@@ -733,3 +733,11 @@ soup_socket_get_remote_address (SoupSocket *sock)
 
         return priv->remote_addr;
 }
+
+GIOStream *
+soup_socket_get_connection (SoupSocket *sock)
+{
+	SoupSocketPrivate *priv = soup_socket_get_instance_private (sock);
+
+	return priv->conn;
+}

libsoup/server/soup-socket.h

@@ -22,6 +22,7 @@ gboolean       soup_socket_is_ssl             (SoupSocket         *sock);
 
 void           soup_socket_disconnect         (SoupSocket         *sock);
 gboolean       soup_socket_is_connected       (SoupSocket         *sock);
+GIOStream     *soup_socket_get_connection     (SoupSocket         *sock);
 GSocket       *soup_socket_get_gsocket        (SoupSocket         *sock);
 GSocket       *soup_socket_steal_gsocket      (SoupSocket         *sock);
 GIOStream     *soup_socket_get_iostream       (SoupSocket         *sock);

tests/ssl-test.c

 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
 
 #include "test-utils.h"
+#include "soup-server-message-private.h"
 
 GUri *uri;
 
@@ -106,19 +107,9 @@ test_tls_interaction_request_certificate (GTlsInteraction              *interact
 					  GError                      **error)
 {
 	GTlsCertificate *cert;
-	const char *ssl_cert_file, *ssl_key_file;
-	GError *my_error = NULL;
-
-	/* Yes, we use the same certificate for the client as for the server. Shrug */
-	ssl_cert_file = g_test_get_filename (G_TEST_DIST, "test-cert.pem", NULL);
-	ssl_key_file = g_test_get_filename (G_TEST_DIST, "test-key.pem", NULL);
-	cert = g_tls_certificate_new_from_files (ssl_cert_file,
-						 ssl_key_file,
-						 &my_error);
-	g_assert_no_error (my_error);
 
+	cert = g_object_get_data (G_OBJECT (interaction), "certificate");
 	g_tls_connection_set_certificate (connection, cert);
-	g_object_unref (cert);
 
 	return G_TLS_INTERACTION_HANDLED;
 }
@@ -132,102 +123,54 @@ test_tls_interaction_class_init (TestTlsInteractionClass *klass)
 }
 
 
-#define INTERACTION_TEST_HTTP_RESPONSE "HTTP/1.1 200 OK\r\nConnection: close\r\n\r\nOK\r\n"
-
 static gboolean
 accept_client_certificate (GTlsConnection       *server,
 			   GTlsCertificate      *client_cert,
 			   GTlsCertificateFlags  errors)
 {
-	return TRUE;
+	return errors == 0;
 }
 
 static void
-got_connection (GThreadedSocketService *service,
-		GSocketConnection      *connection,
-		GObject                *source_object)
+server_request_started (SoupServer        *server,
+			SoupServerMessage *msg,
+			GTlsDatabase      *tls_db)
 {
-	GIOStream *tls;
-	GTlsCertificate *server_cert;
-	GError *error = NULL;
-	const char *ssl_cert_file, *ssl_key_file;
-	GMainContext *thread_context;
-
-	thread_context = g_main_context_new ();
-	g_main_context_push_thread_default (thread_context);
-
-	ssl_cert_file = g_test_get_filename (G_TEST_DIST, "test-cert.pem", NULL);
-	ssl_key_file = g_test_get_filename (G_TEST_DIST, "test-key.pem", NULL);
-	server_cert = g_tls_certificate_new_from_files (ssl_cert_file,
-							ssl_key_file,
-							&error);
-	g_assert_no_error (error);
-
-	tls = g_tls_server_connection_new (G_IO_STREAM (connection),
-					   server_cert, &error);
-	g_assert_no_error (error);
-	g_object_unref (server_cert);
-
-	g_object_set (G_OBJECT (tls),
-		      "authentication-mode", G_TLS_AUTHENTICATION_REQUIRED,
-		      NULL);
-	g_signal_connect (tls, "accept-certificate",
-			  G_CALLBACK (accept_client_certificate), NULL);
-
-	if (g_tls_connection_handshake (G_TLS_CONNECTION (tls), NULL, &error)) {
-		g_output_stream_write_all (g_io_stream_get_output_stream (tls),
-					   INTERACTION_TEST_HTTP_RESPONSE,
-					   strlen (INTERACTION_TEST_HTTP_RESPONSE),
-					   NULL, NULL, &error);
-		g_assert_no_error (error);
-	} else {
-		g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
-		g_clear_error (&error);
-	}
-
-	g_io_stream_close (tls, NULL, &error);
-	g_assert_no_error (error);
-
-	g_object_unref (tls);
-
-	g_main_context_pop_thread_default (thread_context);
-	g_main_context_unref (thread_context);
+	SoupSocket *sock;
+	GIOStream *conn;
+
+	sock = soup_server_message_get_soup_socket (msg);
+	conn = soup_socket_get_connection (sock);
+	g_tls_connection_set_database (G_TLS_CONNECTION (conn), tls_db);
+	g_object_set (conn, "authentication-mode", G_TLS_AUTHENTICATION_REQUIRED, NULL);
+	g_signal_connect (conn, "accept-certificate",
+			  G_CALLBACK (accept_client_certificate),
+			  NULL);
 }
 
 static void
-do_tls_interaction_test (void)
+do_tls_interaction_test (gconstpointer data)
 {
-	GSocketService *service;
-	GSocketAddress *address, *bound_address;
+	SoupServer *server = (SoupServer *)data;
 	SoupSession *session;
 	SoupMessage *msg;
 	GBytes *body;
+	GTlsDatabase *tls_db;
+	GTlsCertificate *certificate;
 	GTlsInteraction *interaction;
-	GUri *test_uri;
 	GError *error = NULL;
 
 	SOUP_TEST_SKIP_IF_NO_TLS;
 
-	service = g_threaded_socket_service_new (1);
-	address = g_inet_socket_address_new_from_string ("127.0.0.1", 0);
-	g_socket_listener_add_address (G_SOCKET_LISTENER (service), address,
-				       G_SOCKET_TYPE_STREAM,
-				       G_SOCKET_PROTOCOL_TCP,
-				       NULL, &bound_address, &error);
-	g_assert_no_error (error);
-	g_object_unref (address);
-	g_signal_connect (service, "run", G_CALLBACK (got_connection), NULL);
-	g_socket_service_start (service);
-
-        test_uri = g_uri_build (SOUP_HTTP_URI_FLAGS, "https", NULL, "127.0.0.1",
-                                g_inet_socket_address_get_port (G_INET_SOCKET_ADDRESS (bound_address)),
-                                "/", NULL, NULL);
-	g_object_unref (bound_address);
-
 	session = soup_test_session_new (NULL);
+	g_object_get (session, "tls-database", &tls_db, NULL);
+
+	g_signal_connect (server, "request-started",
+			  G_CALLBACK (server_request_started),
+			  tls_db);
 
 	/* Without a GTlsInteraction */
-	msg = soup_message_new_from_uri ("GET", test_uri);
+	msg = soup_message_new_from_uri ("GET", uri);
 	body = soup_test_session_async_send (session, msg, NULL, &error);
 	g_assert_error (error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED);
 	g_clear_error (&error);
@@ -235,24 +178,29 @@ do_tls_interaction_test (void)
 	g_object_unref (msg);
 
 	interaction = g_object_new (test_tls_interaction_get_type (), NULL);
-	g_object_set (G_OBJECT (session),
-		      "tls-interaction", interaction,
-		      NULL);
+	/* Yes, we use the same certificate for the client as for the server. Shrug */
+	g_object_get (server, "tls-certificate", &certificate, NULL);
+	g_object_set_data_full (G_OBJECT (interaction),
+				"certificate",
+				g_object_ref (certificate),
+				g_object_unref);
+	g_object_set (session, "tls-interaction", interaction, NULL);
 	g_object_unref (interaction);
 
 	/* With a GTlsInteraction */
-	msg = soup_message_new_from_uri ("GET", test_uri);
-	body = soup_test_session_async_send (session, msg, NULL, NULL);
+	msg = soup_message_new_from_uri ("GET", uri);
+	body = soup_test_session_async_send (session, msg, NULL, &error);
+	g_assert_no_error (error);
 	soup_test_assert_message_status (msg, SOUP_STATUS_OK);
 	g_assert_nonnull (soup_message_get_tls_certificate (msg));
 	g_bytes_unref (body);
 	g_object_unref (msg);
 
-	g_uri_unref (test_uri);
-	soup_test_session_abort_unref (session);
+	g_signal_handlers_disconnect_by_data (server, tls_db);
 
-	g_socket_service_stop (service);
-	g_object_unref (service);
+	soup_test_session_abort_unref (session);
+	g_object_unref (tls_db);
+	g_object_unref (certificate);
 }
 
 static void
@@ -283,7 +231,7 @@ main (int argc, char **argv)
 	} else
 		uri = NULL;
 
-	g_test_add_func ("/ssl/tls-interaction", do_tls_interaction_test);
+	g_test_add_data_func ("/ssl/tls-interaction", server, do_tls_interaction_test);
 
 	for (i = 0; i < G_N_ELEMENTS (strictness_tests); i++) {
 		g_test_add_data_func (strictness_tests[i].name,