diff options
author | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-08-15 17:28:58 +0300 |
---|---|---|
committer | Evgeny Grin (Karlson2k) <k2k@narod.ru> | 2022-08-15 21:37:49 +0300 |
commit | e4092f1d54c3ceb9d1954afed5f8d2fce600f183 (patch) | |
tree | 2fc6a929ac95dc503830f88e15c351a5efa1c542 | |
parent | 63c6f68b5d2b07a088014cf52c74b4b0328043cd (diff) | |
download | libmicrohttpd-e4092f1d54c3ceb9d1954afed5f8d2fce600f183.tar.gz libmicrohttpd-e4092f1d54c3ceb9d1954afed5f8d2fce600f183.zip |
test_digestauth2: added testing of nonce bind options
-rw-r--r-- | src/testcurl/.gitignore | 4 | ||||
-rw-r--r-- | src/testcurl/Makefile.am | 18 | ||||
-rw-r--r-- | src/testcurl/test_digestauth2.c | 113 |
3 files changed, 119 insertions, 16 deletions
diff --git a/src/testcurl/.gitignore b/src/testcurl/.gitignore index c06787a1..a31cb1ee 100644 --- a/src/testcurl/.gitignore +++ b/src/testcurl/.gitignore | |||
@@ -173,3 +173,7 @@ core | |||
173 | /test_digestauth2_sha256_userdigest | 173 | /test_digestauth2_sha256_userdigest |
174 | /test_digestauth2_oldapi2_sha256_userdigest | 174 | /test_digestauth2_oldapi2_sha256_userdigest |
175 | /test_digestauth2_sha256_userhash_userdigest | 175 | /test_digestauth2_sha256_userhash_userdigest |
176 | /test_digestauth2_bind_all | ||
177 | /test_digestauth2_bind_uri | ||
178 | /test_digestauth2_oldapi1_bind_all | ||
179 | /test_digestauth2_oldapi1_bind_uri | ||
diff --git a/src/testcurl/Makefile.am b/src/testcurl/Makefile.am index 34590e8f..0e23f251 100644 --- a/src/testcurl/Makefile.am +++ b/src/testcurl/Makefile.am | |||
@@ -185,7 +185,11 @@ check_PROGRAMS += \ | |||
185 | test_digestauth2_userhash_userdigest \ | 185 | test_digestauth2_userhash_userdigest \ |
186 | test_digestauth2_sha256_userdigest \ | 186 | test_digestauth2_sha256_userdigest \ |
187 | test_digestauth2_oldapi2_sha256_userdigest \ | 187 | test_digestauth2_oldapi2_sha256_userdigest \ |
188 | test_digestauth2_sha256_userhash_userdigest | 188 | test_digestauth2_sha256_userhash_userdigest \ |
189 | test_digestauth2_bind_all \ | ||
190 | test_digestauth2_bind_uri \ | ||
191 | test_digestauth2_oldapi1_bind_all \ | ||
192 | test_digestauth2_oldapi1_bind_uri | ||
189 | endif | 193 | endif |
190 | 194 | ||
191 | if HEAVY_TESTS | 195 | if HEAVY_TESTS |
@@ -343,6 +347,18 @@ test_digestauth2_oldapi2_sha256_userdigest_SOURCES = \ | |||
343 | test_digestauth2_sha256_userhash_userdigest_SOURCES = \ | 347 | test_digestauth2_sha256_userhash_userdigest_SOURCES = \ |
344 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h | 348 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h |
345 | 349 | ||
350 | test_digestauth2_bind_all_SOURCES = \ | ||
351 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h | ||
352 | |||
353 | test_digestauth2_bind_uri_SOURCES = \ | ||
354 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h | ||
355 | |||
356 | test_digestauth2_oldapi1_bind_all_SOURCES = \ | ||
357 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h | ||
358 | |||
359 | test_digestauth2_oldapi1_bind_uri_SOURCES = \ | ||
360 | test_digestauth2.c mhd_has_param.h mhd_has_in_name.h | ||
361 | |||
346 | test_get_iovec_SOURCES = \ | 362 | test_get_iovec_SOURCES = \ |
347 | test_get_iovec.c mhd_has_in_name.h | 363 | test_get_iovec.c mhd_has_in_name.h |
348 | 364 | ||
diff --git a/src/testcurl/test_digestauth2.c b/src/testcurl/test_digestauth2.c index d88435c3..fa418f69 100644 --- a/src/testcurl/test_digestauth2.c +++ b/src/testcurl/test_digestauth2.c | |||
@@ -275,6 +275,10 @@ static int test_userhash; | |||
275 | static int test_userdigest; | 275 | static int test_userdigest; |
276 | static int test_sha256; | 276 | static int test_sha256; |
277 | static int test_rfc2069; | 277 | static int test_rfc2069; |
278 | /* Bind DAuth nonces to everything except URI */ | ||
279 | static int test_bind_all; | ||
280 | /* Bind DAuth nonces to URI */ | ||
281 | static int test_bind_uri; | ||
278 | static int curl_uses_usehash; | 282 | static int curl_uses_usehash; |
279 | 283 | ||
280 | /* Static helper variables */ | 284 | /* Static helper variables */ |
@@ -706,6 +710,13 @@ ahc_echo (void *cls, | |||
706 | else | 710 | else |
707 | expect_res = MHD_DAUTH_OK; | 711 | expect_res = MHD_DAUTH_OK; |
708 | } | 712 | } |
713 | else if (test_bind_uri) | ||
714 | { | ||
715 | if ((0 != tr_p->uri_num) && (1 == tr_p->req_num)) | ||
716 | expect_res = MHD_DAUTH_NONCE_OTHER_COND; | ||
717 | else | ||
718 | expect_res = MHD_DAUTH_OK; | ||
719 | } | ||
709 | else | 720 | else |
710 | expect_res = MHD_DAUTH_OK; | 721 | expect_res = MHD_DAUTH_OK; |
711 | 722 | ||
@@ -732,15 +743,22 @@ ahc_echo (void *cls, | |||
732 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ | 743 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ |
733 | "MHD_DAUTH_NONCE_STALE"); | 744 | "MHD_DAUTH_NONCE_STALE"); |
734 | break; | 745 | break; |
746 | case MHD_DAUTH_NONCE_OTHER_COND: | ||
747 | if (expect_res == MHD_DAUTH_NONCE_OTHER_COND) | ||
748 | { | ||
749 | if (verbose) | ||
750 | printf ("Got expected auth check result: " | ||
751 | "MHD_DAUTH_NONCE_OTHER_COND.\n"); | ||
752 | } | ||
753 | else | ||
754 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ | ||
755 | "MHD_DAUTH_NONCE_OTHER_COND"); | ||
756 | break; | ||
735 | /* Invalid results */ | 757 | /* Invalid results */ |
736 | case MHD_DAUTH_NONCE_WRONG: | 758 | case MHD_DAUTH_NONCE_WRONG: |
737 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ | 759 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ |
738 | "MHD_DAUTH_NONCE_WRONG"); | 760 | "MHD_DAUTH_NONCE_WRONG"); |
739 | break; | 761 | break; |
740 | case MHD_DAUTH_NONCE_OTHER_COND: | ||
741 | mhdErrorExitDesc ("MHD_digest_auth_check[_digest]3()' returned " \ | ||
742 | "MHD_DAUTH_NONCE_OTHER_COND"); | ||
743 | break; | ||
744 | case MHD_DAUTH_ERROR: | 762 | case MHD_DAUTH_ERROR: |
745 | externalErrorExitDesc ("General error returned " \ | 763 | externalErrorExitDesc ("General error returned " \ |
746 | "by 'MHD_digest_auth_check[_digest]3()'"); | 764 | "by 'MHD_digest_auth_check[_digest]3()'"); |
@@ -786,7 +804,8 @@ ahc_echo (void *cls, | |||
786 | MHD_queue_response (connection, MHD_HTTP_OK, response)) | 804 | MHD_queue_response (connection, MHD_HTTP_OK, response)) |
787 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); | 805 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); |
788 | } | 806 | } |
789 | else if (MHD_DAUTH_NONCE_STALE == check_res) | 807 | else if ((MHD_DAUTH_NONCE_STALE == check_res) || |
808 | (MHD_DAUTH_NONCE_OTHER_COND == check_res)) | ||
790 | { | 809 | { |
791 | response = | 810 | response = |
792 | MHD_create_response_from_buffer_static (MHD_STATICSTR_LEN_ (DENIED), | 811 | MHD_create_response_from_buffer_static (MHD_STATICSTR_LEN_ (DENIED), |
@@ -838,6 +857,7 @@ ahc_echo (void *cls, | |||
838 | /* Use old API v2 */ | 857 | /* Use old API v2 */ |
839 | char *username; | 858 | char *username; |
840 | int check_res; | 859 | int check_res; |
860 | int expect_res; | ||
841 | 861 | ||
842 | username = MHD_digest_auth_get_username (connection); | 862 | username = MHD_digest_auth_get_username (connection); |
843 | if (NULL != username) | 863 | if (NULL != username) |
@@ -868,10 +888,21 @@ ahc_echo (void *cls, | |||
868 | MHD_DIGEST_ALG_SHA256 : | 888 | MHD_DIGEST_ALG_SHA256 : |
869 | MHD_DIGEST_ALG_MD5); | 889 | MHD_DIGEST_ALG_MD5); |
870 | 890 | ||
871 | if (MHD_YES != check_res) | 891 | if (test_bind_uri) |
892 | { | ||
893 | if ((0 != tr_p->uri_num) && (1 == tr_p->req_num)) | ||
894 | expect_res = MHD_INVALID_NONCE; | ||
895 | else | ||
896 | expect_res = MHD_YES; | ||
897 | } | ||
898 | else | ||
899 | expect_res = MHD_YES; | ||
900 | |||
901 | if (expect_res != check_res) | ||
872 | { | 902 | { |
873 | fprintf (stderr, "'MHD_digest_auth_check[_digest]2()' returned " | 903 | fprintf (stderr, "'MHD_digest_auth_check[_digest]2()' returned " |
874 | "unexpected result: %d. ", check_res); | 904 | "unexpected result '%d', while expected is '%d. ", |
905 | check_res, expect_res); | ||
875 | mhdErrorExitDesc ("Wrong 'MHD_digest_auth_check[_digest]2()' result"); | 906 | mhdErrorExitDesc ("Wrong 'MHD_digest_auth_check[_digest]2()' result"); |
876 | } | 907 | } |
877 | response = | 908 | response = |
@@ -880,9 +911,24 @@ ahc_echo (void *cls, | |||
880 | if (NULL == response) | 911 | if (NULL == response) |
881 | mhdErrorExitDesc ("Response creation failed"); | 912 | mhdErrorExitDesc ("Response creation failed"); |
882 | 913 | ||
883 | if (MHD_YES != | 914 | if (MHD_YES == expect_res) |
884 | MHD_queue_response (connection, MHD_HTTP_OK, response)) | 915 | { |
885 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); | 916 | if (MHD_YES != |
917 | MHD_queue_response (connection, MHD_HTTP_OK, response)) | ||
918 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); | ||
919 | } | ||
920 | else if (MHD_INVALID_NONCE == expect_res) | ||
921 | { | ||
922 | if (MHD_YES != | ||
923 | MHD_queue_auth_fail_response2 (connection, REALM_VAL, OPAQUE_VALUE, | ||
924 | response, 1, | ||
925 | test_sha256 ? | ||
926 | MHD_DIGEST_ALG_SHA256 : | ||
927 | MHD_DIGEST_ALG_MD5)) | ||
928 | mhdErrorExitDesc ("'MHD_queue_auth_fail_response2()' failed"); | ||
929 | } | ||
930 | else | ||
931 | externalErrorExitDesc ("Wrong 'check_res' value"); | ||
886 | } | 932 | } |
887 | else | 933 | else |
888 | { | 934 | { |
@@ -914,6 +960,7 @@ ahc_echo (void *cls, | |||
914 | /* Use old API v1 */ | 960 | /* Use old API v1 */ |
915 | char *username; | 961 | char *username; |
916 | int check_res; | 962 | int check_res; |
963 | int expect_res; | ||
917 | 964 | ||
918 | username = MHD_digest_auth_get_username (connection); | 965 | username = MHD_digest_auth_get_username (connection); |
919 | if (NULL != username) | 966 | if (NULL != username) |
@@ -939,21 +986,45 @@ ahc_echo (void *cls, | |||
939 | userdigest_bin, | 986 | userdigest_bin, |
940 | 50 * TIMEOUTS_VAL); | 987 | 50 * TIMEOUTS_VAL); |
941 | 988 | ||
942 | if (MHD_YES != check_res) | 989 | if (test_bind_uri) |
990 | { | ||
991 | if ((0 != tr_p->uri_num) && (1 == tr_p->req_num)) | ||
992 | expect_res = MHD_INVALID_NONCE; | ||
993 | else | ||
994 | expect_res = MHD_YES; | ||
995 | } | ||
996 | else | ||
997 | expect_res = MHD_YES; | ||
998 | |||
999 | if (expect_res != check_res) | ||
943 | { | 1000 | { |
944 | fprintf (stderr, "'MHD_digest_auth_check[_digest]()' returned " | 1001 | fprintf (stderr, "'MHD_digest_auth_check[_digest]()' returned " |
945 | "unexpected result: %d. ", check_res); | 1002 | "unexpected result '%d', while expected is '%d. ", |
1003 | check_res, expect_res); | ||
946 | mhdErrorExitDesc ("Wrong 'MHD_digest_auth_check[_digest]()' result"); | 1004 | mhdErrorExitDesc ("Wrong 'MHD_digest_auth_check[_digest]()' result"); |
947 | } | 1005 | } |
1006 | |||
948 | response = | 1007 | response = |
949 | MHD_create_response_from_buffer_static (MHD_STATICSTR_LEN_ (PAGE), | 1008 | MHD_create_response_from_buffer_static (MHD_STATICSTR_LEN_ (PAGE), |
950 | (const void *) PAGE); | 1009 | (const void *) PAGE); |
951 | if (NULL == response) | 1010 | if (NULL == response) |
952 | mhdErrorExitDesc ("Response creation failed"); | 1011 | mhdErrorExitDesc ("Response creation failed"); |
953 | 1012 | ||
954 | if (MHD_YES != | 1013 | if (MHD_YES == expect_res) |
955 | MHD_queue_response (connection, MHD_HTTP_OK, response)) | 1014 | { |
956 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); | 1015 | if (MHD_YES != |
1016 | MHD_queue_response (connection, MHD_HTTP_OK, response)) | ||
1017 | mhdErrorExitDesc ("'MHD_queue_response()' failed"); | ||
1018 | } | ||
1019 | else if (MHD_INVALID_NONCE == expect_res) | ||
1020 | { | ||
1021 | if (MHD_YES != | ||
1022 | MHD_queue_auth_fail_response (connection, REALM_VAL, OPAQUE_VALUE, | ||
1023 | response, 1)) | ||
1024 | mhdErrorExitDesc ("'MHD_queue_auth_fail_response()' failed"); | ||
1025 | } | ||
1026 | else | ||
1027 | externalErrorExitDesc ("Wrong 'check_res' value"); | ||
957 | } | 1028 | } |
958 | else | 1029 | else |
959 | { | 1030 | { |
@@ -1213,6 +1284,7 @@ check_result (CURLcode curl_code, CURL *c, struct CBC *pcbc) | |||
1213 | static unsigned int | 1284 | static unsigned int |
1214 | testDigestAuth (void) | 1285 | testDigestAuth (void) |
1215 | { | 1286 | { |
1287 | unsigned int dauth_nonce_bind; | ||
1216 | struct MHD_Daemon *d; | 1288 | struct MHD_Daemon *d; |
1217 | uint16_t port; | 1289 | uint16_t port; |
1218 | struct CBC cbc; | 1290 | struct CBC cbc; |
@@ -1237,12 +1309,21 @@ testDigestAuth (void) | |||
1237 | fflush (stderr); | 1309 | fflush (stderr); |
1238 | } | 1310 | } |
1239 | 1311 | ||
1312 | dauth_nonce_bind = MHD_DAUTH_BIND_NONCE_NONE; | ||
1313 | if (test_bind_all) | ||
1314 | dauth_nonce_bind |= | ||
1315 | (MHD_DAUTH_BIND_NONCE_CLIENT_IP | MHD_DAUTH_BIND_NONCE_REALM); | ||
1316 | if (test_bind_uri) | ||
1317 | dauth_nonce_bind |= MHD_DAUTH_BIND_NONCE_URI_PARAMS; | ||
1318 | |||
1240 | d = MHD_start_daemon (MHD_USE_ERROR_LOG, | 1319 | d = MHD_start_daemon (MHD_USE_ERROR_LOG, |
1241 | port, NULL, NULL, | 1320 | port, NULL, NULL, |
1242 | &ahc_echo, &rq_tr, | 1321 | &ahc_echo, &rq_tr, |
1243 | MHD_OPTION_DIGEST_AUTH_RANDOM_COPY, | 1322 | MHD_OPTION_DIGEST_AUTH_RANDOM_COPY, |
1244 | sizeof (salt), salt, | 1323 | sizeof (salt), salt, |
1245 | MHD_OPTION_NONCE_NC_SIZE, 300, | 1324 | MHD_OPTION_NONCE_NC_SIZE, 300, |
1325 | MHD_OPTION_DIGEST_AUTH_NONCE_BIND_TYPE, | ||
1326 | dauth_nonce_bind, | ||
1246 | MHD_OPTION_END); | 1327 | MHD_OPTION_END); |
1247 | } | 1328 | } |
1248 | if (d == NULL) | 1329 | if (d == NULL) |
@@ -1329,6 +1410,8 @@ main (int argc, char *const *argv) | |||
1329 | test_userdigest = has_in_name (argv[0], "_userdigest"); | 1410 | test_userdigest = has_in_name (argv[0], "_userdigest"); |
1330 | test_sha256 = has_in_name (argv[0], "_sha256"); | 1411 | test_sha256 = has_in_name (argv[0], "_sha256"); |
1331 | test_rfc2069 = has_in_name (argv[0], "_rfc2069"); | 1412 | test_rfc2069 = has_in_name (argv[0], "_rfc2069"); |
1413 | test_bind_all = has_in_name (argv[0], "_bind_all"); | ||
1414 | test_bind_uri = has_in_name (argv[0], "_bind_uri"); | ||
1332 | 1415 | ||
1333 | /* Wrong test types combinations */ | 1416 | /* Wrong test types combinations */ |
1334 | if (1 == test_oldapi) | 1417 | if (1 == test_oldapi) |