Annotation of embedaddon/lighttpd/tests/mod-auth.t, revision 1.1.1.2
1.1 misho 1: #!/usr/bin/env perl
2: BEGIN {
3: # add current source dir to the include-path
4: # we need this for make distcheck
5: (my $srcdir = $0) =~ s,/[^/]+$,/,;
6: unshift @INC, $srcdir;
7: }
8:
9: use strict;
10: use IO::Socket;
1.1.1.2 ! misho 11: use Test::More tests => 20;
1.1 misho 12: use LightyTest;
13:
14: my $tf = LightyTest->new();
15: my $t;
16:
17: ok($tf->start_proc == 0, "Starting lighttpd") or die();
18:
19: $t->{REQUEST} = ( <<EOF
20: GET /server-status HTTP/1.0
21: EOF
22: );
23: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
24: ok($tf->handle_http($t) == 0, 'Missing Auth-token');
25:
26: $t->{REQUEST} = ( <<EOF
27: GET /server-status HTTP/1.0
28: Authorization: Basic \x80mFuOmphb
29: EOF
30: );
31: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
32: ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid base64 Auth-token');
33:
34: $t->{REQUEST} = ( <<EOF
35: GET /server-status HTTP/1.0
36: Authorization: Basic amFuOmphb
37: EOF
38: );
39: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
40: ok($tf->handle_http($t) == 0, 'Basic-Auth: Wrong Auth-token');
41:
42: $t->{REQUEST} = ( <<EOF
43: GET /server-config HTTP/1.0
44: Authorization: Basic amFuOmphbg==
45: EOF
46: );
47: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
48: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - plain');
49:
50: $t->{REQUEST} = ( <<EOF
51: GET /server-config HTTP/1.0
52: Host: auth-htpasswd.example.org
53: Authorization: Basic ZGVzOmRlcw==
54: EOF
55: );
56: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
57: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des)');
58:
59: $t->{REQUEST} = ( <<EOF
60: GET /server-config HTTP/1.0
61: Host: auth-htpasswd.example.org
62: Authorization: basic ZGVzOmRlcw==
63: EOF
64: );
65: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
66: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des) (lowercase)');
67:
68: $t->{REQUEST} = ( <<EOF
69: GET /server-config HTTP/1.0
70: Host: auth-htpasswd.example.org
71: Authorization: Basic c2hhOnNoYQ==
72: EOF
73: );
74: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
75: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (sha)');
76:
77: $t->{REQUEST} = ( <<EOF
78: GET /server-config HTTP/1.0
79: Host: auth-htpasswd.example.org
80: Authorization: Basic c2hhOnNoYg==
81: EOF
82: );
83: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
84: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (sha, wrong password)');
85:
1.1.1.2 ! misho 86: $t->{REQUEST} = ( <<EOF
! 87: GET /server-config HTTP/1.0
! 88: Host: auth-htpasswd.example.org
! 89: Authorization: Basic YXByLW1kNTphcHItbWQ1
! 90: EOF
! 91: );
! 92: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
! 93: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (apr-md5)');
! 94:
! 95: $t->{REQUEST} = ( <<EOF
! 96: GET /server-config HTTP/1.0
! 97: Host: auth-htpasswd.example.org
! 98: Authorization: Basic YXByLW1kNTphcHItbWQ2
! 99: EOF
! 100: );
! 101: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
! 102: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (apr-md5, wrong password)');
1.1 misho 103:
104: SKIP: {
1.1.1.2 ! misho 105: skip "no crypt-md5 under cygwin", 1 if $^O eq 'cygwin';
! 106: skip "no crypt-md5 under darwin", 1 if $^O eq 'darwin';
1.1 misho 107: $t->{REQUEST} = ( <<EOF
108: GET /server-config HTTP/1.0
109: Host: auth-htpasswd.example.org
110: Authorization: Basic bWQ1Om1kNQ==
111: EOF
112: );
113: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
1.1.1.2 ! misho 114: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (crypt-md5)');
1.1 misho 115: }
116:
117: $t->{REQUEST} = ( <<EOF
118: GET /server-config HTTP/1.0
119: Authorization: Basic bWQ1Om1kNA==
120: EOF
121: );
122: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
123: ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token');
124:
125: ## this should not crash
126: $t->{REQUEST} = ( <<EOF
127: GET /server-status HTTP/1.0
128: User-Agent: Wget/1.9.1
129: Authorization: Digest username="jan", realm="jan", nonce="9a5428ccc05b086a08d918e73b01fc6f",
130: uri="/server-status", response="ea5f7d9a30b8b762f9610ccb87dea74f"
131: EOF
132: );
133: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
134: ok($tf->handle_http($t) == 0, 'Digest-Auth: missing qop, no crash');
135:
1.1.1.2 ! misho 136: # (Note: test case is invalid; mismatch between request line and uri="..."
! 137: # is not what is intended to be tested here, but that is what is invalid)
! 138: # https://redmine.lighttpd.net/issues/477
1.1 misho 139: ## this should not crash
140: $t->{REQUEST} = ( <<EOF
141: GET /server-status HTTP/1.0
142: User-Agent: Wget/1.9.1
143: Authorization: Digest username="jan", realm="jan",
144: nonce="b1d12348b4620437c43dd61c50ae4639",
145: uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001",
146: cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7",
147: response="29B32C2953C763C6D033C8A49983B87E"
148: EOF
149: );
150: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
151: ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash');
152:
153: $t->{REQUEST} = ( <<EOF
154: GET /server-status HTTP/1.0
155: Authorization: Basic =
156: EOF
157: );
158: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ];
159: ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64');
160:
161: $t->{REQUEST} = ( <<EOF
162: GET /server-status HTTP/1.0
1.1.1.2 ! misho 163: Authorization: Digest username="jan", realm="download archiv",
! 164: nonce="b3b26457000000003a9b34a3cd56d26e48a52a498ac9765d4b",
! 165: uri="/server-status", qop=auth, nc=00000001,
! 166: algorithm="md5-sess", response="049b000fb00ab51dddea6f093a96aa2e"
1.1 misho 167: EOF
168: );
1.1.1.2 ! misho 169: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ];
1.1 misho 170: ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce');
171:
1.1.1.2 ! misho 172: $t->{REQUEST} = ( <<EOF
! 173: GET /server-status HTTP/1.0
! 174: Authorization: Digest username="jan", realm="download archiv",
! 175: nonce="b3b26457000000003a9b34a3cd56d26e48a52a498ac9765d4b",
! 176: uri="/server-status", qop=auth, nc=00000001, cnonce="65ee1b37",
! 177: algorithm="md5", response="049b000fb00ab51dddea6f093a96aa2e"
! 178: EOF
! 179: );
! 180: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401, 'WWW-Authenticate' => '/, stale=true$/' } ];
! 181: ok($tf->handle_http($t) == 0, 'Digest-Auth: stale nonce');
! 182:
1.1 misho 183: $t->{REQUEST} = ( <<EOF
184: GET /server-status HTTP/1.0
1.1.1.2 ! misho 185: Authorization: Digest username="jan", realm="download archiv",
! 186: nonce="b3b26457000000003a9b34a3cd56d26e48a52a498ac9765d4b",
! 187: uri="/server-status", qop=auth, nc=00000001, cnonce="65ee1b37",
! 188: algorithm="md5", response="049b000fb00ab51dddea6f093a96aa2e"
1.1 misho 189: EOF
1.1.1.2 ! misho 190: ); # note: trailing whitespace at end of request line above is intentional
! 191: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401, 'WWW-Authenticate' => '/, stale=true$/' } ];
! 192: ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS, stale nonce');
1.1 misho 193:
194:
195:
196: ok($tf->stop_proc == 0, "Stopping lighttpd");
197:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to mod-auth.t CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / lighttpd / tests