Annotation of embedaddon/lighttpd/tests/mod-secdownload.t, revision 1.1.1.2
1.1 misho 1: #!/usr/bin/env perl
2: BEGIN {
3: # add current source dir to the include-path
4: # we need this for make distcheck
5: (my $srcdir = $0) =~ s,/[^/]+$,/,;
6: unshift @INC, $srcdir;
7: }
8:
9: use strict;
10: use IO::Socket;
1.1.1.2 ! misho 11: use Test::More tests => 15;
1.1 misho 12: use LightyTest;
13: use Digest::MD5 qw(md5_hex);
1.1.1.2 ! misho 14: use Digest::SHA qw(hmac_sha1 hmac_sha256);
! 15: use MIME::Base64 qw(encode_base64url);
1.1 misho 16:
17: my $tf = LightyTest->new();
18: my $t;
19:
20: ok($tf->start_proc == 0, "Starting lighttpd") or die();
21:
22: my $secret = "verysecret";
1.1.1.2 ! misho 23: my ($f, $thex, $m);
! 24:
! 25: $t->{REQUEST} = ( <<EOF
! 26: GET /index.html HTTP/1.0
! 27: Host: www.example.org
! 28: EOF
! 29: );
! 30: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
! 31:
! 32: ok($tf->handle_http($t) == 0, 'skipping secdownload - direct access');
! 33:
! 34: ## MD5
! 35: $f = "/index.html";
! 36: $thex = sprintf("%08x", time);
! 37: $m = md5_hex($secret.$f.$thex);
1.1 misho 38:
39: $t->{REQUEST} = ( <<EOF
40: GET /sec/$m/$thex$f HTTP/1.0
41: Host: vvv.example.org
42: EOF
43: );
44: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
45:
1.1.1.2 ! misho 46: ok($tf->handle_http($t) == 0, 'secdownload (md5)');
1.1 misho 47:
48: $thex = sprintf("%08x", time - 1800);
49: $m = md5_hex($secret.$f.$thex);
50:
51: $t->{REQUEST} = ( <<EOF
52: GET /sec/$m/$thex$f HTTP/1.0
53: Host: vvv.example.org
54: EOF
55: );
56: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ];
57:
1.1.1.2 ! misho 58: ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (md5)');
1.1 misho 59:
60: $t->{REQUEST} = ( <<EOF
61: GET /sec$f HTTP/1.0
62: Host: vvv.example.org
63: EOF
64: );
65: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
66:
1.1.1.2 ! misho 67: ok($tf->handle_http($t) == 0, 'secdownload - direct access (md5)');
! 68:
! 69: $f = "/noexists";
! 70: $thex = sprintf("%08x", time);
! 71: $m = md5_hex($secret.$f.$thex);
1.1 misho 72:
73: $t->{REQUEST} = ( <<EOF
1.1.1.2 ! misho 74: GET /sec/$m/$thex$f HTTP/1.0
! 75: Host: vvv.example.org
! 76: EOF
! 77: );
! 78: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
! 79:
! 80: ok($tf->handle_http($t) == 0, 'secdownload - timeout (md5)');
! 81:
! 82: ## HMAC-SHA1
! 83: $f = "/index.html";
! 84: $thex = sprintf("%08x", time);
! 85: $m = encode_base64url(hmac_sha1("/$thex$f", $secret));
! 86:
! 87: $t->{REQUEST} = ( <<EOF
! 88: GET /sec/$m/$thex$f HTTP/1.0
! 89: Host: vvv-sha1.example.org
1.1 misho 90: EOF
91: );
92: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
93:
1.1.1.2 ! misho 94: ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha1)');
! 95:
! 96: $thex = sprintf("%08x", time - 1800);
! 97: $m = encode_base64url(hmac_sha1("/$thex$f", $secret));
! 98:
! 99: $t->{REQUEST} = ( <<EOF
! 100: GET /sec/$m/$thex$f HTTP/1.0
! 101: Host: vvv-sha1.example.org
! 102: EOF
! 103: );
! 104: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ];
! 105:
! 106: ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (hmac-sha1)');
! 107:
! 108: $t->{REQUEST} = ( <<EOF
! 109: GET /sec$f HTTP/1.0
! 110: Host: vvv-sha1.example.org
! 111: EOF
! 112: );
! 113: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
! 114:
! 115: ok($tf->handle_http($t) == 0, 'secdownload - direct access (hmac-sha1)');
1.1 misho 116:
117:
118: $f = "/noexists";
119: $thex = sprintf("%08x", time);
1.1.1.2 ! misho 120: $m = encode_base64url(hmac_sha1("/$thex$f", $secret));
1.1 misho 121:
122: $t->{REQUEST} = ( <<EOF
123: GET /sec/$m/$thex$f HTTP/1.0
1.1.1.2 ! misho 124: Host: vvv-sha1.example.org
! 125: EOF
! 126: );
! 127: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
! 128:
! 129: ok($tf->handle_http($t) == 0, 'secdownload - timeout (hmac-sha1)');
! 130:
! 131: ## HMAC-SHA256
! 132: $f = "/index.html";
! 133: $thex = sprintf("%08x", time);
! 134: $m = encode_base64url(hmac_sha256("/$thex$f", $secret));
! 135:
! 136: $t->{REQUEST} = ( <<EOF
! 137: GET /sec/$m/$thex$f HTTP/1.0
! 138: Host: vvv-sha256.example.org
! 139: EOF
! 140: );
! 141: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
! 142:
! 143: ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha256)');
! 144:
! 145: $thex = sprintf("%08x", time - 1800);
! 146: $m = encode_base64url(hmac_sha256("/$thex$f", $secret));
! 147:
! 148: $t->{REQUEST} = ( <<EOF
! 149: GET /sec/$m/$thex$f HTTP/1.0
! 150: Host: vvv-sha256.example.org
! 151: EOF
! 152: );
! 153: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ];
! 154:
! 155: ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (hmac-sha256)');
! 156:
! 157: $t->{REQUEST} = ( <<EOF
! 158: GET /sec$f HTTP/1.0
! 159: Host: vvv-sha256.example.org
! 160: EOF
! 161: );
! 162: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
! 163:
! 164: ok($tf->handle_http($t) == 0, 'secdownload - direct access (hmac-sha256)');
! 165:
! 166:
! 167: $f = "/noexists";
! 168: $thex = sprintf("%08x", time);
! 169: $m = encode_base64url(hmac_sha256("/$thex$f", $secret));
! 170:
! 171: $t->{REQUEST} = ( <<EOF
! 172: GET /sec/$m/$thex$f HTTP/1.0
! 173: Host: vvv-sha256.example.org
1.1 misho 174: EOF
175: );
176: $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ];
177:
1.1.1.2 ! misho 178: ok($tf->handle_http($t) == 0, 'secdownload - timeout (hmac-sha256)');
! 179:
! 180: ## THE END
1.1 misho 181:
182: ok($tf->stop_proc == 0, "Stopping lighttpd");
183:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to mod-secdownload.t CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / lighttpd / tests