]>
Commit | Line | Data |
---|---|---|
4e0938ef | 1 | /* |
f70aedc4 | 2 | * Copyright (C) 1996-2021 The Squid Software Foundation and contributors |
4e0938ef AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
582c2af2 | 9 | #include "squid.h" |
2f1431ea AJ |
10 | |
11 | #if USE_AUTH | |
12 | ||
d382ccbd | 13 | #include "auth/Config.h" |
3ad63615 | 14 | #include "auth/Gadgets.h" |
602d9612 | 15 | #include "auth/UserRequest.h" |
2eceb328 | 16 | #include "ConfigParser.h" |
602d9612 | 17 | #include "testAuth.h" |
7f861c77 | 18 | #include "unitTestMain.h" |
f5691f9c | 19 | |
20 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuth ); | |
21 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig ); | |
22 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest ); | |
a33a428a | 23 | #if HAVE_AUTH_MODULE_BASIC |
f5691f9c | 24 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest ); |
0ea5c60c | 25 | #endif |
a33a428a | 26 | #if HAVE_AUTH_MODULE_DIGEST |
f5691f9c | 27 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest ); |
0ea5c60c | 28 | #endif |
a33a428a | 29 | #if HAVE_AUTH_MODULE_NTLM |
f5691f9c | 30 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest ); |
0ea5c60c | 31 | #endif |
a33a428a | 32 | #if HAVE_AUTH_MODULE_NEGOTIATE |
f46fe759 | 33 | CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest ); |
0ea5c60c | 34 | #endif |
f5691f9c | 35 | |
36 | /* Instantiate all auth framework types */ | |
37 | void | |
38 | testAuth::instantiate() | |
39 | {} | |
40 | ||
41 | char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n" | |
42 | "auth_param digest children 5\n" | |
43 | "auth_param digest realm Squid proxy-caching web server\n" | |
44 | "auth_param digest nonce_garbage_interval 5 minutes\n" | |
45 | "auth_param digest nonce_max_duration 30 minutes\n" | |
46 | "auth_param digest nonce_max_count 50\n"; | |
47 | ||
48 | static | |
49 | char const * | |
50 | find_proxy_auth(char const *type) | |
51 | { | |
52 | char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="}, | |
53 | ||
26ac0430 AJ |
54 | {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "}, |
55 | {"ntlm", "NTLM "}, | |
56 | {"negotiate", "Negotiate "} | |
57 | }; | |
f5691f9c | 58 | |
d7ae3534 | 59 | for (unsigned count = 0; count < 4 ; ++count) { |
f5691f9c | 60 | if (strcasecmp(type, proxy_auths[count][0]) == 0) |
61 | return proxy_auths[count][1]; | |
62 | } | |
63 | ||
64 | return NULL; | |
65 | } | |
66 | ||
67 | static | |
9f3d2b2e | 68 | Auth::Config * |
f5691f9c | 69 | getConfig(char const *type_str) |
70 | { | |
9f3d2b2e | 71 | Auth::ConfigVector &config = Auth::TheConfig; |
f5691f9c | 72 | /* find a configuration for the scheme */ |
9f3d2b2e | 73 | Auth::Config *scheme = Auth::Config::Find(type_str); |
f5691f9c | 74 | |
75 | if (scheme == NULL) { | |
76 | /* Create a configuration */ | |
c6cf8dee | 77 | Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str); |
f5691f9c | 78 | |
5817ee13 | 79 | if (theScheme == NULL) { |
0ea5c60c FC |
80 | return NULL; |
81 | //fatalf("Unknown authentication scheme '%s'.\n", type_str); | |
f5691f9c | 82 | } |
83 | ||
84 | config.push_back(theScheme->createConfig()); | |
85 | scheme = config.back(); | |
a33a428a | 86 | assert(scheme); |
f5691f9c | 87 | } |
88 | ||
89 | return scheme; | |
90 | } | |
91 | ||
92 | static | |
93 | void | |
9f3d2b2e | 94 | setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count) |
f5691f9c | 95 | { |
9f3d2b2e | 96 | Auth::ConfigVector &config = Auth::TheConfig; |
f5691f9c | 97 | |
d7ae3534 | 98 | for (unsigned position=0; position < param_count; ++position) { |
f5691f9c | 99 | char *param_str=xstrdup(params[position]); |
100 | strtok(param_str, w_space); | |
2eceb328 | 101 | ConfigParser::SetCfgLine(strtok(NULL, "")); |
f5691f9c | 102 | scheme->parse(scheme, config.size(), param_str); |
103 | } | |
104 | } | |
105 | ||
106 | static | |
107 | void | |
108 | fake_auth_setup() | |
109 | { | |
110 | static bool setup(false); | |
111 | ||
112 | if (setup) | |
113 | return; | |
114 | ||
115 | Mem::Init(); | |
116 | ||
9f3d2b2e | 117 | Auth::ConfigVector &config = Auth::TheConfig; |
f5691f9c | 118 | |
119 | char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd", | |
120 | "realm foo" | |
121 | }; | |
122 | ||
123 | char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd", | |
124 | "realm foo" | |
125 | }; | |
126 | ||
127 | char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"}; | |
128 | ||
f46fe759 | 129 | char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"}; |
130 | ||
f5691f9c | 131 | struct _scheme_params { |
132 | char const *name; | |
133 | char const **params; | |
134 | unsigned paramlength; | |
135 | } | |
136 | ||
f53969cc | 137 | params[]= { {"digest", digest_parms, 2}, |
26ac0430 AJ |
138 | {"basic", basic_parms, 2}, |
139 | {"ntlm", ntlm_parms, 1}, | |
140 | {"negotiate", negotiate_parms, 1} | |
141 | }; | |
f5691f9c | 142 | |
d7ae3534 | 143 | for (unsigned scheme=0; scheme < 4; ++scheme) { |
9f3d2b2e | 144 | Auth::Config *schemeConfig; |
0ea5c60c FC |
145 | schemeConfig = getConfig(params[scheme].name); |
146 | if (schemeConfig != NULL) | |
9e008dda | 147 | setup_scheme(schemeConfig, params[scheme].params, |
af6a12ee | 148 | params[scheme].paramlength); |
9e008dda AJ |
149 | else |
150 | fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n", | |
151 | params[scheme].name); | |
0ea5c60c | 152 | } |
f5691f9c | 153 | |
154 | authenticateInit(&config); | |
155 | ||
156 | setup=true; | |
157 | } | |
158 | ||
9f3d2b2e | 159 | /* Auth::Config::CreateAuthUser works for all |
f5691f9c | 160 | * authentication types |
161 | */ | |
162 | void | |
163 | testAuthConfig::create() | |
164 | { | |
165 | Debug::Levels[29]=9; | |
166 | fake_auth_setup(); | |
167 | ||
c6cf8dee | 168 | for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) { |
9f3d2b2e | 169 | AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type())); |
f5691f9c | 170 | CPPUNIT_ASSERT(authRequest != NULL); |
171 | } | |
172 | } | |
173 | ||
174 | #include <iostream> | |
175 | ||
176 | /* AuthUserRequest::scheme returns the correct scheme for all | |
177 | * authentication types | |
178 | */ | |
179 | void | |
180 | testAuthUserRequest::scheme() | |
181 | { | |
182 | Debug::Levels[29]=9; | |
183 | fake_auth_setup(); | |
184 | ||
c6cf8dee | 185 | for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) { |
f5691f9c | 186 | // create a user request |
187 | // check its scheme matches *i | |
9f3d2b2e | 188 | AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type())); |
f5691f9c | 189 | CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i); |
190 | } | |
191 | } | |
192 | ||
a33a428a | 193 | #if HAVE_AUTH_MODULE_BASIC |
aa110616 | 194 | #include "auth/basic/User.h" |
616cfc4c | 195 | #include "auth/basic/UserRequest.h" |
f5691f9c | 196 | /* AuthBasicUserRequest::AuthBasicUserRequest works |
197 | */ | |
198 | void | |
199 | testAuthBasicUserRequest::construction() | |
200 | { | |
201 | AuthBasicUserRequest(); | |
202 | AuthBasicUserRequest *temp=new AuthBasicUserRequest(); | |
203 | delete temp; | |
204 | } | |
205 | ||
206 | void | |
207 | testAuthBasicUserRequest::username() | |
208 | { | |
a33a428a | 209 | AuthUserRequest::Pointer temp = new AuthBasicUserRequest(); |
aa110616 | 210 | Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic")); |
f5691f9c | 211 | basic_auth->username("John"); |
212 | temp->user(basic_auth); | |
f5691f9c | 213 | CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username())); |
f5691f9c | 214 | } |
0ea5c60c | 215 | #endif /* HAVE_AUTH_MODULE_BASIC */ |
f5691f9c | 216 | |
a33a428a | 217 | #if HAVE_AUTH_MODULE_DIGEST |
aa110616 AJ |
218 | #include "auth/digest/User.h" |
219 | #include "auth/digest/UserRequest.h" | |
f5691f9c | 220 | /* AuthDigestUserRequest::AuthDigestUserRequest works |
221 | */ | |
222 | void | |
223 | testAuthDigestUserRequest::construction() | |
224 | { | |
225 | AuthDigestUserRequest(); | |
226 | AuthDigestUserRequest *temp=new AuthDigestUserRequest(); | |
227 | delete temp; | |
228 | } | |
229 | ||
230 | void | |
231 | testAuthDigestUserRequest::username() | |
232 | { | |
a33a428a | 233 | AuthUserRequest::Pointer temp = new AuthDigestUserRequest(); |
aa110616 | 234 | Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest")); |
a33a428a AJ |
235 | duser->username("John"); |
236 | temp->user(duser); | |
f5691f9c | 237 | CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username())); |
f5691f9c | 238 | } |
0ea5c60c | 239 | #endif /* HAVE_AUTH_MODULE_DIGEST */ |
f5691f9c | 240 | |
a33a428a | 241 | #if HAVE_AUTH_MODULE_NTLM |
aa110616 AJ |
242 | #include "auth/ntlm/User.h" |
243 | #include "auth/ntlm/UserRequest.h" | |
f5691f9c | 244 | /* AuthNTLMUserRequest::AuthNTLMUserRequest works |
245 | */ | |
246 | void | |
247 | testAuthNTLMUserRequest::construction() | |
248 | { | |
249 | AuthNTLMUserRequest(); | |
250 | AuthNTLMUserRequest *temp=new AuthNTLMUserRequest(); | |
251 | delete temp; | |
252 | } | |
253 | ||
254 | void | |
255 | testAuthNTLMUserRequest::username() | |
256 | { | |
a33a428a | 257 | AuthUserRequest::Pointer temp = new AuthNTLMUserRequest(); |
aa110616 | 258 | Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm")); |
a33a428a AJ |
259 | nuser->username("John"); |
260 | temp->user(nuser); | |
f5691f9c | 261 | CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username())); |
f5691f9c | 262 | } |
0ea5c60c | 263 | #endif /* HAVE_AUTH_MODULE_NTLM */ |
f46fe759 | 264 | |
a33a428a | 265 | #if HAVE_AUTH_MODULE_NEGOTIATE |
aa110616 AJ |
266 | #include "auth/negotiate/User.h" |
267 | #include "auth/negotiate/UserRequest.h" | |
f46fe759 | 268 | /* AuthNegotiateUserRequest::AuthNegotiateUserRequest works |
269 | */ | |
270 | void | |
271 | testAuthNegotiateUserRequest::construction() | |
272 | { | |
273 | AuthNegotiateUserRequest(); | |
274 | AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest(); | |
275 | delete temp; | |
276 | } | |
277 | ||
278 | void | |
279 | testAuthNegotiateUserRequest::username() | |
280 | { | |
a33a428a | 281 | AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest(); |
aa110616 | 282 | Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate")); |
a33a428a AJ |
283 | nuser->username("John"); |
284 | temp->user(nuser); | |
f46fe759 | 285 | CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username())); |
f46fe759 | 286 | } |
0ea5c60c FC |
287 | |
288 | #endif /* HAVE_AUTH_MODULE_NEGOTIATE */ | |
2f1431ea | 289 | #endif /* USE_AUTH */ |
f53969cc | 290 |