src/tests/testAuth.cc

   1 #define SQUID_UNIT_TEST 1
   2
   3 #include "squid.h"
   4
   5 #if USE_AUTH
   6
   7 #include "auth/Config.h"
   8 #include "auth/Gadgets.h"
   9 #include "auth/Scheme.h"
  10 #include "auth/UserRequest.h"
  11 #include "ConfigParser.h"
  12 #include "Mem.h"
  13 #include "testAuth.h"
  14
  15 CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
  16 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
  17 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
  18 #if HAVE_AUTH_MODULE_BASIC
  19 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
  20 #endif
  21 #if HAVE_AUTH_MODULE_DIGEST
  22 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
  23 #endif
  24 #if HAVE_AUTH_MODULE_NTLM
  25 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
  26 #endif
  27 #if HAVE_AUTH_MODULE_NEGOTIATE
  28 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
  29 #endif
  30
  31 /* Instantiate all auth framework types */
  32 void
  33 testAuth::instantiate()
  34 {}
  35
  36 char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
  37                          "auth_param digest children 5\n"
  38                          "auth_param digest realm Squid proxy-caching web server\n"
  39                          "auth_param digest nonce_garbage_interval 5 minutes\n"
  40                          "auth_param digest nonce_max_duration 30 minutes\n"
  41                          "auth_param digest nonce_max_count 50\n";
  42
  43 static
  44 char const *
  45 find_proxy_auth(char const *type)
  46 {
  47     char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
  48
  49         {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
  50         {"ntlm", "NTLM "},
  51         {"negotiate", "Negotiate "}
  52     };
  53
  54     for (unsigned count = 0; count < 4 ; ++count) {
  55         if (strcasecmp(type, proxy_auths[count][0]) == 0)
  56             return proxy_auths[count][1];
  57     }
  58
  59     return NULL;
  60 }
  61
  62 static
  63 Auth::Config *
  64 getConfig(char const *type_str)
  65 {
  66     Auth::ConfigVector &config = Auth::TheConfig;
  67     /* find a configuration for the scheme */
  68     Auth::Config *scheme = Auth::Config::Find(type_str);
  69
  70     if (scheme == NULL) {
  71         /* Create a configuration */
  72         Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
  73
  74         if (theScheme == NULL) {
  75             return NULL;
  76             //fatalf("Unknown authentication scheme '%s'.\n", type_str);
  77         }
  78
  79         config.push_back(theScheme->createConfig());
  80         scheme = config.back();
  81         assert(scheme);
  82     }
  83
  84     return scheme;
  85 }
  86
  87 static
  88 void
  89 setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count)
  90 {
  91     Auth::ConfigVector &config = Auth::TheConfig;
  92
  93     for (unsigned position=0; position < param_count; ++position) {
  94         char *param_str=xstrdup(params[position]);
  95         strtok(param_str, w_space);
  96         ConfigParser::SetCfgLine(strtok(NULL, ""));
  97         scheme->parse(scheme, config.size(), param_str);
  98     }
  99 }
 100
 101 static
 102 void
 103 fake_auth_setup()
 104 {
 105     static bool setup(false);
 106
 107     if (setup)
 108         return;
 109
 110     Mem::Init();
 111
 112     Auth::ConfigVector &config = Auth::TheConfig;
 113
 114     char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 115                                  "realm foo"
 116                                 };
 117
 118     char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 119                                 "realm foo"
 120                                };
 121
 122     char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 123
 124     char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 125
 126     struct _scheme_params {
 127         char const *name;
 128         char const **params;
 129         unsigned paramlength;
 130     }
 131
 132     params[]={ {"digest", digest_parms, 2},
 133         {"basic", basic_parms, 2},
 134         {"ntlm", ntlm_parms, 1},
 135         {"negotiate", negotiate_parms, 1}
 136     };
 137
 138     for (unsigned scheme=0; scheme < 4; ++scheme) {
 139         Auth::Config *schemeConfig;
 140         schemeConfig = getConfig(params[scheme].name);
 141         if (schemeConfig != NULL)
 142             setup_scheme(schemeConfig, params[scheme].params,
 143                          params[scheme].paramlength);
 144         else
 145             fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
 146                     params[scheme].name);
 147     }
 148
 149     authenticateInit(&config);
 150
 151     setup=true;
 152 }
 153
 154 /* Auth::Config::CreateAuthUser works for all
 155  * authentication types
 156  */
 157 void
 158 testAuthConfig::create()
 159 {
 160     Debug::Levels[29]=9;
 161     fake_auth_setup();
 162
 163     for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
 164         AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
 165         CPPUNIT_ASSERT(authRequest != NULL);
 166     }
 167 }
 168
 169 #if HAVE_IOSTREAM
 170 #include <iostream>
 171 #endif
 172
 173 /* AuthUserRequest::scheme returns the correct scheme for all
 174  * authentication types
 175  */
 176 void
 177 testAuthUserRequest::scheme()
 178 {
 179     Debug::Levels[29]=9;
 180     fake_auth_setup();
 181
 182     for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
 183         // create a user request
 184         // check its scheme matches *i
 185         AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
 186         CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
 187     }
 188 }
 189
 190 #if HAVE_AUTH_MODULE_BASIC
 191 #include "auth/basic/User.h"
 192 #include "auth/basic/UserRequest.h"
 193 /* AuthBasicUserRequest::AuthBasicUserRequest works
 194  */
 195 void
 196 testAuthBasicUserRequest::construction()
 197 {
 198     AuthBasicUserRequest();
 199     AuthBasicUserRequest *temp=new AuthBasicUserRequest();
 200     delete temp;
 201 }
 202
 203 void
 204 testAuthBasicUserRequest::username()
 205 {
 206     AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
 207     Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
 208     basic_auth->username("John");
 209     temp->user(basic_auth);
 210     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 211 }
 212 #endif /* HAVE_AUTH_MODULE_BASIC */
 213
 214 #if HAVE_AUTH_MODULE_DIGEST
 215 #include "auth/digest/User.h"
 216 #include "auth/digest/UserRequest.h"
 217 /* AuthDigestUserRequest::AuthDigestUserRequest works
 218  */
 219 void
 220 testAuthDigestUserRequest::construction()
 221 {
 222     AuthDigestUserRequest();
 223     AuthDigestUserRequest *temp=new AuthDigestUserRequest();
 224     delete temp;
 225 }
 226
 227 void
 228 testAuthDigestUserRequest::username()
 229 {
 230     AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
 231     Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
 232     duser->username("John");
 233     temp->user(duser);
 234     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 235 }
 236 #endif /* HAVE_AUTH_MODULE_DIGEST */
 237
 238 #if HAVE_AUTH_MODULE_NTLM
 239 #include "auth/ntlm/User.h"
 240 #include "auth/ntlm/UserRequest.h"
 241 /* AuthNTLMUserRequest::AuthNTLMUserRequest works
 242  */
 243 void
 244 testAuthNTLMUserRequest::construction()
 245 {
 246     AuthNTLMUserRequest();
 247     AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
 248     delete temp;
 249 }
 250
 251 void
 252 testAuthNTLMUserRequest::username()
 253 {
 254     AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
 255     Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
 256     nuser->username("John");
 257     temp->user(nuser);
 258     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 259 }
 260 #endif /* HAVE_AUTH_MODULE_NTLM */
 261
 262 #if HAVE_AUTH_MODULE_NEGOTIATE
 263 #include "auth/negotiate/User.h"
 264 #include "auth/negotiate/UserRequest.h"
 265 /* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 266  */
 267 void
 268 testAuthNegotiateUserRequest::construction()
 269 {
 270     AuthNegotiateUserRequest();
 271     AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
 272     delete temp;
 273 }
 274
 275 void
 276 testAuthNegotiateUserRequest::username()
 277 {
 278     AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
 279     Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
 280     nuser->username("John");
 281     temp->user(nuser);
 282     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 283 }
 284
 285 #endif /* HAVE_AUTH_MODULE_NEGOTIATE */
 286 #endif /* USE_AUTH */