src/tests/testAuth.cc

   1 /*
   2  * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #include "squid.h"
  10
  11 #if USE_AUTH
  12
  13 #include "auth/Config.h"
  14 #include "auth/Gadgets.h"
  15 #include "auth/Scheme.h"
  16 #include "auth/UserRequest.h"
  17 #include "ConfigParser.h"
  18 #include "testAuth.h"
  19 #include "unitTestMain.h"
  20
  21 CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
  22 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
  23 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
  24 #if HAVE_AUTH_MODULE_BASIC
  25 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
  26 #endif
  27 #if HAVE_AUTH_MODULE_DIGEST
  28 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
  29 #endif
  30 #if HAVE_AUTH_MODULE_NTLM
  31 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
  32 #endif
  33 #if HAVE_AUTH_MODULE_NEGOTIATE
  34 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
  35 #endif
  36
  37 /* Instantiate all auth framework types */
  38 void
  39 testAuth::instantiate()
  40 {}
  41
  42 char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
  43                          "auth_param digest children 5\n"
  44                          "auth_param digest realm Squid proxy-caching web server\n"
  45                          "auth_param digest nonce_garbage_interval 5 minutes\n"
  46                          "auth_param digest nonce_max_duration 30 minutes\n"
  47                          "auth_param digest nonce_max_count 50\n";
  48
  49 static
  50 char const *
  51 find_proxy_auth(char const *type)
  52 {
  53     char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
  54
  55         {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
  56         {"ntlm", "NTLM "},
  57         {"negotiate", "Negotiate "}
  58     };
  59
  60     for (unsigned count = 0; count < 4 ; ++count) {
  61         if (strcasecmp(type, proxy_auths[count][0]) == 0)
  62             return proxy_auths[count][1];
  63     }
  64
  65     return NULL;
  66 }
  67
  68 static
  69 Auth::Config *
  70 getConfig(char const *type_str)
  71 {
  72     Auth::ConfigVector &config = Auth::TheConfig;
  73     /* find a configuration for the scheme */
  74     Auth::Config *scheme = Auth::Config::Find(type_str);
  75
  76     if (scheme == NULL) {
  77         /* Create a configuration */
  78         Auth::Scheme::Pointer theScheme = Auth::Scheme::Find(type_str);
  79
  80         if (theScheme == NULL) {
  81             return NULL;
  82             //fatalf("Unknown authentication scheme '%s'.\n", type_str);
  83         }
  84
  85         config.push_back(theScheme->createConfig());
  86         scheme = config.back();
  87         assert(scheme);
  88     }
  89
  90     return scheme;
  91 }
  92
  93 static
  94 void
  95 setup_scheme(Auth::Config *scheme, char const **params, unsigned param_count)
  96 {
  97     Auth::ConfigVector &config = Auth::TheConfig;
  98
  99     for (unsigned position=0; position < param_count; ++position) {
 100         char *param_str=xstrdup(params[position]);
 101         strtok(param_str, w_space);
 102         ConfigParser::SetCfgLine(strtok(NULL, ""));
 103         scheme->parse(scheme, config.size(), param_str);
 104     }
 105 }
 106
 107 static
 108 void
 109 fake_auth_setup()
 110 {
 111     static bool setup(false);
 112
 113     if (setup)
 114         return;
 115
 116     Mem::Init();
 117
 118     Auth::ConfigVector &config = Auth::TheConfig;
 119
 120     char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 121                                  "realm foo"
 122                                 };
 123
 124     char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 125                                 "realm foo"
 126                                };
 127
 128     char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 129
 130     char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 131
 132     struct _scheme_params {
 133         char const *name;
 134         char const **params;
 135         unsigned paramlength;
 136     }
 137
 138     params[]= { {"digest", digest_parms, 2},
 139         {"basic", basic_parms, 2},
 140         {"ntlm", ntlm_parms, 1},
 141         {"negotiate", negotiate_parms, 1}
 142     };
 143
 144     for (unsigned scheme=0; scheme < 4; ++scheme) {
 145         Auth::Config *schemeConfig;
 146         schemeConfig = getConfig(params[scheme].name);
 147         if (schemeConfig != NULL)
 148             setup_scheme(schemeConfig, params[scheme].params,
 149                          params[scheme].paramlength);
 150         else
 151             fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
 152                     params[scheme].name);
 153     }
 154
 155     authenticateInit(&config);
 156
 157     setup=true;
 158 }
 159
 160 /* Auth::Config::CreateAuthUser works for all
 161  * authentication types
 162  */
 163 void
 164 testAuthConfig::create()
 165 {
 166     Debug::Levels[29]=9;
 167     fake_auth_setup();
 168
 169     for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
 170         AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
 171         CPPUNIT_ASSERT(authRequest != NULL);
 172     }
 173 }
 174
 175 #include <iostream>
 176
 177 /* AuthUserRequest::scheme returns the correct scheme for all
 178  * authentication types
 179  */
 180 void
 181 testAuthUserRequest::scheme()
 182 {
 183     Debug::Levels[29]=9;
 184     fake_auth_setup();
 185
 186     for (Auth::Scheme::iterator i = Auth::Scheme::GetSchemes().begin(); i != Auth::Scheme::GetSchemes().end(); ++i) {
 187         // create a user request
 188         // check its scheme matches *i
 189         AuthUserRequest::Pointer authRequest = Auth::Config::CreateAuthUser(find_proxy_auth((*i)->type()));
 190         CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
 191     }
 192 }
 193
 194 #if HAVE_AUTH_MODULE_BASIC
 195 #include "auth/basic/User.h"
 196 #include "auth/basic/UserRequest.h"
 197 /* AuthBasicUserRequest::AuthBasicUserRequest works
 198  */
 199 void
 200 testAuthBasicUserRequest::construction()
 201 {
 202     AuthBasicUserRequest();
 203     AuthBasicUserRequest *temp=new AuthBasicUserRequest();
 204     delete temp;
 205 }
 206
 207 void
 208 testAuthBasicUserRequest::username()
 209 {
 210     AuthUserRequest::Pointer temp = new AuthBasicUserRequest();
 211     Auth::Basic::User *basic_auth=new Auth::Basic::User(Auth::Config::Find("basic"));
 212     basic_auth->username("John");
 213     temp->user(basic_auth);
 214     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 215 }
 216 #endif /* HAVE_AUTH_MODULE_BASIC */
 217
 218 #if HAVE_AUTH_MODULE_DIGEST
 219 #include "auth/digest/User.h"
 220 #include "auth/digest/UserRequest.h"
 221 /* AuthDigestUserRequest::AuthDigestUserRequest works
 222  */
 223 void
 224 testAuthDigestUserRequest::construction()
 225 {
 226     AuthDigestUserRequest();
 227     AuthDigestUserRequest *temp=new AuthDigestUserRequest();
 228     delete temp;
 229 }
 230
 231 void
 232 testAuthDigestUserRequest::username()
 233 {
 234     AuthUserRequest::Pointer temp = new AuthDigestUserRequest();
 235     Auth::Digest::User *duser=new Auth::Digest::User(Auth::Config::Find("digest"));
 236     duser->username("John");
 237     temp->user(duser);
 238     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 239 }
 240 #endif /* HAVE_AUTH_MODULE_DIGEST */
 241
 242 #if HAVE_AUTH_MODULE_NTLM
 243 #include "auth/ntlm/User.h"
 244 #include "auth/ntlm/UserRequest.h"
 245 /* AuthNTLMUserRequest::AuthNTLMUserRequest works
 246  */
 247 void
 248 testAuthNTLMUserRequest::construction()
 249 {
 250     AuthNTLMUserRequest();
 251     AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
 252     delete temp;
 253 }
 254
 255 void
 256 testAuthNTLMUserRequest::username()
 257 {
 258     AuthUserRequest::Pointer temp = new AuthNTLMUserRequest();
 259     Auth::Ntlm::User *nuser=new Auth::Ntlm::User(Auth::Config::Find("ntlm"));
 260     nuser->username("John");
 261     temp->user(nuser);
 262     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 263 }
 264 #endif /* HAVE_AUTH_MODULE_NTLM */
 265
 266 #if HAVE_AUTH_MODULE_NEGOTIATE
 267 #include "auth/negotiate/User.h"
 268 #include "auth/negotiate/UserRequest.h"
 269 /* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 270  */
 271 void
 272 testAuthNegotiateUserRequest::construction()
 273 {
 274     AuthNegotiateUserRequest();
 275     AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
 276     delete temp;
 277 }
 278
 279 void
 280 testAuthNegotiateUserRequest::username()
 281 {
 282     AuthUserRequest::Pointer temp = new AuthNegotiateUserRequest();
 283     Auth::Negotiate::User *nuser=new Auth::Negotiate::User(Auth::Config::Find("negotiate"));
 284     nuser->username("John");
 285     temp->user(nuser);
 286     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 287 }
 288
 289 #endif /* HAVE_AUTH_MODULE_NEGOTIATE */
 290 #endif /* USE_AUTH */
 291