src/tests/testAuth.cc

   1 #define SQUID_UNIT_TEST 1
   2
   3 #include "squid.h"
   4 #include "testAuth.h"
   5 #include "auth/Gadgets.h"
   6 #include "auth/UserRequest.h"
   7 #include "auth/Scheme.h"
   8 #include "auth/Config.h"
   9 #include "Mem.h"
  10
  11 CPPUNIT_TEST_SUITE_REGISTRATION( testAuth );
  12 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthConfig );
  13 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthUserRequest );
  14 #if HAVE_AUTH_MODULE_BASIC
  15 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthBasicUserRequest );
  16 #endif
  17 #if HAVE_AUTH_MODULE_DIGEST
  18 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthDigestUserRequest );
  19 #endif
  20 #if HAVE_AUTH_MODULE_NTLM
  21 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNTLMUserRequest );
  22 #endif
  23 #if HAVE_AUTH_MODULE_NEGOTIATE
  24 CPPUNIT_TEST_SUITE_REGISTRATION( testAuthNegotiateUserRequest );
  25 #endif
  26
  27 /* Instantiate all auth framework types */
  28 void
  29 testAuth::instantiate()
  30 {}
  31
  32 char const * stub_config="auth_param digest program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd\n"
  33                          "auth_param digest children 5\n"
  34                          "auth_param digest realm Squid proxy-caching web server\n"
  35                          "auth_param digest nonce_garbage_interval 5 minutes\n"
  36                          "auth_param digest nonce_max_duration 30 minutes\n"
  37                          "auth_param digest nonce_max_count 50\n";
  38
  39 static
  40 char const *
  41 find_proxy_auth(char const *type)
  42 {
  43     char const * proxy_auths[][2]= { {"basic","Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ=="},
  44
  45         {"digest", "Digest username=\"robertdig\", realm=\"Squid proxy-caching web server\", nonce=\"yy8rQXjEWwixXVBj\", uri=\"/images/bg8.gif\", response=\"f75a7d3edd48d93c681c75dc4fb58700\", qop=auth, nc=00000012, cnonce=\"e2216641961e228e\" "},
  46         {"ntlm", "NTLM "},
  47         {"negotiate", "Negotiate "}
  48     };
  49
  50     for (unsigned count = 0; count < 4 ; count++) {
  51         if (strcasecmp(type, proxy_auths[count][0]) == 0)
  52             return proxy_auths[count][1];
  53     }
  54
  55     return NULL;
  56 }
  57
  58 static
  59 AuthConfig *
  60 getConfig(char const *type_str)
  61 {
  62     Vector<AuthConfig *> &config = Config.authConfiguration;
  63     /* find a configuration for the scheme */
  64     AuthConfig *scheme = AuthConfig::Find (type_str);
  65
  66     if (scheme == NULL) {
  67         /* Create a configuration */
  68         AuthScheme *theScheme;
  69
  70         if ((theScheme = AuthScheme::Find(type_str)) == NULL) {
  71             return NULL;
  72             //fatalf("Unknown authentication scheme '%s'.\n", type_str);
  73         }
  74
  75         config.push_back(theScheme->createConfig());
  76         scheme = config.back();
  77         assert (scheme);
  78     }
  79
  80     return scheme;
  81 }
  82
  83 static
  84 void
  85 setup_scheme(AuthConfig *scheme, char const **params, unsigned param_count)
  86 {
  87     Vector<AuthConfig *> &config = Config.authConfiguration;
  88
  89     for (unsigned position=0; position < param_count; position++) {
  90         char *param_str=xstrdup(params[position]);
  91         strtok(param_str, w_space);
  92         scheme->parse(scheme, config.size(), param_str);
  93     }
  94 }
  95
  96 static
  97 void
  98 fake_auth_setup()
  99 {
 100     static bool setup(false);
 101
 102     if (setup)
 103         return;
 104
 105     Mem::Init();
 106
 107     Vector<AuthConfig *> &config = Config.authConfiguration;
 108
 109     char const *digest_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 110                                  "realm foo"
 111                                 };
 112
 113     char const *basic_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd",
 114                                 "realm foo"
 115                                };
 116
 117     char const *ntlm_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 118
 119     char const *negotiate_parms[]= {"program /home/robertc/install/squid/libexec/digest_pw_auth /home/robertc/install/squid/etc/digest.pwd"};
 120
 121     struct _scheme_params {
 122         char const *name;
 123         char const **params;
 124         unsigned paramlength;
 125     }
 126
 127     params[]={ {"digest", digest_parms, 2},
 128         {"basic", basic_parms, 2},
 129         {"ntlm", ntlm_parms, 1},
 130         {"negotiate", negotiate_parms, 1}
 131     };
 132
 133     for (unsigned scheme=0; scheme < 4; scheme++) {
 134         AuthConfig *schemeConfig;
 135         schemeConfig = getConfig(params[scheme].name);
 136         if (schemeConfig != NULL)
 137             setup_scheme(schemeConfig, params[scheme].params,
 138                          params[scheme].paramlength);
 139         else
 140             fprintf(stderr,"Skipping unknown authentication scheme '%s'.\n",
 141                     params[scheme].name);
 142     }
 143
 144     authenticateInit(&config);
 145
 146     setup=true;
 147 }
 148
 149 /* AuthConfig::CreateAuthUser works for all
 150  * authentication types
 151  */
 152 void
 153 testAuthConfig::create()
 154 {
 155     Debug::Levels[29]=9;
 156     fake_auth_setup();
 157
 158     for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i) {
 159         AuthUserRequest *authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
 160         CPPUNIT_ASSERT(authRequest != NULL);
 161     }
 162 }
 163
 164 #if HAVE_IOSTREAM
 165 #include <iostream>
 166 #endif
 167
 168 /* AuthUserRequest::scheme returns the correct scheme for all
 169  * authentication types
 170  */
 171 void
 172 testAuthUserRequest::scheme()
 173 {
 174     Debug::Levels[29]=9;
 175     fake_auth_setup();
 176
 177     for (AuthScheme::const_iterator i = AuthScheme::Schemes().begin(); i != AuthScheme::Schemes().end(); ++i) {
 178         // create a user request
 179         // check its scheme matches *i
 180         AuthUserRequest *authRequest = AuthConfig::CreateAuthUser(find_proxy_auth((*i)->type()));
 181         CPPUNIT_ASSERT_EQUAL(authRequest->scheme(), *i);
 182     }
 183 }
 184
 185 #if HAVE_AUTH_MODULE_BASIC
 186 #include "auth/basic/auth_basic.h"
 187 /* AuthBasicUserRequest::AuthBasicUserRequest works
 188  */
 189 void
 190 testAuthBasicUserRequest::construction()
 191 {
 192     AuthBasicUserRequest();
 193     AuthBasicUserRequest *temp=new AuthBasicUserRequest();
 194     delete temp;
 195 }
 196
 197 void
 198 testAuthBasicUserRequest::username()
 199 {
 200     AuthBasicUserRequest();
 201     AuthBasicUserRequest *temp=new AuthBasicUserRequest();
 202     BasicUser *basic_auth=new BasicUser(AuthConfig::Find("basic"));
 203     basic_auth->username("John");
 204     temp->user(basic_auth);
 205     basic_auth->addRequest(temp);
 206     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 207     delete temp;
 208 }
 209 #endif /* HAVE_AUTH_MODULE_BASIC */
 210
 211 #if HAVE_AUTH_MODULE_DIGEST
 212 #include "auth/digest/auth_digest.h"
 213 /* AuthDigestUserRequest::AuthDigestUserRequest works
 214  */
 215 void
 216 testAuthDigestUserRequest::construction()
 217 {
 218     AuthDigestUserRequest();
 219     AuthDigestUserRequest *temp=new AuthDigestUserRequest();
 220     delete temp;
 221 }
 222
 223 void
 224 testAuthDigestUserRequest::username()
 225 {
 226     AuthDigestUserRequest();
 227     AuthDigestUserRequest *temp=new AuthDigestUserRequest();
 228     DigestUser *user=new DigestUser(AuthConfig::Find("digest"));
 229     user->username("John");
 230     temp->user(user);
 231     user->addRequest(temp);
 232     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 233     delete temp;
 234 }
 235 #endif /* HAVE_AUTH_MODULE_DIGEST */
 236
 237 #if HAVE_AUTH_MODULE_NTLM
 238 #include "auth/ntlm/auth_ntlm.h"
 239 /* AuthNTLMUserRequest::AuthNTLMUserRequest works
 240  */
 241 void
 242 testAuthNTLMUserRequest::construction()
 243 {
 244     AuthNTLMUserRequest();
 245     AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
 246     delete temp;
 247 }
 248
 249 void
 250 testAuthNTLMUserRequest::username()
 251 {
 252     AuthNTLMUserRequest();
 253     AuthNTLMUserRequest *temp=new AuthNTLMUserRequest();
 254     NTLMUser *user=new NTLMUser(AuthConfig::Find("ntlm"));
 255     user->username("John");
 256     temp->user(user);
 257     user->addRequest(temp);
 258     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 259     delete temp;
 260 }
 261 #endif /* HAVE_AUTH_MODULE_NTLM */
 262
 263 #if HAVE_AUTH_MODULE_NEGOTIATE
 264 #include "auth/negotiate/auth_negotiate.h"
 265 /* AuthNegotiateUserRequest::AuthNegotiateUserRequest works
 266  */
 267 void
 268 testAuthNegotiateUserRequest::construction()
 269 {
 270     AuthNegotiateUserRequest();
 271     AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
 272     delete temp;
 273 }
 274
 275 void
 276 testAuthNegotiateUserRequest::username()
 277 {
 278     AuthNegotiateUserRequest();
 279     AuthNegotiateUserRequest *temp=new AuthNegotiateUserRequest();
 280     NegotiateUser *user=new NegotiateUser(AuthConfig::Find("negotiate"));
 281     user->username("John");
 282     temp->user(user);
 283     user->addRequest(temp);
 284     CPPUNIT_ASSERT_EQUAL(0, strcmp("John", temp->username()));
 285     delete temp;
 286 }
 287
 288 #endif /* HAVE_AUTH_MODULE_NEGOTIATE */