From: Nick Porter <nick@portercomputing.co.uk>
Date: Wed, 30 Aug 2023 10:55:12 +0000 (+0100)
Subject: Add CHAP tests to TACACS
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=095bf9444816fc08ab509655ff9f882e00a39f8b;p=thirdparty%2Ffreeradius-server.git

Add CHAP tests to TACACS
---

diff --git a/src/tests/tacacs/authenticate_chap.out b/src/tests/tacacs/authenticate_chap.out
new file mode 100644
index 00000000000..48be68375e6
--- /dev/null
+++ b/src/tests/tacacs/authenticate_chap.out
@@ -0,0 +1,3 @@
+status: PASS
+data: b'Authentication-Data'
+server_msg: b'CHAP authentication accepted'
diff --git a/src/tests/tacacs/authenticate_chap.txt b/src/tests/tacacs/authenticate_chap.txt
new file mode 100644
index 00000000000..90cd26e9a21
--- /dev/null
+++ b/src/tests/tacacs/authenticate_chap.txt
@@ -0,0 +1,3 @@
+#
+#	ARGV: -t chap -u tapioca authenticate -p queijo -i a -c qwerQWERtyuiTYUI
+#
diff --git a/src/tests/tacacs/authenticate_chapfail.out b/src/tests/tacacs/authenticate_chapfail.out
new file mode 100644
index 00000000000..0890d3c06b1
--- /dev/null
+++ b/src/tests/tacacs/authenticate_chapfail.out
@@ -0,0 +1,3 @@
+status: FAIL
+data: b'Authentication-Data'
+server_msg: b'CHAP authentication failed for scald'
diff --git a/src/tests/tacacs/authenticate_chapfail.txt b/src/tests/tacacs/authenticate_chapfail.txt
new file mode 100644
index 00000000000..a7b1cd47f58
--- /dev/null
+++ b/src/tests/tacacs/authenticate_chapfail.txt
@@ -0,0 +1,3 @@
+#
+#	ARGV: -t chap -u scald authenticate -p pegapilha -i a -c qwerQWERtyuiTYUI
+#
diff --git a/src/tests/tacacs/config/radiusd.conf b/src/tests/tacacs/config/radiusd.conf
index 264d14ac094..431e59547d1 100644
--- a/src/tests/tacacs/config/radiusd.conf
+++ b/src/tests/tacacs/config/radiusd.conf
@@ -139,6 +139,18 @@ server test {
 		}
 	}
 
+	authenticate CHAP {
+		if (&User-Name == 'tapioca') {
+			&control.Password.Cleartext = 'queijo'
+		}
+		chap { fail = 1, reject = 2 }
+		if (ok) {
+			&reply.Server-Message := "CHAP authentication accepted"
+		} else {
+			&reply.Server-Message := "CHAP authentication failed for %{User-Name}"
+		}
+	}
+
 	send Authentication-Pass {
 		&reply.Data := "Authentication-Data"
 	}