diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
commit | 1221c736f9a90756d47ea6d28320b6b83602dd2a (patch) | |
tree | b453ba7b1393205258c9b098a773b4330984672f /debian/perl-framework/t/modules/access.t | |
parent | Adding upstream version 2.4.38. (diff) | |
download | apache2-1221c736f9a90756d47ea6d28320b6b83602dd2a.tar.xz apache2-1221c736f9a90756d47ea6d28320b6b83602dd2a.zip |
Adding debian version 2.4.38-3+deb10u8.debian/2.4.38-3+deb10u8
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/perl-framework/t/modules/access.t')
-rw-r--r-- | debian/perl-framework/t/modules/access.t | 191 |
1 files changed, 191 insertions, 0 deletions
diff --git a/debian/perl-framework/t/modules/access.t b/debian/perl-framework/t/modules/access.t new file mode 100644 index 0000000..0c8e34e --- /dev/null +++ b/debian/perl-framework/t/modules/access.t @@ -0,0 +1,191 @@ +use strict; +use warnings FATAL => 'all'; + +use Apache::Test; +use Apache::TestRequest; +use Apache::TestUtil; + +## +## mod_access test +## + +my $vars = Apache::Test::vars(); +my $localhost_name = $vars->{servername}; +my $remote_addr = $vars->{remote_addr}; +my(@addr) = split /\./, $remote_addr; +my $addr1 = $addr[0]; +my $addr2 = join '.', $addr[0], $addr[1]; + +my @localhost = ( + 'from all', + "from $localhost_name", + "from $remote_addr", + "from $addr2", + "from $remote_addr/255.255.0.0", + "from $remote_addr/16", + 'from somewhere.else.com', + 'from 66.6.6.6' +); +my @order = ('deny,allow', 'allow,deny', 'mutual-failure'); +my @allow = @localhost; +my @deny = @localhost; + +plan tests => (@order * @allow * @deny * 2) + (@order * @allow), \&need_access; + +my $dir = $vars->{t_dir}; +$dir .= "/htdocs/modules/access/htaccess"; + +sub write_htaccess { + my $conf_str = shift; + open (HT, ">$dir/.htaccess") or die "cant open htaccess: $!"; + print HT $conf_str; + close (HT); +} + +my ($config_string, $ok); +foreach my $order (@order) { + foreach my $allow (@allow) { + $config_string = "Order $order\nAllow $allow\n"; + write_htaccess($config_string); + + t_debug "---", $config_string; + + if ($order eq 'deny,allow') { + + ## if allowing by default, + ## there is no 'Deny' directive, so everything + ## is allowed. + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + + } else { + + ## denying by default + + if ($allow =~ /^from $addr1/ + || $allow eq "from $localhost_name" + || $allow eq 'from all') { + + ## if we are explicitly allowed, its ok + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + } else { + + ## otherwise, not ok + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + } + } + + + foreach my $deny (@deny) { + $config_string = "Order $order\nDeny $deny\n"; + write_htaccess($config_string); + + t_debug "---", $config_string; + + if ($order eq 'deny,allow') { + + ## allowing by default + + if ($deny =~ /^from $addr1/ + || $deny eq "from $localhost_name" + || $deny eq 'from all') { + + ## if we are denied explicitly + ## its not ok + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + + } else { + + ## otherwise, ok + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + } + } else { + + ## if denying by default + ## there is no 'Allow' directive, so + ## everything is denied. + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + + } + + $config_string = "Order $order\nAllow $allow\nDeny $deny\n"; + write_htaccess($config_string); + + t_debug "---", $config_string; + + if ($order eq 'deny,allow') { + + ## allowing by default + + if ($allow =~ /^from $addr1/ + || $allow eq "from $localhost_name" + || $allow eq 'from all') { + + ## we are explicitly allowed + ## so it is ok. + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + } elsif ($deny =~ /^from $addr1/ + || $deny eq "from $localhost_name" + || $deny eq 'from all') { + + ## if we are not explicitly allowed + ## and are explicitly denied, + ## we are denied access. + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + + } else { + + ## if we are not explicity allowed + ## or explicitly denied, + ## we get access. + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + } + } else { + + ## denying by default + + if ($deny =~ /^from $addr1/ + || $deny eq "from $localhost_name" + || $deny eq 'from all') { + + ## if we are explicitly denied, + ## we get no access. + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + + } elsif ($allow =~ /^from $addr1/ + || $allow eq "from $localhost_name" + || $allow eq 'from all') { + + ## if we are not explicitly denied + ## and are explicitly allowed, + ## we get access. + t_debug "expecting access."; + ok GET_OK "/modules/access/htaccess/index.html"; + + } else { + + ## if we are not explicitly denied + ## and not explicitly allowed, + ## we get no access. + t_debug "expecting access denial."; + ok !GET_OK "/modules/access/htaccess/index.html"; + + } + } + } + } +} |