diff options
Diffstat (limited to 'src/auth/test-auth-request-fields.c')
-rw-r--r-- | src/auth/test-auth-request-fields.c | 147 |
1 files changed, 147 insertions, 0 deletions
diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c new file mode 100644 index 0000000..e43a1bf --- /dev/null +++ b/src/auth/test-auth-request-fields.c @@ -0,0 +1,147 @@ +/* Copyright (c) 2020 Dovecot authors, see the included COPYING file */ + +#include "test-auth.h" +#include "str.h" +#include "strescape.h" +#include "auth-request.h" + +struct test_auth_request_field { + const char *internal_name; + const char *event_field; + const char *value; +}; + +static const struct test_auth_request_field auth_request_field_names[] = { + /* use the order in auth_request_export() */ +#define PREFIX "\t\r\n\001prefix-" + { "user", "user", PREFIX"testuser" }, + { "service", "service", PREFIX"testservice" }, + { "master-user", "master_user", PREFIX"testmasteruser" }, + { "original-username", "original_user", PREFIX"testoriguser" }, + { "requested-login-user", "login_user", PREFIX"testloginuser" }, + { "lip", "local_ip", "255.254.253.252" }, + { "rip", "remote_ip", "155.154.153.152" }, + { "lport", "local_port", "12" }, + { "rport", "remote_port", "13" }, + { "real_lip", "real_local_ip", "1.2.3.4" }, + { "real_rip", "real_remote_ip", "5.6.7.8" }, + { "real_lport", "real_local_port", "14" }, + { "real_rport", "real_remote_port", "15" }, + { "local_name", "local_name", PREFIX"testlocalname" }, + { "session", "session", PREFIX"testsession" }, + { "secured", NULL, "" }, + { "skip-password-check", NULL, "" }, + { "delayed-credentials", NULL, "" }, + { "valid-client-cert", NULL, "" }, + { "no-penalty", NULL, "" }, + { "successful", NULL, "" }, + { "mech", "mechanism", "TOKEN" }, + { "client_id", "client_id", PREFIX"testclientid" }, + { "passdb_extrafield1", NULL, PREFIX"extravalue1" }, + { "passdb_extrafield2", NULL, PREFIX"extravalue2" }, + { "userdb_uextrafield1", NULL, PREFIX"userextravalue1" }, + { "userdb_uextrafield2", NULL, PREFIX"userextravalue2" }, +}; + +static struct auth_request * +test_auth_request_init(const struct mech_module *mech) +{ + struct auth_request *request; + pool_t pool = pool_alloconly_create("test auth request", 1024); + + request = p_new(pool, struct auth_request, 1); + request->pool = pool; + request->event = event_create(NULL); + request->mech = mech; + auth_request_fields_init(request); + + /* fill out fields that are always exported */ + request->fields.user = "user"; + request->fields.original_username = "user"; + request->fields.service = "service"; + return request; +} + +static void test_auth_request_deinit(struct auth_request *request) +{ + event_unref(&request->event); + pool_unref(&request->pool); +} + +static void test_auth_request_fields_list(void) +{ + struct auth_request *request = + test_auth_request_init(&mech_dovecot_token); + string_t *exported = t_str_new(512); + for (unsigned int i = 0; i < N_ELEMENTS(auth_request_field_names); i++) { + const struct test_auth_request_field *test = + &auth_request_field_names[i]; + test_assert_idx(auth_request_import(request, + test->internal_name, test->value), i); + + str_append(exported, test->internal_name); + if (test->value[0] != '\0') { + str_append_c(exported, '='); + str_append_tabescaped(exported, test->value); + } + str_append_c(exported, '\t'); + + if (test->event_field != NULL) { + const char *value = + event_find_field_recursive_str(request->event, test->event_field); + test_assert_idx(null_strcmp(value, test->value) == 0, i); + } + } + str_truncate(exported, str_len(exported)-1); + + string_t *exported2 = t_str_new(512); + auth_request_export(request, exported2); + test_assert_strcmp(str_c(exported), str_c(exported2)); + + test_auth_request_deinit(request); +} + +static bool +test_auth_request_export_cmp(struct auth_request *request, + const char *key, const char *value) +{ + string_t *exported = t_str_new(128); + str_append(exported, "user=user\tservice=service\toriginal-username=user\t"); + str_append(exported, key); + if (value[0] != '\0') { + str_append_c(exported, '='); + str_append_tabescaped(exported, value); + } + + string_t *exported2 = t_str_new(128); + auth_request_export(request, exported2); + test_assert_strcmp(str_c(exported), str_c(exported2)); + return strcmp(str_c(exported), str_c(exported2)) == 0; + +} + +static void test_auth_request_fields_secured(void) +{ + struct auth_request *request = test_auth_request_init(NULL); + + test_assert(auth_request_import(request, "secured", "")); + test_assert(test_auth_request_export_cmp(request, "secured", "")); + test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0); + + test_assert(auth_request_import(request, "secured", "tls")); + test_assert(test_auth_request_export_cmp(request, "secured", "tls")); + test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "TLS") == 0); + + test_assert(auth_request_import(request, "secured", "blah")); + test_assert(test_auth_request_export_cmp(request, "secured", "")); + test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0); + test_auth_request_deinit(request); +} + +void test_auth_request_fields(void) +{ + test_begin("auth request fields"); + test_auth_request_fields_list(); + test_auth_request_fields_secured(); + test_end(); +} |