summaryrefslogtreecommitdiffstats
path: root/src/auth/test-auth-request-fields.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/auth/test-auth-request-fields.c')
-rw-r--r--src/auth/test-auth-request-fields.c147
1 files changed, 147 insertions, 0 deletions
diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c
new file mode 100644
index 0000000..e43a1bf
--- /dev/null
+++ b/src/auth/test-auth-request-fields.c
@@ -0,0 +1,147 @@
+/* Copyright (c) 2020 Dovecot authors, see the included COPYING file */
+
+#include "test-auth.h"
+#include "str.h"
+#include "strescape.h"
+#include "auth-request.h"
+
+struct test_auth_request_field {
+ const char *internal_name;
+ const char *event_field;
+ const char *value;
+};
+
+static const struct test_auth_request_field auth_request_field_names[] = {
+ /* use the order in auth_request_export() */
+#define PREFIX "\t\r\n\001prefix-"
+ { "user", "user", PREFIX"testuser" },
+ { "service", "service", PREFIX"testservice" },
+ { "master-user", "master_user", PREFIX"testmasteruser" },
+ { "original-username", "original_user", PREFIX"testoriguser" },
+ { "requested-login-user", "login_user", PREFIX"testloginuser" },
+ { "lip", "local_ip", "255.254.253.252" },
+ { "rip", "remote_ip", "155.154.153.152" },
+ { "lport", "local_port", "12" },
+ { "rport", "remote_port", "13" },
+ { "real_lip", "real_local_ip", "1.2.3.4" },
+ { "real_rip", "real_remote_ip", "5.6.7.8" },
+ { "real_lport", "real_local_port", "14" },
+ { "real_rport", "real_remote_port", "15" },
+ { "local_name", "local_name", PREFIX"testlocalname" },
+ { "session", "session", PREFIX"testsession" },
+ { "secured", NULL, "" },
+ { "skip-password-check", NULL, "" },
+ { "delayed-credentials", NULL, "" },
+ { "valid-client-cert", NULL, "" },
+ { "no-penalty", NULL, "" },
+ { "successful", NULL, "" },
+ { "mech", "mechanism", "TOKEN" },
+ { "client_id", "client_id", PREFIX"testclientid" },
+ { "passdb_extrafield1", NULL, PREFIX"extravalue1" },
+ { "passdb_extrafield2", NULL, PREFIX"extravalue2" },
+ { "userdb_uextrafield1", NULL, PREFIX"userextravalue1" },
+ { "userdb_uextrafield2", NULL, PREFIX"userextravalue2" },
+};
+
+static struct auth_request *
+test_auth_request_init(const struct mech_module *mech)
+{
+ struct auth_request *request;
+ pool_t pool = pool_alloconly_create("test auth request", 1024);
+
+ request = p_new(pool, struct auth_request, 1);
+ request->pool = pool;
+ request->event = event_create(NULL);
+ request->mech = mech;
+ auth_request_fields_init(request);
+
+ /* fill out fields that are always exported */
+ request->fields.user = "user";
+ request->fields.original_username = "user";
+ request->fields.service = "service";
+ return request;
+}
+
+static void test_auth_request_deinit(struct auth_request *request)
+{
+ event_unref(&request->event);
+ pool_unref(&request->pool);
+}
+
+static void test_auth_request_fields_list(void)
+{
+ struct auth_request *request =
+ test_auth_request_init(&mech_dovecot_token);
+ string_t *exported = t_str_new(512);
+ for (unsigned int i = 0; i < N_ELEMENTS(auth_request_field_names); i++) {
+ const struct test_auth_request_field *test =
+ &auth_request_field_names[i];
+ test_assert_idx(auth_request_import(request,
+ test->internal_name, test->value), i);
+
+ str_append(exported, test->internal_name);
+ if (test->value[0] != '\0') {
+ str_append_c(exported, '=');
+ str_append_tabescaped(exported, test->value);
+ }
+ str_append_c(exported, '\t');
+
+ if (test->event_field != NULL) {
+ const char *value =
+ event_find_field_recursive_str(request->event, test->event_field);
+ test_assert_idx(null_strcmp(value, test->value) == 0, i);
+ }
+ }
+ str_truncate(exported, str_len(exported)-1);
+
+ string_t *exported2 = t_str_new(512);
+ auth_request_export(request, exported2);
+ test_assert_strcmp(str_c(exported), str_c(exported2));
+
+ test_auth_request_deinit(request);
+}
+
+static bool
+test_auth_request_export_cmp(struct auth_request *request,
+ const char *key, const char *value)
+{
+ string_t *exported = t_str_new(128);
+ str_append(exported, "user=user\tservice=service\toriginal-username=user\t");
+ str_append(exported, key);
+ if (value[0] != '\0') {
+ str_append_c(exported, '=');
+ str_append_tabescaped(exported, value);
+ }
+
+ string_t *exported2 = t_str_new(128);
+ auth_request_export(request, exported2);
+ test_assert_strcmp(str_c(exported), str_c(exported2));
+ return strcmp(str_c(exported), str_c(exported2)) == 0;
+
+}
+
+static void test_auth_request_fields_secured(void)
+{
+ struct auth_request *request = test_auth_request_init(NULL);
+
+ test_assert(auth_request_import(request, "secured", ""));
+ test_assert(test_auth_request_export_cmp(request, "secured", ""));
+ test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0);
+
+ test_assert(auth_request_import(request, "secured", "tls"));
+ test_assert(test_auth_request_export_cmp(request, "secured", "tls"));
+ test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "TLS") == 0);
+
+ test_assert(auth_request_import(request, "secured", "blah"));
+ test_assert(test_auth_request_export_cmp(request, "secured", ""));
+ test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0);
+ test_auth_request_deinit(request);
+}
+
+void test_auth_request_fields(void)
+{
+ test_begin("auth request fields");
+ test_auth_request_fields_list();
+ test_auth_request_fields_secured();
+ test_end();
+}