1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
/* Copyright (c) 2020 Dovecot authors, see the included COPYING file */
#include "test-auth.h"
#include "str.h"
#include "strescape.h"
#include "auth-request.h"
struct test_auth_request_field {
const char *internal_name;
const char *event_field;
const char *value;
};
static const struct test_auth_request_field auth_request_field_names[] = {
/* use the order in auth_request_export() */
#define PREFIX "\t\r\n\001prefix-"
{ "user", "user", PREFIX"testuser" },
{ "service", "service", PREFIX"testservice" },
{ "master-user", "master_user", PREFIX"testmasteruser" },
{ "original-username", "original_user", PREFIX"testoriguser" },
{ "requested-login-user", "login_user", PREFIX"testloginuser" },
{ "lip", "local_ip", "255.254.253.252" },
{ "rip", "remote_ip", "155.154.153.152" },
{ "lport", "local_port", "12" },
{ "rport", "remote_port", "13" },
{ "real_lip", "real_local_ip", "1.2.3.4" },
{ "real_rip", "real_remote_ip", "5.6.7.8" },
{ "real_lport", "real_local_port", "14" },
{ "real_rport", "real_remote_port", "15" },
{ "local_name", "local_name", PREFIX"testlocalname" },
{ "session", "session", PREFIX"testsession" },
{ "secured", NULL, "" },
{ "skip-password-check", NULL, "" },
{ "delayed-credentials", NULL, "" },
{ "valid-client-cert", NULL, "" },
{ "no-penalty", NULL, "" },
{ "successful", NULL, "" },
{ "mech", "mechanism", "TOKEN" },
{ "client_id", "client_id", PREFIX"testclientid" },
{ "passdb_extrafield1", NULL, PREFIX"extravalue1" },
{ "passdb_extrafield2", NULL, PREFIX"extravalue2" },
{ "userdb_uextrafield1", NULL, PREFIX"userextravalue1" },
{ "userdb_uextrafield2", NULL, PREFIX"userextravalue2" },
};
static struct auth_request *
test_auth_request_init(const struct mech_module *mech)
{
struct auth_request *request;
pool_t pool = pool_alloconly_create("test auth request", 1024);
request = p_new(pool, struct auth_request, 1);
request->pool = pool;
request->event = event_create(NULL);
request->mech = mech;
auth_request_fields_init(request);
/* fill out fields that are always exported */
request->fields.user = "user";
request->fields.original_username = "user";
request->fields.service = "service";
return request;
}
static void test_auth_request_deinit(struct auth_request *request)
{
event_unref(&request->event);
pool_unref(&request->pool);
}
static void test_auth_request_fields_list(void)
{
struct auth_request *request =
test_auth_request_init(&mech_dovecot_token);
string_t *exported = t_str_new(512);
for (unsigned int i = 0; i < N_ELEMENTS(auth_request_field_names); i++) {
const struct test_auth_request_field *test =
&auth_request_field_names[i];
test_assert_idx(auth_request_import(request,
test->internal_name, test->value), i);
str_append(exported, test->internal_name);
if (test->value[0] != '\0') {
str_append_c(exported, '=');
str_append_tabescaped(exported, test->value);
}
str_append_c(exported, '\t');
if (test->event_field != NULL) {
const char *value =
event_find_field_recursive_str(request->event, test->event_field);
test_assert_idx(null_strcmp(value, test->value) == 0, i);
}
}
str_truncate(exported, str_len(exported)-1);
string_t *exported2 = t_str_new(512);
auth_request_export(request, exported2);
test_assert_strcmp(str_c(exported), str_c(exported2));
test_auth_request_deinit(request);
}
static bool
test_auth_request_export_cmp(struct auth_request *request,
const char *key, const char *value)
{
string_t *exported = t_str_new(128);
str_append(exported, "user=user\tservice=service\toriginal-username=user\t");
str_append(exported, key);
if (value[0] != '\0') {
str_append_c(exported, '=');
str_append_tabescaped(exported, value);
}
string_t *exported2 = t_str_new(128);
auth_request_export(request, exported2);
test_assert_strcmp(str_c(exported), str_c(exported2));
return strcmp(str_c(exported), str_c(exported2)) == 0;
}
static void test_auth_request_fields_secured(void)
{
struct auth_request *request = test_auth_request_init(NULL);
test_assert(auth_request_import(request, "secured", ""));
test_assert(test_auth_request_export_cmp(request, "secured", ""));
test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0);
test_assert(auth_request_import(request, "secured", "tls"));
test_assert(test_auth_request_export_cmp(request, "secured", "tls"));
test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "TLS") == 0);
test_assert(auth_request_import(request, "secured", "blah"));
test_assert(test_auth_request_export_cmp(request, "secured", ""));
test_assert(null_strcmp(event_find_field_recursive_str(request->event, "transport"), "trusted") == 0);
test_auth_request_deinit(request);
}
void test_auth_request_fields(void)
{
test_begin("auth request fields");
test_auth_request_fields_list();
test_auth_request_fields_secured();
test_end();
}
|