1#!/usr/bin/env perl 2BEGIN { 3 # add current source dir to the include-path 4 # we need this for make distcheck 5 (my $srcdir = $0) =~ s,/[^/]+$,/,; 6 unshift @INC, $srcdir; 7} 8 9use strict; 10use IO::Socket; 11use Test::More tests => 15; 12use LightyTest; 13 14my $tf = LightyTest->new(); 15my $t; 16 17ok($tf->start_proc == 0, "Starting lighttpd") or die(); 18 19$t->{REQUEST} = ( <<EOF 20GET /server-status HTTP/1.0 21EOF 22 ); 23$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 24ok($tf->handle_http($t) == 0, 'Missing Auth-token'); 25 26$t->{REQUEST} = ( <<EOF 27GET /server-status HTTP/1.0 28Authorization: Basic \x80mFuOmphb 29EOF 30 ); 31$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 32ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid base64 Auth-token'); 33 34$t->{REQUEST} = ( <<EOF 35GET /server-status HTTP/1.0 36Authorization: Basic amFuOmphb 37EOF 38 ); 39$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 40ok($tf->handle_http($t) == 0, 'Basic-Auth: Wrong Auth-token'); 41 42$t->{REQUEST} = ( <<EOF 43GET /server-config HTTP/1.0 44Authorization: Basic amFuOmphbg== 45EOF 46 ); 47$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; 48ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - plain'); 49 50$t->{REQUEST} = ( <<EOF 51GET /server-config HTTP/1.0 52Host: auth-htpasswd.example.org 53Authorization: Basic ZGVzOmRlcw== 54EOF 55 ); 56$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; 57ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des)'); 58 59$t->{REQUEST} = ( <<EOF 60GET /server-config HTTP/1.0 61Host: auth-htpasswd.example.org 62Authorization: basic ZGVzOmRlcw== 63EOF 64 ); 65$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; 66ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (des) (lowercase)'); 67 68 69SKIP: { 70 skip "no md5 for crypt under cygwin", 1 if $^O eq 'cygwin'; 71$t->{REQUEST} = ( <<EOF 72GET /server-config HTTP/1.0 73Host: auth-htpasswd.example.org 74Authorization: Basic bWQ1Om1kNQ== 75EOF 76 ); 77$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; 78ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token - htpasswd (md5)'); 79} 80 81$t->{REQUEST} = ( <<EOF 82GET /server-config HTTP/1.0 83Authorization: Basic bWQ1Om1kNA== 84EOF 85 ); 86$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 87ok($tf->handle_http($t) == 0, 'Basic-Auth: Valid Auth-token'); 88 89## this should not crash 90$t->{REQUEST} = ( <<EOF 91GET /server-status HTTP/1.0 92User-Agent: Wget/1.9.1 93Authorization: Digest username="jan", realm="jan", nonce="9a5428ccc05b086a08d918e73b01fc6f", 94 uri="/server-status", response="ea5f7d9a30b8b762f9610ccb87dea74f" 95EOF 96 ); 97$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 98ok($tf->handle_http($t) == 0, 'Digest-Auth: missing qop, no crash'); 99 100## this should not crash 101$t->{REQUEST} = ( <<EOF 102GET /server-status HTTP/1.0 103User-Agent: Wget/1.9.1 104Authorization: Digest username="jan", realm="jan", 105 nonce="b1d12348b4620437c43dd61c50ae4639", 106 uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", 107 cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", 108 response="29B32C2953C763C6D033C8A49983B87E" 109EOF 110 ); 111$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 400 } ]; 112ok($tf->handle_http($t) == 0, 'Digest-Auth: missing nc (noncecount instead), no crash'); 113 114$t->{REQUEST} = ( <<EOF 115GET /server-status HTTP/1.0 116Authorization: Basic = 117EOF 118 ); 119$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 120ok($tf->handle_http($t) == 0, 'Basic-Auth: Invalid Base64'); 121 122 123$t->{REQUEST} = ( <<EOF 124GET /server-status HTTP/1.0 125User-Agent: Wget/1.9.1 126Authorization: Digest username="jan", realm="jan", 127 nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", 128 uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", 129 cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", 130 nc="asd", 131 response="29B32C2953C763C6D033C8A49983B87E" 132EOF 133 ); 134$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 135ok($tf->handle_http($t) == 0, 'Digest-Auth: md5-sess + missing cnonce'); 136 137$t->{REQUEST} = ( <<EOF 138GET /server-status HTTP/1.0 139User-Agent: Wget/1.9.1 140Authorization: Digest username="jan", realm="jan", 141 nonce="b1d12348b4620437c43dd61c50ae4639", algorithm="md5-sess", 142 uri="/MJ-BONG.xm.mpc", qop=auth, noncecount=00000001", 143 cnonce="036FCA5B86F7E7C4965C7F9B8FE714B7", 144 nc="asd", 145 response="29B32C2953C763C6D033C8A49983B87E" 146EOF 147 ); 148$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 401 } ]; 149ok($tf->handle_http($t) == 0, 'Digest-Auth: trailing WS'); 150 151 152 153ok($tf->stop_proc == 0, "Stopping lighttpd"); 154 155