1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
package sasl_test
import (
"bytes"
"errors"
"testing"
"github.com/emersion/go-sasl"
)
func TestNewLoginClient(t *testing.T) {
c := sasl.NewLoginClient("username", "Password:")
mech, resp, err := c.Start()
if err != nil {
t.Fatal("Error while starting client:", err)
}
if mech != "LOGIN" {
t.Error("Invalid mechanism name:", mech)
}
expected := []byte{117, 115, 101, 114, 110, 97, 109, 101}
if bytes.Compare(resp, expected) != 0 {
t.Error("Invalid initial response:", resp)
}
resp, err = c.Next(expected)
if err != sasl.ErrUnexpectedServerChallenge {
t.Error("Invalid chalange")
}
expected = []byte("Password:")
resp, err = c.Next(expected)
if bytes.Compare(resp, expected) != 0 {
t.Error("Invalid initial response:", resp)
}
}
func TestNewLoginServer(t *testing.T) {
var authenticated = false
s := sasl.NewLoginServer(func(username, password string) error {
if username != "tim" {
return errors.New("Invalid username: " + username)
}
if password != "tanstaaftanstaaf" {
return errors.New("Invalid password: " + password)
}
authenticated = true
return nil
})
challenge, done, err := s.Next(nil)
if err != nil {
t.Fatal("Error while starting server:", err)
}
if done {
t.Fatal("Done after starting server")
}
if string(challenge) != "Username:" {
t.Error("Invalid first challenge:", challenge)
}
challenge, done, err = s.Next([]byte("tim"))
if err != nil {
t.Fatal("Error while sending username:", err)
}
if done {
t.Fatal("Done after sending username")
}
if string(challenge) != "Password:" {
t.Error("Invalid challenge after sending username:", challenge)
}
challenge, done, err = s.Next([]byte("tanstaaftanstaaf"))
if err != nil {
t.Fatal("Error while sending password:", err)
}
if !done {
t.Fatal("Authentication not finished after sending password")
}
if len(challenge) > 0 {
t.Error("Invalid non-empty final challenge:", challenge)
}
if !authenticated {
t.Error("Not authenticated")
}
// Tests with initial response field, as per RFC4422 section 3
authenticated = false
s = sasl.NewLoginServer(func(username, password string) error {
if username != "tim" {
return errors.New("Invalid username: " + username)
}
if password != "tanstaaftanstaaf" {
return errors.New("Invalid password: " + password)
}
authenticated = true
return nil
})
challenge, done, err = s.Next([]byte("tim"))
if err != nil {
t.Fatal("Error while sending username:", err)
}
if done {
t.Fatal("Done after sending username")
}
if string(challenge) != "Password:" {
t.Error("Invalid challenge after sending username:", string(challenge))
}
challenge, done, err = s.Next([]byte("tanstaaftanstaaf"))
if err != nil {
t.Fatal("Error while sending password:", err)
}
if !done {
t.Fatal("Authentication not finished after sending password")
}
if len(challenge) > 0 {
t.Error("Invalid non-empty final challenge:", challenge)
}
if !authenticated {
t.Error("Not authenticated")
}
}
|
