File: digest_md5.t

package info (click to toggle)
libauthen-sasl-perl 2.1900-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 328 kB
  • sloc: perl: 2,249; makefile: 7
file content (107 lines) | stat: -rw-r--r-- 2,853 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
 
#!perl

BEGIN {
  require Test::More;
  eval { require Digest::MD5 } or Test::More->import(skip_all => 'Need Digest::MD5');
  eval { require Digest::HMAC_MD5 } or Test::More->import(skip_all => 'Need Digest::HMAC_MD5');
}

use Test::More (tests => 27);

use Authen::SASL qw(Perl);

my $authname;

my $sasl = Authen::SASL->new(
  mechanism => 'DIGEST-MD5',
  callback => {
    user => 'gbarr',
    pass => 'fred',
    authname => sub { $authname },
  },
);
ok($sasl,'new');

is($sasl->mechanism, 'DIGEST-MD5', 'sasl mechanism');

my $conn = $sasl->client_new("ldap","localhost", "noplaintext noanonymous");

is($conn->mechanism, 'DIGEST-MD5', 'conn mechanism');

is($conn->client_start, '', 'client_start');
ok  $conn->need_step, "we need extra steps";
ok !$conn->is_success, "success will be later if we are good boys";
ok !$conn->error, "so far so good";

my $sparams = 'realm="elwood.innosoft.com",nonce="OA6MG9tEQGm2hh",qop="auth,auth-inf",algorithm=md5-sess,charset=utf-8';
# override for testing as by default it uses $$, time and rand
$Authen::SASL::Perl::DIGEST_MD5::CNONCE = "foobar";
$Authen::SASL::Perl::DIGEST_MD5::CNONCE = "foobar"; # avoid used only once warning
my $initial = $conn->client_step($sparams);
ok  $conn->need_step, "we need extra steps";
ok !$conn->is_success, "success will be later if we are good boys";
ok !$conn->error, "so far so good";

my @expect = qw(
  charset=utf-8
  cnonce="3858f62230ac3c915f300c664312c63f"
  digest-uri="ldap/localhost"
  nc=00000001
  nonce="OA6MG9tEQGm2hh"
  qop=auth
  realm="elwood.innosoft.com"
  response=9c81619e12f61fb2eed6bc8ed504ad28
  username="gbarr"
);

is(
  $initial,
  join(",", @expect),
  'client_step [1]'
);

my $response='rspauth=d1273170c120bae49cea49de9b4c5bdc';
$initial = $conn->client_step($response);
ok !$conn->need_step, "we're done";
ok $conn->is_success, "success !";
ok !$conn->error, "we did a good job";

is(
  $initial,
  '',
  'client_step [2]'
);

# .. .and now everything with an authname
is($conn->client_start, '', 'client_start');
ok  $conn->need_step, "we need extra steps";
ok !$conn->is_success, "success will be later if we are good boys";
ok !$conn->error, "so far so good";

$authname = 'meme';
$initial = $conn->client_step($sparams);
ok  $conn->need_step, "we need extra steps";
ok !$conn->is_success, "success will be later if we are good boys";
ok !$conn->error, "so far so good";

$expect[3] = 'nc=00000002';
$expect[7] = 'response=8d8afc5ff9cf3add40e50a5eaabb9aac';

is(
  $initial,
  join(",", 'authzid="meme"', @expect),
  'client_step + authname [1]'
);

$response='rspauth=dcb2b36dcd0750d3a7d0482fe1872769';
$initial = $conn->client_step($response);
ok !$conn->need_step, "we're done";
ok $conn->is_success, "success !";
ok !$conn->error, "we did a good job";

is(
  $initial,
  '',
  'client_step + authname [2]'
) or diag $conn->error;