mirror of
https://github.com/processone/ejabberd.git
synced 2024-11-20 16:15:59 +01:00
Add more tests for digest-md5 cyrsasl
This commit is contained in:
parent
732eecac43
commit
294d58a393
@ -59,29 +59,44 @@ defmodule EjabberdCyrsaslTest do
|
|||||||
end
|
end
|
||||||
|
|
||||||
test "Digest-MD5 (correct user and pass)", context do
|
test "Digest-MD5 (correct user and pass)", context do
|
||||||
assert {:continue, init_str, state1} = :cyrsasl.server_start(context[:cyrstate], "DIGEST-MD5", "")
|
assert {:ok, _list} = process_digest_md5(context[:cyrstate], "user1", "domain1", "pass")
|
||||||
|
end
|
||||||
|
|
||||||
|
test "Digest-MD5 (correct user wrong pass)", context do
|
||||||
|
assert {:error, :"not-authorized", "user1"} = process_digest_md5(context[:cyrstate], "user1", "domain1", "badpass")
|
||||||
|
end
|
||||||
|
|
||||||
|
test "Digest-MD5 (wrong user correct pass)", context do
|
||||||
|
assert {:error, :"not-authorized", "baduser"} = process_digest_md5(context[:cyrstate], "baduser", "domain1", "pass")
|
||||||
|
end
|
||||||
|
|
||||||
|
test "Digest-MD5 (wrong user and pass)", context do
|
||||||
|
assert {:error, :"not-authorized", "baduser"} = process_digest_md5(context[:cyrstate], "baduser", "domain1", "badpass")
|
||||||
|
end
|
||||||
|
|
||||||
|
defp process_digest_md5(cyrstate, user, domain, pass) do
|
||||||
|
assert {:continue, init_str, state1} = :cyrsasl.server_start(cyrstate, "DIGEST-MD5", "")
|
||||||
assert [_, nonce] = Regex.run(~r/nonce="(.*?)"/, init_str)
|
assert [_, nonce] = Regex.run(~r/nonce="(.*?)"/, init_str)
|
||||||
user = "user1"
|
|
||||||
domain = "domain1"
|
|
||||||
digest_uri = "xmpp/#{domain}"
|
digest_uri = "xmpp/#{domain}"
|
||||||
pass = "pass"
|
|
||||||
cnonce = "abcd"
|
cnonce = "abcd"
|
||||||
nc = "00000001"
|
nc = "00000001"
|
||||||
response_hash = calc_digest_sha(user, domain, pass, nc, nonce, cnonce)
|
response_hash = calc_digest_md5(user, domain, pass, nc, nonce, cnonce)
|
||||||
response = "username=\"#{user}\",realm=\"#{domain}\",nonce=\"#{nonce}\",cnonce=\"#{cnonce}\"," <>
|
response = "username=\"#{user}\",realm=\"#{domain}\",nonce=\"#{nonce}\",cnonce=\"#{cnonce}\"," <>
|
||||||
"nc=\"#{nc}\",qop=auth,digest-uri=\"#{digest_uri}\",response=\"#{response_hash}\"," <>
|
"nc=\"#{nc}\",qop=auth,digest-uri=\"#{digest_uri}\",response=\"#{response_hash}\"," <>
|
||||||
"charset=utf-8,algorithm=md5-sess"
|
"charset=utf-8,algorithm=md5-sess"
|
||||||
assert {:continue, _calc_str, state3} = :cyrsasl.server_step(state1, response)
|
case :cyrsasl.server_step(state1, response) do
|
||||||
assert {:ok, _list} = :cyrsasl.server_step(state3, "")
|
{:continue, _calc_str, state2} -> :cyrsasl.server_step(state2, "")
|
||||||
|
other -> other
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp calc_digest_sha(user, domain, pass, nc, nonce, cnonce) do
|
defp calc_digest_md5(user, domain, pass, nc, nonce, cnonce) do
|
||||||
digest_uri = "xmpp/#{domain}"
|
digest_uri = "xmpp/#{domain}"
|
||||||
a0 = "#{user}:#{domain}:#{pass}"
|
a0 = "#{user}:#{domain}:#{pass}"
|
||||||
a1 = "#{str_md5(a0)}:#{nonce}:#{cnonce}"
|
a1 = "#{str_md5(a0)}:#{nonce}:#{cnonce}"
|
||||||
a2 = "AUTHENTICATE:#{digest_uri}"
|
a2 = "AUTHENTICATE:#{digest_uri}"
|
||||||
hex_md5("#{hex_md5(a1)}:#{nonce}:#{nc}:#{cnonce}:auth:#{hex_md5(a2)}")
|
hex_md5("#{hex_md5(a1)}:#{nonce}:#{nc}:#{cnonce}:auth:#{hex_md5(a2)}")
|
||||||
end
|
end
|
||||||
|
|
||||||
defp str_md5(str) do
|
defp str_md5(str) do
|
||||||
:erlang.md5(str)
|
:erlang.md5(str)
|
||||||
@ -99,7 +114,7 @@ defmodule EjabberdCyrsaslTest do
|
|||||||
end)
|
end)
|
||||||
mock(:ejabberd_auth, :is_user_exists,
|
mock(:ejabberd_auth, :is_user_exists,
|
||||||
fn (user, domain) ->
|
fn (user, domain) ->
|
||||||
domain == "domain1" and get_password(user) != false
|
domain == "domain1" and get_password(user) != {:false, :internal}
|
||||||
end)
|
end)
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -115,7 +130,7 @@ defmodule EjabberdCyrsaslTest do
|
|||||||
if user == "user1" or user == "user2" do
|
if user == "user1" or user == "user2" do
|
||||||
{"pass", :internal}
|
{"pass", :internal}
|
||||||
else
|
else
|
||||||
:false
|
{:false, :internal}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -130,6 +145,8 @@ defmodule EjabberdCyrsaslTest do
|
|||||||
|
|
||||||
defp check_password_digest(_user, authzid, _pass, digest, digest_gen) do
|
defp check_password_digest(_user, authzid, _pass, digest, digest_gen) do
|
||||||
case get_password(authzid) do
|
case get_password(authzid) do
|
||||||
|
{:false, _} ->
|
||||||
|
false
|
||||||
{spass, mod} ->
|
{spass, mod} ->
|
||||||
v = digest_gen.(spass)
|
v = digest_gen.(spass)
|
||||||
if v == digest do
|
if v == digest do
|
||||||
@ -137,8 +154,6 @@ defmodule EjabberdCyrsaslTest do
|
|||||||
else
|
else
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
_ ->
|
|
||||||
false
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user