X-Git-Url: https://ruderich.org/simon/gitweb/?a=blobdiff_plain;f=tests%2Ftests-authentication.sh;fp=tests%2Ftests-authentication.sh;h=1ad5bc788b5d90fbbf0159674de6a59c29c8ce87;hb=a84000d1d2806c296bfc0fa4b505b5d5ef750715;hp=0000000000000000000000000000000000000000;hpb=e70b5abf4baa2a8780ed26d026a8aae1c241ebc4;p=tlsproxy%2Ftlsproxy.git

diff --git a/tests/tests-authentication.sh b/tests/tests-authentication.sh
new file mode 100755
index 0000000..1ad5bc7
--- /dev/null
+++ b/tests/tests-authentication.sh
@@ -0,0 +1,80 @@
+#!/bin/sh
+
+# Test authentication.
+
+# Copyright (C) 2013  Simon Ruderich
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+
+test "x$srcdir" = x && srcdir=.
+. "$srcdir/common.sh"
+
+
+# Create necessary files.
+cleanup
+tlsproxy_setup
+
+echo 'dXNlcm5hbWU6cGFzc3dvcmQ=' > digest-authentication
+tlsproxy -a digest-authentication 4711
+server --x509certfile "$srcdir/server.pem" \
+       --x509keyfile "$srcdir/server-key.pem"
+wait_for_ports 4711 4712
+rm -f digest-authentication
+
+echo missing authentication 1
+client localhost 4712 invalid \
+    && abort 'client localhost 4712 invalid'
+test_proxy_authentication_failure
+
+# Create the proxy certificate.
+tlsproxy_add localhost server.pem
+
+echo missing authentication 2
+client localhost 4712 localhost \
+    && abort 'client localhost 4712 localhost'
+test_proxy_authentication_failure
+
+echo invalid authentication 1
+client localhost 4712 localhost 'username:password' \
+    && abort 'client localhost 4712 localhost username:password'
+test_proxy_authentication_failure
+
+echo invalid authentication 2
+client localhost 4712 localhost 'dXNlcm5hbWU6cGFzc3dvcmQ' \
+    && abort 'client localhost 4712 localhost dXNlcm5hbWU6cGFzc3dvcmQ'
+test_proxy_authentication_failure
+
+echo invalid authentication 3
+client localhost 4712 localhost 'dXNlcm5hbWU6cGFzc3dvcmQ=X' \
+    && abort 'client localhost 4712 localhost dXNlcm5hbWU6cGFzc3dvcmQ=X'
+test_proxy_authentication_failure
+
+echo valid authentication
+client localhost 4712 localhost 'dXNlcm5hbWU6cGFzc3dvcmQ=' \
+    || abort 'client localhost 4712 localhost dXNlcm5hbWU6cGFzc3dvcmQ='
+test_proxy_successful
+
+echo valid authentication with invalid certificate
+tlsproxy_add localhost server-bad.pem
+client localhost 4712 localhost 'dXNlcm5hbWU6cGFzc3dvcmQ=' \
+    && abort 'client localhost 4712 invalid dXNlcm5hbWU6cGFzc3dvcmQ='
+test_proxy_successful
+test_invalid_certificate
+
+
+# stop_servers in trap-handler
+cleanup
+
+exit 0