diff options
Diffstat (limited to 'tests/request.t')
-rwxr-xr-x | tests/request.t | 192 |
1 files changed, 1 insertions, 191 deletions
diff --git a/tests/request.t b/tests/request.t index b25f4f96..3fdb1ab6 100755 --- a/tests/request.t +++ b/tests/request.t @@ -8,7 +8,7 @@ BEGIN { use strict; use IO::Socket; -use Test::More tests => 178; +use Test::More tests => 164; use LightyTest; my $tf = LightyTest->new(); @@ -1592,196 +1592,6 @@ ok($tf_proxy->stop_proc == 0, "Stopping lighttpd proxy"); } while (0); -## mod_secdownload - -use Digest::MD5 qw(md5_hex); -use Digest::SHA qw(hmac_sha1 hmac_sha256); -use MIME::Base64 qw(encode_base64url); - -my $secret = "verysecret"; -my ($f, $thex, $m); - -$t->{REQUEST} = ( <<EOF -GET /index.html HTTP/1.0 -Host: www.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; - -ok($tf->handle_http($t) == 0, 'skipping secdownload - direct access'); - -## MD5 -$f = "/index.html"; -$thex = sprintf("%08x", time); -$m = md5_hex($secret.$f.$thex); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload (md5)'); - -$thex = sprintf("%08x", time - 1800); -$m = md5_hex($secret.$f.$thex); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (md5)'); - -$t->{REQUEST} = ( <<EOF -GET /sec$f HTTP/1.0 -Host: vvv.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - direct access (md5)'); - -$f = "/noexists"; -$thex = sprintf("%08x", time); -$m = md5_hex($secret.$f.$thex); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - timeout (md5)'); - - -if (!$tf->has_crypto()) { - - for (1..4) { ok(1, "secdownload (hmac-sha1) (skipped) - (missing SSL support)"); } - for (1..5) { ok(1, "secdownload (hmac-sha256) (skipped) - (missing SSL support)"); } - -} -else { - -## HMAC-SHA1 -$f = "/index.html"; -$thex = sprintf("%08x", time); -$m = encode_base64url(hmac_sha1("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha1.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha1)'); - -$thex = sprintf("%08x", time - 1800); -$m = encode_base64url(hmac_sha1("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha1.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (hmac-sha1)'); - -$t->{REQUEST} = ( <<EOF -GET /sec$f HTTP/1.0 -Host: vvv-sha1.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - direct access (hmac-sha1)'); - - -$f = "/noexists"; -$thex = sprintf("%08x", time); -$m = encode_base64url(hmac_sha1("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha1.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - timeout (hmac-sha1)'); - -## HMAC-SHA256 -$f = "/index.html"; -$thex = sprintf("%08x", time); -$m = encode_base64url(hmac_sha256("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha256.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha256)'); - -## HMAC-SHA256 -$f = "/index.html?qs=1"; -$thex = sprintf("%08x", time); -$m = encode_base64url(hmac_sha256("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha256.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha256) with hash-querystr'); - -$thex = sprintf("%08x", time - 1800); -$m = encode_base64url(hmac_sha256("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha256.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 410 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - gone (timeout) (hmac-sha256)'); - -$t->{REQUEST} = ( <<EOF -GET /sec$f HTTP/1.0 -Host: vvv-sha256.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - direct access (hmac-sha256)'); - - -$f = "/noexists"; -$thex = sprintf("%08x", time); -$m = encode_base64url(hmac_sha256("/$thex$f", $secret)); - -$t->{REQUEST} = ( <<EOF -GET /sec/$m/$thex$f HTTP/1.0 -Host: vvv-sha256.example.org -EOF - ); -$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } ]; - -ok($tf->handle_http($t) == 0, 'secdownload - timeout (hmac-sha256)'); - -} # SKIP if lighttpd built without crypto algorithms (e.g. without openssl) - - ## mod_setenv $t->{REQUEST} = ( <<EOF |