[cbsasl] We support all SCRAM-SHA versions

We bundle OpenSSL these days so we support all of them on all platforms Change-Id: I0fadf35101c54c4dd27c81ba254b11fe95b7b1e0 Reviewed-on: http://review.couchbase.org/c/kv_engine/+/164406 Tested-by: Build Bot <build@couchbase.com> Reviewed-by: James H <james.harrison@couchbase.com>
couchbase · Oct 29, 2021 · 0c01ff7 · 0c01ff7
1 parent cf924ca
commit 0c01ff7
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 71 deletions.
diff --git a/cbsasl/client_server_test.cc b/cbsasl/client_server_test.cc
@@ -48,7 +48,7 @@ class SaslClientServerTest : public ::testing::Test {
 
     // You may set addNonce to true to have it use a fixed nonce
     // for debugging purposes
-    void test_auth(const char* mech) {
+    void test_auth(const std::string& mech) {
         cb::sasl::client::ClientContext client(
                 []() -> std::string { return std::string{"mikewied"}; },
                 []() -> std::string { return std::string{" mik epw "}; },
@@ -59,10 +59,9 @@ class SaslClientServerTest : public ::testing::Test {
 
         cb::sasl::server::ServerContext server;
 
-        auto server_data = server.start(
-                client.getName(),
-                "SCRAM-SHA512,SCRAM-SHA256,SCRAM-SHA1,CRAM-MD5,PLAIN",
-                client_data.second);
+        auto server_data = server.start(client.getName(),
+                                        cb::sasl::server::listmech(),
+                                        client_data.second);
         if (server_data.first == cb::sasl::Error::OK) {
             // Authentication success
             return;
@@ -86,23 +85,17 @@ TEST_F(SaslClientServerTest, PLAIN) {
 }
 
 TEST_F(SaslClientServerTest, SCRAM_SHA1) {
-    if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA1)) {
-        test_auth("SCRAM-SHA1");
-    }
+    test_auth("SCRAM-SHA1");
 }
 
 TEST_F(SaslClientServerTest, SCRAM_SHA256) {
-    if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA256)) {
-        test_auth("SCRAM-SHA256");
-    }
+    test_auth("SCRAM-SHA256");
 }
 
 TEST_F(SaslClientServerTest, SCRAM_SHA512) {
-    if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA512)) {
-        test_auth("SCRAM-SHA512");
-    }
+    test_auth("SCRAM-SHA512");
 }
 
 TEST_F(SaslClientServerTest, AutoSelectMechamism) {
-    test_auth("(SCRAM-SHA512,SCRAM-SHA256,SCRAM-SHA1,CRAM-MD5,PLAIN)");
+    test_auth(cb::sasl::server::listmech());
 }
diff --git a/tests/testapp/testapp_sasl.cc b/tests/testapp/testapp_sasl.cc
@@ -13,7 +13,6 @@
 #include "testapp_client_test.h"
 
 #include <boost/filesystem.hpp>
-#include <cbcrypto/cbcrypto.h>
 #include <algorithm>
 
 using namespace std::string_literals;
@@ -26,17 +25,9 @@ class SaslTest : public TestappClientTest {
      */
     SaslTest() {
         mechanisms.emplace_back("PLAIN");
-        if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA1)) {
-            mechanisms.emplace_back("SCRAM-SHA1");
-        }
-
-        if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA256)) {
-            mechanisms.emplace_back("SCRAM-SHA256");
-        }
-
-        if (cb::crypto::isSupported(cb::crypto::Algorithm::SHA512)) {
-            mechanisms.emplace_back("SCRAM-SHA512");
-        }
+        mechanisms.emplace_back("SCRAM-SHA1");
+        mechanisms.emplace_back("SCRAM-SHA256");
+        mechanisms.emplace_back("SCRAM-SHA512");
     }
 
     void SetUp() override {
@@ -131,28 +122,16 @@ TEST_P(SaslTest, SinglePLAIN) {
 }
 
 TEST_P(SaslTest, SingleSCRAM_SHA1) {
-    if (!isSupported("SCRAM-SHA1")) {
-        return;
-    }
-
     MemcachedConnection& conn = getConnection();
     conn.authenticate(bucket1, password1, "SCRAM-SHA1");
 }
 
 TEST_P(SaslTest, SingleSCRAM_SHA256) {
-    if (!isSupported("SCRAM-SHA256")) {
-        return;
-    }
-
     MemcachedConnection& conn = getConnection();
     conn.authenticate(bucket1, password1, "SCRAM-SHA256");
 }
 
 TEST_P(SaslTest, SingleSCRAM_SHA512) {
-    if (!isSupported("SCRAM-SHA512")) {
-        return;
-    }
-
     MemcachedConnection& conn = getConnection();
     conn.authenticate(bucket1, password1, "SCRAM-SHA512");
 }
@@ -162,23 +141,14 @@ TEST_P(SaslTest, UnknownUserPlain) {
 }
 
 TEST_P(SaslTest, UnknownUserSCRAM_SHA1) {
-    if (!isSupported("SCRAM-SHA1")) {
-        return;
-    }
     testUnknownUser("SCRAM-SHA1");
 }
 
 TEST_P(SaslTest, UnknownUserSCRAM_SHA256) {
-    if (!isSupported("SCRAM-SHA256")) {
-        return;
-    }
     testUnknownUser("SCRAM-SHA256");
 }
 
 TEST_P(SaslTest, UnknownUserSCRAM_SHA512) {
-    if (!isSupported("SCRAM-SHA512")) {
-        return;
-    }
     testUnknownUser("SCRAM-SHA512");
 }
 
@@ -187,24 +157,14 @@ TEST_P(SaslTest, IncorrectPlain) {
 }
 
 TEST_P(SaslTest, IncorrectSCRAM_SHA1) {
-    if (!isSupported("SCRAM-SHA1")) {
-        return;
-    }
     testWrongPassword("SCRAM-SHA1");
 }
 
 TEST_P(SaslTest, IncorrectSCRAM_SHA256) {
-    if (!isSupported("SCRAM-SHA256")) {
-        return;
-    }
-
     testWrongPassword("SCRAM-SHA256");
 }
 
 TEST_P(SaslTest, IncorrectSCRAM_SHA512) {
-    if (!isSupported("SCRAM-SHA512")) {
-        return;
-    }
     testWrongPassword("SCRAM-SHA512");
 }
 
@@ -213,31 +173,18 @@ TEST_P(SaslTest, TestSaslMixFrom_PLAIN) {
 }
 
 TEST_P(SaslTest, TestSaslMixFrom_SCRAM_SHA1) {
-    if (!isSupported("SCRAM-SHA1")) {
-        return;
-    }
     testMixStartingFrom("SCRAM-SHA1");
 }
 
 TEST_P(SaslTest, TestSaslMixFrom_SCRAM_SHA256) {
-    if (!isSupported("SCRAM-SHA256")) {
-        return;
-    }
     testMixStartingFrom("SCRAM-SHA256");
 }
 
 TEST_P(SaslTest, TestSaslMixFrom_SCRAM_SHA512) {
-    if (!isSupported("SCRAM-SHA512")) {
-        return;
-    }
     testMixStartingFrom("SCRAM-SHA512");
 }
 
 TEST_P(SaslTest, TestDisablePLAIN) {
-    if (!isSupported("SCRAM-SHA1")) {
-        return;
-    }
-
     auto& conn = getConnection();
 
     const auto before = conn.getSaslMechanisms();