forked from gbarr/perl-authen-sasl
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Added new tests using complete negotiations using one Authen::SASL
client and one Authen::SASL server - Fixed realm challenge parsing when the challenge originates from the client. In this case it shouldn't be a multivalued token
- Loading branch information
Showing
4 changed files
with
175 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,30 @@ | |||
use strict; | |||
use warnings; | |||
|
|||
use Authen::SASL ('Perl'); | |||
|
|||
sub negotiate { | |||
my ($c, $s, $do) = @_; | |||
|
|||
my $client_sasl = Authen::SASL->new( %{ $c->{sasl} } ); | |||
my $server_sasl = Authen::SASL->new( %{ $s->{sasl} } ); | |||
|
|||
my $client = $client_sasl->client_new(@$c{qw/service host security/}); | |||
my $server = $server_sasl->server_new(@$s{qw/service host/}); | |||
|
|||
my $start = $client->client_start(); | |||
my $challenge = $server->server_start($start); | |||
|
|||
my $response; | |||
while ($client->need_step || $server->need_step) { | |||
$response = $client->client_step($challenge) | |||
if $client->need_step; | |||
last if $client->error; | |||
$challenge = $server->server_step($response) | |||
if $server->need_step; | |||
last if $server->error; | |||
} | |||
$do->($client, $server); | |||
} | |||
|
|||
1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,68 @@ | |||
#!perl | |||
use strict; | |||
use warnings; | |||
use Test::More tests => 4; | |||
use FindBin qw($Bin); | |||
require "$Bin/../lib/common.pl"; | |||
|
|||
## base conf | |||
my $cconf = { | |||
sasl => { | |||
mechanism => 'DIGEST-MD5', | |||
callback => { | |||
user => 'yann', | |||
pass => 'maelys', | |||
}, | |||
}, | |||
host => 'localhost', | |||
security => 'noanonymous', | |||
service => 'xmpp', | |||
}; | |||
|
|||
my $sconf = { | |||
sasl => { | |||
mechanism => 'DIGEST-MD5', | |||
callback => { | |||
pass => 'maelys', | |||
}, | |||
}, | |||
host => 'localhost', | |||
service => 'xmpp', | |||
}; | |||
|
|||
## base negotiation should work | |||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
ok $clt->is_success, "client success" or diag $clt->error; | |||
ok $srv->is_success, "server success" or diag $srv->error; | |||
}); | |||
|
|||
## invalid password | |||
{ | |||
local $cconf->{sasl}{callback}{pass} = "YANN"; | |||
|
|||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
ok !$srv->is_success, "failure"; | |||
like $srv->error, qr/response/; | |||
}); | |||
} | |||
|
|||
## arguments passed to server pass callback | |||
{ | |||
local $cconf->{sasl}{callback}{authname} = "some authzid"; | |||
local $sconf->{sasl}{callback}{pass} = sub { | |||
my $server = shift; | |||
my ($username, $realm, $authzid) = @_; | |||
is $username, "yann", "username"; | |||
is $realm, "localhost", "realm"; | |||
is $authzid, "some authzid", "authzid"; | |||
return "incorrect"; | |||
}; | |||
|
|||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
ok !$srv->is_success, "failure"; | |||
like $srv->error, qr/response/, "incorrect response"; | |||
}); | |||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,66 @@ | |||
#!perl | |||
|
|||
use Test::More tests => 14; | |||
|
|||
use FindBin qw($Bin); | |||
require "$Bin/../lib/common.pl"; | |||
|
|||
use Authen::SASL qw(Perl); | |||
use_ok('Authen::SASL::Perl::PLAIN'); | |||
|
|||
## base conf | |||
my $cconf = { | |||
sasl => { | |||
mechanism => 'PLAIN', | |||
callback => { | |||
user => 'yann', | |||
pass => 'maelys', | |||
}, | |||
}, | |||
host => 'localhost', | |||
service => 'xmpp', | |||
}; | |||
|
|||
my $sconf = { | |||
sasl => { | |||
mechanism => 'PLAIN', | |||
callback => { | |||
pass => 'maelys', | |||
}, | |||
}, | |||
host => 'localhost', | |||
service => 'xmpp', | |||
}; | |||
|
|||
## base negotiation should work | |||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
is $clt->mechanism, "PLAIN"; | |||
is $srv->mechanism, "PLAIN"; | |||
ok $clt->is_success, "client success" or diag $clt->error; | |||
ok $srv->is_success, "server success" or diag $srv->error; | |||
}); | |||
|
|||
## invalid password | |||
{ | |||
# hey callback could just be a subref that returns a localvar | |||
local $sconf->{sasl}{callback}{pass} = "x"; | |||
|
|||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
ok ! $srv->is_success, "wrong pass"; | |||
like $srv->error, qr/match/, "error set"; | |||
}); | |||
} | |||
|
|||
## invalid password | |||
{ | |||
# hey callback could just be a subref that returns a localvar | |||
local $sconf->{sasl}{callback}{pass} = "x"; | |||
|
|||
negotiate($cconf, $sconf, sub { | |||
my ($clt, $srv) = @_; | |||
ok ! $srv->is_success, "wrong pass"; | |||
like $srv->error, qr/match/, "error set"; | |||
}); | |||
} |