nginx-tests: secure_link.t annotate

annotate secure_link.t @ 1974:b5036a0f9ae0 default tip

Tests: improved compatibility when using recent "openssl" app. Starting with OpenSSL 3.0, "openssl genrsa" generates encrypted keys in PKCS#8 format instead of previously used PKCS#1 format. Further, since OpenSSL 1.1.0 such keys are using PBKDF2 hmacWithSHA256. Such keys are not supported by old SSL libraries, notably by OpenSSL before 1.0.0 (OpenSSL 0.9.8 only supports hmacWithSHA1) and by BoringSSL before May 21, 2019 (support for hmacWithSHA256 was added in 302a4dee6c), and trying to load such keys into nginx compiled with an old SSL library results in "unsupported prf" errors. To facilitate testing with old SSL libraries, keys are now generated with "openssl genrsa -traditional" if the flag is available.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Mon, 06 May 2024 00:04:26 +0300
parents	97c8280de681
children

rev	line source
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	1 #!/usr/bin/perl
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	2
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	3 # (C) Maxim Dounin
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	4
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	5 # Tests for nginx secure_link module.
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	6
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	7 ###############################################################################
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	8
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	9 use warnings;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	10 use strict;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	11
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	12 use Test::More;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	13
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	14 use Digest::MD5 qw/ md5 md5_hex /;
161 2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	15 use MIME::Base64 qw/ encode_base64 /;
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	16
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	17 BEGIN { use FindBin; chdir($FindBin::Bin); }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	18
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	19 use lib 'lib';
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	20 use Test::Nginx;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	21
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	22 ###############################################################################
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	23
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	24 select STDERR; $\| = 1;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	25 select STDOUT; $\| = 1;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	26
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	27 my $t = Test::Nginx->new()->has(qw/http secure_link rewrite/)->plan(19);
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	28
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	29 $t->write_file_expand('nginx.conf', <<'EOF');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	30
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	31 %%TEST_GLOBALS%%
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	32
249 6a0d934950bc Tests: remove extra spaces in "daemon off". Maxim Dounin <mdounin@mdounin.ru> parents: 161 diff changeset	33 daemon off;
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	34
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	35 events {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	36 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	37
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	38 http {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	39 %%TEST_GLOBALS_HTTP%%
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	40
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	41 server {
974 882267679006 Tests: simplified parallel modifications in tests. Andrey Zelenkov <zelenkov@nginx.com> parents: 952 diff changeset	42 listen 127.0.0.1:8080;
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	43 server_name localhost;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	44
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	45 location / {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	46 # new style
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	47 # /test.html?hash=BASE64URL
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	48
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	49 secure_link $arg_hash;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	50 secure_link_md5 secret$uri;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	51
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	52 # invalid hash
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	53 if ($secure_link = "") {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	54 return 403;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	55 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	56
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	57 # expired
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	58 if ($secure_link = "0") {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	59 return 403;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	60 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	61
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	62 # $secure_link = "1"
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	63 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	64
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	65 location = /expires.html {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	66 # new style with expires
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	67 # /test.html?hash=BASE64URL&expires=12345678
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	68
695 da20b4389038 Tests: added secure_link_expires variable test. Andrey Zelenkov <zelenkov@nginx.com> parents: 590 diff changeset	69 add_header X-Expires $secure_link_expires;
da20b4389038 Tests: added secure_link_expires variable test. Andrey Zelenkov <zelenkov@nginx.com> parents: 590 diff changeset	70
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	71 secure_link $arg_hash,$arg_expires;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	72 secure_link_md5 secret$uri$arg_expires;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	73
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	74 # invalid hash
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	75 if ($secure_link = "") {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	76 return 403;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	77 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	78
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	79 # expired
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	80 if ($secure_link = "0") {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	81 return 403;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	82 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	83
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	84 # $secure_link = "1"
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	85 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	86
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	87 location /p/ {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	88 # old style
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	89 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	90
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	91 secure_link_secret secret;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	92
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	93 if ($secure_link = "") {
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	94 return 403;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	95 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	96
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	97 rewrite ^ /$secure_link break;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	98 }
255 cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	99
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	100 location /inheritance/ {
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	101 secure_link_secret secret;
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	102
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	103 location = /inheritance/test {
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	104 secure_link Xr4ilOzQ4PCOq3aQ0qbuaQ==;
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	105 secure_link_md5 secret;
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	106
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	107 if ($secure_link = "1") {
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	108 rewrite ^ /test.html break;
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	109 }
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	110
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	111 return 403;
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	112 }
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	113 }
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	114
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	115 location /stub {
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	116 return 200 x$secure_link${secure_link_expires}x;
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	117 }
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	118 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	119 }
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	120
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	121 EOF
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	122
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	123 $t->write_file('test.html', 'PASSED');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	124 $t->write_file('expires.html', 'PASSED');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	125 $t->run();
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	126
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	127 ###############################################################################
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	128
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	129 # new style
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	130
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	131 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='),
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	132 qr/PASSED/, 'request md5');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	133 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'),
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	134 qr/PASSED/, 'request md5 no padding');
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	135 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHAQQ'),
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	136 qr/^HTTP.*403/, 'request md5 too long');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	137 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA-TOOLONG'),
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	138 qr/^HTTP.*403/, 'request md5 too long encoding');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	139 like(http_get('/test.html?hash=BADHASHLENGTH'),
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	140 qr/^HTTP.*403/, 'request md5 decode error');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	141 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHX=='),
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	142 qr/^HTTP.*403/, 'request md5 mismatch');
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	143 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	144
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	145 # new style with expires
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	146
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	147 my ($expires, $hash);
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	148
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	149 $expires = time() + 86400;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	150 $hash = encode_base64url(md5("secret/expires.html$expires"));
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	151 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
590 dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	152 qr/PASSED/, 'request md5 not expired');
695 da20b4389038 Tests: added secure_link_expires variable test. Andrey Zelenkov <zelenkov@nginx.com> parents: 590 diff changeset	153 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
da20b4389038 Tests: added secure_link_expires variable test. Andrey Zelenkov <zelenkov@nginx.com> parents: 590 diff changeset	154 qr/X-Expires: $expires/, 'secure_link_expires variable');
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	155
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	156 $expires = time() - 86400;
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	157 $hash = encode_base64url(md5("secret/expires.html$expires"));
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	158 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
590 dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	159 qr/^HTTP.*403/, 'request md5 expired');
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	160
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	161 $expires = 0;
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	162 $hash = encode_base64url(md5("secret/expires.html$expires"));
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	163 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires),
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	164 qr/^HTTP.*403/, 'request md5 invalid expiration');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	165
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	166 # old style
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	167
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	168 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'),
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	169 qr/PASSED/, 'request old style');
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	170 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/,
197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	171 'request old style fake hash');
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	172 like(http_get('/p/' . 'foo' . '/test.html'), qr/^HTTP.*403/,
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	173 'request old style short hash');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	174 like(http_get('/p/' . 'x' x 32 . '/test.html'), qr/^HTTP.*403/,
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	175 'request old style corrupt hash');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	176 like(http_get('/p%2f'), qr/^HTTP.*403/, 'request old style bad uri');
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	177 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash');
255 cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	178 like(http_get('/inheritance/test'), qr/PASSED/, 'inheritance');
cca7b57587d6 Tests: secure_link inheritance test. Ruslan Ermilov <ru@nginx.com> parents: 249 diff changeset	179
1213 64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	180 like(http_get('/stub'), qr/xx/, 'secure_link not found');
64f287c8cc62 Tests: more corner cases for secure_link module. Sergey Kandaurov <pluknet@nginx.com> parents: 974 diff changeset	181
160 197d5d9fd7f9 Tests: add tests for secure_link module. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	182 ###############################################################################
161 2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	183
2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	184 sub encode_base64url {
590 dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	185 my $e = encode_base64(shift, "");
dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	186 $e =~ s/=+\z//;
dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	187 $e =~ tr[+/][-_];
dc2f8aac0553 Tests: whitespace fixes. Andrey Zelenkov <zelenkov@nginx.com> parents: 302 diff changeset	188 return $e;
161 2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	189 }
2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	190
2c07dc5bc354 Tests: avoid using encode_base64url(). Maxim Dounin <mdounin@mdounin.ru> parents: 160 diff changeset	191 ###############################################################################

Mercurial > hg > nginx-tests

annotate secure_link.t @ 1974:b5036a0f9ae0 default tip