changeset 229:9969fcf1f27e

Tests: corrupted password entries tests.
author Maxim Dounin <mdounin@mdounin.ru>
date Fri, 10 Aug 2012 20:51:43 +0400
parents 5c9e43547b71
children 9d7805b05f0f
files auth_basic.t
diffstat 1 files changed, 20 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/auth_basic.t
+++ b/auth_basic.t
@@ -23,7 +23,7 @@ use Test::Nginx;
 select STDERR; $| = 1;
 select STDOUT; $| = 1;
 
-my $t = Test::Nginx->new()->has(qw/http auth_basic/)->plan(11)
+my $t = Test::Nginx->new()->has(qw/http auth_basic/)->plan(15)
 	->write_file_expand('nginx.conf', <<'EOF');
 
 %%TEST_GLOBALS%%
@@ -57,9 +57,13 @@ my $d = $t->testdir();
 	'htpasswd',
 	'crypt:' . crypt('password', 'salt') . "\n" .
 	'crypt1:' . crypt('password', '$1$salt$') . "\n" .
+	'crypt2:' . '$1$' . "\n" .
 	'apr1:' . '$apr1$salt$Xxd1irWT9ycqoYxGFn4cb.' . "\n" .
+	'apr12:' . '$apr1$' . "\n" .
 	'plain:' . '{PLAIN}password' . "\n" .
-	'ssha:' . '{SSHA}yI6cZwQadOA1e+/f+T+H3eCQQhRzYWx0' . "\n"
+	'ssha:' . '{SSHA}yI6cZwQadOA1e+/f+T+H3eCQQhRzYWx0' . "\n" .
+	'ssha2:' . '{SSHA}_____wQadOA1e+/f+T+H3eCQQhRzYWx0' . "\n" .
+	'ssha3:' . '{SSHA}Zm9vCg==' . "\n"
 );
 
 $t->run();
@@ -78,6 +82,9 @@ unlike(http_get_auth('/', 'crypt', '123'
 like(http_get_auth('/', 'crypt1', 'password'), qr!SEETHIS!, 'crypt $1$ (md5)');
 unlike(http_get_auth('/', 'crypt1', '123'), qr!SEETHIS!, 'crypt $1$ wrong');
 
+like(http_get_auth('/', 'crypt2', '1'), qr!401 Unauthorized!,
+	'crypt $1$ broken');
+
 }
 
 like(http_get_auth('/', 'apr1', 'password'), qr!SEETHIS!, 'apr1 md5');
@@ -97,6 +104,17 @@ unlike(http_get_auth('/', 'apr1', '123')
 unlike(http_get_auth('/', 'plain', '123'), qr!SEETHIS!, 'plain wrong');
 unlike(http_get_auth('/', 'ssha', '123'), qr!SEETHIS!, 'ssha wrong');
 
+like(http_get_auth('/', 'apr12', '1'), qr!401 Unauthorized!, 'apr1 md5 broken');
+
+SKIP: {
+skip 'unsafe', 2 unless $ENV{TEST_NGINX_UNSAFE};
+local $TODO = 'not yet';
+
+like(http_get_auth('/', 'ssha2', '1'), qr!401 Unauthorized!, 'ssha broken 1');
+like(http_get_auth('/', 'ssha3', '1'), qr!401 Unauthorized!, 'ssha broken 2');
+
+}
+
 ###############################################################################
 
 sub http_get_auth {