@@ -337,12 +337,73 @@
expect_assert_failure(get_user_pass_cr(&up, authfile, "UT", flags, NULL));
}
+#ifdef ENABLE_MANAGEMENT
+static void
+test_get_user_pass_dynamic_challenge(void **state)
+{
+ struct user_pass up = { 0 };
+ reset_user_pass(&up);
+ const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN";
+ unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE;
+
+ expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN");
+ will_return(query_user_exec_builtin, "challenge_response");
+ will_return(query_user_exec_builtin, true);
+ assert_true(get_user_pass_cr(&up, NULL, "UT", flags, challenge));
+ assert_true(up.defined);
+ assert_string_equal(up.username, "cr1");
+ assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response");
+}
+
+static void
+test_get_user_pass_static_challenge(void **state)
+{
+ struct user_pass up = { 0 };
+ reset_user_pass(&up);
+ const char *challenge = "Please enter token PIN";
+ unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE;
+
+ expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:");
+ will_return(query_user_exec_builtin, "cuser");
+ expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:");
+ will_return(query_user_exec_builtin, "cpassword");
+ will_return(query_user_exec_builtin, true);
+ expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN");
+ will_return(query_user_exec_builtin, "challenge_response");
+ will_return(query_user_exec_builtin, true);
+ assert_true(get_user_pass_cr(&up, NULL, "UT", flags, challenge));
+ assert_true(up.defined);
+ assert_string_equal(up.username, "cuser");
+ /* SCRV1:cpassword:challenge_response but base64-encoded */
+ assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl");
+
+ reset_user_pass(&up);
+
+ flags |= GET_USER_PASS_INLINE_CREDS;
+
+ /*FIXME: query_user_exec() called even though nothing queued */
+ will_return(query_user_exec_builtin, true);
+ expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN");
+ will_return(query_user_exec_builtin, "challenge_response");
+ will_return(query_user_exec_builtin, true);
+ assert_true(get_user_pass_cr(&up, "iuser\nipassword", "UT", flags, challenge));
+ assert_true(up.defined);
+ assert_string_equal(up.username, "iuser");
+ /* SCRV1:ipassword:challenge_response but base64-encoded */
+ assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl");
+}
+#endif /* ENABLE_MANAGEMENT */
+
const struct CMUnitTest user_pass_tests[] = {
cmocka_unit_test(test_get_user_pass_defined),
cmocka_unit_test(test_get_user_pass_needok),
cmocka_unit_test(test_get_user_pass_inline_creds),
cmocka_unit_test(test_get_user_pass_authfile_stdin),
cmocka_unit_test(test_get_user_pass_authfile_file),
+#ifdef ENABLE_MANAGEMENT
+ cmocka_unit_test(test_get_user_pass_dynamic_challenge),
+ cmocka_unit_test(test_get_user_pass_static_challenge),
+#endif /* ENABLE_MANAGEMENT */
};
int
Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email to review the following change. Change subject: test_user_pass: add basic tests for static/dynamic challenges ...................................................................... test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld <frank@lichtenheld.com> --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/1