Mercurial > hg > nginx-tests
annotate secure_link.t @ 1240:f7eb2875ed45
Tests: avoid interleaved output in Upgrade handling tests.
When the testing script is run in verbose mode by prove that redirects stdout,
a garbled verbose mode line from backend can be produced that incorporates TAP
output of an individual test result, which eventually breaks the testing plan.
Notably, this happens when testing sending multiple frames if backend started
to respond before all frames were received. This is possible due to the line
boundary used as an indicator of last bytes to receive before starting to send.
The fix is to amend the only last frame of many specially, for that purpose.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Wed, 15 Nov 2017 20:16:09 +0300 |
parents | 64f287c8cc62 |
children | 97c8280de681 |
rev | line source |
---|---|
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
1 #!/usr/bin/perl |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
2 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
3 # (C) Maxim Dounin |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
4 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
5 # Tests for nginx secure_link module. |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
6 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
7 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
8 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
9 use warnings; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
10 use strict; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
11 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
12 use Test::More; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
13 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
14 use Digest::MD5 qw/ md5 md5_hex /; |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
15 use MIME::Base64 qw/ encode_base64 /; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
16 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
17 BEGIN { use FindBin; chdir($FindBin::Bin); } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
18 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
19 use lib 'lib'; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
20 use Test::Nginx; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
21 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
22 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
23 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
24 select STDERR; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
25 select STDOUT; $| = 1; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
26 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
27 my $t = Test::Nginx->new()->has(qw/http secure_link rewrite/)->plan(19); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
28 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
29 $t->write_file_expand('nginx.conf', <<'EOF'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
30 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
31 %%TEST_GLOBALS%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
32 |
249
6a0d934950bc
Tests: remove extra spaces in "daemon off".
Maxim Dounin <mdounin@mdounin.ru>
parents:
161
diff
changeset
|
33 daemon off; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
34 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
35 events { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
36 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
37 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
38 http { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
39 %%TEST_GLOBALS_HTTP%% |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
40 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
41 server { |
974
882267679006
Tests: simplified parallel modifications in tests.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
952
diff
changeset
|
42 listen 127.0.0.1:8080; |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
43 server_name localhost; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
44 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
45 location / { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
46 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
47 # /test.html?hash=BASE64URL |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
48 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
49 secure_link $arg_hash; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
50 secure_link_md5 secret$uri; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
51 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
52 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
53 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
54 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
55 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
56 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
57 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
58 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
59 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
60 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
61 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
62 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
63 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
64 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
65 location = /expires.html { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
66 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
67 # /test.html?hash=BASE64URL&expires=12345678 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
68 |
695
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
69 add_header X-Expires $secure_link_expires; |
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
70 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
71 secure_link $arg_hash,$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
72 secure_link_md5 secret$uri$arg_expires; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
73 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
74 # invalid hash |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
75 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
76 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
77 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
78 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
79 # expired |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
80 if ($secure_link = "0") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
81 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
82 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
83 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
84 # $secure_link = "1" |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
85 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
86 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
87 location /p/ { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
88 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
89 # /p/d8e8fca2dc0f896fd7cb4cb0031ba249/test.html |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
90 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
91 secure_link_secret secret; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
92 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
93 if ($secure_link = "") { |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
94 return 403; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
95 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
96 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
97 rewrite ^ /$secure_link break; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
98 } |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
99 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
100 location /inheritance/ { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
101 secure_link_secret secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
102 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
103 location = /inheritance/test { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
104 secure_link Xr4ilOzQ4PCOq3aQ0qbuaQ==; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
105 secure_link_md5 secret; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
106 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
107 if ($secure_link = "1") { |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
108 rewrite ^ /test.html break; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
109 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
110 |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
111 return 403; |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
112 } |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
113 } |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
114 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
115 location /stub { |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
116 return 200 x$secure_link${secure_link_expires}x; |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
117 } |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
118 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
119 } |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
120 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
121 EOF |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
122 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
123 $t->write_file('test.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
124 $t->write_file('expires.html', 'PASSED'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
125 $t->run(); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
126 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
127 ############################################################################### |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
128 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
129 # new style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
130 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
131 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA=='), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
132 qr/PASSED/, 'request md5'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
133 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
134 qr/PASSED/, 'request md5 no padding'); |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
135 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
136 TODO: { |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
137 todo_skip 'stack-buffer-overflow', 1 unless $ENV{TEST_NGINX_UNSAFE} |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
138 or $t->has_version('1.13.5'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
139 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
140 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHAQQ'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
141 qr/^HTTP.*403/, 'request md5 too long'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
142 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
143 } |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
144 |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
145 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHA-TOOLONG'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
146 qr/^HTTP.*403/, 'request md5 too long encoding'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
147 like(http_get('/test.html?hash=BADHASHLENGTH'), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
148 qr/^HTTP.*403/, 'request md5 decode error'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
149 like(http_get('/test.html?hash=q-5vpkjBkRXXtkUMXiJVHX=='), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
150 qr/^HTTP.*403/, 'request md5 mismatch'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
151 like(http_get('/test.html'), qr/^HTTP.*403/, 'request no hash'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
152 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
153 # new style with expires |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
154 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
155 my ($expires, $hash); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
156 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
157 $expires = time() + 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
158 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
159 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
160 qr/PASSED/, 'request md5 not expired'); |
695
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
161 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
da20b4389038
Tests: added secure_link_expires variable test.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
590
diff
changeset
|
162 qr/X-Expires: $expires/, 'secure_link_expires variable'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
163 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
164 $expires = time() - 86400; |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
165 $hash = encode_base64url(md5("secret/expires.html$expires")); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
166 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
167 qr/^HTTP.*403/, 'request md5 expired'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
168 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
169 $expires = 0; |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
170 $hash = encode_base64url(md5("secret/expires.html$expires")); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
171 like(http_get('/expires.html?hash=' . $hash . '&expires=' . $expires), |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
172 qr/^HTTP.*403/, 'request md5 invalid expiration'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
173 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
174 # old style |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
175 |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
176 like(http_get('/p/' . md5_hex('test.html' . 'secret') . '/test.html'), |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
177 qr/PASSED/, 'request old style'); |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
178 like(http_get('/p/' . md5_hex('fake') . '/test.html'), qr/^HTTP.*403/, |
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
179 'request old style fake hash'); |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
180 like(http_get('/p/' . 'foo' . '/test.html'), qr/^HTTP.*403/, |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
181 'request old style short hash'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
182 like(http_get('/p/' . 'x' x 32 . '/test.html'), qr/^HTTP.*403/, |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
183 'request old style corrupt hash'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
184 like(http_get('/p%2f'), qr/^HTTP.*403/, 'request old style bad uri'); |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
185 like(http_get('/p/test.html'), qr/^HTTP.*403/, 'request old style no hash'); |
255
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
186 like(http_get('/inheritance/test'), qr/PASSED/, 'inheritance'); |
cca7b57587d6
Tests: secure_link inheritance test.
Ruslan Ermilov <ru@nginx.com>
parents:
249
diff
changeset
|
187 |
1213
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
188 like(http_get('/stub'), qr/xx/, 'secure_link not found'); |
64f287c8cc62
Tests: more corner cases for secure_link module.
Sergey Kandaurov <pluknet@nginx.com>
parents:
974
diff
changeset
|
189 |
160
197d5d9fd7f9
Tests: add tests for secure_link module.
Maxim Dounin <mdounin@mdounin.ru>
parents:
diff
changeset
|
190 ############################################################################### |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
191 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
192 sub encode_base64url { |
590
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
193 my $e = encode_base64(shift, ""); |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
194 $e =~ s/=+\z//; |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
195 $e =~ tr[+/][-_]; |
dc2f8aac0553
Tests: whitespace fixes.
Andrey Zelenkov <zelenkov@nginx.com>
parents:
302
diff
changeset
|
196 return $e; |
161
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
197 } |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
198 |
2c07dc5bc354
Tests: avoid using encode_base64url().
Maxim Dounin <mdounin@mdounin.ru>
parents:
160
diff
changeset
|
199 ############################################################################### |