[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
cron2 has uploaded a new patch set (#9) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/475?usp=email ) The following approvals got outdated and were removed: Code-Review+2 by plaisthos Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240207171239.86730-1-fr...@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28191.html Signed-off-by: Gert Doering --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/9 diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index bd4eb1f..5d3f9b6 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -267,12 +267,73 @@ assert_string_equal(up.password, "fuser"); } +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), cmocka_unit_test(test_get_user_pass_inline_creds), cmocka_unit_test(test_get_user_pass_authfile_stdin), cmocka_unit_test(test_get_user_pass_authfile_file), +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 9 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
cron2 has submitted this change. ( http://gerrit.openvpn.net/c/openvpn/+/475?usp=email ) Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld Acked-by: Arne Schwabe Message-Id: <20240207171239.86730-1-fr...@lichtenheld.com> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28191.html Signed-off-by: Gert Doering --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index bd4eb1f..5d3f9b6 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -267,12 +267,73 @@ assert_string_equal(up.password, "fuser"); } +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), cmocka_unit_test(test_get_user_pass_inline_creds), cmocka_unit_test(test_get_user_pass_authfile_stdin), cmocka_unit_test(test_get_user_pass_authfile_file), +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 9 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-MessageType: merged ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/475?usp=email ) Change subject: test_user_pass: add basic tests for static/dynamic challenges .. Patch Set 8: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 8 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Wed, 07 Feb 2024 15:07:25 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email to look at the new patch set (#8). The following approvals got outdated and were removed: Code-Review+2 by plaisthos Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/8 diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index bd4eb1f..5d3f9b6 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -267,12 +267,73 @@ assert_string_equal(up.password, "fuser"); } +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), cmocka_unit_test(test_get_user_pass_inline_creds), cmocka_unit_test(test_get_user_pass_authfile_stdin), cmocka_unit_test(test_get_user_pass_authfile_file), +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 8 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/475?usp=email ) Change subject: test_user_pass: add basic tests for static/dynamic challenges .. Patch Set 7: Code-Review+2 (1 comment) Patchset: PS7: Still essentially same patch. Centos7 build failure is unrelated to this patch. -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 7 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Thu, 25 Jan 2024 10:30:52 + Gerrit-HasComments: Yes Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email to look at the new patch set (#3). The following approvals got outdated and were removed: Code-Review+2 by plaisthos Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/3 diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index d6e5650..743a006 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -364,6 +364,63 @@ } #endif /* ifndef _MSC_VER */ +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), @@ -375,6 +432,10 @@ cmocka_unit_test(test_get_user_pass_authfile_stdin_assertions), cmocka_unit_test(test_get_user_pass_authfile_file_assertions), #endif +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 3 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-Attention: flichtenheld Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: flichtenheld. plaisthos has posted comments on this change. ( http://gerrit.openvpn.net/c/openvpn/+/475?usp=email ) Change subject: test_user_pass: add basic tests for static/dynamic challenges .. Patch Set 2: Code-Review+2 -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: flichtenheld Gerrit-Comment-Date: Mon, 11 Dec 2023 14:59:51 + Gerrit-HasComments: No Gerrit-Has-Labels: Yes Gerrit-MessageType: comment ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to reexamine a change. Please visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email to look at the new patch set (#2). Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/2 diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index ed65fdb..e99bfd4 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -360,6 +360,63 @@ expect_assert_failure(get_user_pass_cr(, authfile, "UT", flags, NULL)); } +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), @@ -369,6 +426,10 @@ cmocka_unit_test(test_get_user_pass_authfile_stdin_assertions), cmocka_unit_test(test_get_user_pass_authfile_file), cmocka_unit_test(test_get_user_pass_authfile_file_assertions), +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-MessageType: newpatchset ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
[Openvpn-devel] [M] Change in openvpn[master]: test_user_pass: add basic tests for static/dynamic challenges
Attention is currently required from: plaisthos. Hello plaisthos, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email to review the following change. Change subject: test_user_pass: add basic tests for static/dynamic challenges .. test_user_pass: add basic tests for static/dynamic challenges Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Signed-off-by: Frank Lichtenheld --- M tests/unit_tests/openvpn/test_user_pass.c 1 file changed, 61 insertions(+), 0 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/75/475/1 diff --git a/tests/unit_tests/openvpn/test_user_pass.c b/tests/unit_tests/openvpn/test_user_pass.c index 600ec80..d006ab4 100644 --- a/tests/unit_tests/openvpn/test_user_pass.c +++ b/tests/unit_tests/openvpn/test_user_pass.c @@ -337,12 +337,73 @@ expect_assert_failure(get_user_pass_cr(, authfile, "UT", flags, NULL)); } +#ifdef ENABLE_MANAGEMENT +static void +test_get_user_pass_dynamic_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "CRV1:R,E:Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l:Y3Ix:Please enter token PIN"; +unsigned int flags = GET_USER_PASS_DYNAMIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cr1"); +assert_string_equal(up.password, "CRV1::Om01u7Fh4LrGBS7uh0SWmzwabUiGiW6l::challenge_response"); +} + +static void +test_get_user_pass_static_challenge(void **state) +{ +struct user_pass up = { 0 }; +reset_user_pass(); +const char *challenge = "Please enter token PIN"; +unsigned int flags = GET_USER_PASS_STATIC_CHALLENGE; + +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Username:"); +will_return(query_user_exec_builtin, "cuser"); +expect_string(query_user_exec_builtin, query_user[i].prompt, "Enter UT Password:"); +will_return(query_user_exec_builtin, "cpassword"); +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, NULL, "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "cuser"); +/* SCRV1:cpassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:Y3Bhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); + +reset_user_pass(); + +flags |= GET_USER_PASS_INLINE_CREDS; + +/*FIXME: query_user_exec() called even though nothing queued */ +will_return(query_user_exec_builtin, true); +expect_string(query_user_exec_builtin, query_user[i].prompt, "CHALLENGE: Please enter token PIN"); +will_return(query_user_exec_builtin, "challenge_response"); +will_return(query_user_exec_builtin, true); +assert_true(get_user_pass_cr(, "iuser\nipassword", "UT", flags, challenge)); +assert_true(up.defined); +assert_string_equal(up.username, "iuser"); +/* SCRV1:ipassword:challenge_response but base64-encoded */ +assert_string_equal(up.password, "SCRV1:aXBhc3N3b3Jk:Y2hhbGxlbmdlX3Jlc3BvbnNl"); +} +#endif /* ENABLE_MANAGEMENT */ + const struct CMUnitTest user_pass_tests[] = { cmocka_unit_test(test_get_user_pass_defined), cmocka_unit_test(test_get_user_pass_needok), cmocka_unit_test(test_get_user_pass_inline_creds), cmocka_unit_test(test_get_user_pass_authfile_stdin), cmocka_unit_test(test_get_user_pass_authfile_file), +#ifdef ENABLE_MANAGEMENT +cmocka_unit_test(test_get_user_pass_dynamic_challenge), +cmocka_unit_test(test_get_user_pass_static_challenge), +#endif /* ENABLE_MANAGEMENT */ }; int -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/475?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: I8b5570f6314e917f92dce072279efe415d79b22a Gerrit-Change-Number: 475 Gerrit-PatchSet: 1 Gerrit-Owner: flichtenheld Gerrit-Reviewer: plaisthos Gerrit-CC: openvpn-devel Gerrit-Attention: plaisthos Gerrit-MessageType: newchange ___ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel