diff options
author | Simon McVittie <smcv@collabora.com> | 2019-05-30 12:58:28 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2019-06-09 13:08:41 +0100 |
commit | c251e7ea9525c1fc81360bbaf48f86ef6a0ad598 (patch) | |
tree | 376245904d76b3b8d13106e02083950015c84f47 /test/data/auth/cookie-sha1-username.auth-script | |
parent | 525c2314c56504fb232f9ec7f25cf7dda4d4a1c4 (diff) | |
download | dbus-c251e7ea9525c1fc81360bbaf48f86ef6a0ad598.tar.gz |
test: Add basic test coverage for DBUS_COOKIE_SHA1
We don't actually complete successful authentication, because that
would require us to generate a cookie and compute the correct SHA1,
which is difficult to do in a deterministic authentication script.
However, we do assert that dbus#269 (CVE-2019-12749) has been fixed.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'test/data/auth/cookie-sha1-username.auth-script')
-rw-r--r-- | test/data/auth/cookie-sha1-username.auth-script | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/test/data/auth/cookie-sha1-username.auth-script b/test/data/auth/cookie-sha1-username.auth-script new file mode 100644 index 00000000..45668294 --- /dev/null +++ b/test/data/auth/cookie-sha1-username.auth-script @@ -0,0 +1,12 @@ +UNIX_ONLY +SERVER +SEND 'AUTH DBUS_COOKIE_SHA1 WRONG_USERNAME_HEX' +EXPECT_COMMAND REJECTED +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +SEND 'AUTH DBUS_COOKIE_SHA1 USERNAME_HEX' +EXPECT_COMMAND DATA +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +# We don't actually complete DBUS_COOKIE_SHA1 authentication, because +# it's non-trivial. |