diff options
author | Simon McVittie <smcv@collabora.com> | 2019-05-30 12:58:28 +0100 |
---|---|---|
committer | Simon McVittie <smcv@collabora.com> | 2019-06-09 13:08:53 +0100 |
commit | 6231e7d75fafc451d4fdd97acd568a03fb5dd490 (patch) | |
tree | 127ee188aa765bd7a72544bd34070b1ae6ced2dd /test/data/auth/cookie-sha1-username.auth-script | |
parent | 2a11ab9bbd21066b1508c8673821ba5c6d627321 (diff) | |
download | dbus-6231e7d75fafc451d4fdd97acd568a03fb5dd490.tar.gz |
test: Add basic test coverage for DBUS_COOKIE_SHA1
We don't actually complete successful authentication, because that
would require us to generate a cookie and compute the correct SHA1,
which is difficult to do in a deterministic authentication script.
However, we do assert that dbus#269 (CVE-2019-12749) has been fixed.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Diffstat (limited to 'test/data/auth/cookie-sha1-username.auth-script')
-rw-r--r-- | test/data/auth/cookie-sha1-username.auth-script | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/test/data/auth/cookie-sha1-username.auth-script b/test/data/auth/cookie-sha1-username.auth-script new file mode 100644 index 00000000..45668294 --- /dev/null +++ b/test/data/auth/cookie-sha1-username.auth-script @@ -0,0 +1,12 @@ +UNIX_ONLY +SERVER +SEND 'AUTH DBUS_COOKIE_SHA1 WRONG_USERNAME_HEX' +EXPECT_COMMAND REJECTED +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +SEND 'AUTH DBUS_COOKIE_SHA1 USERNAME_HEX' +EXPECT_COMMAND DATA +EXPECT_STATE WAITING_FOR_INPUT +EXPECT_HAVE_NO_CREDENTIALS +# We don't actually complete DBUS_COOKIE_SHA1 authentication, because +# it's non-trivial. |