diff options
| author | Claudio Saavedra <csaavedra@igalia.com> | 2018-03-13 20:07:05 +0200 |
|---|---|---|
| committer | Claudio Saavedra <csaavedra@igalia.com> | 2018-03-17 10:33:17 +0200 |
| commit | fedaa0f770a664646a978c9c9258de1cec0c695e (patch) | |
| tree | 50cbe47804916af088922d26a2c74d59a908a232 /tests | |
| parent | 0007d164002572cbd770dab8e0a36b00dba437eb (diff) | |
| download | libsoup-fedaa0f770a664646a978c9c9258de1cec0c695e.tar.gz | |
SoupAuthDomainDigest: Fix authentication with encoded uris
When the client is using absolute paths for Digest authentication,
we need to make sure that the digest URI is not encoded before
comparing it to the request URI, as some clients might provide
URIs encoded and SoupURI might already have decoded the request
URI.
Also modify server-auth-test.c to make this problem reproducible
and add a couple of test cases to make sure we don't regress.
https://bugzilla.gnome.org/show_bug.cgi?id=794208
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/server-auth-test.c | 49 |
1 files changed, 46 insertions, 3 deletions
diff --git a/tests/server-auth-test.c b/tests/server-auth-test.c index ee3f57b4..34c297bc 100644 --- a/tests/server-auth-test.c +++ b/tests/server-auth-test.c @@ -36,7 +36,11 @@ do_test (SoupURI *base_uri, const char *path, GPid pid; gboolean done; - uri = soup_uri_new_with_base (base_uri, path); + /* We build the URI this way to avoid having soup_uri_new() + normalize the path, hence losing the encoded characters in + tests 4. and 5. below. */ + uri = soup_uri_copy (base_uri); + soup_uri_set_path (uri, path); uri_str = soup_uri_to_string (uri, FALSE); soup_uri_free (uri); @@ -156,7 +160,46 @@ do_server_auth_test (gconstpointer data) /* success? */ TEST_USES_DIGEST (i) && TEST_GOOD_AUTH (i)); - /* 4. Any auth required. */ + /* 4. Digest auth with encoded URI. See #794208. + */ + do_test (base_uri, "/Digest/A%20B", + TEST_GOOD_USER (i), TEST_GOOD_PASSWORD (i), + /* request */ + TEST_USES_BASIC (i), TEST_USES_DIGEST (i), + /* expected from client */ + TEST_PREEMPTIVE_BASIC (i), TEST_USES_DIGEST (i), + /* expected from server */ + FALSE, TRUE, + /* success? */ + TEST_USES_DIGEST (i) && TEST_GOOD_AUTH (i)); + + /* 5. Digest auth with a mixture of encoded and decoded chars in the URI. See #794208. + */ + do_test (base_uri, "/Digest/A%20|%20B", + TEST_GOOD_USER (i), TEST_GOOD_PASSWORD (i), + /* request */ + TEST_USES_BASIC (i), TEST_USES_DIGEST (i), + /* expected from client */ + TEST_PREEMPTIVE_BASIC (i), TEST_USES_DIGEST (i), + /* expected from server */ + FALSE, TRUE, + /* success? */ + TEST_USES_DIGEST (i) && TEST_GOOD_AUTH (i)); + + /* 6. Digest auth with UTF-8 chars in the URI. See #794208. + */ + do_test (base_uri, "/Digest/A௹B", + TEST_GOOD_USER (i), TEST_GOOD_PASSWORD (i), + /* request */ + TEST_USES_BASIC (i), TEST_USES_DIGEST (i), + /* expected from client */ + TEST_PREEMPTIVE_BASIC (i), TEST_USES_DIGEST (i), + /* expected from server */ + FALSE, TRUE, + /* success? */ + TEST_USES_DIGEST (i) && TEST_GOOD_AUTH (i)); + + /* 7. Any auth required. */ do_test (base_uri, "/Any/foo", TEST_GOOD_USER (i), TEST_GOOD_PASSWORD (i), /* request */ @@ -168,7 +211,7 @@ do_server_auth_test (gconstpointer data) /* success? */ (TEST_USES_BASIC (i) || TEST_USES_DIGEST (i)) && TEST_GOOD_AUTH (i)); - /* 5. No auth required again. (Makes sure that + /* 8. No auth required again. (Makes sure that * SOUP_AUTH_DOMAIN_REMOVE_PATH works.) */ do_test (base_uri, "/Any/Not/foo", |