test/integration/test-authentication-basic

   1 #!/bin/sh
   2 set -e
   3
   4 TESTDIR=$(readlink -f $(dirname $0))
   5 . $TESTDIR/framework
   6
   7 setupenvironment
   8 configarchitecture 'i386'
   9
  10 insertpackage 'unstable' 'foo' 'all' '1'
  11 setupaptarchive --no-update
  12
  13 changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )"
  14
  15 echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash
  16
  17 testauthfailure() {
  18         testfailure apthelper download-file "${1}/bash" ./downloaded/bash
  19         # crappy test, but http and https output are wastely different…
  20         testsuccess grep 401 rootdir/tmp/testfailure.output
  21         testfailure test -s ./downloaded/bash
  22 }
  23
  24 testauthsuccess() {
  25         testsuccess apthelper download-file "${1}/bash" ./downloaded/bash
  26         testfileequal ./downloaded/bash "$(cat aptarchive/bash)"
  27         testfilestats ./downloaded/bash '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644"
  28         rm -f ./downloaded/bash
  29
  30         # lets see if got/retains acceptable permissions
  31         if [ -n "$AUTHCONF" ]; then
  32                 if [ "$(id -u)" = '0' ]; then
  33                         testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600"
  34                 else
  35                         testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:600"
  36                 fi
  37         fi
  38
  39         rm -rf rootdir/var/lib/apt/lists
  40         testsuccess aptget update
  41         testsuccessequal 'Reading package lists...
  42 Building dependency tree...
  43 The following NEW packages will be installed:
  44   foo
  45 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
  46 Inst foo (1 unstable [all])
  47 Conf foo (1 unstable [all])' aptget install foo -s
  48 }
  49
  50 authfile() {
  51         local AUTHCONF='rootdir/etc/apt/auth.conf'
  52         rm -f "$AUTHCONF"
  53         printf '%s' "$1" > "$AUTHCONF"
  54         chmod 600 "$AUTHCONF"
  55 }
  56
  57 runtest() {
  58         # unauthorized fails
  59         authfile ''
  60         testauthfailure "$1"
  61
  62         # good auth
  63         authfile 'machine localhost
  64 login star
  65 password hunter2'
  66         testauthsuccess "$1"
  67
  68         # bad auth
  69         authfile 'machine localhost
  70 login anonymous
  71 password hunter2'
  72         testauthfailure "$1"
  73
  74         # 2 stanzas: unmatching + good auth
  75         authfile 'machine debian.org
  76 login debian
  77 password jessie
  78
  79 machine localhost
  80 login star
  81 password hunter2'
  82         testauthsuccess "$1"
  83 }
  84
  85 msgmsg 'server basic auth'
  86 rewritesourceslist 'http://localhost:8080'
  87 runtest 'http://localhost:8080'
  88 rewritesourceslist 'https://localhost:4433'
  89 runtest 'https://localhost:4433'
  90 rewritesourceslist 'http://localhost:8080'
  91
  92 msgmsg 'proxy to server basic auth'
  93 webserverconfig 'aptwebserver::request::absolute' 'uri'
  94 export http_proxy='http://localhost:8080'
  95 runtest 'http://localhost:8080'
  96 unset http_proxy
  97
  98 msgmsg 'proxy basic auth to server basic auth'
  99 webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)"
 100 export http_proxy='http://moon:deer2@localhost:8080'
 101 runtest 'http://localhost:8080'
 102
 103 msgmsg 'proxy basic auth to server'
 104 authfile ''
 105 webserverconfig 'aptwebserver::authorization' ''
 106 testauthsuccess 'http://localhost:8080'