test/integration/test-authentication-basic

   1 #!/bin/sh
   2 set -e
   3
   4 TESTDIR=$(readlink -f $(dirname $0))
   5 . $TESTDIR/framework
   6
   7 setupenvironment
   8 configarchitecture 'i386'
   9
  10 insertpackage 'unstable' 'foo' 'all' '1'
  11 setupaptarchive --no-update
  12 exit
  13
  14 changetohttpswebserver --authorization="$(printf '%s' 'star:hunter2' | base64 )"
  15
  16 echo 'See, when YOU type hunter2, it shows to us as *******' > aptarchive/bash
  17
  18 testauthfailure() {
  19         testfailure apthelper download-file "${1}/bash" ./downloaded/bash
  20         # crappy test, but http and https output are wastely different…
  21         testsuccess grep 401 rootdir/tmp/testfailure.output
  22         testfailure test -s ./downloaded/bash
  23 }
  24
  25 testauthsuccess() {
  26         testsuccess apthelper download-file "${1}/bash" ./downloaded/bash
  27         testfileequal ./downloaded/bash "$(cat aptarchive/bash)"
  28         testfilestats ./downloaded/bash '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:644"
  29         rm -f ./downloaded/bash
  30
  31         # lets see if got/retains acceptable permissions
  32         if [ -n "$AUTHCONF" ]; then
  33                 if [ "$(id -u)" = '0' ]; then
  34                         testfilestats "$AUTHCONF" '%U:%G:%a' '=' "_apt:root:600"
  35                 else
  36                         testfilestats "$AUTHCONF" '%U:%G:%a' '=' "${TEST_DEFAULT_USER}:${TEST_DEFAULT_GROUP}:600"
  37                 fi
  38         fi
  39
  40         rm -rf rootdir/var/lib/apt/lists
  41         testsuccess aptget update
  42         testsuccessequal 'Reading package lists...
  43 Building dependency tree...
  44 The following NEW packages will be installed:
  45   foo
  46 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
  47 Inst foo (1 unstable [all])
  48 Conf foo (1 unstable [all])' aptget install foo -s
  49 }
  50
  51 authfile() {
  52         local AUTHCONF='rootdir/etc/apt/auth.conf'
  53         rm -f "$AUTHCONF"
  54         printf '%s' "$1" > "$AUTHCONF"
  55         chmod 600 "$AUTHCONF"
  56 }
  57
  58 runtest() {
  59         # unauthorized fails
  60         authfile ''
  61         testauthfailure "$1"
  62
  63         # good auth
  64         authfile 'machine localhost
  65 login star
  66 password hunter2'
  67         testauthsuccess "$1"
  68
  69         # bad auth
  70         authfile 'machine localhost
  71 login anonymous
  72 password hunter2'
  73         testauthfailure "$1"
  74
  75         # 2 stanzas: unmatching + good auth
  76         authfile 'machine debian.org
  77 login debian
  78 password jessie
  79
  80 machine localhost
  81 login star
  82 password hunter2'
  83         testauthsuccess "$1"
  84 }
  85
  86 msgmsg 'server basic auth'
  87 rewritesourceslist "http://localhost:${APTHTTPPORT}"
  88 runtest "http://localhost:${APTHTTPPORT}"
  89 rewritesourceslist "https://localhost:${APTHTTPSPORT}"
  90 runtest "https://localhost:${APTHTTPSPORT}"
  91 rewritesourceslist "http://localhost:${APTHTTPPORT}"
  92
  93 msgmsg 'proxy to server basic auth'
  94 webserverconfig 'aptwebserver::request::absolute' 'uri'
  95 export http_proxy="http://localhost:${APTHTTPPORT}"
  96 runtest "http://localhost:${APTHTTPPORT}"
  97 unset http_proxy
  98
  99 msgmsg 'proxy basic auth to server basic auth'
 100 webserverconfig 'aptwebserver::proxy-authorization' "$(printf 'moon:deer2' | base64)"
 101 export http_proxy="http://moon:deer2@localhost:${APTHTTPPORT}"
 102 runtest "http://localhost:${APTHTTPPORT}"
 103
 104 msgmsg 'proxy basic auth to server'
 105 authfile ''
 106 webserverconfig 'aptwebserver::authorization' ''
 107 testauthsuccess "http://localhost:${APTHTTPPORT}"