Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/pkg
 Path: blob/main/external/curl/tests/http/test_14_auth.py
2651 views
1
#!/usr/bin/env python3

2
# -*- coding: utf-8 -*-

3
#***************************************************************************

4
#                                  _   _ ____  _

5
#  Project                     ___| | | |  _ \| |

6
#                             / __| | | | |_) | |

7
#                            | (__| |_| |  _ <| |___

8
#                             \___|\___/|_| \_\_____|

9
#

10
# Copyright (C) Daniel Stenberg, <[email protected]>, et al.

11
#

12
# This software is licensed as described in the file COPYING, which

13
# you should have received as part of this distribution. The terms

14
# are also available at https://curl.se/docs/copyright.html.

15
#

16
# You may opt to use, copy, modify, merge, publish, distribute and/or sell

17
# copies of the Software, and permit persons to whom the Software is

18
# furnished to do so, under the terms of the COPYING file.

19
#

20
# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY

21
# KIND, either express or implied.

22
#

23
# SPDX-License-Identifier: curl

24
#

25
###########################################################################

26
#

27
import logging

28
import os

29
import pytest

30


31
from testenv import Env, CurlClient

32


33


34
log = logging.getLogger(__name__)

35


36


37
class TestAuth:

38


39
    @pytest.fixture(autouse=True, scope='class')

40
    def _class_scope(self, env, httpd, nghttpx):

41
        env.make_data_file(indir=env.gen_dir, fname="data-10m", fsize=10*1024*1024)

42


43
    # download 1 file, not authenticated

44
    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])

45
    def test_14_01_digest_get_noauth(self, env: Env, httpd, nghttpx, proto):

46
        if proto == 'h3' and not env.have_h3():

47
            pytest.skip("h3 not supported")

48
        curl = CurlClient(env=env)

49
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

50
        r = curl.http_download(urls=[url], alpn_proto=proto)

51
        r.check_response(http_status=401)

52


53
    # download 1 file, authenticated

54
    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])

55
    def test_14_02_digest_get_auth(self, env: Env, httpd, nghttpx, proto):

56
        if not env.curl_has_feature('digest'):

57
            pytest.skip("curl built without digest")

58
        if proto == 'h3' and not env.have_h3():

59
            pytest.skip("h3 not supported")

60
        curl = CurlClient(env=env)

61
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

62
        r = curl.http_download(urls=[url], alpn_proto=proto, extra_args=[

63
            '--digest', '--user', 'test:test'

64
        ])

65
        r.check_response(http_status=200)

66


67
    # PUT data, authenticated

68
    @pytest.mark.parametrize("proto", ['http/1.1', 'h2', 'h3'])

69
    def test_14_03_digest_put_auth(self, env: Env, httpd, nghttpx, proto):

70
        if not env.curl_has_feature('digest'):

71
            pytest.skip("curl built without digest")

72
        if proto == 'h3' and not env.have_h3():

73
            pytest.skip("h3 not supported")

74
        if proto == 'h3' and env.curl_uses_ossl_quic():

75
            pytest.skip("openssl-quic is flaky in retrying POST")

76
        data='0123456789'

77
        curl = CurlClient(env=env)

78
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

79
        r = curl.http_upload(urls=[url], data=data, alpn_proto=proto, extra_args=[

80
            '--digest', '--user', 'test:test'

81
        ])

82
        r.check_response(http_status=200)

83


84
    # PUT data, digest auth large pw

85
    @pytest.mark.parametrize("proto", ['h2', 'h3'])

86
    def test_14_04_digest_large_pw(self, env: Env, httpd, nghttpx, proto):

87
        if not env.curl_has_feature('digest'):

88
            pytest.skip("curl built without digest")

89
        if proto == 'h3' and not env.have_h3():

90
            pytest.skip("h3 not supported")

91
        data='0123456789'

92
        password = 'x' * 65535

93
        curl = CurlClient(env=env)

94
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

95
        r = curl.http_upload(urls=[url], data=data, alpn_proto=proto, extra_args=[

96
            '--digest', '--user', f'test:{password}',

97
            '--trace-config', 'http/2,http/3'

98
        ])

99
        # digest does not submit the password, but a hash of it, so all

100
        # works and, since the pw is not correct, we get a 401

101
        r.check_response(http_status=401)

102


103
    # PUT data, basic auth large pw

104
    @pytest.mark.parametrize("proto", ['h2', 'h3'])

105
    def test_14_05_basic_large_pw(self, env: Env, httpd, nghttpx, proto):

106
        if proto == 'h3' and not env.have_h3():

107
            pytest.skip("h3 not supported")

108
        if proto == 'h3' and not env.curl_uses_lib('ngtcp2'):

109
            # See <https://github.com/cloudflare/quiche/issues/1573>

110
            pytest.skip("quiche/openssl-quic have problems with large requests")

111
        # just large enough that nghttp2 will submit

112
        password = 'x' * (47 * 1024)

113
        fdata = os.path.join(env.gen_dir, 'data-10m')

114
        curl = CurlClient(env=env)

115
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

116
        r = curl.http_upload(urls=[url], data=f'@{fdata}', alpn_proto=proto, extra_args=[

117
            '--basic', '--user', f'test:{password}',

118
            '--trace-config', 'http/2,http/3'

119
        ])

120
        # but apache denies on length limit

121
        r.check_response(http_status=431)

122


123
    # PUT data, basic auth with very large pw

124
    @pytest.mark.parametrize("proto", ['h2', 'h3'])

125
    def test_14_06_basic_very_large_pw(self, env: Env, httpd, nghttpx, proto):

126
        if proto == 'h3' and not env.have_h3():

127
            pytest.skip("h3 not supported")

128
        if proto == 'h3' and env.curl_uses_lib('quiche'):

129
            # See <https://github.com/cloudflare/quiche/issues/1573>

130
            pytest.skip("quiche has problems with large requests")

131
        password = 'x' * (64 * 1024)

132
        fdata = os.path.join(env.gen_dir, 'data-10m')

133
        curl = CurlClient(env=env)

134
        url = f'https://{env.authority_for(env.domain1, proto)}/restricted/digest/data.json'

135
        r = curl.http_upload(urls=[url], data=f'@{fdata}', alpn_proto=proto, extra_args=[

136
            '--basic', '--user', f'test:{password}'

137
        ])

138
        # Depending on protocol, we might have an error sending or

139
        # the server might shutdown the connection and we see the error

140
        # on receiving

141
        assert r.exit_code in [55, 56, 95], f'{r.dump_logs()}'

142


143