summaryrefslogtreecommitdiff
path: root/tests/mod-secdownload.t
diff options
context:
space:
mode:
authorGlenn Strauss <gstrauss@gluelogic.com>2016-12-23 04:39:50 -0500
committerGlenn Strauss <gstrauss@gluelogic.com>2017-01-31 14:36:15 -0500
commitafce434e0b0ee517fef06cf32d3f9de25ceddc14 (patch)
tree8782e6f7959712d1552c4770934b301a25c35384 /tests/mod-secdownload.t
parent4d92366ab21d4b4ae6f4781b9121d6683e0bc909 (diff)
downloadlighttpd1.4-afce434e0b0ee517fef06cf32d3f9de25ceddc14.tar.gz
lighttpd1.4-afce434e0b0ee517fef06cf32d3f9de25ceddc14.zip
[mod_secdownload] new directives modify hash path (fixes #646, fixes #1904)
secdownload.path-segments = <number> include only given number of path segments in hash digest calculation secdownload.hash-querystr = "enable" | "disable" include the query string in the hash digest calculation x-ref: "secdownload.path_elements support" https://redmine.lighttpd.net/issues/646 "mod_secdownload option to include url GET parameters in md5" https://redmine.lighttpd.net/issues/1904
Diffstat (limited to 'tests/mod-secdownload.t')
-rwxr-xr-xtests/mod-secdownload.t16
1 files changed, 15 insertions, 1 deletions
diff --git a/tests/mod-secdownload.t b/tests/mod-secdownload.t
index 96baf9d7..8881df68 100755
--- a/tests/mod-secdownload.t
+++ b/tests/mod-secdownload.t
@@ -8,7 +8,7 @@ BEGIN {
use strict;
use IO::Socket;
-use Test::More tests => 15;
+use Test::More tests => 16;
use LightyTest;
use Digest::MD5 qw(md5_hex);
use Digest::SHA qw(hmac_sha1 hmac_sha256);
@@ -142,6 +142,20 @@ $t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha256)');
+## HMAC-SHA256
+$f = "/index.html?qs=1";
+$thex = sprintf("%08x", time);
+$m = encode_base64url(hmac_sha256("/$thex$f", $secret));
+
+$t->{REQUEST} = ( <<EOF
+GET /sec/$m/$thex$f HTTP/1.0
+Host: vvv-sha256.example.org
+EOF
+ );
+$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
+
+ok($tf->handle_http($t) == 0, 'secdownload (hmac-sha256) with hash-querystr');
+
$thex = sprintf("%08x", time - 1800);
$m = encode_base64url(hmac_sha256("/$thex$f", $secret));