Browse Source

[tests] test coverage for issues (#321, #322)

FastCGI Authorizer support with FastCGI Responders

x-ref:
  "mod_fastcgi authorizers cannot protect fastcgi responders"
  http://redmine.lighttpd.net/issues/321

x-ref:
  "FastCGI Authorizer support for Variable-name variable passing"
  http://redmine.lighttpd.net/issues/322
personal/stbuehler/mod-csrf-old
Christoph Kreutzer 5 years ago
committed by Glenn Strauss
parent
commit
7ef569b204
  1. 12
      tests/fastcgi-auth.conf
  2. 19
      tests/fcgi-auth.c
  3. 3
      tests/fcgi-responder.c
  4. 19
      tests/mod-fastcgi.t

12
tests/fastcgi-auth.conf

@ -68,15 +68,23 @@ compress.filetype = (
fastcgi.debug = 0
fastcgi.server = (
"/" => (
"grisu" => (
"grisu" => (
"host" => "127.0.0.1",
"port" => 20000,
"bin-path" => env.SRCDIR + "/fcgi-auth",
"mode" => "authorizer",
"docroot" => env.SRCDIR + "/tmp/lighttpd/servers/www.example.org/pages/",
"check-local" => "disable",
),
),
".fcgi" => (
"grisu2" => (
"host" => "127.0.0.1",
"port" => 10000,
"bin-path" => env.SRCDIR + "/fcgi-responder",
"check-local" => "disable",
"max-procs" => 1,
),
),
)
cgi.assign = (

19
tests/fcgi-auth.c

@ -7,26 +7,23 @@
#include <fcgi_stdio.h>
#endif
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
int main (void) {
char* p;
while (FCGI_Accept() >= 0) {
/* wait for fastcgi authorizer request */
printf("Content-type: text/html\r\n");
/* Status: 200 OK to allow access is implied
* if Status header is not included in response */
if (((p = getenv("QUERY_STRING")) == NULL) ||
strcmp(p, "ok") != 0) {
printf("Status: 403 Forbidden\r\n\r\n");
} else {
printf("\r\n");
/* default Status is 200 - allow access */
char *p = getenv("QUERY_STRING");
if (p != NULL && 0 == strcmp(p, "var")) {
printf("Variable-X-LIGHTTPD-FCGI-AUTH: LighttpdTestContent\r\n");
} else if (p == NULL || 0 != strcmp(p, "ok")) {
printf("Status: 403 Forbidden\r\n");
}
printf("foobar\r\n");
printf("\r\n");
}
return 0;

3
tests/fcgi-responder.c

@ -44,6 +44,9 @@ int main (void) {
printf("%s", getenv("PATH_INFO"));
} else if (0 == strcmp(p, "script_name")) {
printf("%s", getenv("SCRIPT_NAME"));
} else if (0 == strcmp(p, "var")) {
p = getenv("X_LIGHTTPD_FCGI_AUTH");
printf("%s", p ? p : "(no value)");
} else {
printf("test123");
}

19
tests/mod-fastcgi.t

@ -7,7 +7,7 @@ BEGIN {
}
use strict;
use Test::More tests => 58;
use Test::More tests => 60;
use LightyTest;
my $tf = LightyTest->new();
@ -292,6 +292,23 @@ EOF
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } ];
ok($tf->handle_http($t) == 0, 'FastCGI - Auth in subdirectory');
$t->{REQUEST} = ( <<EOF
GET /index.fcgi?varfail HTTP/1.0
Host: www.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 403 } ];
ok($tf->handle_http($t) == 0, 'FastCGI - Auth Fail with FastCGI responder afterwards');
$t->{REQUEST} = ( <<EOF
GET /index.fcgi?var HTTP/1.0
Host: www.example.org
EOF
);
$t->{RESPONSE} = [ { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200, 'HTTP-Content' => 'LighttpdTestContent' } ];
ok($tf->handle_http($t) == 0, 'FastCGI - Auth Success with Variable- to Env expansion');
ok($tf->stop_proc == 0, "Stopping lighttpd");
}

Loading…
Cancel
Save