Skip to content

Commit d0d482d

Browse files
julienschmidtjulienschmidt
committed
auth: add native auth tests
1 parent de51fdd commit d0d482d

File tree

1 file changed

+76
-0
lines changed

1 file changed

+76
-0
lines changed

auth_test.go

Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -120,6 +120,82 @@ func TestAuthSwitchCleartextPasswordEmpty(t *testing.T) {
120120
}
121121
}
122122

123+
func TestAuthSwitchNativePasswordNotAllowed(t *testing.T) {
124+
conn, mc := newRWMockConn(2)
125+
mc.cfg.AllowNativePasswords = false
126+
127+
conn.data = []byte{44, 0, 0, 2, 254, 109, 121, 115, 113, 108, 95, 110, 97,
128+
116, 105, 118, 101, 95, 112, 97, 115, 115, 119, 111, 114, 100, 0, 96,
129+
71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31, 48, 31, 89, 39, 55,
130+
31, 0}
131+
conn.maxReads = 1
132+
authData := []byte{96, 71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31,
133+
48, 31, 89, 39, 55, 31}
134+
plugin := "caching_sha2_password"
135+
err := mc.handleAuthResult(authData, plugin)
136+
if err != ErrNativePassword {
137+
t.Errorf("expected ErrNativePassword, got %v", err)
138+
}
139+
}
140+
141+
func TestAuthSwitchNativePassword(t *testing.T) {
142+
conn, mc := newRWMockConn(2)
143+
mc.cfg.AllowNativePasswords = true
144+
mc.cfg.Passwd = "secret"
145+
146+
// auth switch request
147+
conn.data = []byte{44, 0, 0, 2, 254, 109, 121, 115, 113, 108, 95, 110, 97,
148+
116, 105, 118, 101, 95, 112, 97, 115, 115, 119, 111, 114, 100, 0, 96,
149+
71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31, 48, 31, 89, 39, 55,
150+
31, 0}
151+
152+
// auth response
153+
conn.queuedReplies = [][]byte{{7, 0, 0, 4, 0, 0, 0, 2, 0, 0, 0}}
154+
conn.maxReads = 2
155+
156+
authData := []byte{96, 71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31,
157+
48, 31, 89, 39, 55, 31}
158+
plugin := "caching_sha2_password"
159+
160+
if err := mc.handleAuthResult(authData, plugin); err != nil {
161+
t.Errorf("got error: %v", err)
162+
}
163+
164+
expectedReply := []byte{20, 0, 0, 3, 202, 41, 195, 164, 34, 226, 49, 103, 21, 211, 167, 199, 227, 116, 8, 48, 57, 71, 149, 146}
165+
if !bytes.Equal(conn.written, expectedReply) {
166+
t.Errorf("got unexpected data: %v", conn.written)
167+
}
168+
}
169+
170+
func TestAuthSwitchNativePasswordEmpty(t *testing.T) {
171+
conn, mc := newRWMockConn(2)
172+
mc.cfg.AllowNativePasswords = true
173+
mc.cfg.Passwd = ""
174+
175+
// auth switch request
176+
conn.data = []byte{44, 0, 0, 2, 254, 109, 121, 115, 113, 108, 95, 110, 97,
177+
116, 105, 118, 101, 95, 112, 97, 115, 115, 119, 111, 114, 100, 0, 96,
178+
71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31, 48, 31, 89, 39, 55,
179+
31, 0}
180+
181+
// auth response
182+
conn.queuedReplies = [][]byte{{7, 0, 0, 4, 0, 0, 0, 2, 0, 0, 0}}
183+
conn.maxReads = 2
184+
185+
authData := []byte{96, 71, 63, 8, 1, 58, 75, 12, 69, 95, 66, 60, 117, 31,
186+
48, 31, 89, 39, 55, 31}
187+
plugin := "caching_sha2_password"
188+
189+
if err := mc.handleAuthResult(authData, plugin); err != nil {
190+
t.Errorf("got error: %v", err)
191+
}
192+
193+
expectedReply := []byte{0, 0, 0, 3}
194+
if !bytes.Equal(conn.written, expectedReply) {
195+
t.Errorf("got unexpected data: %v", conn.written)
196+
}
197+
}
198+
123199
func TestAuthSwitchOldPasswordNotAllowed(t *testing.T) {
124200
conn, mc := newRWMockConn(2)
125201

0 commit comments

Comments
 (0)