From 48cd1292e21f3d9bd71e73c94ccfe61d1222485f Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sun, 22 Dec 2013 22:10:50 +0000 Subject: tests: Added IMAP SASL downgrade tests --- tests/data/Makefile.am | 2 +- tests/data/test833 | 62 +++++++++++++++++++++++++++++++++++++++++++ tests/data/test834 | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++ tests/data/test835 | 63 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 198 insertions(+), 1 deletion(-) create mode 100644 tests/data/test833 create mode 100644 tests/data/test834 create mode 100644 tests/data/test835 (limited to 'tests') diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am index b2a223bfc..a7fb18e07 100644 --- a/tests/data/Makefile.am +++ b/tests/data/Makefile.am @@ -66,7 +66,7 @@ test709 test710 test711 test712 \ test800 test801 test802 test803 test804 test805 test806 test807 test808 \ test809 test810 test811 test812 test813 test814 test815 test816 test817 \ test818 test819 test820 test821 test822 test823 test824 test825 test826 \ -test827 test828 test829 test830 test831 test832 \ +test827 test828 test829 test830 test831 test832 test833 test834 test835 \ \ test850 test851 test852 test853 test854 test855 test856 test857 test858 \ test859 test860 test861 test862 test863 test864 test865 test866 test867 \ diff --git a/tests/data/test833 b/tests/data/test833 new file mode 100644 index 000000000..b5210c330 --- /dev/null +++ b/tests/data/test833 @@ -0,0 +1,62 @@ + + + +IMAP +IMAP AUTH CRAM-MD5 SASL DOWNGRADE +RFC2195 + + + +# +# Server-side + + +AUTH CRAM-MD5 PLAIN +REPLY "AUTHENTICATE CRAM-MD5" + Rubbish +REPLY * A002 NO AUTH exchange cancelled by client +REPLY "AUTHENTICATE PLAIN" + +REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed + + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely + + + +# +# Client-side + + +imap + + +crypto + + +IMAP CRAM-MD5 authentication with SASL downgrade + + +'imap://%HOSTIP:%IMAPPORT/833/;UID=1' -u user:secret + + + +# +# Verify data after the test has been "shot" + + +A001 CAPABILITY +A002 AUTHENTICATE CRAM-MD5 +* +A003 AUTHENTICATE PLAIN +dXNlcgB1c2VyAHNlY3JldA== +A004 SELECT 833 +A005 FETCH 1 BODY[] +A006 LOGOUT + + + diff --git a/tests/data/test834 b/tests/data/test834 new file mode 100644 index 000000000..f90c3b491 --- /dev/null +++ b/tests/data/test834 @@ -0,0 +1,72 @@ + + + +IMAP +IMAP AUTH NTLM SASL DOWNGRADE + + + +# +# Server-side + + +AUTH NTLM PLAIN +REPLY "AUTHENTICATE NTLM" + +REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish +REPLY * A002 NO AUTH exchange cancelled by client +REPLY "AUTHENTICATE PLAIN" + +REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed + + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely + + + +# +# Client-side + + +imap + + +NTLM + + +IMAP NTLM authentication with SASL downgrade + + +# we force our own host name, in order to make the test machine independent +CURL_GETHOSTNAME=curlhost +# we try to use the LD_PRELOAD hack, if not a debug build +LD_PRELOAD=%PWD/libtest/.libs/libhostname.so + + +'imap://%HOSTIP:%IMAPPORT/834/;UID=1' -u user:secret + + +chkhostname curlhost + + + +# +# Verify data after the test has been "shot" + + +A001 CAPABILITY +A002 AUTHENTICATE NTLM +TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= +* +A003 AUTHENTICATE PLAIN +dXNlcgB1c2VyAHNlY3JldA== +A004 SELECT 834 +A005 FETCH 1 BODY[] +A006 LOGOUT + + + diff --git a/tests/data/test835 b/tests/data/test835 new file mode 100644 index 000000000..c0a1283f6 --- /dev/null +++ b/tests/data/test835 @@ -0,0 +1,63 @@ + + + +IMAP +IMAP AUTH DIGEST-MD5 SASL DOWNGRADE +RFC2831 + + + +# +# Server-side + + +AUTH DIGEST-MD5 PLAIN +REPLY "AUTHENTICATE DIGEST-MD5" + Rubbish +REPLY * A002 NO AUTH exchange cancelled by client +REPLY "AUTHENTICATE PLAIN" + +REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed + + +From: me@somewhere +To: fake@nowhere + +body + +-- + yours sincerely + + + +# +# Client-side + + +imap + + +debug +crypto + + +IMAP DIGEST-MD5 authentication with SASL downgrade + + +'imap://%HOSTIP:%IMAPPORT/835/;UID=1' -u user:secret + + + +# +# Verify data after the test has been "shot" + + +A001 CAPABILITY +A002 AUTHENTICATE DIGEST-MD5 +* +A003 AUTHENTICATE PLAIN +dXNlcgB1c2VyAHNlY3JldA== +A004 SELECT 835 +A005 FETCH 1 BODY[] +A006 LOGOUT + + + -- cgit v1.2.3