diff options
Diffstat (limited to 'pkg/test/auth_test.go')
| -rw-r--r-- | pkg/test/auth_test.go | 68 |
1 files changed, 64 insertions, 4 deletions
diff --git a/pkg/test/auth_test.go b/pkg/test/auth_test.go index dedafa8..1741d68 100644 --- a/pkg/test/auth_test.go +++ b/pkg/test/auth_test.go @@ -2,6 +2,8 @@ package test import ( "testing" + "fmt" + "os" ) func TestAuthHook(t *testing.T) { @@ -10,11 +12,69 @@ func TestAuthHook(t *testing.T) { c := e.newInstance() - c.Exec("add name T listen,addr=-:0 auth aes dial,addr=@[tunnel.X.listen]") - c.Exec("add name X listen,addr=-:0 /aes /auth dial,addr=@[addr]") + var secrets string - c.Exec("set tunnel.X.secret secret") - c.Exec("set tunnel.T.secret secret") + f, err := os.CreateTemp("", "test-auth-") + if err != nil { + e.Fatalf("create temp: %v", err) + } + + secrets = f.Name() + + fmt.Fprintln(f, "T t") + fmt.Fprintln(f, "X x") + f.Close() + + defer os.Remove(secrets) + + c.Exec("add name T listen,addr=%%0 auth aes dial,addr=@[tunnel.X.listen]") + c.Exec("add name X listen,addr=%%0 /aes /auth dial,addr=@[addr]") + + c.Exec("set authfile %s", secrets) + c.Exec("set tunnel.T.authuser T") + c.Exec("set tunnel.X.authuser X") + + listen := e.Listen("tcp", "127.0.0.1:0") + c.Set("addr", listen.Addr()) + + out := e.Dial("tcp", c.Get("tunnel.T.listen")) + in := e.Accept(listen) + + e.Write(out, dummy) + + buf := make([]byte, len(dummy)) + e.ReadFull(in, buf) + + if r := string(buf); r != dummy { + e.Fatalf("wrong reply: send '%s', recv '%s'", dummy, r) + } +} + +func TestAuthPassiveHook(t *testing.T) { + e := newEnv(t) + defer e.Free() + + c := e.newInstance() + + var secrets string + + f, err := os.CreateTemp("", "test-auth-passive-") + if err != nil { + e.Fatalf("create temp: %v", err) + } + + secrets = f.Name() + + fmt.Fprintln(f, "T t") + f.Close() + + defer os.Remove(secrets) + + c.Exec("add name T listen,addr=%%0 auth aes dial,addr=@[tunnel.X.listen]") + c.Exec("add name X listen,addr=%%0 /aes /auth,passive dial,addr=@[addr]") + + c.Exec("set authfile %s", secrets) + c.Exec("set tunnel.T.authuser T") listen := e.Listen("tcp", "127.0.0.1:0") c.Set("addr", listen.Addr()) |