|
@@ -34,13 +34,17 @@ def test_tls(host, username, password, domain):
|
|
|
Tests if TLS works as expected.
|
|
|
"""
|
|
|
|
|
|
send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-t -u {username} -p {password} -j {domain}:5222 {username}@{domain}")
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug "
|
|
|
f"--username {username}@{domain} --password {password} --jserver {domain}:5222 "
|
|
|
f"{username}@{domain}")
|
|
|
assert send.rc == 0
|
|
|
assert "<body>Hello</body>" in send.stderr
|
|
|
|
|
|
send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-e -u {username} -p {password} -j {domain}:5223 {username}@{domain}")
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug --tls "
|
|
|
f"--username {username}@{domain} --password {password} --jserver {domain}:5223 "
|
|
|
f"{username}@{domain}")
|
|
|
assert send.rc == 0
|
|
|
assert "<body>Hello</body>" in send.stderr
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize("username, password, domain", [
|
|
@@ -49,12 +53,15 @@ def test_tls(host, username, password, domain):
|
|
|
])
|
|
|
def test_authentication_requires_tls(host, username, password, domain):
|
|
|
"""
|
|
|
Tests if authentication must be done over TLS.
|
|
|
Tests if STARTTLS is required.
|
|
|
"""
|
|
|
|
|
|
command = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-u {username} -p {password} -j {domain}:5222 {username}@{domain} -d")
|
|
|
assert "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls>" in command.stderr
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug "
|
|
|
f"--username {username}@{domain} --password {password} --jserver {domain}:5222 "
|
|
|
f"{username}@{domain}")
|
|
|
|
|
|
assert send.rc == 0
|
|
|
assert "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls>" in send.stderr
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize("username, password, domain", [
|
|
@@ -67,12 +74,14 @@ def test_authentication(host, username, password, domain):
|
|
|
Tests if authentication works correctly.
|
|
|
"""
|
|
|
|
|
|
send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-t -u {username} -p {password} -j {domain}:5222 {username}@{domain}")
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug "
|
|
|
f"--username {username}@{domain} --password {password} --jserver {domain}:5222 "
|
|
|
f"{username}@{domain}")
|
|
|
assert send.rc == 0
|
|
|
|
|
|
send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-e -u {username} -p {password} -j {domain}:5223 {username}@{domain}")
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug --tls "
|
|
|
f"--username {username}@{domain} --password {password} --jserver {domain}:5223 "
|
|
|
f"{username}@{domain}")
|
|
|
assert send.rc == 0
|
|
|
|
|
|
|
|
@@ -86,7 +95,8 @@ def test_unauthorized_users_rejected(host, target_username, target_domain):
|
|
|
group) are rejected from accessing the XMPP server.
|
|
|
"""
|
|
|
|
|
|
send = host.run(f"echo 'Hello' | sendxmpp --tls-ca-path /usr/local/share/ca-certificates/testca.crt "
|
|
|
f"-t -u noxmpp -p noxmpppassword -j {target_domain}:5222 {target_username}@{target_domain}")
|
|
|
send = host.run(f"echo 'Hello' | go-sendxmpp --debug "
|
|
|
f"--username noxmpp@{target_domain} --password noxmpppassword --jserver {target_domain}:5222 "
|
|
|
f"{target_username}@{target_domain}")
|
|
|
assert send.rc != 0
|
|
|
assert "Error 'AuthSend': error: not-authorized[?]" in send.stderr
|
|
|
assert "Unable to authorize you with the authentication credentials you've sent" in send.stderr
|