Rev 2435: Check digest robustness. in http://bazaar.launchpad.net/~bzr/bzr/bzr.http.auth

Vincent Ladeuil v.ladeuil+lp at free.fr
Sun Apr 22 12:03:01 BST 2007 

At http://bazaar.launchpad.net/~bzr/bzr/bzr.http.auth

------------------------------------------------------------
revno: 2435
revision-id: v.ladeuil+lp at free.fr-20070422110259-dx0e5do9dzzf0qjt
parent: v.ladeuil+lp at free.fr-20070422100132-98l662vmscalaiin
committer: Vincent Ladeuil <v.ladeuil+lp at free.fr>
branch nick: bzr.http.auth
timestamp: Sun 2007-04-22 13:02:59 +0200
message:
  Check digest robustness.
  
  * bzrlib/tests/test_http.py:
  (TestDigestAuth.test_changing_nonce): New robustness digest test.
modified:
  bzrlib/tests/test_http.py      testhttp.py-20051018020158-b2eef6e867c514d9
-------------- next part --------------
=== modified file 'bzrlib/tests/test_http.py'
--- a/bzrlib/tests/test_http.py	2007-04-21 20:39:06 +0000
+++ b/bzrlib/tests/test_http.py	2007-04-22 11:02:59 +0000
@@ -1293,7 +1293,26 @@
         return ProxyBasicAuthServer()
 
 
-class TestHTTPDigestAuth(TestHTTPAuth, TestCaseWithWebserver):
+class TestDigestAuth(object):
+    """Digest Authentication specific tests"""
+
+    def test_changing_nonce(self):
+        self.server.add_user('joe', 'foo')
+        t = self.get_user_transport('joe', 'foo')
+        self.assertEqual('contents of a\n', t.get('a').read())
+        self.assertEqual('contents of b\n', t.get('b').read())
+        # Only one 'Authentication Required' error should have
+        # occured so far
+        self.assertEqual(1, self.server.auth_required_errors)
+        # So far, so good, let's have fun now
+        self.server.auth_nonce = self.server.auth_nonce + 'tagada'
+        self.assertEqual('contents of a\n', t.get('a').read())
+        # Two 'Authentication Required' error should occur (the
+        # initial 'who are you' and a second 'who are you' with the new nonce)
+        self.assertEqual(2, self.server.auth_required_errors)
+
+
+class TestHTTPDigestAuth(TestHTTPAuth, TestDigestAuth, TestCaseWithWebserver):
     """Test http digest authentication scheme"""
 
     _transport = HttpTransport_urllib
@@ -1302,7 +1321,8 @@
         return HTTPDigestAuthServer()
 
 
-class TestHTTPProxyDigestAuth(TestProxyAuth, TestCaseWithWebserver):
+class TestHTTPProxyDigestAuth(TestProxyAuth, TestDigestAuth,
+                              TestCaseWithWebserver):
     """Test proxy digest authentication scheme"""
 
     _transport = HttpTransport_urllib

More information about the bazaar-commits mailing list