Gitiles
Code Review Sign In
gerrit.named-data.net / NFD / HEAD / . / tests / daemon / mgmt / command-authenticator.t.cpp
blob: a4312112af653c4e9dbc186d89826bd2ea3dd584 [file] [log] [blame]
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]1/* -*- Mode:C++; c-file-style:"gnu"; indent-tabs-mode:nil; -*- */
Junxiao Shia9079802017-08-26 14:12:30 +0000[diff] [blame]2/*
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]3 * Copyright (c) 2014-2024, Regents of the University of California,
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]4 * Arizona Board of Regents,
5 * Colorado State University,
6 * University Pierre & Marie Curie, Sorbonne University,
7 * Washington University in St. Louis,
8 * Beijing Institute of Technology,
9 * The University of Memphis.
10 *
11 * This file is part of NFD (Named Data Networking Forwarding Daemon).
12 * See AUTHORS.md for complete list of NFD authors and contributors.
13 *
14 * NFD is free software: you can redistribute it and/or modify it under the terms
15 * of the GNU General Public License as published by the Free Software Foundation,
16 * either version 3 of the License, or (at your option) any later version.
17 *
18 * NFD is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
19 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
20 * PURPOSE. See the GNU General Public License for more details.
21 *
22 * You should have received a copy of the GNU General Public License along with
23 * NFD, e.g., in COPYING.md file. If not, see <http://www.gnu.org/licenses/>.
24 */
25
26#include "mgmt/command-authenticator.hpp"
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]27
Davide Pesavento78ddcab2019-02-28 22:00:03 -0500[diff] [blame]28#include "manager-common-fixture.hpp"
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]29
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]30#include <filesystem>
31
Davide Pesaventoe422f9e2022-06-03 01:30:23 -0400[diff] [blame]32namespace nfd::tests {
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]33
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]34class CommandAuthenticatorFixture : public InterestSignerFixture
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]35{
36protected:
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]37 CommandAuthenticatorFixture()
38 {
39 std::filesystem::create_directories(confDir);
40 }
41
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]42 void
43 makeModules(std::initializer_list<std::string> modules)
44 {
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]45 for (const auto& module : modules) {
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]46 authorizations.emplace(module, authenticator->makeAuthorization(module, "verb"));
47 }
48 }
49
50 void
51 loadConfig(const std::string& config)
52 {
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]53 ConfigFile cf;
54 authenticator->setConfigFile(cf);
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]55 cf.parse(config, false, confDir / "test.conf");
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]56 }
57
58 bool
59 authorize(const std::string& module, const Name& identity,
Davide Pesavento6d6f2072022-09-12 23:08:34 -0400[diff] [blame]60 const std::function<void(Interest&)>& modifyInterest = nullptr,
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]61 ndn::security::SignedInterestFormat format = ndn::security::SignedInterestFormat::V03)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]62 {
Davide Pesavento6d6f2072022-09-12 23:08:34 -0400[diff] [blame]63 Interest interest = makeControlCommandRequest(Name("/prefix/" + module + "/verb"),
64 {}, format, identity);
65 if (modifyInterest) {
Junxiao Shi8a1f1702017-07-03 00:05:08 +0000[diff] [blame]66 modifyInterest(interest);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]67 }
68
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]69 const auto& authorization = authorizations.at(module);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]70
71 bool isAccepted = false;
72 bool isRejected = false;
Junxiao Shi8a1f1702017-07-03 00:05:08 +0000[diff] [blame]73 authorization(Name("/prefix"), interest, nullptr,
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]74 [this, &isAccepted, &isRejected] (const std::string& requester) {
75 BOOST_REQUIRE_MESSAGE(!isAccepted && !isRejected,
76 "authorization function should invoke only one continuation");
77 isAccepted = true;
78 lastRequester = requester;
79 },
80 [this, &isAccepted, &isRejected] (ndn::mgmt::RejectReply act) {
81 BOOST_REQUIRE_MESSAGE(!isAccepted && !isRejected,
82 "authorization function should invoke only one continuation");
83 isRejected = true;
84 lastRejectReply = act;
85 });
86
Davide Pesaventod96744d2018-02-03 19:16:07 -0500[diff] [blame]87 this->advanceClocks(1_ms, 10);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]88 BOOST_REQUIRE_MESSAGE(isAccepted || isRejected,
89 "authorization function should invoke one continuation");
90 return isAccepted;
91 }
92
93protected:
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]94 static inline const std::filesystem::path confDir{UNIT_TESTS_TMPDIR "/command-authenticator"};
95
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]96 shared_ptr<CommandAuthenticator> authenticator = CommandAuthenticator::create();
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]97 std::unordered_map<std::string, ndn::mgmt::Authorization> authorizations;
98 std::string lastRequester;
99 ndn::mgmt::RejectReply lastRejectReply;
100};
101
102BOOST_AUTO_TEST_SUITE(Mgmt)
103BOOST_FIXTURE_TEST_SUITE(TestCommandAuthenticator, CommandAuthenticatorFixture)
104
105BOOST_AUTO_TEST_CASE(Certs)
106{
107 Name id0("/localhost/CommandAuthenticator/0");
108 Name id1("/localhost/CommandAuthenticator/1");
109 Name id2("/localhost/CommandAuthenticator/2");
Davide Pesavento21353752020-11-20 00:43:44 -0500[diff] [blame]110 BOOST_REQUIRE(m_keyChain.createIdentity(id0));
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]111 BOOST_REQUIRE(saveIdentityCert(id1, confDir / "1.ndncert", true));
112 BOOST_REQUIRE(saveIdentityCert(id2, confDir / "2.ndncert", true));
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]113
114 makeModules({"module0", "module1", "module2", "module3", "module4", "module5", "module6", "module7"});
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]115 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]116 authorizations
117 {
118 authorize
119 {
120 certfile any
121 privileges
122 {
123 module1
124 module3
125 module5
126 module7
127 }
128 }
129 authorize
130 {
131 certfile "1.ndncert"
132 privileges
133 {
134 module2
135 module3
136 module6
137 module7
138 }
139 }
140 authorize
141 {
142 certfile "2.ndncert"
143 privileges
144 {
145 module4
146 module5
147 module6
148 module7
149 }
150 }
151 }
152 )CONFIG";
153 loadConfig(config);
154
155 // module0: none
156 BOOST_CHECK_EQUAL(authorize("module0", id0), false);
157 BOOST_CHECK_EQUAL(authorize("module0", id1), false);
158 BOOST_CHECK_EQUAL(authorize("module0", id2), false);
159
160 // module1: any
161 BOOST_CHECK_EQUAL(authorize("module1", id0), true);
162 BOOST_CHECK_EQUAL(authorize("module1", id1), true);
163 BOOST_CHECK_EQUAL(authorize("module1", id2), true);
164
165 // module2: id1
166 BOOST_CHECK_EQUAL(authorize("module2", id0), false);
167 BOOST_CHECK_EQUAL(authorize("module2", id1), true);
168 BOOST_CHECK_EQUAL(authorize("module2", id2), false);
169
170 // module3: any,id1
171 BOOST_CHECK_EQUAL(authorize("module3", id0), true);
172 BOOST_CHECK_EQUAL(authorize("module3", id1), true);
173 BOOST_CHECK_EQUAL(authorize("module3", id2), true);
174
175 // module4: id2
176 BOOST_CHECK_EQUAL(authorize("module4", id0), false);
177 BOOST_CHECK_EQUAL(authorize("module4", id1), false);
178 BOOST_CHECK_EQUAL(authorize("module4", id2), true);
179
180 // module5: any,id2
181 BOOST_CHECK_EQUAL(authorize("module5", id0), true);
182 BOOST_CHECK_EQUAL(authorize("module5", id1), true);
183 BOOST_CHECK_EQUAL(authorize("module5", id2), true);
184
185 // module6: id1,id2
186 BOOST_CHECK_EQUAL(authorize("module6", id0), false);
187 BOOST_CHECK_EQUAL(authorize("module6", id1), true);
188 BOOST_CHECK_EQUAL(authorize("module6", id2), true);
189
190 // module7: any,id1,id2
191 BOOST_CHECK_EQUAL(authorize("module7", id0), true);
192 BOOST_CHECK_EQUAL(authorize("module7", id1), true);
193 BOOST_CHECK_EQUAL(authorize("module7", id2), true);
194}
195
196BOOST_AUTO_TEST_CASE(Requester)
197{
198 Name id0("/localhost/CommandAuthenticator/0");
199 Name id1("/localhost/CommandAuthenticator/1");
Davide Pesavento21353752020-11-20 00:43:44 -0500[diff] [blame]200 BOOST_REQUIRE(m_keyChain.createIdentity(id0));
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]201 BOOST_REQUIRE(saveIdentityCert(id1, confDir / "1.ndncert", true));
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]202
203 makeModules({"module0", "module1"});
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]204 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]205 authorizations
206 {
207 authorize
208 {
209 certfile any
210 privileges
211 {
212 module0
213 }
214 }
215 authorize
216 {
217 certfile "1.ndncert"
218 privileges
219 {
220 module1
221 }
222 }
223 }
224 )CONFIG";
225 loadConfig(config);
226
227 // module0: any
228 BOOST_CHECK_EQUAL(authorize("module0", id0), true);
229 BOOST_CHECK_EQUAL(lastRequester, "*");
230 BOOST_CHECK_EQUAL(authorize("module0", id1), true);
231 BOOST_CHECK_EQUAL(lastRequester, "*");
232
233 // module1: id1
234 BOOST_CHECK_EQUAL(authorize("module1", id0), false);
235 BOOST_CHECK_EQUAL(authorize("module1", id1), true);
236 BOOST_CHECK(id1.isPrefixOf(lastRequester));
237}
238
239class IdentityAuthorizedFixture : public CommandAuthenticatorFixture
240{
241protected:
242 IdentityAuthorizedFixture()
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]243 {
Davide Pesavento401d1a42024-12-19 21:10:22 -0500[diff] [blame]244 BOOST_REQUIRE(saveIdentityCert(id1, confDir / "1.ndncert", true));
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]245
246 makeModules({"module1"});
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]247 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]248 authorizations
249 {
250 authorize
251 {
252 certfile "1.ndncert"
253 privileges
254 {
255 module1
256 }
257 }
258 }
259 )CONFIG";
260 loadConfig(config);
261 }
262
263 bool
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]264 authorize1_V02(const std::function<void(Interest&)>& modifyInterest)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]265 {
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]266 return authorize("module1", id1, modifyInterest, ndn::security::SignedInterestFormat::V02);
267 }
268
269 bool
270 authorize1_V03(const std::function<void(Interest&)>& modifyInterest)
271 {
272 return authorize("module1", id1, modifyInterest, ndn::security::SignedInterestFormat::V03);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]273 }
274
275protected:
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]276 const Name id1{"/localhost/CommandAuthenticator/1"};
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]277};
278
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]279BOOST_FIXTURE_TEST_SUITE(Reject, IdentityAuthorizedFixture)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]280
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]281BOOST_AUTO_TEST_CASE(NameTooShort)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]282{
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]283 BOOST_CHECK_EQUAL(authorize1_V02(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]284 [] (Interest& interest) {
285 interest.setName("/prefix");
286 }
287 ), false);
288 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
289}
290
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]291BOOST_AUTO_TEST_CASE(BadSigInfo)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]292{
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]293 BOOST_CHECK_EQUAL(authorize1_V02(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]294 [] (Interest& interest) {
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]295 setNameComponent(interest, ndn::command_interest::POS_SIG_INFO, "not-sig-info");
296 }
297 ), false);
298 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
299
300 BOOST_CHECK_EQUAL(authorize1_V03(
301 [] (Interest& interest) {
302 auto sigInfo = interest.getSignatureInfo().value();
303 sigInfo.addCustomTlv("7F00"_block);
304 interest.setSignatureInfo(sigInfo);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]305 }
306 ), false);
307 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
308}
309
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]310BOOST_AUTO_TEST_CASE(MissingKeyLocator)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]311{
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]312 BOOST_CHECK_EQUAL(authorize1_V02(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]313 [] (Interest& interest) {
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]314 ndn::SignatureInfo sigInfo(interest.getName().at(ndn::command_interest::POS_SIG_INFO).blockFromValue());
Davide Pesaventod6ea0b12023-03-13 21:35:03 -0400[diff] [blame]315 sigInfo.setKeyLocator(std::nullopt);
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]316 setNameComponent(interest, ndn::command_interest::POS_SIG_INFO, span(sigInfo.wireEncode()));
317 }
318 ), false);
319 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
320
321 BOOST_CHECK_EQUAL(authorize1_V03(
322 [] (Interest& interest) {
323 auto sigInfo = interest.getSignatureInfo().value();
Davide Pesaventod6ea0b12023-03-13 21:35:03 -0400[diff] [blame]324 sigInfo.setKeyLocator(std::nullopt);
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]325 interest.setSignatureInfo(sigInfo);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]326 }
327 ), false);
328 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
329}
330
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]331BOOST_AUTO_TEST_CASE(BadKeyLocatorType)
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]332{
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]333 ndn::KeyLocator kl;
334 kl.setKeyDigest(ndn::makeBinaryBlock(tlv::KeyDigest, {0xDD, 0xDD, 0xDD, 0xDD, 0xDD, 0xDD}));
335
336 BOOST_CHECK_EQUAL(authorize1_V02(
337 [&kl] (Interest& interest) {
338 ndn::SignatureInfo sigInfo(tlv::SignatureSha256WithEcdsa, kl);
339 setNameComponent(interest, ndn::command_interest::POS_SIG_INFO, span(sigInfo.wireEncode()));
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]340 }
341 ), false);
342 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]343
344 BOOST_CHECK_EQUAL(authorize1_V03(
345 [&kl] (Interest& interest) {
346 auto sigInfo = interest.getSignatureInfo().value();
347 sigInfo.setKeyLocator(kl);
348 interest.setSignatureInfo(sigInfo);
349 }
350 ), false);
351 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::SILENT);
352}
353
354BOOST_AUTO_TEST_CASE(BadSigValue)
355{
356 BOOST_CHECK_EQUAL(authorize1_V02(
357 [] (Interest& interest) {
358 setNameComponent(interest, ndn::command_interest::POS_SIG_VALUE, "bad-signature");
359 }
360 ), false);
361 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
362
363 BOOST_CHECK_EQUAL(authorize1_V03(
364 [] (Interest& interest) {
365 interest.setSignatureValue({0xBA, 0xAD});
366 }
367 ), false);
368 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
369}
370
371BOOST_AUTO_TEST_CASE(MissingTimestamp)
372{
373 BOOST_CHECK_EQUAL(authorize1_V02(
374 [] (Interest& interest) {
375 setNameComponent(interest, ndn::command_interest::POS_TIMESTAMP, "not-timestamp");
376 }
377 ), false);
378 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
379
380 BOOST_CHECK_EQUAL(authorize1_V03(
381 [] (Interest& interest) {
382 auto sigInfo = interest.getSignatureInfo().value();
Davide Pesaventod6ea0b12023-03-13 21:35:03 -0400[diff] [blame]383 sigInfo.setTime(std::nullopt);
Davide Pesaventob83d3df2022-09-13 14:04:34 -0400[diff] [blame]384 interest.setSignatureInfo(sigInfo);
385 }
386 ), false);
387 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
388}
389
390BOOST_AUTO_TEST_CASE(ReplayedTimestamp)
391{
392 name::Component timestampComp;
393 BOOST_CHECK_EQUAL(authorize1_V02(
394 [&timestampComp] (const Interest& interest) {
395 timestampComp = interest.getName().at(ndn::command_interest::POS_TIMESTAMP);
396 }
397 ), true); // accept first command
398 BOOST_CHECK_EQUAL(authorize1_V02(
399 [&timestampComp] (Interest& interest) {
400 setNameComponent(interest, ndn::command_interest::POS_TIMESTAMP, timestampComp);
401 }
402 ), false); // reject second command because timestamp equals first command
403 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
404
405 time::system_clock::time_point tp;
406 BOOST_CHECK_EQUAL(authorize1_V03(
407 [&tp] (const Interest& interest) {
408 tp = interest.getSignatureInfo().value().getTime().value();
409 }
410 ), true); // accept first command
411 BOOST_CHECK_EQUAL(authorize1_V03(
412 [&tp] (Interest& interest) {
413 auto sigInfo = interest.getSignatureInfo().value();
414 sigInfo.setTime(tp);
415 interest.setSignatureInfo(sigInfo);
416 }
417 ), false); // reject second command because timestamp equals first command
418 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]419}
420
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]421BOOST_AUTO_TEST_CASE(NotAuthorized)
422{
423 Name id0("/localhost/CommandAuthenticator/0");
Davide Pesavento21353752020-11-20 00:43:44 -0500[diff] [blame]424 BOOST_REQUIRE(m_keyChain.createIdentity(id0));
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]425
426 BOOST_CHECK_EQUAL(authorize("module1", id0), false);
427 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
428}
429
Davide Pesaventod96744d2018-02-03 19:16:07 -0500[diff] [blame]430BOOST_FIXTURE_TEST_CASE(MissingAuthorizationsSection, CommandAuthenticatorFixture)
431{
432 Name id0("/localhost/CommandAuthenticator/0");
Davide Pesavento21353752020-11-20 00:43:44 -0500[diff] [blame]433 BOOST_REQUIRE(m_keyChain.createIdentity(id0));
Davide Pesaventod96744d2018-02-03 19:16:07 -0500[diff] [blame]434
435 makeModules({"module42"});
436 loadConfig("");
437
438 BOOST_CHECK_EQUAL(authorize("module42", id0), false);
439 BOOST_CHECK(lastRejectReply == ndn::mgmt::RejectReply::STATUS403);
440}
441
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]442BOOST_AUTO_TEST_SUITE_END() // Reject
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]443
444BOOST_AUTO_TEST_SUITE(BadConfig)
445
446BOOST_AUTO_TEST_CASE(EmptyAuthorizationsSection)
447{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]448 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]449 authorizations
450 {
451 }
452 )CONFIG";
453
454 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
455}
456
457BOOST_AUTO_TEST_CASE(UnrecognizedKey)
458{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]459 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]460 authorizations
461 {
462 unrecognized_key
463 {
464 }
465 }
466 )CONFIG";
467
468 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
469}
470
471BOOST_AUTO_TEST_CASE(CertfileMissing)
472{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]473 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]474 authorizations
475 {
476 authorize
477 {
478 privileges
479 {
480 }
481 }
482 }
483 )CONFIG";
484
485 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
486}
487
488BOOST_AUTO_TEST_CASE(CertUnreadable)
489{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]490 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]491 authorizations
492 {
493 authorize
494 {
495 certfile "1.ndncert"
496 privileges
497 {
498 }
499 }
500 }
501 )CONFIG";
502
503 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
504}
505
506BOOST_AUTO_TEST_CASE(PrivilegesMissing)
507{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]508 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]509 authorizations
510 {
511 authorize
512 {
513 certfile any
514 }
515 }
516 )CONFIG";
517
518 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
519}
520
521BOOST_AUTO_TEST_CASE(UnregisteredModule)
522{
Davide Pesavento20cafa82022-07-25 01:15:03 -0400[diff] [blame]523 const std::string config = R"CONFIG(
Junxiao Shid7631272016-08-17 04:16:31 +0000[diff] [blame]524 authorizations
525 {
526 authorize
527 {
528 certfile any
529 privileges
530 {
531 nosuchmodule
532 }
533 }
534 }
535 )CONFIG";
536
537 BOOST_CHECK_THROW(loadConfig(config), ConfigFile::Error);
538}
539
540BOOST_AUTO_TEST_SUITE_END() // BadConfig
541
542BOOST_AUTO_TEST_SUITE_END() // TestCommandAuthenticator
543BOOST_AUTO_TEST_SUITE_END() // Mgmt
544
Davide Pesaventoe422f9e2022-06-03 01:30:23 -0400[diff] [blame]545} // namespace nfd::tests