54 lines
1.8 KiB
Rust
54 lines
1.8 KiB
Rust
//! UDP-focused authentication integration tests.
|
|
|
|
#[path = "../support/mod.rs"]
|
|
mod support;
|
|
|
|
mod helpers;
|
|
|
|
use crate::support::stun_builders::{build_allocate_request, extract_error_code, parse};
|
|
use helpers::*;
|
|
use niom_turn::alloc::AllocationManager;
|
|
use support::{default_test_credentials, init_tracing, test_auth_manager};
|
|
use tokio::net::UdpSocket;
|
|
|
|
#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
|
|
async fn udp_rejects_unknown_user_after_nonce() {
|
|
init_tracing();
|
|
let (username, password) = default_test_credentials();
|
|
let auth = test_auth_manager(username, password);
|
|
let allocs = AllocationManager::new();
|
|
let server_addr = spawn_udp_server(auth.clone(), allocs.clone()).await;
|
|
|
|
let client = UdpSocket::bind("127.0.0.1:0").await.expect("client bind");
|
|
|
|
// Trigger initial challenge to receive nonce
|
|
let request = build_allocate_request(None, None, None, None, None);
|
|
client
|
|
.send_to(&request, server_addr)
|
|
.await
|
|
.expect("send challenge");
|
|
let mut buf = [0u8; 1500];
|
|
let (len, _) = client.recv_from(&mut buf).await.expect("recv nonce");
|
|
let resp = parse(&buf[..len]);
|
|
let nonce = extract_nonce(&resp).expect("nonce attr");
|
|
|
|
// Attempt to authenticate with an unknown username
|
|
let intruder = "intruder";
|
|
let key = niom_turn::auth::compute_a1_md5(intruder, auth.realm(), "wrongpass");
|
|
let request = build_allocate_request(
|
|
Some(intruder),
|
|
Some(auth.realm()),
|
|
Some(&nonce),
|
|
Some(&key),
|
|
Some(600),
|
|
);
|
|
client
|
|
.send_to(&request, server_addr)
|
|
.await
|
|
.expect("send invalid auth allocate");
|
|
let (len, _) = client.recv_from(&mut buf).await.expect("recv reject");
|
|
let resp = parse(&buf[..len]);
|
|
let code = extract_error_code(&resp).expect("error code attr");
|
|
assert_eq!(code, 401);
|
|
}
|