--- /dev/null
+include ../../Make.inc
+
+TESTS = user_password chap mschapv1 digest-auth-MD5 digest-auth-int \
+ digest-auth-noalgo digest-md5-sess digest-auth-MD5_Sess \
+ digest-auth_int-MD5 digest-auth_int-MD5_Sess digest-auth_int-noalgo \
+ example.com stripped.example.com
+
+EAPTESTS = eapmd5.conf
+
+.PHONY: all
+
+#
+# Build the directory for testing the server
+#
+all: tests
+
+#
+# Copy all of the files in a portable way
+#
+# Then, over-write the radiusd.conf && dictionary files with
+# entries that point to this directory, and to the modules in
+# the local build directory.
+#
+raddb/.raddb:
+ rm -rf raddb
+ @(cd ../..; tar -cf - raddb) | tar -xf -
+ @echo '$$INCLUDE ' $(top_builddir)/src/tests/dictionary.test > raddb/dictionary
+ @echo '$$INCLUDE ' $(top_builddir)/share/dictionary >> raddb/dictionary
+ @echo "raddbdir = " $(top_builddir)/src/tests/raddb > raddb/radiusd.conf
+ @echo "libdir = " $(top_builddir)/src/modules/lib >> raddb/radiusd.conf
+ @echo '$$INCLUDE ' $(top_builddir)/raddb/radiusd.conf >> raddb/radiusd.conf
+ @cp proxy.conf raddb
+ @touch raddb/.raddb
+
+tests: raddb/.raddb
+ ./runtests.sh $(TESTS)
- This is a preliminary test repository, to ensure that we have
-a collection of tests which work, and which may be used to debug/verify
-the functionality of the server.
-
- There is no test harness yet, but the tests should be of the format:
-
-#U -- entry to go in 'users' file'
-attributes...
-#R -- data received in the 'reply'
+#
+# Preliminary test harness.
+#
+# 1. Test packets go into a local file.
+# 2. Simple configuration goes into the "users" file.
+# using attributes Test-Name && Test-Number, where appropriate
+# 3. Realms go into "proxy.conf"
+# 4. We use the default "radiusd.conf" file for some simple tests.
+#
+# Type "make tests" for a series of tests that exercise (some)
+# of the server functionality.
+#
+# See "runtests.sh" for more details.
+#
--- /dev/null
+#
+# TESTS 1
+#
+User-Name = "bob",
+CHAP-Password := "bob"
--- /dev/null
+#
+# Used for internal testing
+#
+VENDOR TEST 32000
+
+BEGIN-VENDOR TEST
+ATTRIBUTE Test-Name 1 string
+ATTRIBUTE Test-Number 2 integer
+END-VENDOR TEST
#
# http://ftp6.us.freebsd.org/pub/rfc/internet-drafts/draft-smith-sipping-auth-examples-01.txt
#
-# 3.3
+# Section 3.3
#
#
# In the "users" file:
-# bob User-Password := "zanzibar"
+#
+# bob Cleartext-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+#
+#
+# How many tests we have for this input file
+#
+# TESTS 1 2
+#
User-Name = "bob",
Digest-Response = "89eb0059246c02b2f6ee02c7961d5ea3",
Digest-Realm = "biloxi.com",
Digest-Algorithm = "MD5",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
-
-
-
# bob User-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+# TESTS 1 2
+#
User-Name = "bob",
Digest-Response = "e4e4ea61d186d07a92c9e1f6919902e9",
Digest-Realm = "biloxi.com",
Digest-Algorithm = "MD5-Sess",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
-
-
-
# 3.5.2
#
#
-# In the "users" file: bob User-Password := "zanzibar"
+# In the "users" file: bob Cleartext-Password := "zanzibar"
+#
+# TESTS 1
#
User-Name = "bob",
Digest-Response = "bdbeebb2da6adb6bca02599c2239e192"
# bob User-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+# TESTS 1
+#
User-Name = "bob",
Digest-Response = "89eb0059246c02b2f6ee02c7961d5ea3",
Digest-Realm = "biloxi.com",
Digest-QOP = "auth",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
-
-
-
# bob User-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+# TESTS 1 2
+#
User-Name = "bob",
Digest-Response = "bdbeebb2da6adb6bca02599c2239e192"
Digest-Realm = "biloxi.com",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
Digest-Body-Digest = "c1ed018b8ec4a3b170c0921f5b564e48",
-
-
-
# bob User-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+#
+# TESTS 1 2
+#
User-Name = "bob",
Digest-Response = "91984da2d8663716e91554859c22ca70",
Digest-Realm = "biloxi.com",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
Digest-Body-Digest = "c1ed018b8ec4a3b170c0921f5b564e48",
-
-
# bob User-Password := "zanzibar"
# Or bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11"
#
+# TESTS 1 2
+#
User-Name = "bob",
Digest-Response = "bdbeebb2da6adb6bca02599c2239e192"
Digest-Realm = "biloxi.com",
Digest-Nonce-Count = "00000001",
Digest-CNonce = "0a4f113b",
Digest-Body-Digest = "c1ed018b8ec4a3b170c0921f5b564e48",
-
-
-
# ??
#
#
-# In the "users" file: bob User-Password := "zanzibar"
+# In the "users" file: bob Cleartext-Password := "zanzibar"
+#
+# TESTS 1
#
User-name = "bob",
Digest-Response = "e4e4ea61d186d07a92c9e1f6919902e9",
--- /dev/null
+#
+# TESTS 1
+#
+User-Name = "bob@example.com"
+User-Password = "bob"
-#U
-#Ubob User-Password == "bob"
-#U
-User-Name = "bob", MS-CHAP-Challenge = 0xb9634adc358b2ab3, MS-CHAP-Response = 0xb9010000000000000000000000000000000000000000000000007a42408782f745ef90a86fd21b0d9294132750f4af66a419
-#R
-#Rrad_recv: Access-Accept packet
-#R MS-CHAP-MPPE-Keys = 0x4318b176c3d8e3de9a936faf344359a0f1e3c9b5585b9f1f0000000000000000
-#R MS-MPPE-Encryption-Policy = 0x00000001
-#R MS-MPPE-Encryption-Types = 0x00000006
+#
+# bob Cleartext-Password := "bob"
+#
+# TESTS 1
+#
+# SHOULD get:
+#
+# MS-CHAP-MPPE-Keys = 0x4318b176c3d8e3de9a936faf344359a0f1e3c9b5585b9f1f0000000000000000
+# MS-MPPE-Encryption-Policy = 0x00000001
+# MS-MPPE-Encryption-Types = 0x00000006
+#
+User-Name = "bob",
+MS-CHAP-Challenge = 0xb9634adc358b2ab3,
+MS-CHAP-Response = 0xb9010000000000000000000000000000000000000000000000007a42408782f745ef90a86fd21b0d9294132750f4af66a419
--- /dev/null
+#
+# This is a LOCAL realm
+#
+realm example.com {
+ nostrip
+}
+
+#
+# And another one, where we strip the realm
+#
+realm stripped.example.com {
+
+}
--- /dev/null
+#!/bin/bash
+
+PORT=12340
+HOME_PORT=12350
+
+# Sends a signal which checks if the process is active (doesn't kill anything)
+function pidactive () {
+ kill -0 $1 2> /dev/null
+ return
+}
+
+# Kill a particular process
+function pidkill () {
+ kill $1 || return
+ #adjust depending how long it takes to die gracefully
+ sleep 1
+ if pidactive $1; then
+ #escalating
+ kill -9 $1
+ fi
+}
+
+# Starts the server
+function start_radiusd () {
+ ../main/radiusd -Xmd ./raddb/ -i 127.0.0.1 -p $PORT > radiusd.log 2>&1 &
+ PID=$!
+#wait for the process to startup or die...
+ sleep 3
+ if ! pidactive $PID; then
+ wait $PID
+ tail -5 radiusd.log
+ echo "Command failed with $?"
+ exit 1
+ fi
+}
+
+rm -f verbose.log
+RCODE=0
+
+rm -rf .cache
+mkdir .cache
+
+#
+# Bootstrap the tests
+#
+for NAME in $@
+do
+ TOTAL=`grep TESTS $NAME | sed 's/.*TESTS//'`
+
+ #
+ # Each test may have multiple variants.
+ #
+ for NUMBER in `echo $TOTAL`
+ do
+ cp $NAME .request
+
+ #
+ # Add the name of the test, and the variant to the request
+ #
+ echo "Test-Name = \"$NAME\"," >> .request
+ echo 'Test-Number = ' $NUMBER >> .request
+
+ mv .request .cache/$NAME:$NUMBER
+ done
+done
+
+#
+# Now run the tests
+#
+echo "Starting radiusd..."
+cp users raddb/
+start_radiusd
+echo "Running tests..."
+
+
+(cd .cache;ls -1 > ../.foo)
+rm -f .bar
+for x in `cat .foo`
+do
+ echo "-f .cache/$x" >> .bar
+done
+
+../main/radclient `cat .bar` -xFd ./raddb 127.0.0.1:$PORT auth testing123 > radclient.log 2>&1
+
+for x in `cat .foo`
+do
+ RESULT=`egrep ^\\.cache/$x radclient.log | sed 's/.* //'`
+ if [ "$RESULT" = "2" ]; then
+ echo "$x : Success"
+ else
+ echo "$x : FAILED"
+ RCODE=1
+ fi
+done
+
+
+pidkill $PID
+
+if [ "$RCODE" = "0" ]
+then
+ rm -f radiusd.log radclient.log
+ echo "All tests succeeded"
+else
+ echo "See radclient.log for more details"
+fi
+
+exit $RCODE
--- /dev/null
+#
+# TESTS 1
+#
+User-Name = "bob@stripped.example.com",
+User-Password = "bob"
-#U
-#Ubob User-Password == "bob"
-#U
-User-Name = "bob", User-Password = "bob"
-#R
-#Rrad_recv: Access-Accept packet
+#
+# Tests for clear-text password
+#
+# TESTS 1
+#
+User-Name = "bob",
+User-Password = "bob"
--- /dev/null
+#
+# A bunch of stock configurations for the tests
+#
+bob Cleartext-Password := "bob", Test-Name == "user_password"
+
+bob Cleartext-Password := "bob", Test-Name == "chap"
+
+bob Cleartext-Password := "bob", Test-Name == "mschapv1"
+
+bob Cleartext-Password := "bob", Test-Name == "stripped.example.com"
+
+bob Cleartext-Password := "zanzibar", Test-Number == 1
+
+bob Digest-HA1 := "12af60467a33e8518da5c68bbff12b11", Test-Number == 2
+
+bob@example.com Cleartext-Password := "bob", Test-Name == "example.com"
+