commit apache2-mod_authn_otp for openSUSE:Factory

h_root Mon, 19 Oct 2015 15:05:54 -0700

Hello community,

here is the log from the commit of package apache2-mod_authn_otp for 
openSUSE:Factory checked in at 2015-10-19 22:51:31
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apache2-mod_authn_otp (Old)
 and      /work/SRC/openSUSE:Factory/.apache2-mod_authn_otp.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "apache2-mod_authn_otp"

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/apache2-mod_authn_otp/apache2-mod_authn_otp.changes  
    2015-07-20 11:21:40.000000000 +0200
+++ 
/work/SRC/openSUSE:Factory/.apache2-mod_authn_otp.new/apache2-mod_authn_otp.changes
 2015-10-20 00:05:28.000000000 +0200
@@ -1,0 +2,15 @@
+Sun Oct  4 13:40:20 UTC 2015 - [email protected]
+
+- %check for apache 2.2 again
+
+-------------------------------------------------------------------
+Thu Oct  1 11:00:38 UTC 2015 - [email protected]
+
+- do not %check for apache 2.2
+
+-------------------------------------------------------------------
+Fri Sep 25 09:08:31 UTC 2015 - [email protected]
+
+- test module with %apache_test_module_curl
+
+-------------------------------------------------------------------

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ apache2-mod_authn_otp.spec ++++++
--- /var/tmp/diff_new_pack.PY3atx/_old  2015-10-20 00:05:28.000000000 +0200
+++ /var/tmp/diff_new_pack.PY3atx/_new  2015-10-20 00:05:28.000000000 +0200
@@ -28,6 +28,7 @@
 Source:         
https://s3.amazonaws.com/archie-public/mod-authn-otp/%{mod_name}-%{version}.tar.gz
 BuildRequires:  apache-rpm-macros
 BuildRequires:  apache2-devel
+BuildRequires:  curl
 Requires:       %{apache_mmn}
 Requires:       %{apache_suse_maintenance_mmn}
 Provides:       otptool = %{version}
@@ -77,6 +78,81 @@
 install -d %{buildroot}%{apache_libexecdir}
 make DESTDIR=%{buildroot} install %{?_smp_mflags}
 
+%check
+# see https://github.com/archiecobbs/mod-authn-otp/blob/master/README.md
+# for details
+set +x
+# secret token
+test_token='a4d8acbddef654fccc418db4cc2f85cea6339f00'
+test_user='wilma'
+mkdir -p %{apache_test_module_dir}/htdocs/protected
+# create protected document
+cat << EOF > %{apache_test_module_dir}/htdocs/protected/index.html
+RESTRICTED AREA BY OTP
+EOF
+# create initial UsersFile
+echo "HOTP $test_user - $test_token" > %{apache_test_module_dir}/users-file
+# create module configuration
+cat << EOF > %{apache_test_module_dir}/mod_authn_otp-test.conf
+<Directory %{apache_test_module_dir}/htdocs/protected>
+  AuthType           basic
+  AuthName          "Very Secret Area"
+  AuthBasicProvider OTP
+  Require           valid-user
+  OTPAuthUsersFile %{apache_test_module_dir}/users-file
+  OTPAuthMaxLinger 2
+</Directory>
+EOF
+exit_code=0
+%if "%{apache_branch}" != "2.2"
+# 2.4 and up
+base_authn_module='authn_core'
+%else
+base_authn_module='authn_default'
+%endif
+# start apache test instance
+%apache_test_module_start_apache -m $base_authn_module:authz_user:authn_otp -i 
mod_authn_otp-test.conf
+echo
+echo 'Testing protected/index.html output'
+# figure out password for first access
+pass=$(./otptool -c 0 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ 
\t]*\([0-9]*\)[ \t]*.*@\1@')
+echo 'Test 1: testing first password'
+%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
+grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=1
+# next access with the same password within the linger time should be allowed
+echo 'Test 2: testing first password in linger time'
+%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
+grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=2
+# sleeping to get after linger time
+sleep 2
+# next access with the same password after linger time should not be allowed
+echo 'Test 3: testing first password after linger time'
+%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
+grep '<title>.*401.*</title>' output.txt || exit_code=3
+# figure out second password (counter increased by one)
+echo 'Test 4: testing second password'
+pass=$(./otptool -c 1 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ 
\t]*\([0-9]*\)[ \t]*.*@\1@')
+%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
+grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=4
+# increasing counter again, generating new password
+echo 'Test 5: testing third password in linger time of second password'
+pass=$(./otptool -c 2 a4d8acbddef654fccc418db4cc2f85cea6339f00 | sed 's@.*:[ 
\t]*\([0-9]*\)[ \t]*.*@\1@')
+# access with the third password should be allowed even if linger time
+# of the previous one have not expired
+%apache_test_module_curl -u $test_user:$pass -d /protected/ -o output.txt
+grep 'RESTRICTED AREA BY OTP' output.txt || exit_code=5
+echo -n 'Result: '
+if [ $exit_code -eq 0 ]; then
+  echo 'SUCCESS'
+else
+  echo "FAILED (last failed test: $exit_code), error_log:"
+  cat %{apache_test_module_dir}/error_log
+fi
+echo
+%apache_test_module_stop_apache
+set -x
+exit $exit_code
+
 %files
 %defattr(-,root,root,-)
 %{apache_libexecdir}/%{mod_name}.so

commit apache2-mod_authn_otp for openSUSE:Factory

Reply via email to