Skip to content
Snippets Groups Projects
Commit 8ef2e3c1 authored by Bolke de Bruin's avatar Bolke de Bruin
Browse files

Correct handshake response

parent b28d1787
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
cmd/rdpgw/protocol/protocol_test.go
+ 53
1
View file @ 8ef2e3c1
...@@ -66,7 +66,7 @@ func TestHandshake(t *testing.T) { ...@@ -66,7 +66,7 @@ func TestHandshake(t *testing.T) {
t.Fatalf("handshakeRequest failed got ext auth %d, expected %d", extAuth, extAuth|HTTP_EXTENDED_AUTH_PAA) t.Fatalf("handshakeRequest failed got ext auth %d, expected %d", extAuth, extAuth|HTTP_EXTENDED_AUTH_PAA)
} }
data = h.handshakeResponse(0x0, 0x0, 0, ERROR_SUCCESS) data = h.handshakeResponse(0x0, 0x0, HTTP_EXTENDED_AUTH_PAA, ERROR_SUCCESS)
_, _, pkt, err = verifyPacketHeader(data, PKT_TYPE_HANDSHAKE_RESPONSE, HandshakeResponseLen) _, _, pkt, err = verifyPacketHeader(data, PKT_TYPE_HANDSHAKE_RESPONSE, HandshakeResponseLen)
if err != nil { if err != nil {
t.Fatalf("verifyHeader failed: %s", err) t.Fatalf("verifyHeader failed: %s", err)
...@@ -79,6 +79,58 @@ func TestHandshake(t *testing.T) { ...@@ -79,6 +79,58 @@ func TestHandshake(t *testing.T) {
} }
} }
func capsHelper(h Server) uint16 {
var caps uint16
if h.TokenAuth {
caps = caps | HTTP_EXTENDED_AUTH_PAA
}
if h.SmartCardAuth {
caps = caps | HTTP_EXTENDED_AUTH_SC
}
return caps
}
func TestMatchAuth(t *testing.T) {
s := &SessionInfo{}
hc := &ServerConf{
TokenAuth: false,
SmartCardAuth: false,
}
h:= NewServer(s, hc)
in := uint16(0)
caps, err := h.matchAuth(in)
if err != nil {
t.Fatalf("in caps: %x <= server caps %x, but %s", in, capsHelper(*h), err)
}
if caps > in {
t.Fatalf("returned server caps %x > client cpas %x", capsHelper(*h), in)
}
in = HTTP_EXTENDED_AUTH_PAA
caps, err = h.matchAuth(in)
if err == nil {
t.Fatalf("server cannot satisfy client caps %x but error is nil (server caps %x)", in, caps)
} else {
t.Logf("(SUCCESS) server cannot satisfy client caps : %s", err)
}
h.SmartCardAuth = true
caps, err = h.matchAuth(in)
if err == nil {
t.Fatalf("server cannot satisfy client caps %x but error is nil (server caps %x)", in, caps)
} else {
t.Logf("(SUCCESS) server cannot satisfy client caps : %s", err)
}
h.TokenAuth = true
caps, err = h.matchAuth(in)
if err != nil {
t.Fatalf("server caps %x (orig: %x) should match client request %x, %s", caps, capsHelper(*h), in, err)
}
}
func TestTunnelCreation(t *testing.T) { func TestTunnelCreation(t *testing.T) {
client := ClientConfig{ client := ClientConfig{
PAAToken: "abab", PAAToken: "abab",
... ...
......
cmd/rdpgw/protocol/server.go
+ 1
1
View file @ 8ef2e3c1
...@@ -232,7 +232,7 @@ func (s *Server) matchAuth(extAuth uint16) (caps uint16, err error) { ...@@ -232,7 +232,7 @@ func (s *Server) matchAuth(extAuth uint16) (caps uint16, err error) {
caps = caps | HTTP_EXTENDED_AUTH_PAA caps = caps | HTTP_EXTENDED_AUTH_PAA
} }
if caps & extAuth == 0 { if caps & extAuth == 0 && extAuth > 0 {
return 0, fmt.Errorf("%x has no matching capability configured (%x). Did you configure caps? ", extAuth, caps) return 0, fmt.Errorf("%x has no matching capability configured (%x). Did you configure caps? ", extAuth, caps)
} }
... ...
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment