import java.io.IOException;
import java.io.UnsupportedEncodingException;
+import java.net.HttpURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;
+import java.sql.PreparedStatement;
+import java.sql.SQLException;
import java.text.SimpleDateFormat;
import java.util.Date;
-import org.cacert.gigi.IOUtils;
+import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.testUtils.IOUtils;
import org.cacert.gigi.testUtils.ManagedTest;
import org.junit.Before;
import org.junit.Test;
String error = getError("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10");
assertTrue(error, error.startsWith("</div>"));
}
+
+ @Test
+ public void testAssureFormNoCSRF() throws IOException {
+ // override csrf
+ HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
+ uc.getOutputStream()
+ .write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10")
+ .getBytes());
+ uc.getOutputStream().flush();
+ assertEquals(500, uc.getResponseCode());
+ }
+ @Test
+ public void testAssureFormWrongCSRF() throws IOException {
+ // override csrf
+ HttpURLConnection uc = (HttpURLConnection) buildupAssureFormConnection(false);
+ uc.getOutputStream()
+ .write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10&csrf=aragc")
+ .getBytes());
+ uc.getOutputStream().flush();
+ assertEquals(500, uc.getResponseCode());
+ }
+ @Test
+ public void testAssureFormRace() throws IOException, SQLException {
+ URLConnection uc = buildupAssureFormConnection(true);
+ PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+ "UPDATE `users` SET email='changed' WHERE id=?");
+ ps.setInt(1, assuree);
+ ps.execute();
+ uc.getOutputStream()
+ .write(("date=2000-01-01&location=testcase&certify=1&rules=1&CCAAgreed=1&assertion=1&points=10")
+ .getBytes());
+ uc.getOutputStream().flush();
+ String error = fetchStartErrorMessage(IOUtils.readURL(uc));
+ assertTrue(error, !error.startsWith("</div>"));
+ }
@Test
public void testAssureFormFuture() throws IOException {
SimpleDateFormat sdf = new SimpleDateFormat("YYYY");
}
private String getError(String query) throws MalformedURLException,
IOException {
- URLConnection uc = buildupAssureFormConnection();
+ URLConnection uc = buildupAssureFormConnection(true);
uc.getOutputStream().write((query).getBytes());
uc.getOutputStream().flush();
String error = fetchStartErrorMessage(IOUtils.readURL(uc));
return error;
}
- private URLConnection buildupAssureFormConnection()
+ private URLConnection buildupAssureFormConnection(boolean doCSRF)
throws MalformedURLException, IOException {
URL u = new URL("https://" + getServerName() + AssurePage.PATH + "/"
+ assuree);
URLConnection uc = u.openConnection();
uc.addRequestProperty("Cookie", cookie);
- uc.getInputStream();// request form
+ String csrf = getCSRF(uc);
uc = u.openConnection();
uc.addRequestProperty("Cookie", cookie);
uc.setDoOutput(true);
+ if (doCSRF) {
+ uc.getOutputStream().write(("csrf=" + csrf + "&").getBytes());
+ }
return uc;
}