diff --git a/mitmproxy/addons/proxyauth.py b/mitmproxy/addons/proxyauth.py index 8e90dd088..e656421e1 100644 --- a/mitmproxy/addons/proxyauth.py +++ b/mitmproxy/addons/proxyauth.py @@ -115,7 +115,6 @@ class ProxyAuth: conn.search(parts[1][1:], '(' + parts[0] + username + ')', attributes=['objectclass']) if ctx.options.proxyauth.split(":")[3] in conn.entries[0]['objectclass']: return username, password - return None def authenticate(self, f: http.HTTPFlow) -> bool: diff --git a/setup.py b/setup.py index 8f032b37a..c8a1fe206 100644 --- a/setup.py +++ b/setup.py @@ -71,7 +71,7 @@ setup( "hyperframe>=5.0, <6", "jsbeautifier>=1.6.3, <1.7", "kaitaistruct>=0.7, <0.8", - "ldap3>=2.2.0, <2.2.1", + "ldap3>=2.2.0, <2.2.3", "passlib>=1.6.5, <1.8", "pyasn1>=0.1.9, <0.3", "pyOpenSSL>=16.0, <17.1", diff --git a/test/mitmproxy/addons/test_proxyauth.py b/test/mitmproxy/addons/test_proxyauth.py index 6311e97e9..fa02d119d 100644 --- a/test/mitmproxy/addons/test_proxyauth.py +++ b/test/mitmproxy/addons/test_proxyauth.py @@ -2,6 +2,7 @@ import binascii import ldap3 import pytest +from _pytest.monkeypatch import MonkeyPatch from mitmproxy import exceptions from mitmproxy.addons import proxyauth @@ -42,16 +43,20 @@ def test_configure(): ctx.configure(up, proxyauth=None) assert not up.nonanonymous - ctx.configure(up, proxyauth="ldap:ldap.forumsys.com:uid=?,dc=example,dc=com:person") + ctx.configure(up, proxyauth="ldap:fake_server:fake_dn:fake_group") assert up.ldapserver - ctx.configure(up, proxyauth="ldaps:ldap.forumsys.com:uid=?,dc=example,dc=com:person") + + + ctx.configure(up, proxyauth="ldap:fake_server:uid=?,dc=example,dc=com:person") + assert up.ldapserver + ctx.configure(up, proxyauth="ldaps:fake_server.com:uid=?,dc=example,dc=com:person") assert up.ldapserver with pytest.raises(exceptions.OptionsError): - ctx.configure(up, proxyauth="ldap:ldap.forumsys.comuid=?dc=example,dc=com:person") + ctx.configure(up, proxyauth="ldap:fake_serveruid=?dc=example,dc=com:person") with pytest.raises(exceptions.OptionsError): - ctx.configure(up, proxyauth="ldapssssssss:ldap.forumsys.com:uid=?,dc=example,dc=com:person") + ctx.configure(up, proxyauth="ldapssssssss:fake_server.com:uid=?,dc=example,dc=com:person") with pytest.raises(exceptions.OptionsError): ctx.configure( @@ -79,7 +84,7 @@ def test_configure(): ctx.configure(up, proxyauth="any", mode="socks5") -def test_check(): +def test_check(monkeypatch): up = proxyauth.ProxyAuth() with taddons.context() as ctx: ctx.configure(up, proxyauth="any", mode="regular") @@ -121,23 +126,25 @@ def test_check(): ) assert not up.check(f) + ctx.configure( up, - proxyauth="ldap:ldap.forumsys.com:uid=?,dc=example,dc=com:person" + proxyauth="ldap:fake-server:cn=?,ou=test,o=lab:test" ) + conn = ldap3.Connection("fake-server", user="cn=user0,ou=test,o=lab", password="password", client_strategy=ldap3.MOCK_SYNC) + conn.bind() + conn.strategy.add_entry('cn=user0,ou=test,o=lab', {'userPassword': 'test0', 'sn': 'user0_sn', 'revision': 0, 'objectClass': 'test'}) + def conn_mp(ldap, user, password, **kwargs): + return conn + monkeypatch.setattr(ldap3, "Connection", conn_mp) f.request.headers["Proxy-Authorization"] = proxyauth.mkauth( - "einstein", "password" + "user0", "test0" ) assert up.check(f) f.request.headers["Proxy-Authorization"] = proxyauth.mkauth( "", "" ) assert not up.check(f) - with pytest.raises(ldap3.core.exceptions.LDAPBindError): - f.request.headers["Proxy-Authorization"] = proxyauth.mkauth( - "einstein", "foo" - ) - assert not up.check(f) def test_authenticate():