diff options
| author | Tomas Mraz <tm@t8m.info> | 2009-02-25 15:50:21 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2009-02-25 15:50:21 +0000 |
| commit | 1376c1565abb318a5b4d086edd7f295ee3da6b13 (patch) | |
| tree | 737d16f94d1a66516090d0bbf8a1ec3aec7afb18 /xtests | |
| parent | a95722ff38751fe28777846e8fcf115429c759b1 (diff) | |
| download | pam-1376c1565abb318a5b4d086edd7f295ee3da6b13.tar.gz pam-1376c1565abb318a5b4d086edd7f295ee3da6b13.tar.bz2 pam-1376c1565abb318a5b4d086edd7f295ee3da6b13.zip | |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
2009-02-25 Tomas Mraz <t8m@centrum.cz>
* xtests/access.conf: Add a line for name resolution test case.
* xtests/tst-pam_access4.c (main): Set PAM_RHOST for testing the LOCAL
keyword. Add a test case for name resolution.
* modules/pam_access/pam_access.c (from_match): Move name resolution
to network_netmask_match().
(network_netmask_match): Do a name resolution of the origin only if
matching against a real network/netmask.
Diffstat (limited to 'xtests')
| -rw-r--r-- | xtests/access.conf | 1 | ||||
| -rw-r--r-- | xtests/tst-pam_access4.c | 28 |
2 files changed, 25 insertions, 4 deletions
diff --git a/xtests/access.conf b/xtests/access.conf index 8088ec61..25462dd9 100644 --- a/xtests/access.conf +++ b/xtests/access.conf @@ -1,2 +1,3 @@ -:ALL EXCEPT (tstpamaccess) tstpamaccess3 :LOCAL +-:ALL:127.0.0.1 diff --git a/xtests/tst-pam_access4.c b/xtests/tst-pam_access4.c index 2b887a4d..115217f6 100644 --- a/xtests/tst-pam_access4.c +++ b/xtests/tst-pam_access4.c @@ -34,10 +34,12 @@ /* test case: - Check the following line in access.conf: + Check the following lines in access.conf: -:ALL EXCEPT tstpamaccess3 :LOCAL + -:ALL:127.0.0.1 - pam_authenticate should fail for /dev/tty1 and pass for www.example.com + pam_authenticate should fail for /dev/tty1, pass for www.example.com, + and fail again for localhost */ #ifdef HAVE_CONFIG_H @@ -121,12 +123,12 @@ main(int argc, char *argv[]) return 1; } - retval = pam_set_item (pamh, PAM_TTY, "www.example.com"); + retval = pam_set_item (pamh, PAM_RHOST, "www.example.com"); if (retval != PAM_SUCCESS) { if (debug) fprintf (stderr, - "pam_access4-2: pam_set_item(PAM_TTY) returned %d\n", + "pam_access4-2: pam_set_item(PAM_RHOST) returned %d\n", retval); return 1; } @@ -139,6 +141,24 @@ main(int argc, char *argv[]) return 1; } + retval = pam_set_item (pamh, PAM_RHOST, "localhost"); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, + "pam_access4-3: pam_set_item(PAM_RHOST) returned %d\n", + retval); + return 1; + } + + retval = pam_authenticate (pamh, 0); + if (retval != PAM_PERM_DENIED) + { + if (debug) + fprintf (stderr, "pam_access4-3: pam_authenticate returned %d\n", retval); + return 1; + } + retval = pam_end (pamh,retval); if (retval != PAM_SUCCESS) { |