From 72bcf614b2a5e5f281ca4372fa7dfccf1e6a3c43 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Sat, 5 Aug 2006 08:03:11 +0000 Subject: Relevant BUGIDs: Purpose of commit: new feature Commit summary: --------------- Add xtests to allow checks for PAM functions only doable in installed system. 2006-08-05 Thorsten Kukuk * configure.in: Generate xtests/Makefile. * Makefile.am (SUBDIRS): Add xtests. * README: Document make check and make xtests. * xtests/Makefile.am: New. * xtests/tst-pam_dispatch1.pamd: New. * xtests/tst-pam_dispatch2.pamd: New. * xtests/tst-pam_dispatch3.pamd: New. * xtests/tst-pam_dispatch1.c: New. * xtests/tst-pam_dispatch2.c: New. * xtests/tst-pam_dispatch3.c: New. --- xtests/.cvsignore | 7 +++++ xtests/Makefile.am | 45 +++++++++++++++++++++++++++++++ xtests/tst-pam_dispatch1.c | 62 +++++++++++++++++++++++++++++++++++++++++++ xtests/tst-pam_dispatch1.pamd | 3 +++ xtests/tst-pam_dispatch2.c | 61 ++++++++++++++++++++++++++++++++++++++++++ xtests/tst-pam_dispatch2.pamd | 3 +++ xtests/tst-pam_dispatch3.c | 50 ++++++++++++++++++++++++++++++++++ xtests/tst-pam_dispatch3.pamd | 6 +++++ 8 files changed, 237 insertions(+) create mode 100644 xtests/.cvsignore create mode 100644 xtests/Makefile.am create mode 100644 xtests/tst-pam_dispatch1.c create mode 100644 xtests/tst-pam_dispatch1.pamd create mode 100644 xtests/tst-pam_dispatch2.c create mode 100644 xtests/tst-pam_dispatch2.pamd create mode 100644 xtests/tst-pam_dispatch3.c create mode 100644 xtests/tst-pam_dispatch3.pamd (limited to 'xtests') diff --git a/xtests/.cvsignore b/xtests/.cvsignore new file mode 100644 index 00000000..1a2b5211 --- /dev/null +++ b/xtests/.cvsignore @@ -0,0 +1,7 @@ +Makefile +Makefile.in +.deps +.libs +tst-pam_dispatch1 +tst-pam_dispatch2 +tst-pam_dispatch3 diff --git a/xtests/Makefile.am b/xtests/Makefile.am new file mode 100644 index 00000000..622e3e59 --- /dev/null +++ b/xtests/Makefile.am @@ -0,0 +1,45 @@ +# +# Copyright (c) 2006 Thorsten Kukuk +# + +AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include +AM_LDFLAGS = -L$(top_builddir)/libpam -lpam + +CLEANFILES = *~ + +EXTRA_DIST = tst-pam_dispatch1.pamd tst-pam_dispatch2.pamd \ + tst-pam_dispatch3.pamd + +XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 + +noinst_PROGRAMS = $(XTESTS) + +tst_pam_dispatch1_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc +tst_pam_dispatch2_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc +tst_pam_dispatch3_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc + +xtests: $(XTESTS) + @failed=0; pass=0; all=0; \ + for testname in $(XTESTS) ; do \ + install -m 644 $$testname.pamd /etc/pam.d/$$testname ; \ + ./$$testname > /dev/null ; \ + if test $$? -ne 0 ; then \ + echo "FAIL: $$testname" ; \ + failed=`expr $$failed + 1`; \ + else \ + echo "PASS: $$testname" ; \ + pass=`expr $$pass + 1`; \ + fi ; \ + all=`expr $$all + 1` ; \ + rm -f /etc/pam.d/$$testname ; \ + done ; \ + if test "$$failed" -ne 0; then \ + echo "===================" ; \ + echo "$$failed of $$all tests failed" ; \ + echo "===================" ; \ + exit 1 ; \ + else \ + echo "==================" ; \ + echo "All $$all tests passed" ; \ + echo "==================" ; \ + fi diff --git a/xtests/tst-pam_dispatch1.c b/xtests/tst-pam_dispatch1.c new file mode 100644 index 00000000..0fb5bdef --- /dev/null +++ b/xtests/tst-pam_dispatch1.c @@ -0,0 +1,62 @@ + +#include +#include +#include + +static struct pam_conv conv = { + misc_conv, + NULL +}; + +static int debug = 0; + +/* + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859 + + This stack should not return PAM_IGNORE to the application: + auth [default=bad] pam_debug.so auth=ignore +*/ +static int +test1 (void) +{ + pam_handle_t *pamh=NULL; + const char *user="nobody"; + int retval; + + retval = pam_start("tst-pam_dispatch1", user, &conv, &pamh); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test1: pam_start returned %d\n", retval); + return 1; + } + + retval = pam_authenticate(pamh, 0); + if (retval != PAM_PERM_DENIED) + { + if (debug) + fprintf (stderr, "test1: pam_authenticate returned %d\n", retval); + return 1; + } + + retval = pam_end(pamh,retval); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test1: pam_end returned %d\n", retval); + return 1; + } + return 0; +} + + +int main(int argc, char *argv[]) +{ + if (argc > 1 && strcmp (argv[1], "-d") == 0) + debug = 1; + + if (test1 ()) + return 1; + + return 0; +} diff --git a/xtests/tst-pam_dispatch1.pamd b/xtests/tst-pam_dispatch1.pamd new file mode 100644 index 00000000..9bfc87c5 --- /dev/null +++ b/xtests/tst-pam_dispatch1.pamd @@ -0,0 +1,3 @@ +# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859 +# This stack should not return PAM_IGNORE to the application: +auth [default=bad] pam_debug.so auth=ignore diff --git a/xtests/tst-pam_dispatch2.c b/xtests/tst-pam_dispatch2.c new file mode 100644 index 00000000..181484f9 --- /dev/null +++ b/xtests/tst-pam_dispatch2.c @@ -0,0 +1,61 @@ + +#include +#include +#include + +static struct pam_conv conv = { + misc_conv, + NULL +}; + +static int debug = 0; + +/* + https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859 + + This stack should not return PAM_IGNORE to the application: + auth [default=die] pam_debug.so auth=ignore +*/ +static int +test2 (void) +{ + pam_handle_t *pamh=NULL; + const char *user="nobody"; + int retval; + + retval = pam_start("tst-pam_dispatch2", user, &conv, &pamh); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test2: pam_start returned %d\n", retval); + return 1; + } + + retval = pam_authenticate(pamh, 0); + if (retval != PAM_PERM_DENIED) + { + if (debug) + fprintf (stderr, "test2: pam_authenticate returned %d\n", retval); + return 1; + } + + retval = pam_end(pamh,retval); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test2: pam_end returned %d\n", retval); + return 1; + } + return 0; +} + +int main(int argc, char *argv[]) +{ + if (argc > 1 && strcmp (argv[1], "-d") == 0) + debug = 1; + + if (test2 ()) + return 1; + + return 0; +} diff --git a/xtests/tst-pam_dispatch2.pamd b/xtests/tst-pam_dispatch2.pamd new file mode 100644 index 00000000..79f52609 --- /dev/null +++ b/xtests/tst-pam_dispatch2.pamd @@ -0,0 +1,3 @@ +# https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196859 +# This stack should not return PAM_IGNORE to the application: +auth [default=die] pam_debug.so auth=ignore diff --git a/xtests/tst-pam_dispatch3.c b/xtests/tst-pam_dispatch3.c new file mode 100644 index 00000000..76f3a940 --- /dev/null +++ b/xtests/tst-pam_dispatch3.c @@ -0,0 +1,50 @@ + +#include +#include +#include + +static struct pam_conv conv = { + misc_conv, + NULL +}; + + +/* Check that errors of optional modules are ignored and that + required modules after a sufficient one are not executed. */ + +int +main(int argc, char *argv[]) +{ + pam_handle_t *pamh=NULL; + const char *user="nobody"; + int retval; + int debug = 0; + + if (argc > 1 && strcmp (argv[1], "-d") == 0) + debug = 1; + + retval = pam_start("tst-pam_dispatch3", user, &conv, &pamh); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test3: pam_start returned %d\n", retval); + return 1; + } + + retval = pam_authenticate(pamh, 0); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test3: pam_authenticate returned %d\n", retval); + return 1; + } + + retval = pam_end(pamh,retval); + if (retval != PAM_SUCCESS) + { + if (debug) + fprintf (stderr, "test3: pam_end returned %d\n", retval); + return 1; + } + return 0; +} diff --git a/xtests/tst-pam_dispatch3.pamd b/xtests/tst-pam_dispatch3.pamd new file mode 100644 index 00000000..8172c5f2 --- /dev/null +++ b/xtests/tst-pam_dispatch3.pamd @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth optional pam_debug.so auth=auth_err +auth sufficient pam_debug.so auth=success +auth required pam_debug.so auth=perm_denied +account required pam_debug.so acct=acct_expired + -- cgit v1.2.3