diff options
Diffstat (limited to 'src/plugins/localauth/test/main.c')
| -rw-r--r-- | src/plugins/localauth/test/main.c | 169 |
1 files changed, 169 insertions, 0 deletions
diff --git a/src/plugins/localauth/test/main.c b/src/plugins/localauth/test/main.c new file mode 100644 index 000000000..9e96900bc --- /dev/null +++ b/src/plugins/localauth/test/main.c @@ -0,0 +1,169 @@ +/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +/* plugins/localauth/test/main.c - test modules for localauth interface */ +/* + * Copyright (C) 2013 by the Massachusetts Institute of Technology. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* This file implements two testing localauth modules, each implementing + * clearly recognizable behavior for the localauth test script. */ + +#include "k5-int.h" +#include <krb5/localauth_plugin.h> + +struct krb5_localauth_moddata_st { + int a; + int b; +}; + +static krb5_error_code +init_test(krb5_context context, krb5_localauth_moddata *data_out) +{ + krb5_localauth_moddata d; + + *data_out = NULL; + d = malloc(sizeof(*d)); + if (d == NULL) + return ENOMEM; + d->a = 3; + d->b = 4; + *data_out = d; + return 0; +} + +static void +fini_test(krb5_context context, krb5_localauth_moddata data) +{ + assert(data->a == 3); + assert(data->b == 4); + free(data); +} + +static krb5_error_code +an2ln_test(krb5_context context, krb5_localauth_moddata data, const char *type, + const char *residual, krb5_const_principal aname, char **lname_out) +{ + krb5_error_code ret; + char *lname = NULL; + + *lname_out = NULL; + if (data != NULL) { + assert(data->a == 3); + assert(data->b == 4); + } + if (type == NULL) { + /* Map any three-component test/___/___ principal to its realm name. */ + if (aname->length == 3 && data_eq_string(aname->data[0], "test")) { + lname = k5memdup0(aname->realm.data, aname->realm.length, &ret); + if (lname == NULL) + return ret; + } + } else if (strcmp(type, "TYPEA") == 0) { + /* Map any two-component principal to its second component. */ + if (aname->length == 2) { + lname = k5memdup0(aname->data[1].data, aname->data[1].length, + &ret); + if (lname == NULL) + return ret; + } + } else { + assert(strcmp(type, "TYPEB") == 0); + /* Map to the residual string. */ + lname = strdup(residual == NULL ? "(null)" : residual); + if (lname == NULL) + return ENOMEM; + } + if (lname == NULL) + return KRB5_LNAME_NOTRANS; + *lname_out = lname; + return 0; +} + +static krb5_error_code +userok_test(krb5_context context, krb5_localauth_moddata data, + krb5_const_principal aname, const char *lname) +{ + if (data != NULL) { + assert(data->a == 3); + assert(data->b == 4); + } + + /* Return success if the number of components in the principal is equal to + * the length of the local name. */ + if ((size_t)aname->length == strlen(lname)) + return 0; + + /* Pass control down if the first component is "pass". */ + if (aname->length >= 1 && data_eq_string(aname->data[0], "pass")) + return KRB5_PLUGIN_NO_HANDLE; + + /* Otherwise reject. */ + return EPERM; +} + +static void +freestr(krb5_context context, krb5_localauth_moddata data, char *str) +{ + free(str); +} + +krb5_error_code +localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable); +krb5_error_code +localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable); + +krb5_error_code +localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable) +{ + krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable; + + vt->init = init_test; + vt->fini = fini_test; + vt->name = "test1"; + vt->an2ln = an2ln_test; + vt->userok = userok_test; + vt->free_string = freestr; + return 0; +} + +krb5_error_code +localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver, + krb5_plugin_vtable vtable) +{ + krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable; + static const char *types[] = { "TYPEA", "TYPEB", NULL }; + + vt->name = "test2"; + vt->an2ln_types = types; + vt->an2ln = an2ln_test; + vt->free_string = freestr; + return 0; +} |