1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* plugins/localauth/test/main.c - test modules for localauth interface */
3 /*
4 * Copyright (C) 2013 by the Massachusetts Institute of Technology.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 *
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 *
14 * * Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
24 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
28 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
30 * OF THE POSSIBILITY OF SUCH DAMAGE.
31 */
32
33 /* This file implements two testing localauth modules, each implementing
34 * clearly recognizable behavior for the localauth test script. */
35
36 #include "k5-int.h"
37 #include <krb5/localauth_plugin.h>
38
39 struct krb5_localauth_moddata_st {
40 int a;
41 int b;
42 };
43
44 static krb5_error_code
init_test(krb5_context context,krb5_localauth_moddata * data_out)45 init_test(krb5_context context, krb5_localauth_moddata *data_out)
46 {
47 krb5_localauth_moddata d;
48
49 *data_out = NULL;
50 d = malloc(sizeof(*d));
51 if (d == NULL)
52 return ENOMEM;
53 d->a = 3;
54 d->b = 4;
55 *data_out = d;
56 return 0;
57 }
58
59 static void
fini_test(krb5_context context,krb5_localauth_moddata data)60 fini_test(krb5_context context, krb5_localauth_moddata data)
61 {
62 assert(data->a == 3);
63 assert(data->b == 4);
64 free(data);
65 }
66
67 static krb5_error_code
an2ln_test(krb5_context context,krb5_localauth_moddata data,const char * type,const char * residual,krb5_const_principal aname,char ** lname_out)68 an2ln_test(krb5_context context, krb5_localauth_moddata data, const char *type,
69 const char *residual, krb5_const_principal aname, char **lname_out)
70 {
71 krb5_error_code ret;
72 char *lname = NULL;
73
74 *lname_out = NULL;
75 if (data != NULL) {
76 assert(data->a == 3);
77 assert(data->b == 4);
78 }
79 if (type == NULL) {
80 /* Map any three-component test/___/___ principal to its realm name. */
81 if (aname->length == 3 && data_eq_string(aname->data[0], "test")) {
82 lname = k5memdup0(aname->realm.data, aname->realm.length, &ret);
83 if (lname == NULL)
84 return ret;
85 }
86 } else if (strcmp(type, "TYPEA") == 0) {
87 /* Map any two-component principal to its second component. */
88 if (aname->length == 2) {
89 lname = k5memdup0(aname->data[1].data, aname->data[1].length,
90 &ret);
91 if (lname == NULL)
92 return ret;
93 }
94 } else {
95 assert(strcmp(type, "TYPEB") == 0);
96 /* Map to the residual string. */
97 lname = strdup(residual == NULL ? "(null)" : residual);
98 if (lname == NULL)
99 return ENOMEM;
100 }
101 if (lname == NULL)
102 return KRB5_LNAME_NOTRANS;
103 *lname_out = lname;
104 return 0;
105 }
106
107 static krb5_error_code
userok_test(krb5_context context,krb5_localauth_moddata data,krb5_const_principal aname,const char * lname)108 userok_test(krb5_context context, krb5_localauth_moddata data,
109 krb5_const_principal aname, const char *lname)
110 {
111 if (data != NULL) {
112 assert(data->a == 3);
113 assert(data->b == 4);
114 }
115
116 /* Return success if the number of components in the principal is equal to
117 * the length of the local name. */
118 if ((size_t)aname->length == strlen(lname))
119 return 0;
120
121 /* Pass control down if the first component is "pass". */
122 if (aname->length >= 1 && data_eq_string(aname->data[0], "pass"))
123 return KRB5_PLUGIN_NO_HANDLE;
124
125 /* Otherwise reject. */
126 return EPERM;
127 }
128
129 static void
freestr(krb5_context context,krb5_localauth_moddata data,char * str)130 freestr(krb5_context context, krb5_localauth_moddata data, char *str)
131 {
132 free(str);
133 }
134
135 krb5_error_code
136 localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
137 krb5_plugin_vtable vtable);
138 krb5_error_code
139 localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
140 krb5_plugin_vtable vtable);
141
142 krb5_error_code
localauth_test1_initvt(krb5_context context,int maj_ver,int min_ver,krb5_plugin_vtable vtable)143 localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
144 krb5_plugin_vtable vtable)
145 {
146 krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
147
148 vt->init = init_test;
149 vt->fini = fini_test;
150 vt->name = "test1";
151 vt->an2ln = an2ln_test;
152 vt->userok = userok_test;
153 vt->free_string = freestr;
154 return 0;
155 }
156
157 krb5_error_code
localauth_test2_initvt(krb5_context context,int maj_ver,int min_ver,krb5_plugin_vtable vtable)158 localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
159 krb5_plugin_vtable vtable)
160 {
161 krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
162 static const char *types[] = { "TYPEA", "TYPEB", NULL };
163
164 vt->name = "test2";
165 vt->an2ln_types = types;
166 vt->an2ln = an2ln_test;
167 vt->free_string = freestr;
168 return 0;
169 }
170