xref: /freebsd/crypto/krb5/src/plugins/localauth/test/main.c (revision d0ff5773cefaf3fa41b1be3e44ca35bd9d5f68ee) 
1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* plugins/localauth/test/main.c - test modules for localauth interface */
3 /*
4  * Copyright (C) 2013 by the Massachusetts Institute of Technology.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  *
11  * * Redistributions of source code must retain the above copyright
12  *   notice, this list of conditions and the following disclaimer.
13  *
14  * * Redistributions in binary form must reproduce the above copyright
15  *   notice, this list of conditions and the following disclaimer in
16  *   the documentation and/or other materials provided with the
17  *   distribution.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23  * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
24  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
28  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
30  * OF THE POSSIBILITY OF SUCH DAMAGE.
31  */
32 
33 /* This file implements two testing localauth modules, each implementing
34  * clearly recognizable behavior for the localauth test script. */
35 
36 #include "k5-int.h"
37 #include <krb5/localauth_plugin.h>
38 
39 struct krb5_localauth_moddata_st {
40     int a;
41     int b;
42 };
43 
44 static krb5_error_code
45 init_test(krb5_context context, krb5_localauth_moddata *data_out)
46 {
47     krb5_localauth_moddata d;
48 
49     *data_out = NULL;
50     d = malloc(sizeof(*d));
51     if (d == NULL)
52         return ENOMEM;
53     d->a = 3;
54     d->b = 4;
55     *data_out = d;
56     return 0;
57 }
58 
59 static void
60 fini_test(krb5_context context, krb5_localauth_moddata data)
61 {
62     assert(data->a == 3);
63     assert(data->b == 4);
64     free(data);
65 }
66 
67 static krb5_error_code
68 an2ln_test(krb5_context context, krb5_localauth_moddata data, const char *type,
69            const char *residual, krb5_const_principal aname, char **lname_out)
70 {
71     krb5_error_code ret;
72     char *lname = NULL;
73 
74     *lname_out = NULL;
75     if (data != NULL) {
76         assert(data->a == 3);
77         assert(data->b == 4);
78     }
79     if (type == NULL) {
80         /* Map any three-component test/___/___ principal to its realm name. */
81         if (aname->length == 3 && data_eq_string(aname->data[0], "test")) {
82             lname = k5memdup0(aname->realm.data, aname->realm.length, &ret);
83             if (lname == NULL)
84                 return ret;
85         }
86     } else if (strcmp(type, "TYPEA") == 0) {
87         /* Map any two-component principal to its second component. */
88         if (aname->length == 2) {
89             lname = k5memdup0(aname->data[1].data, aname->data[1].length,
90                               &ret);
91             if (lname == NULL)
92                 return ret;
93         }
94     } else {
95         assert(strcmp(type, "TYPEB") == 0);
96         /* Map to the residual string. */
97         lname = strdup(residual == NULL ? "(null)" : residual);
98         if (lname == NULL)
99             return ENOMEM;
100     }
101     if (lname == NULL)
102         return KRB5_LNAME_NOTRANS;
103     *lname_out = lname;
104     return 0;
105 }
106 
107 static krb5_error_code
108 userok_test(krb5_context context, krb5_localauth_moddata data,
109             krb5_const_principal aname, const char *lname)
110 {
111     if (data != NULL) {
112         assert(data->a == 3);
113         assert(data->b == 4);
114     }
115 
116     /* Return success if the number of components in the principal is equal to
117      * the length of the local name. */
118     if ((size_t)aname->length == strlen(lname))
119         return 0;
120 
121     /* Pass control down if the first component is "pass". */
122     if (aname->length >= 1 && data_eq_string(aname->data[0], "pass"))
123         return KRB5_PLUGIN_NO_HANDLE;
124 
125     /* Otherwise reject. */
126     return EPERM;
127 }
128 
129 static void
130 freestr(krb5_context context, krb5_localauth_moddata data, char *str)
131 {
132     free(str);
133 }
134 
135 krb5_error_code
136 localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
137                        krb5_plugin_vtable vtable);
138 krb5_error_code
139 localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
140                        krb5_plugin_vtable vtable);
141 
142 krb5_error_code
143 localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
144                        krb5_plugin_vtable vtable)
145 {
146     krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
147 
148     vt->init = init_test;
149     vt->fini = fini_test;
150     vt->name = "test1";
151     vt->an2ln = an2ln_test;
152     vt->userok = userok_test;
153     vt->free_string = freestr;
154     return 0;
155 }
156 
157 krb5_error_code
158 localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
159                        krb5_plugin_vtable vtable)
160 {
161     krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
162     static const char *types[] = { "TYPEA", "TYPEB", NULL };
163 
164     vt->name = "test2";
165     vt->an2ln_types = types;
166     vt->an2ln = an2ln_test;
167     vt->free_string = freestr;
168     return 0;
169 }
170