1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2
/* plugins/localauth/test/main.c - test modules for localauth interface */
3
/*
4
 * Copyright (C) 2013 by the Massachusetts Institute of Technology.
5
 * All rights reserved.
6
 *
7
 * Redistribution and use in source and binary forms, with or without
8
 * modification, are permitted provided that the following conditions
9
 * are met:
10
 *
11
 * * Redistributions of source code must retain the above copyright
12
 *   notice, this list of conditions and the following disclaimer.
13
 *
14
 * * Redistributions in binary form must reproduce the above copyright
15
 *   notice, this list of conditions and the following disclaimer in
16
 *   the documentation and/or other materials provided with the
17
 *   distribution.
18
 *
19
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
20
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
21
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
22
 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
23
 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
24
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25
 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
26
 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
28
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
30
 * OF THE POSSIBILITY OF SUCH DAMAGE.
31
 */
32

33
/* This file implements two testing localauth modules, each implementing
34
 * clearly recognizable behavior for the localauth test script. */
35

36
#include "k5-int.h"
37
#include <krb5/localauth_plugin.h>
38

39
struct krb5_localauth_moddata_st {
40
    int a;
41
    int b;
42
};
43

44
static krb5_error_code
45
init_test(krb5_context context, krb5_localauth_moddata *data_out)
46
{
47
    krb5_localauth_moddata d;
48

49
    *data_out = NULL;
50
    d = malloc(sizeof(*d));
51
    if (d == NULL)
52
        return ENOMEM;
53
    d->a = 3;
54
    d->b = 4;
55
    *data_out = d;
56
    return 0;
57
}
58

59
static void
60
fini_test(krb5_context context, krb5_localauth_moddata data)
61
{
62
    assert(data->a == 3);
63
    assert(data->b == 4);
64
    free(data);
65
}
66

67
static krb5_error_code
68
an2ln_test(krb5_context context, krb5_localauth_moddata data, const char *type,
69
           const char *residual, krb5_const_principal aname, char **lname_out)
70
{
71
    krb5_error_code ret;
72
    char *lname = NULL;
73

74
    *lname_out = NULL;
75
    if (data != NULL) {
76
        assert(data->a == 3);
77
        assert(data->b == 4);
78
    }
79
    if (type == NULL) {
80
        /* Map any three-component test/___/___ principal to its realm name. */
81
        if (aname->length == 3 && data_eq_string(aname->data[0], "test")) {
82
            lname = k5memdup0(aname->realm.data, aname->realm.length, &ret);
83
            if (lname == NULL)
84
                return ret;
85
        }
86
    } else if (strcmp(type, "TYPEA") == 0) {
87
        /* Map any two-component principal to its second component. */
88
        if (aname->length == 2) {
89
            lname = k5memdup0(aname->data[1].data, aname->data[1].length,
90
                              &ret);
91
            if (lname == NULL)
92
                return ret;
93
        }
94
    } else {
95
        assert(strcmp(type, "TYPEB") == 0);
96
        /* Map to the residual string. */
97
        lname = strdup(residual == NULL ? "(null)" : residual);
98
        if (lname == NULL)
99
            return ENOMEM;
100
    }
101
    if (lname == NULL)
102
        return KRB5_LNAME_NOTRANS;
103
    *lname_out = lname;
104
    return 0;
105
}
106

107
static krb5_error_code
108
userok_test(krb5_context context, krb5_localauth_moddata data,
109
            krb5_const_principal aname, const char *lname)
110
{
111
    if (data != NULL) {
112
        assert(data->a == 3);
113
        assert(data->b == 4);
114
    }
115

116
    /* Return success if the number of components in the principal is equal to
117
     * the length of the local name. */
118
    if ((size_t)aname->length == strlen(lname))
119
        return 0;
120

121
    /* Pass control down if the first component is "pass". */
122
    if (aname->length >= 1 && data_eq_string(aname->data[0], "pass"))
123
        return KRB5_PLUGIN_NO_HANDLE;
124

125
    /* Otherwise reject. */
126
    return EPERM;
127
}
128

129
static void
130
freestr(krb5_context context, krb5_localauth_moddata data, char *str)
131
{
132
    free(str);
133
}
134

135
krb5_error_code
136
localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
137
                       krb5_plugin_vtable vtable);
138
krb5_error_code
139
localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
140
                       krb5_plugin_vtable vtable);
141

142
krb5_error_code
143
localauth_test1_initvt(krb5_context context, int maj_ver, int min_ver,
144
                       krb5_plugin_vtable vtable)
145
{
146
    krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
147

148
    vt->init = init_test;
149
    vt->fini = fini_test;
150
    vt->name = "test1";
151
    vt->an2ln = an2ln_test;
152
    vt->userok = userok_test;
153
    vt->free_string = freestr;
154
    return 0;
155
}
156

157
krb5_error_code
158
localauth_test2_initvt(krb5_context context, int maj_ver, int min_ver,
159
                       krb5_plugin_vtable vtable)
160
{
161
    krb5_localauth_vtable vt = (krb5_localauth_vtable)vtable;
162
    static const char *types[] = { "TYPEA", "TYPEB", NULL };
163

164
    vt->name = "test2";
165
    vt->an2ln_types = types;
166
    vt->an2ln = an2ln_test;
167
    vt->free_string = freestr;
168
    return 0;
169
}
170

171