2020-09-01 13:32:28 +03:00
/*
* Unix SMB / CIFS implementation .
*
* Copyright ( C ) 2018 - 2019 Andreas Schneider < asn @ samba . org >
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http : //www.gnu.org/licenses/>.
*/
# include <stdarg.h>
# include <stddef.h>
# include <stdint.h>
# include <setjmp.h>
# include <cmocka.h>
# include "lib/replace/replace.h"
# include "auth/credentials/credentials.c"
static int setup_talloc_context ( void * * state )
{
TALLOC_CTX * frame = talloc_stackframe ( ) ;
* state = frame ;
return 0 ;
}
static int teardown_talloc_context ( void * * state )
{
TALLOC_CTX * frame = * state ;
TALLOC_FREE ( frame ) ;
return 0 ;
}
static void torture_creds_init ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
const char * username = NULL ;
const char * domain = NULL ;
const char * password = NULL ;
2020-09-01 14:33:19 +03:00
enum credentials_obtained usr_obtained = CRED_UNINITIALISED ;
2020-09-01 16:36:20 +03:00
enum credentials_obtained pwd_obtained = CRED_UNINITIALISED ;
2020-09-01 13:32:28 +03:00
bool ok ;
creds = cli_credentials_init ( mem_ctx ) ;
assert_non_null ( creds ) ;
assert_null ( creds - > username ) ;
assert_int_equal ( creds - > username_obtained , CRED_UNINITIALISED ) ;
domain = cli_credentials_get_domain ( creds ) ;
assert_null ( domain ) ;
ok = cli_credentials_set_domain ( creds , " WURST " , CRED_SPECIFIED ) ;
assert_true ( ok ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
domain = cli_credentials_get_domain ( creds ) ;
assert_string_equal ( domain , " WURST " ) ;
username = cli_credentials_get_username ( creds ) ;
assert_null ( username ) ;
ok = cli_credentials_set_username ( creds , " brot " , CRED_SPECIFIED ) ;
assert_true ( ok ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
username = cli_credentials_get_username ( creds ) ;
assert_string_equal ( username , " brot " ) ;
2020-09-01 14:33:19 +03:00
username = cli_credentials_get_username_and_obtained ( creds ,
& usr_obtained ) ;
assert_int_equal ( usr_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( username , " brot " ) ;
2020-09-01 13:32:28 +03:00
password = cli_credentials_get_password ( creds ) ;
assert_null ( password ) ;
ok = cli_credentials_set_password ( creds , " SECRET " , CRED_SPECIFIED ) ;
assert_true ( ok ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
password = cli_credentials_get_password ( creds ) ;
assert_string_equal ( password , " SECRET " ) ;
2020-12-10 18:48:16 +03:00
2020-09-01 16:36:20 +03:00
password = cli_credentials_get_password_and_obtained ( creds ,
& pwd_obtained ) ;
assert_int_equal ( pwd_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( password , " SECRET " ) ;
2020-12-10 18:48:16 +03:00
/* Run dump to check it works */
cli_credentials_dump ( creds ) ;
2020-09-01 13:32:28 +03:00
}
static void torture_creds_init_anonymous ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
creds = cli_credentials_init_anon ( mem_ctx ) ;
assert_non_null ( creds ) ;
assert_string_equal ( creds - > domain , " " ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > username , " " ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_null ( creds - > password ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
}
static void torture_creds_guess ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
const char * env_user = getenv ( " USER " ) ;
creds = cli_credentials_init ( mem_ctx ) ;
assert_non_null ( creds ) ;
setenv ( " PASSWD " , " SECRET " , 1 ) ;
cli_credentials_guess ( creds , NULL ) ;
assert_string_equal ( creds - > username , env_user ) ;
assert_int_equal ( creds - > username_obtained , CRED_GUESS_ENV ) ;
assert_string_equal ( creds - > password , " SECRET " ) ;
assert_int_equal ( creds - > password_obtained , CRED_GUESS_ENV ) ;
unsetenv ( " PASSWD " ) ;
}
static void torture_creds_anon_guess ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
creds = cli_credentials_init_anon ( mem_ctx ) ;
assert_non_null ( creds ) ;
setenv ( " PASSWD " , " SECRET " , 1 ) ;
cli_credentials_guess ( creds , NULL ) ;
assert_string_equal ( creds - > username , " " ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_null ( creds - > password ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
unsetenv ( " PASSWD " ) ;
}
static void torture_creds_parse_string ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
creds = cli_credentials_init ( mem_ctx ) ;
assert_non_null ( creds ) ;
/* Anonymous */
cli_credentials_parse_string ( creds , " % " , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > domain , " " ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > username , " " ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_null ( creds - > password ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
/* Username + password */
cli_credentials_parse_string ( creds , " wurst%BROT " , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > domain , " " ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > username , " wurst " ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > password , " BROT " ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
/* Domain + username + password */
cli_credentials_parse_string ( creds , " XXL \\ wurst%BROT " , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > domain , " XXL " ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > username , " wurst " ) ;
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > password , " BROT " ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
/* Principal */
cli_credentials_parse_string ( creds , " wurst@brot.realm " , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > domain , " " ) ;
assert_int_equal ( creds - > domain_obtained , CRED_SPECIFIED ) ;
2020-11-04 20:20:58 +03:00
assert_string_equal ( creds - > username , " wurst@brot.realm " ) ;
2020-09-01 13:32:28 +03:00
assert_int_equal ( creds - > username_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > principal , " wurst@brot.realm " ) ;
assert_int_equal ( creds - > principal_obtained , CRED_SPECIFIED ) ;
assert_string_equal ( creds - > password , " BROT " ) ;
assert_int_equal ( creds - > password_obtained , CRED_SPECIFIED ) ;
}
2020-09-01 14:01:56 +03:00
static void torture_creds_krb5_state ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
struct loadparm_context * lp_ctx = NULL ;
bool ok ;
lp_ctx = loadparm_init_global ( true ) ;
assert_non_null ( lp_ctx ) ;
creds = cli_credentials_init ( mem_ctx ) ;
assert_non_null ( creds ) ;
assert_int_equal ( creds - > kerberos_state_obtained , CRED_UNINITIALISED ) ;
assert_int_equal ( creds - > kerberos_state , CRED_USE_KERBEROS_DESIRED ) ;
2021-04-01 18:02:10 +03:00
ok = cli_credentials_set_conf ( creds , lp_ctx ) ;
assert_true ( ok ) ;
2020-09-01 14:01:56 +03:00
assert_int_equal ( creds - > kerberos_state_obtained , CRED_SMB_CONF ) ;
assert_int_equal ( creds - > kerberos_state , CRED_USE_KERBEROS_DESIRED ) ;
cli_credentials_guess ( creds , lp_ctx ) ;
assert_int_equal ( creds - > kerberos_state_obtained , CRED_SMB_CONF ) ;
assert_int_equal ( creds - > kerberos_state , CRED_USE_KERBEROS_DESIRED ) ;
assert_int_equal ( creds - > ccache_obtained , CRED_GUESS_FILE ) ;
assert_non_null ( creds - > ccache ) ;
ok = cli_credentials_set_kerberos_state ( creds ,
CRED_USE_KERBEROS_REQUIRED ,
CRED_SPECIFIED ) ;
assert_true ( ok ) ;
assert_int_equal ( creds - > kerberos_state_obtained , CRED_SPECIFIED ) ;
assert_int_equal ( creds - > kerberos_state , CRED_USE_KERBEROS_REQUIRED ) ;
ok = cli_credentials_set_kerberos_state ( creds ,
CRED_USE_KERBEROS_DISABLED ,
CRED_SMB_CONF ) ;
assert_false ( ok ) ;
assert_int_equal ( creds - > kerberos_state_obtained , CRED_SPECIFIED ) ;
assert_int_equal ( creds - > kerberos_state , CRED_USE_KERBEROS_REQUIRED ) ;
}
2020-09-01 14:28:12 +03:00
static void torture_creds_gensec_feature ( void * * state )
{
TALLOC_CTX * mem_ctx = * state ;
struct cli_credentials * creds = NULL ;
bool ok ;
creds = cli_credentials_init ( mem_ctx ) ;
assert_non_null ( creds ) ;
assert_int_equal ( creds - > gensec_features_obtained , CRED_UNINITIALISED ) ;
assert_int_equal ( creds - > gensec_features , 0 ) ;
ok = cli_credentials_set_gensec_features ( creds ,
GENSEC_FEATURE_SIGN ,
CRED_SPECIFIED ) ;
assert_true ( ok ) ;
assert_int_equal ( creds - > gensec_features_obtained , CRED_SPECIFIED ) ;
assert_int_equal ( creds - > gensec_features , GENSEC_FEATURE_SIGN ) ;
ok = cli_credentials_set_gensec_features ( creds ,
GENSEC_FEATURE_SEAL ,
CRED_SMB_CONF ) ;
assert_false ( ok ) ;
assert_int_equal ( creds - > gensec_features_obtained , CRED_SPECIFIED ) ;
assert_int_equal ( creds - > gensec_features , GENSEC_FEATURE_SIGN ) ;
}
2020-09-01 13:32:28 +03:00
int main ( int argc , char * argv [ ] )
{
int rc ;
const struct CMUnitTest tests [ ] = {
cmocka_unit_test ( torture_creds_init ) ,
cmocka_unit_test ( torture_creds_init_anonymous ) ,
cmocka_unit_test ( torture_creds_guess ) ,
cmocka_unit_test ( torture_creds_anon_guess ) ,
cmocka_unit_test ( torture_creds_parse_string ) ,
2020-09-01 14:01:56 +03:00
cmocka_unit_test ( torture_creds_krb5_state ) ,
2020-09-01 14:28:12 +03:00
cmocka_unit_test ( torture_creds_gensec_feature ) ,
2020-09-01 13:32:28 +03:00
} ;
if ( argc = = 2 ) {
cmocka_set_test_filter ( argv [ 1 ] ) ;
}
cmocka_set_message_output ( CM_OUTPUT_SUBUNIT ) ;
rc = cmocka_run_group_tests ( tests ,
setup_talloc_context ,
teardown_talloc_context ) ;
return rc ;
}