2025-01-10 01:18:15 +03:00 · 2020-09-01 12:32:28 +02:00 · 2020-09-01 12:32:28 +02:00 · 1a92994a95
commit 1a92994a95
parent 1298280a22
5 changed files with 230 additions and 2 deletions
--- a/auth/credentials/tests/test_creds.c
+++ b/auth/credentials/tests/test_creds.c
@ -0,0 +1,221 @@
+/*
+ * Unix SMB/CIFS implementation.
+ *
+ * Copyright (C) 2018-2019 Andreas Schneider <asn@samba.org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <setjmp.h>
+#include <cmocka.h>
+
+#include "lib/replace/replace.h"
+#include "auth/credentials/credentials.c"
+
+static int setup_talloc_context(void **state)
+{
+	TALLOC_CTX *frame = talloc_stackframe();
+
+	*state = frame;
+	return 0;
+}
+
+static int teardown_talloc_context(void **state)
+{
+	TALLOC_CTX *frame = *state;
+	TALLOC_FREE(frame);
+	return 0;
+}
+
+static void torture_creds_init(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct cli_credentials *creds = NULL;
+	const char *username = NULL;
+	const char *domain = NULL;
+	const char *password = NULL;
+	bool ok;
+
+	creds = cli_credentials_init(mem_ctx);
+	assert_non_null(creds);
+	assert_null(creds->username);
+	assert_int_equal(creds->username_obtained, CRED_UNINITIALISED);
+
+	domain = cli_credentials_get_domain(creds);
+	assert_null(domain);
+	ok = cli_credentials_set_domain(creds, "WURST", CRED_SPECIFIED);
+	assert_true(ok);
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+	domain = cli_credentials_get_domain(creds);
+	assert_string_equal(domain, "WURST");
+
+	username = cli_credentials_get_username(creds);
+	assert_null(username);
+	ok = cli_credentials_set_username(creds, "brot", CRED_SPECIFIED);
+	assert_true(ok);
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+	username = cli_credentials_get_username(creds);
+	assert_string_equal(username, "brot");
+
+	password = cli_credentials_get_password(creds);
+	assert_null(password);
+	ok = cli_credentials_set_password(creds, "SECRET", CRED_SPECIFIED);
+	assert_true(ok);
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+	password = cli_credentials_get_password(creds);
+	assert_string_equal(password, "SECRET");
+}
+
+static void torture_creds_init_anonymous(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct cli_credentials *creds = NULL;
+
+	creds = cli_credentials_init_anon(mem_ctx);
+	assert_non_null(creds);
+
+	assert_string_equal(creds->domain, "");
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->username, "");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_null(creds->password);
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+}
+
+static void torture_creds_guess(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct cli_credentials *creds = NULL;
+	const char *env_user = getenv("USER");
+
+	creds = cli_credentials_init(mem_ctx);
+	assert_non_null(creds);
+
+	setenv("PASSWD", "SECRET", 1);
+	cli_credentials_guess(creds, NULL);
+
+	assert_string_equal(creds->username, env_user);
+	assert_int_equal(creds->username_obtained, CRED_GUESS_ENV);
+
+	assert_string_equal(creds->password, "SECRET");
+	assert_int_equal(creds->password_obtained, CRED_GUESS_ENV);
+	unsetenv("PASSWD");
+}
+
+static void torture_creds_anon_guess(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct cli_credentials *creds = NULL;
+
+	creds = cli_credentials_init_anon(mem_ctx);
+	assert_non_null(creds);
+
+	setenv("PASSWD", "SECRET", 1);
+	cli_credentials_guess(creds, NULL);
+
+	assert_string_equal(creds->username, "");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_null(creds->password);
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+	unsetenv("PASSWD");
+}
+
+static void torture_creds_parse_string(void **state)
+{
+	TALLOC_CTX *mem_ctx = *state;
+	struct cli_credentials *creds = NULL;
+
+	creds = cli_credentials_init(mem_ctx);
+	assert_non_null(creds);
+
+	/* Anonymous */
+	cli_credentials_parse_string(creds, "%", CRED_SPECIFIED);
+
+	assert_string_equal(creds->domain, "");
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->username, "");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_null(creds->password);
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+
+	/* Username + password */
+	cli_credentials_parse_string(creds, "wurst%BROT", CRED_SPECIFIED);
+
+	assert_string_equal(creds->domain, "");
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->username, "wurst");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->password, "BROT");
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+
+	/* Domain + username + password */
+	cli_credentials_parse_string(creds, "XXL\\wurst%BROT", CRED_SPECIFIED);
+
+	assert_string_equal(creds->domain, "XXL");
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->username, "wurst");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->password, "BROT");
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+
+	/* Principal */
+	cli_credentials_parse_string(creds, "wurst@brot.realm", CRED_SPECIFIED);
+
+	assert_string_equal(creds->domain, "");
+	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->username, "wurst@brot.realm");
+	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->principal, "wurst@brot.realm");
+	assert_int_equal(creds->principal_obtained, CRED_SPECIFIED);
+
+	assert_string_equal(creds->password, "BROT");
+	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
+}
+
+int main(int argc, char *argv[])
+{
+	int rc;
+	const struct CMUnitTest tests[] = {
+		cmocka_unit_test(torture_creds_init),
+		cmocka_unit_test(torture_creds_init_anonymous),
+		cmocka_unit_test(torture_creds_guess),
+		cmocka_unit_test(torture_creds_anon_guess),
+		cmocka_unit_test(torture_creds_parse_string),
+	};
+
+	if (argc == 2) {
+		cmocka_set_test_filter(argv[1]);
+	}
+	cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
+
+	rc = cmocka_run_group_tests(tests,
+				    setup_talloc_context,
+				    teardown_talloc_context);
+
+	return rc;
+}
--- a/auth/credentials/wscript_build
+++ b/auth/credentials/wscript_build
@ -31,3 +31,9 @@ bld.SAMBA_PYTHON('pycredentials',
    public_deps='samba-credentials cmdline-credentials %s %s CREDENTIALS_KRB5 CREDENTIALS_SECRETS' % (pytalloc_util, pyparam_util),
    realname='samba/credentials.so'
 )
+
+bld.SAMBA_BINARY('test_creds',
+                 source='tests/test_creds.c',
+                 deps='cmocka samba-credentials',
+                 local_include=False,
+                 for_selftest=True)
--- a/selftest/tests.py
+++ b/selftest/tests.py
@ -418,3 +418,5 @@ plantestsuite("samba.unittests.test_oLschema2ldif", "none",
 if with_elasticsearch_backend:
    plantestsuite("samba.unittests.mdsparser_es", "none",
                  [os.path.join(bindir(), "default/source3/test_mdsparser_es")] + [configuration])
+plantestsuite("samba.unittests.credentials", "none",
+              [os.path.join(bindir(), "default/auth/credentials/test_creds")])
--- a/source4/torture/local/local.c
+++ b/source4/torture/local/local.c
@ -70,7 +70,6 @@
 	torture_local_tevent_req,
 	torture_local_torture,
 	torture_local_dbspeed, 
-	torture_local_credentials,
 	torture_ldb,
 	torture_dsdb_dn,
 	torture_dsdb_syntax,
--- a/source4/torture/local/wscript_build
+++ b/source4/torture/local/wscript_build
@ -16,7 +16,7 @@ TORTURE_LOCAL_SOURCE = '''../../../lib/util/charset/tests/iconv.c
 	../../libcli/security/tests/sddl.c ../../../lib/tdr/testsuite.c
 	../../../lib/tevent/testsuite.c ../../param/tests/share.c
        ../../../lib/tevent/test_req.c
-	../../param/tests/loadparm.c ../../../auth/credentials/tests/simple.c local.c
+	../../param/tests/loadparm.c local.c
 	dbspeed.c torture.c ../ldb/ldb.c ../../dsdb/common/tests/dsdb_dn.c
 	../../dsdb/schema/tests/schema_syntax.c
 	../../../lib/util/tests/anonymous_shared.c