samba-mirror/test_creds.c at aa0d17a79bc8da8d19c317f5f85b84a3fa4d16c5

mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

Andreas Schneider 9f786df2a2 auth:creds: Return bool for cli_credentials_guess()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

2021-06-29 02:19:35 +00:00

312 lines

9.3 KiB

C

Raw Blame History

 /*
  * Unix SMB/CIFS implementation.
  *
  * Copyright (C) 2018-2019 Andreas Schneider <asn@samba.org>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 #include <stdarg.h>
 #include <stddef.h>
 #include <stdint.h>
 #include <setjmp.h>
 #include <cmocka.h>
 #include "lib/replace/replace.h"
 #include "auth/credentials/credentials.c"
 static int setup_talloc_context(void **state)
 {
 	TALLOC_CTX *frame = talloc_stackframe();
 	*state = frame;
 	return 0;
 }
 static int teardown_talloc_context(void **state)
 {
 	TALLOC_CTX *frame = *state;
 	TALLOC_FREE(frame);
 	return 0;
 }
 static void torture_creds_init(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	const char *username = NULL;
 	const char *domain = NULL;
 	const char *password = NULL;
 	enum credentials_obtained usr_obtained = CRED_UNINITIALISED;
 	enum credentials_obtained pwd_obtained = CRED_UNINITIALISED;
 	bool ok;
 	creds = cli_credentials_init(mem_ctx);
 	assert_non_null(creds);
 	assert_null(creds->username);
 	assert_int_equal(creds->username_obtained, CRED_UNINITIALISED);
 	domain = cli_credentials_get_domain(creds);
 	assert_null(domain);
 	ok = cli_credentials_set_domain(creds, "WURST", CRED_SPECIFIED);
 	assert_true(ok);
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	domain = cli_credentials_get_domain(creds);
 	assert_string_equal(domain, "WURST");
 	username = cli_credentials_get_username(creds);
 	assert_null(username);
 	ok = cli_credentials_set_username(creds, "brot", CRED_SPECIFIED);
 	assert_true(ok);
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	username = cli_credentials_get_username(creds);
 	assert_string_equal(username, "brot");
 	username = cli_credentials_get_username_and_obtained(creds,
 							     &usr_obtained);
 	assert_int_equal(usr_obtained, CRED_SPECIFIED);
 	assert_string_equal(username, "brot");
 	password = cli_credentials_get_password(creds);
 	assert_null(password);
 	ok = cli_credentials_set_password(creds, "SECRET", CRED_SPECIFIED);
 	assert_true(ok);
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 	password = cli_credentials_get_password(creds);
 	assert_string_equal(password, "SECRET");
 	password = cli_credentials_get_password_and_obtained(creds,
 							     &pwd_obtained);
 	assert_int_equal(pwd_obtained, CRED_SPECIFIED);
 	assert_string_equal(password, "SECRET");
 	/* Run dump to check it works */
 	cli_credentials_dump(creds);
 }
 static void torture_creds_init_anonymous(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	creds = cli_credentials_init_anon(mem_ctx);
 	assert_non_null(creds);
 	assert_string_equal(creds->domain, "");
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->username, "");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_null(creds->password);
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 }
 static void torture_creds_guess(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	const char *env_user = getenv("USER");
 	bool ok;
 	creds = cli_credentials_init(mem_ctx);
 	assert_non_null(creds);
 	setenv("PASSWD", "SECRET", 1);
 	ok = cli_credentials_guess(creds, NULL);
 	assert_true(ok);
 	assert_string_equal(creds->username, env_user);
 	assert_int_equal(creds->username_obtained, CRED_GUESS_ENV);
 	assert_string_equal(creds->password, "SECRET");
 	assert_int_equal(creds->password_obtained, CRED_GUESS_ENV);
 	unsetenv("PASSWD");
 }
 static void torture_creds_anon_guess(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	bool ok;
 	creds = cli_credentials_init_anon(mem_ctx);
 	assert_non_null(creds);
 	setenv("PASSWD", "SECRET", 1);
 	ok = cli_credentials_guess(creds, NULL);
 	assert_true(ok);
 	assert_string_equal(creds->username, "");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_null(creds->password);
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 	unsetenv("PASSWD");
 }
 static void torture_creds_parse_string(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	creds = cli_credentials_init(mem_ctx);
 	assert_non_null(creds);
 	/* Anonymous */
 	cli_credentials_parse_string(creds, "%", CRED_SPECIFIED);
 	assert_string_equal(creds->domain, "");
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->username, "");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_null(creds->password);
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 	/* Username + password */
 	cli_credentials_parse_string(creds, "wurst%BROT", CRED_SPECIFIED);
 	assert_string_equal(creds->domain, "");
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->username, "wurst");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->password, "BROT");
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 	/* Domain + username + password */
 	cli_credentials_parse_string(creds, "XXL\\wurst%BROT", CRED_SPECIFIED);
 	assert_string_equal(creds->domain, "XXL");
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->username, "wurst");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->password, "BROT");
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 	/* Principal */
 	cli_credentials_parse_string(creds, "wurst@brot.realm", CRED_SPECIFIED);
 	assert_string_equal(creds->domain, "");
 	assert_int_equal(creds->domain_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->username, "wurst@brot.realm");
 	assert_int_equal(creds->username_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->principal, "wurst@brot.realm");
 	assert_int_equal(creds->principal_obtained, CRED_SPECIFIED);
 	assert_string_equal(creds->password, "BROT");
 	assert_int_equal(creds->password_obtained, CRED_SPECIFIED);
 }
 static void torture_creds_krb5_state(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	struct loadparm_context *lp_ctx = NULL;
 	bool ok;
 	lp_ctx = loadparm_init_global(true);
 	assert_non_null(lp_ctx);
 	creds = cli_credentials_init(mem_ctx);
 	assert_non_null(creds);
 	assert_int_equal(creds->kerberos_state_obtained, CRED_UNINITIALISED);
 	assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
 	ok = cli_credentials_set_conf(creds, lp_ctx);
 	assert_true(ok);
 	assert_int_equal(creds->kerberos_state_obtained, CRED_SMB_CONF);
 	assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
 	ok = cli_credentials_guess(creds, lp_ctx);
 	assert_true(ok);
 	assert_int_equal(creds->kerberos_state_obtained, CRED_SMB_CONF);
 	assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_DESIRED);
 	assert_int_equal(creds->ccache_obtained, CRED_GUESS_FILE);
 	assert_non_null(creds->ccache);
 	ok = cli_credentials_set_kerberos_state(creds,
 						CRED_USE_KERBEROS_REQUIRED,
 						CRED_SPECIFIED);
 	assert_true(ok);
 	assert_int_equal(creds->kerberos_state_obtained, CRED_SPECIFIED);
 	assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_REQUIRED);
 	ok = cli_credentials_set_kerberos_state(creds,
 						CRED_USE_KERBEROS_DISABLED,
 						CRED_SMB_CONF);
 	assert_false(ok);
 	assert_int_equal(creds->kerberos_state_obtained, CRED_SPECIFIED);
 	assert_int_equal(creds->kerberos_state, CRED_USE_KERBEROS_REQUIRED);
 }
 static void torture_creds_gensec_feature(void **state)
 {
 	TALLOC_CTX *mem_ctx = *state;
 	struct cli_credentials *creds = NULL;
 	bool ok;
 	creds = cli_credentials_init(mem_ctx);
 	assert_non_null(creds);
 	assert_int_equal(creds->gensec_features_obtained, CRED_UNINITIALISED);
 	assert_int_equal(creds->gensec_features, 0);
 	ok = cli_credentials_set_gensec_features(creds,
 						 GENSEC_FEATURE_SIGN,
 						 CRED_SPECIFIED);
 	assert_true(ok);
 	assert_int_equal(creds->gensec_features_obtained, CRED_SPECIFIED);
 	assert_int_equal(creds->gensec_features, GENSEC_FEATURE_SIGN);
 	ok = cli_credentials_set_gensec_features(creds,
 						 GENSEC_FEATURE_SEAL,
 						 CRED_SMB_CONF);
 	assert_false(ok);
 	assert_int_equal(creds->gensec_features_obtained, CRED_SPECIFIED);
 	assert_int_equal(creds->gensec_features, GENSEC_FEATURE_SIGN);
 }
 int main(int argc, char *argv[])
 {
 	int rc;
 	const struct CMUnitTest tests[] = {
 		cmocka_unit_test(torture_creds_init),
 		cmocka_unit_test(torture_creds_init_anonymous),
 		cmocka_unit_test(torture_creds_guess),
 		cmocka_unit_test(torture_creds_anon_guess),
 		cmocka_unit_test(torture_creds_parse_string),
 		cmocka_unit_test(torture_creds_krb5_state),
 		cmocka_unit_test(torture_creds_gensec_feature),
 	};
 	if (argc == 2) {
 		cmocka_set_test_filter(argv[1]);
 	}
 	cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
 	rc = cmocka_run_group_tests(tests,
 				    setup_talloc_context,
 				    teardown_talloc_context);
 	return rc;
 }

312 lines 9.3 KiB C Raw Blame History

312 lines

9.3 KiB

C

Raw Blame History