Browse code
stash
Showing 6 changed files
... | ... |
@@ -71,69 +71,3 @@ conversation create_conversation (pam &pam) |
71 | 71 |
{ |
72 | 72 |
return conversation (std::shared_ptr<conversation_ifc> (new impl (pam))); |
73 | 73 |
} |
74 |
- |
|
75 |
-/* |
|
76 |
-int (*conv)(int num_msg, const struct pam_message **msg, |
|
77 |
- struct pam_response **resp, void *appdata_ptr) |
|
78 |
- */ |
|
79 |
- |
|
80 |
-/* |
|
81 |
-pam_token_conversation::pam_token_conversation (pam_handle_t *pamh, |
|
82 |
- const pam_p pam) |
|
83 |
-{ |
|
84 |
- pam_conversation_p pam_conversation; |
|
85 |
- int get_conversation_result = pam->get_conversation (pamh, |
|
86 |
- pam_conversation); |
|
87 |
- |
|
88 |
- if (get_conversation_result != 0) { |
|
89 |
- return; |
|
90 |
- } |
|
91 |
- |
|
92 |
- struct pam_message prompt; |
|
93 |
- |
|
94 |
- std::string message ("Dual control token: "); |
|
95 |
- |
|
96 |
- prompt.msg = const_cast<char *> (message.c_str()); |
|
97 |
- |
|
98 |
- prompt.msg_style = PAM_PROMPT_ECHO_OFF; |
|
99 |
- |
|
100 |
- std::vector<const struct pam_message *> prompts (1); |
|
101 |
- |
|
102 |
- prompts[0] = &prompt; |
|
103 |
- |
|
104 |
- std::vector<struct pam_response *> answers (1); |
|
105 |
- |
|
106 |
- int conversation_result = pam_conversation->conv (prompts, answers); |
|
107 |
- |
|
108 |
- if (conversation_result) { |
|
109 |
- return; |
|
110 |
- } |
|
111 |
- |
|
112 |
- if (answers[0]->resp_retcode) { |
|
113 |
- return; |
|
114 |
- } |
|
115 |
- |
|
116 |
- std::string answer (answers[0]->resp); |
|
117 |
- std::string::iterator delim = std::find (answer.begin(), answer.end(), ':'); |
|
118 |
- |
|
119 |
- if (delim == answer.end()) { |
|
120 |
- return; |
|
121 |
- } |
|
122 |
- |
|
123 |
- std::string user_name (answer.begin(), delim); |
|
124 |
- std::string token (delim + 1, answer.end()); |
|
125 |
- user_ = user_name; |
|
126 |
- token_ = token; |
|
127 |
-} |
|
128 |
- |
|
129 |
-std::string pam_token_conversation::token() |
|
130 |
-{ |
|
131 |
- return token_; |
|
132 |
-} |
|
133 |
- |
|
134 |
-std::string pam_token_conversation::user_name() |
|
135 |
-{ |
|
136 |
- return user_; |
|
137 |
-} |
|
138 |
-*/ |
|
139 |
- |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
/* Copyright (C) CJ Affiliate |
2 | 2 |
* |
3 | 3 |
* You may use, distribute and modify this code under the |
4 |
- * terms of the GNU General Public License version 2 or |
|
4 |
+ * terms of the GNU General Public License version 2 or |
|
5 | 5 |
* later. |
6 | 6 |
* |
7 | 7 |
* You should have received a copy of the license with this |
... | ... |
@@ -9,17 +9,23 @@ |
9 | 9 |
* at https://github.com/cjdev/dual-control. |
10 | 10 |
*/ |
11 | 11 |
|
12 |
-#include <cstdlib> |
|
13 |
-#include <cstring> |
|
14 |
-#include <security/pam_modules.h> |
|
15 |
-#include <pwd.h> |
|
16 |
-#include <unistd.h> |
|
17 |
-#include <cstdio> |
|
18 |
-#include <sys/stat.h> |
|
19 | 12 |
#include <string> |
20 | 13 |
#include <vector> |
21 | 14 |
#include <memory> |
22 |
-#include <fstream> |
|
23 | 15 |
|
24 |
-#include "test_support.h" |
|
16 |
+#include "token.h" |
|
17 |
+#include "user.h" |
|
25 | 18 |
|
19 |
+namespace |
|
20 |
+{ |
|
21 |
+ class impl : public user_token_supplier_ifc { |
|
22 |
+ private: |
|
23 |
+ file_reader file_reader_; |
|
24 |
+ public: |
|
25 |
+ impl(file_reader &file_reader) : file_reader_(file_reader) {} |
|
26 |
+ std::string token(user &user) { |
|
27 |
+ std::string filepath = user.home_directory() + "/" + ".dual_control"; |
|
28 |
+ file_reader_.read(filepath); |
|
29 |
+ } |
|
30 |
+ }; |
|
31 |
+} |
... | ... |
@@ -27,18 +27,25 @@ public: |
27 | 27 |
|
28 | 28 |
class user_token_supplier : public user_token_supplier_ifc |
29 | 29 |
{ |
30 |
-private: |
|
31 |
- std::shared_ptr<user_token_supplier_ifc> delegate_; |
|
32 |
-public: |
|
33 |
- user_token_supplier (std::shared_ptr<user_token_supplier_ifc> delegate) : |
|
30 |
+ public: |
|
31 |
+ typedef std::shared_ptr<user_token_supplier_ifc> delegate; |
|
32 |
+ private: |
|
33 |
+ delegate delegate_; |
|
34 |
+ public: |
|
35 |
+ user_token_supplier (delegate delegate) : |
|
34 | 36 |
delegate_ (delegate) {} |
35 |
- user_token_supplier() : user_token_supplier ( |
|
36 |
- std::shared_ptr<user_token_supplier_ifc> (new user_token_supplier_ifc)) {} |
|
37 |
- std::string token (const user &user) |
|
38 |
- { |
|
39 |
- return delegate_->token (user); |
|
40 |
- } |
|
37 |
+ user_token_supplier() : user_token_supplier ( |
|
38 |
+ delegate (new user_token_supplier_ifc)) {} |
|
39 |
+ std::string token (const user &user) |
|
40 |
+ { |
|
41 |
+ return delegate_->token (user); |
|
42 |
+ } |
|
41 | 43 |
}; |
42 | 44 |
|
45 |
+class file_reader_ifc { |
|
46 |
+ public: |
|
47 |
+ std::string read( |
|
48 |
+} |
|
49 |
+ |
|
43 | 50 |
#endif |
44 | 51 |
|
... | ... |
@@ -17,121 +17,11 @@ |
17 | 17 |
#include "token.h" |
18 | 18 |
#include "test_util.h" |
19 | 19 |
|
20 |
-const char *fake_user = ""; |
|
21 |
-const char *fake_user_token = ""; |
|
22 | 20 |
|
23 |
-// all the fake system calls |
|
24 |
-const char *fake_home_dir = ""; |
|
25 |
-int fake_getpwnam_r (const char *nam, struct passwd *pwd, char *buffer, |
|
26 |
- size_t bufsize, struct passwd **result) |
|
27 |
-{ |
|
28 |
- strcpy (buffer, fake_home_dir); |
|
29 |
- pwd->pw_dir = buffer; |
|
30 |
- int ok = !strcmp (nam, fake_user); |
|
31 |
- *result = ok ? pwd : 0; |
|
32 |
- return !ok; |
|
33 |
-} |
|
34 | 21 |
|
35 |
-const char *fake_stat_path = ""; |
|
36 |
-int fake_stat (const char *path, struct stat *stat) |
|
37 |
-{ |
|
38 |
- return (strcmp (fake_stat_path, path)); |
|
39 |
-} |
|
40 | 22 |
|
41 |
-const char *fake_fopen_path = ""; |
|
42 |
-const char *fake_fopen_mode = ""; |
|
43 |
-FILE *_fhandle = 0; |
|
44 |
-FILE *fake_fopen (const char *path, const char *mode) |
|
45 |
-{ |
|
46 |
- static FILE handle; |
|
47 |
- int path_matches = !strcmp (fake_fopen_path, path); |
|
48 |
- int mode_matches = !strcmp (fake_fopen_mode, mode); |
|
49 |
- |
|
50 |
- if (path_matches && mode_matches) { |
|
51 |
- _fhandle = &handle; |
|
52 |
- return &handle; |
|
53 |
- } else { |
|
54 |
- _fhandle = 0; |
|
55 |
- return 0; |
|
56 |
- } |
|
57 |
-} |
|
58 |
- |
|
59 |
-char *fake_fgets (char *buf, int n, FILE *fp) |
|
60 |
-{ |
|
61 |
- if (_fhandle == fp && fp != 0) { |
|
62 |
- strncpy (buf, fake_user_token, n - 1); |
|
63 |
- return buf; |
|
64 |
- } else { |
|
65 |
- return 0; |
|
66 |
- } |
|
67 |
-} |
|
68 |
- |
|
69 |
-int fake_fclose (FILE *fp) |
|
70 |
-{ |
|
71 |
- return 0; |
|
72 |
-} |
|
73 |
- |
|
74 |
-// STDIO |
|
75 | 23 |
|
76 | 24 |
RESET_VARS_START |
77 |
-fake_user = "msmith"; |
|
78 |
-fake_user_token = "123456"; |
|
79 |
-fake_home_dir = "/home/msmith"; |
|
80 |
-fake_stat_path = "/home/msmith/.dual_control"; |
|
81 |
-fake_fopen_path = fake_stat_path; |
|
82 |
-fake_fopen_mode = "r"; |
|
83 | 25 |
RESET_VARS_END |
84 | 26 |
|
85 |
-int validate_compares_to_user_token() |
|
86 |
-{ |
|
87 |
- |
|
88 |
- // given |
|
89 |
- |
|
90 |
- // when |
|
91 |
- int valid = validate_token ("msmith", "123456"); |
|
92 |
- |
|
93 |
- // then |
|
94 |
- check (valid, "expected result to be valid"); |
|
95 |
- |
|
96 |
- succeed(); |
|
97 |
- |
|
98 |
-} |
|
99 |
- |
|
100 |
-int validates_from_the_right_user() |
|
101 |
-{ |
|
102 |
- //given |
|
103 |
- |
|
104 |
- //when |
|
105 |
- int valid = validate_token ("jbalcita", "12346"); |
|
106 |
- |
|
107 |
- //then |
|
108 |
- check (!valid, "expected result to be invalid"); |
|
109 |
- succeed(); |
|
110 |
-} |
|
111 |
- |
|
112 |
-int validates_user_specific_token() |
|
113 |
-{ |
|
114 |
- //given |
|
115 |
- |
|
116 |
- //when |
|
117 |
- int valid = validate_token ("msmith", "654321"); |
|
118 |
- |
|
119 |
- //then |
|
120 |
- check (!valid, "expected result to be invalid"); |
|
121 |
- succeed(); |
|
122 |
-} |
|
123 |
- |
|
124 |
-int runtests() |
|
125 |
-{ |
|
126 |
- test (validate_compares_to_user_token); |
|
127 |
- test (validates_from_the_right_user); |
|
128 |
- test (validates_user_specific_token); |
|
129 |
- succeed(); |
|
130 |
-} |
|
131 |
- |
|
132 |
-int main (int argc, char **argv) |
|
133 |
-{ |
|
134 |
- int rval = !runtests(); |
|
135 |
- return rval; |
|
136 |
-} |
|
137 | 27 |
|
... | ... |
@@ -18,6 +18,20 @@ |
18 | 18 |
|
19 | 19 |
namespace |
20 | 20 |
{ |
21 |
+ |
|
22 |
+class user_impl : public user_ifc { |
|
23 |
+ private: |
|
24 |
+ std::string home_directory_; |
|
25 |
+ std::string user_name_; |
|
26 |
+ public: |
|
27 |
+ user_impl(const passwd user_info) : |
|
28 |
+ home_directory_(std::string(user_info.pw_dir)), |
|
29 |
+ user_name_(std::string(user_info.pw_name)) {} |
|
30 |
+ std::string home_directory() { |
|
31 |
+ return home_directory_; |
|
32 |
+ } |
|
33 |
+}; |
|
34 |
+ |
|
21 | 35 |
class directory_impl : public directory_ifc |
22 | 36 |
{ |
23 | 37 |
private: |
... | ... |
@@ -35,7 +49,7 @@ public: |
35 | 49 |
std::vector<user> return_value; |
36 | 50 |
|
37 | 51 |
if (!result && found_passwd) { |
38 |
- return_value.push_back (user()); |
|
52 |
+ return_value.push_back (std::shared_ptr<user_ifc>(new user_impl(sys_passwd))); |
|
39 | 53 |
} |
40 | 54 |
|
41 | 55 |
return return_value; |
... | ... |
@@ -22,15 +22,18 @@ class user_ifc |
22 | 22 |
{ |
23 | 23 |
public: |
24 | 24 |
virtual ~user_ifc() {} |
25 |
+ virtual std::string home_directory(); |
|
25 | 26 |
}; |
26 | 27 |
|
27 | 28 |
class user : public user_ifc |
28 | 29 |
{ |
29 |
-private: |
|
30 |
- std::shared_ptr<user_ifc> delegate_; |
|
31 |
-public: |
|
32 |
- user (std::shared_ptr<user_ifc> delegate) : delegate_ (delegate) {} |
|
33 |
- user() : user (std::shared_ptr<user_ifc> (new user_ifc)) {} |
|
30 |
+ public: |
|
31 |
+ typedef std::shared_ptr<user_ifc> delegate; |
|
32 |
+ private: |
|
33 |
+ delegate delegate_; |
|
34 |
+ public: |
|
35 |
+ user (delegate delegate) : delegate_ (delegate) {} |
|
36 |
+ user() : user (delegate (new user_ifc)) {} |
|
34 | 37 |
}; |
35 | 38 |
|
36 | 39 |
class directory_ifc |