Browse code
setcred success
Greg Wiley authored on 18/04/2017 18:51:45
Showing 5 changed files
Showing 5 changed files
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
CXXFLAGS += -fPIC -fno-stack-protector |
2 | 2 |
CFLAGS += -fPIC -fno-stack-protector |
3 | 3 |
|
4 |
-OBJS = dual_control.o argument.o |
|
4 |
+OBJS = dual_control.o argument.o dual_control_integrate.o |
|
5 | 5 |
|
6 | 6 |
MODULELIB = pam_dual_control.so |
7 | 7 |
|
... | ... |
@@ -26,6 +26,9 @@ distclean: clean |
26 | 26 |
|
27 | 27 |
dual_control.o: dual_control.h |
28 | 28 |
|
29 |
+dual_control_test: dual_control_test.o dual_control.o |
|
30 |
+ $(CXX) $(CXXFLAGS) $(CPPFLAGS) -o $@ $^ |
|
31 |
+ |
|
29 | 32 |
argument_test: argument_test.o argument.o |
30 | 33 |
$(CXX) $(CXXFLAGS) $(CPPFLAGS) -o $@ $^ |
31 | 34 |
|
... | ... |
@@ -36,10 +39,11 @@ conversation_test: conversation_test.o conversation.o |
36 | 39 |
$(CXX) $(CXXFLAGS) $(CPPFLAGS) -o $@ $^ |
37 | 40 |
|
38 | 41 |
.PHONY: test |
39 |
-test: validator_test conversation_test argument_test |
|
42 |
+test: validator_test conversation_test argument_test dual_control_test |
|
40 | 43 |
@./validator_test |
41 | 44 |
@./conversation_test |
42 | 45 |
@./argument_test |
46 |
+ @./dual_control_test |
|
43 | 47 |
|
44 | 48 |
.PHONY: install |
45 | 49 |
install: $(OBJS) |
... | ... |
@@ -1,20 +1,23 @@ |
1 |
-#include <security/pam_modules.h> |
|
2 |
-#include <string> |
|
3 |
-#include <memory> |
|
4 |
-#include <vector> |
|
5 | 1 |
|
6 |
-#include "argument.h" |
|
7 | 2 |
#include "dual_control.h" |
8 | 3 |
|
9 |
-extern dual_control dc; |
|
4 |
+class impl : public dual_control_ifc { |
|
5 |
+ public: |
|
6 |
+ int authenticate(pam_handle *handle, int flags, const std::vector<const std::string> &arguments ); |
|
7 |
+ int setcred(pam_handle *handle, int flags, const std::vector<const std::string> &arguments); |
|
8 |
+}; |
|
10 | 9 |
|
11 |
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { |
|
12 |
- std::vector<const std::string> arguments = convert_arguments(argc, argv); |
|
13 |
- return dc.authenticate(pamh, flags, arguments); |
|
10 |
+int impl::setcred(pam_handle *handle, int flags, const std::vector<const std::string> &arguments) { |
|
11 |
+ return PAM_SUCCESS; |
|
14 | 12 |
} |
15 | 13 |
|
16 |
-PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) { |
|
17 |
- std::vector<const std::string> arguments = convert_arguments(argc, argv); |
|
18 |
- return dc.setcred(pamh, flags, arguments); |
|
14 |
+int impl::authenticate(pam_handle *handle, int flags, const std::vector<const std::string> &arguments) { |
|
15 |
+ return -1209342; |
|
19 | 16 |
} |
20 | 17 |
|
18 |
+dual_control create_dual_control() { |
|
19 |
+ return dual_control(new impl); |
|
20 |
+} |
|
21 |
+ |
|
22 |
+ |
|
23 |
+ |
... | ... |
@@ -8,21 +8,14 @@ |
8 | 8 |
|
9 | 9 |
class dual_control_ifc { |
10 | 10 |
public: |
11 |
+ virtual ~dual_control_ifc() {} |
|
11 | 12 |
virtual int authenticate(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments ) = 0; |
12 | 13 |
virtual int setcred(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments) = 0; |
13 | 14 |
}; |
14 | 15 |
|
15 |
-class dual_control : public dual_control_ifc { |
|
16 |
- private: |
|
17 |
- std::shared_ptr<dual_control_ifc> delegate_; |
|
18 |
- public: |
|
19 |
- int authenticate(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments ) { |
|
20 |
- return delegate_->authenticate(handle, flags, arguments); |
|
21 |
- } |
|
22 |
- int setcred(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments) { |
|
23 |
- return delegate_->setcred(handle, flags, arguments); |
|
24 |
- } |
|
25 |
-}; |
|
16 |
+typedef std::shared_ptr<dual_control_ifc> dual_control; |
|
17 |
+ |
|
18 |
+dual_control create_dual_control(); |
|
26 | 19 |
|
27 | 20 |
#endif |
28 | 21 |
|
29 | 22 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,20 @@ |
1 |
+#include <security/pam_modules.h> |
|
2 |
+#include <string> |
|
3 |
+#include <memory> |
|
4 |
+#include <vector> |
|
5 |
+ |
|
6 |
+#include "argument.h" |
|
7 |
+#include "dual_control.h" |
|
8 |
+ |
|
9 |
+extern dual_control dc; |
|
10 |
+ |
|
11 |
+PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { |
|
12 |
+ std::vector<const std::string> arguments = convert_arguments(argc, argv); |
|
13 |
+ return dc->authenticate(pamh, flags, arguments); |
|
14 |
+} |
|
15 |
+ |
|
16 |
+PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) { |
|
17 |
+ std::vector<const std::string> arguments = convert_arguments(argc, argv); |
|
18 |
+ return dc->setcred(pamh, flags, arguments); |
|
19 |
+} |
|
20 |
+ |
... | ... |
@@ -1,11 +1,40 @@ |
1 |
-#include <security/pam_appl.h> |
|
2 | 1 |
#include <security/pam_modules.h> |
3 |
-#include <cstdio> |
|
4 | 2 |
|
5 |
-#include "conversation.h" |
|
6 |
-#include "token.h" |
|
3 |
+#include "dual_control.h" |
|
7 | 4 |
#include "test_util.h" |
8 | 5 |
|
6 |
+int setcred_returns_success() { |
|
7 |
+ //given |
|
8 |
+ pam_handle *pamh(0); |
|
9 |
+ dual_control dc(create_dual_control()); |
|
10 |
+ std::vector<const std::string> arguments; |
|
11 |
+ |
|
12 |
+ //when |
|
13 |
+ int result = dc->setcred(pamh, 0, arguments); |
|
14 |
+ |
|
15 |
+ //then |
|
16 |
+ checkint(PAM_SUCCESS, result, "function return"); |
|
17 |
+ succeed(); |
|
18 |
+ |
|
19 |
+} |
|
20 |
+ |
|
21 |
+RESET_VARS_START |
|
22 |
+RESET_VARS_END |
|
23 |
+ |
|
24 |
+int runtests() { |
|
25 |
+ test(setcred_returns_success); |
|
26 |
+ succeed(); |
|
27 |
+} |
|
28 |
+ |
|
29 |
+int main(int argc, char* argv[]) { |
|
30 |
+ return !runtests(); |
|
31 |
+} |
|
32 |
+ |
|
33 |
+ |
|
34 |
+ |
|
35 |
+// DELETE BELOW HERE |
|
36 |
+ |
|
37 |
+/* |
|
9 | 38 |
const char *validated_user = ""; |
10 | 39 |
const char *validated_token = ""; |
11 | 40 |
const char *token_to_return = ""; |
... | ... |
@@ -44,18 +73,6 @@ void log_failure() { |
44 | 73 |
log_failure_invoked = 1; |
45 | 74 |
} |
46 | 75 |
|
47 |
-int pam_sm_setcred_returns_success() { |
|
48 |
- //given |
|
49 |
- |
|
50 |
- //when |
|
51 |
- int result = pam_sm_setcred(NULL, 0, 0, NULL); |
|
52 |
- |
|
53 |
- //then |
|
54 |
- checkint(PAM_SUCCESS, result, "function return"); |
|
55 |
- succeed(); |
|
56 |
- |
|
57 |
-} |
|
58 |
- |
|
59 | 76 |
int pam_sm_authenticate_validates_with_received_token() { |
60 | 77 |
// given |
61 | 78 |
token_to_return = "user:pin"; |
... | ... |
@@ -111,18 +128,6 @@ int fails_with_invalid_token() { |
111 | 128 |
//then |
112 | 129 |
return result == PAM_AUTH_ERR; |
113 | 130 |
} |
131 |
+*/ |
|
114 | 132 |
|
115 |
-int runtests() { |
|
116 |
- test(pam_sm_authenticate_validates_with_received_token); |
|
117 |
- test(pam_sm_setcred_returns_success); |
|
118 |
- test(pam_sm_authenticate_success_invokes_log_success); |
|
119 |
- test(pam_sm_authenticate_fail_invokes_log_failure); |
|
120 |
- test(succeeds_with_valid_token); |
|
121 |
- test(fails_with_invalid_token); |
|
122 |
- succeed(); |
|
123 |
-} |
|
124 |
- |
|
125 |
-int main(int argc, char* argv[]) { |
|
126 |
- return !runtests(); |
|
127 |
-} |
|
128 | 133 |
|