@@ -5,16 +5,25 @@

 #ifndef _TEST_SUPPORT_H

 #define _TEST_SUPPORT_H

 #include <stdlib.h>

-

+#include <stdio.h>

+#include <pwd.h>

+#include <sys/stat.h>

 // SYSLOG

 void fake_openlog(const char *ident, int logopt, int facility);

 void fake_syslog(int priority, const char *format, ...);

 void fake_closelog(void);

 // PWD

-struct passwd;

 int fake_getpwnam_r(const char *nam, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result);

+// SYS_STAT

+int fake_stat(const char *path, struct stat *stat);

+

+// STDIO

+FILE *fake_fopen(const char *path, const char *mode);

+char *fake_fgets(char *buf, int n, FILE *fp);

+int fake_fclose(FILE *fp);

+

 #ifdef UNIT_TEST

 // SYSLOG

@@ -25,6 +34,14 @@ int fake_getpwnam_r(const char *nam, struct passwd *pwd, char *buffer, size_t bu

 // PWD

 #define getpwnam_r(USER, PASSWD, BUFFER, BUFSIZE, PRESULT) fake_getpwnam_r(USER, PASSWD, BUFFER, BUFSIZE, PRESULT)

+// SYS_STAT

+#define stat(PATH, STRUCT) fake_stat(PATH, STRUCT)

+

+// STDIO

+#define fopen(PATH, MODE) fake_fopen(PATH, MODE)

+#define fgets(DEST, DEST_SIZE, FILE_HANDLE) fake_fgets(DEST, DEST_SIZE, FILE_HANDLE)

+#define fclose(FILE_HANDLE) fake_fclose(FILE_HANDLE)

+

 #endif

 #endif

@@ -3,30 +3,80 @@

 #include <security/pam_modules.h>

 #include <pwd.h>

 #include <unistd.h>

+#include <stdio.h>

+#include <sys/stat.h>

 #include "token.h"

-

 #include "test_support.h"

-int user_is_known(const char *user) {

-    struct passwd *passwd = (struct passwd *) malloc(sizeof(struct passwd));

-    size_t bufsize = (size_t) sysconf(_SC_GETPW_R_SIZE_MAX);

-    char * buffer = (char *) malloc(bufsize * sizeof(char));

+typedef struct buffer {

+    size_t size;

+    char *mem;

+} buffer_t;

+

+buffer_t allocate_buffer() {

+    buffer_t buffer;

+

+    buffer.size = (size_t) sysconf(_SC_GETPW_R_SIZE_MAX);

+    buffer.mem = (char *) malloc(buffer.size * sizeof(char));

+

+    return buffer;

+

+}

+

+void free_buffer(buffer_t *buffer) {

+    free(buffer->mem);

+    buffer->mem = 0;

+    buffer->size = 0;

+}

+

+char *use_buffer(buffer_t buffer) {

+    return buffer.mem;

+}

+

+size_t buffer_size(buffer_t buffer) {

+    return buffer.size;

+}

+

+

+int user_is_known(const char *user, buffer_t buffer) {

+    struct passwd *passwd = 0;

+    passwd = (struct passwd *) malloc(sizeof(struct passwd));

     struct passwd *found_passwd = 0;

-    getpwnam_r(user, passwd, buffer, bufsize, &found_passwd);

+    getpwnam_r(user, passwd, use_buffer(buffer), buffer_size(buffer), &found_passwd);

     int known = found_passwd != 0;

-    free(buffer);

     free(passwd);

     return known;

 }

+char *get_home_directory(const char *user, buffer_t buffer) {

+    struct passwd *passwd = 0;

+    passwd = (struct passwd *) malloc(sizeof(struct passwd));

+    struct passwd *found_passwd = 0;

+    getpwnam_r(user, passwd, use_buffer(buffer), buffer_size(buffer), &found_passwd);

+

+    free(passwd);

+

+    if (found_passwd) {

+        return found_passwd->pw_dir;

+    }

+

+    return 0;

+}

+

 int validate_token(const char *token) {

-    int ok = 0;

     char *user = 0;

+    char *dup_token = 0;

+    struct stat *file_stat = 0;

+    char *filepath = 0;

+

+

+    int ok = 0;

+

     // duplicate

     int token_length = strlen(token);

@@ -42,19 +92,67 @@ int validate_token(const char *token) {

     // poke a zero so dup is the username

     *colon = 0;

+    dup_token = (char *)malloc((token_length + 1) * sizeof(char));

+    strcpy(dup_token, token);

+    char *token_colon = strchr(dup_token, ':');

+    if (!token_colon) {

+       goto finally;

+    }

+

+     char *user_token = token_colon + 1;

+

+

     // check if user is known

-    if(!user_is_known(user)) {

+    buffer_t user_buffer = allocate_buffer();

+    if(!user_is_known(user, user_buffer)) {

        goto finally;

     }

+    // find the token for found user

+    buffer_t directory_buffer = allocate_buffer();

+    char *directory = get_home_directory(user, directory_buffer);

+    if (!directory) {

+        goto finally;

+    }

+

+    // stat

+

+    file_stat = (struct stat *) malloc(sizeof(struct stat));

+    int dir_len = strlen(directory);

+    int fname_len = strlen(".dual_control");

+    filepath = (char *)malloc((dir_len + 1 + fname_len + 1) * sizeof(char));

+

+    strcpy(filepath, directory);

+    strcat(filepath, "/");

+    strcat(filepath, ".dual_control");

+

+    int check_file = stat(filepath, file_stat);

+    if (check_file) {

+        goto finally;

+    }

+

+

+    // read the file and grab token

+    char fetched_token[7];

+    FILE *fp = 0;

+    fp = fopen(filepath, "r");

+    fgets(fetched_token, 7, fp);

+    fclose(fp);

+

+    // check if token matches

+    if(strcmp(user_token, fetched_token)) {

+        goto finally;

+    }

+

     ok = 1;

-    // determine if user is system user

-    // fail if not

     finally:

     free(user);

-

+    free_buffer(&user_buffer);

+    free_buffer(&directory_buffer);

+    free(file_stat);

+    free(filepath);

     return ok;

 }

@@ -1,30 +1,77 @@

 #include <string.h>

+#include <pwd.h>

+#include <stdio.h>

+#include <sys/stat.h>

+

 #include "token.h"

 #include "test_util.h"

 const char *fake_user = "";

 const char *fake_user_token = "";

-struct passwd;

-

 // all the fake system calls

+char *fake_home_dir = "";

 int fake_getpwnam_r(const char *nam, struct passwd *pwd, char *buffer, size_t bufsize, struct passwd **result) {

+  strcpy(buffer, fake_home_dir);

+  pwd->pw_dir = buffer;

   int ok = !strcmp(nam, fake_user);

-  *result = ok ? (struct passwd *)"" : 0;

+  *result = ok ? pwd : 0;

   return !ok;

 }

+

+char *fake_stat_path = "";

+int fake_stat(const char *path, struct stat *stat) {

+    return (strcmp(fake_stat_path, path));

+}

+

+char *fake_fopen_path = "";

+char *fake_fopen_mode = "";

+FILE *_fhandle = 0;

+FILE *fake_fopen(const char *path, const char *mode) {

+    static FILE handle;

+    int path_matches = !strcmp(fake_fopen_path, path);

+    int mode_matches = !strcmp(fake_fopen_mode, mode);

+    if(path_matches && mode_matches) {

+        _fhandle = &handle;

+        return &handle;

+    } else {

+        _fhandle = 0;

+        return 0;

+    }

+}

+

+char *fake_fgets(char *buf, int n, FILE *fp) {

+    if (_fhandle == fp && fp != 0) {

+       strncpy(buf, fake_user_token, n - 1);

+        return buf;

+    } else {

+        return 0;

+    }

+}

+

+int fake_fclose(FILE *fp) {

+    return 0;

+}

+

+

+// STDIO

+

+

+

 RESET_VARS_START

-fake_user = "";

-fake_user_token = "";

+fake_user = "msmith";

+fake_user_token = "123456";

+fake_home_dir = "/home/msmith";

+fake_stat_path = "/home/msmith/.dual_control";

+fake_fopen_path = fake_stat_path;

+fake_fopen_mode = "r";

 RESET_VARS_END

 int validate_compares_to_user_token() {

     // given

-    fake_user = "msmith";

-    fake_user_token = "123456";

     // when

     int valid = validate_token("msmith:123456");

@@ -38,11 +85,20 @@ int validate_compares_to_user_token() {

 int validates_from_the_right_user() {

     //given

-    fake_user = "jbalcita";

-    fake_user_token = "123456";

     //when

-    int valid = validate_token("msmith:12346");

+    int valid = validate_token("jbalcita:12346");

+

+    //then

+    check(!valid, "expected result to be invalid");

+    succeed();

+}

+

+int validates_user_specific_token() {

+    //given

+

+    //when

+    int valid = validate_token("msmith:654321");

     //then

     check(!valid, "expected result to be invalid");

@@ -52,11 +108,13 @@ int validates_from_the_right_user() {

 int runtests() {

     test(validate_compares_to_user_token);

     test(validates_from_the_right_user);

+    test(validates_user_specific_token);

     succeed();

 }

 int main(int argc, char **argv) {

-    return !runtests();

+    int rval = !runtests();

+    return rval;

 }