Blame - tests/test_pam.c - github/CESNET/libnetconf2

blob: a867c10adc21bb64a30e3cdf128532f256e6e0cd [file] [log] [blame]

roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	1	/**
				2	* @file test_pam.c
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	3	* @author Roman Janota <janota@cesnet.cz>
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	4	* @brief libnetconf2 SSH Keyboard Interactive auth using PAM test
				5	*
				6	* @copyright
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	7	* Copyright (c) 2023 - 2024 CESNET, z.s.p.o.
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	8	*
				9	* This source code is licensed under BSD 3-Clause License (the "License").
				10	* You may not use this file except in compliance with the License.
				11	* You may obtain a copy of the License at
				12	*
				13	* https://opensource.org/licenses/BSD-3-Clause
				14	*/
				15
				16	#define _GNU_SOURCE
				17
				18	#include <errno.h>
				19	#include <pthread.h>
				20	#include <setjmp.h>
				21	#include <stdarg.h>
				22	#include <stdio.h>
				23	#include <stdlib.h>
				24	#include <string.h>
				25
				26	#include <security/pam_appl.h>
				27
				28	#include <cmocka.h>
				29
roman	abe6990	2024-08-13 14:43:49 +0200	[diff] [blame]	30	#include "ln2_test.h"
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	31
roman	abe6990	2024-08-13 14:43:49 +0200	[diff] [blame]	32	int TEST_PORT = 10050;
				33	const char *TEST_PORT_STR = "10050";
				34
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	35	/* mock pam_start to just call pam_start_confdir instead */
				36	int __real_pam_start(const char service_name, const char user, const struct pam_conv pam_conversation, pam_handle_t *pamh);
				37	int
				38	__wrap_pam_start(const char service_name, const char user, const struct pam_conv pam_conversation, pam_handle_t *pamh)
				39	{
				40	return pam_start_confdir(service_name, user, pam_conversation, BUILD_DIR "/tests", pamh);
				41	}
				42
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	43	static char *
				44	auth_interactive(const char UNUSED(auth_name), const char UNUSED(instruction),
				45	const char prompt, int UNUSED(echo), void UNUSED(priv))
				46	{
				47	/* send the replies to keyboard-interactive authentication */
				48	if (strstr(prompt, "backwards")) {
				49	return strdup("tset");
				50	} else if (strstr(prompt, "1+1")) {
				51	return strdup("2");
				52	} else {
				53	return NULL;
				54	}
				55	}
				56
				57	static void *
				58	client_thread(void *arg)
				59	{
				60	int ret;
				61	struct nc_session *session = NULL;
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	62	struct ln2_test_ctx *test_ctx = arg;
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	63
				64	/* skip all hostkey and known_hosts checks */
				65	nc_client_ssh_set_knownhosts_mode(NC_SSH_KNOWNHOSTS_SKIP);
				66
				67	ret = nc_client_set_schema_searchpath(MODULES_DIR);
				68	assert_int_equal(ret, 0);
				69
				70	ret = nc_client_ssh_set_username("test");
				71	assert_int_equal(ret, 0);
				72
				73	/* set keyboard-interactive authentication callback */
				74	nc_client_ssh_set_auth_interactive_clb(auth_interactive, NULL);
				75
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	76	pthread_barrier_wait(&test_ctx->barrier);
Jan Kundrát	f8d9e8d	2024-04-08 12:13:02 +0200	[diff] [blame]	77	session = nc_connect_ssh("127.0.0.1", TEST_PORT, NULL);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	78	assert_non_null(session);
				79
				80	nc_session_free(session, NULL);
				81	return NULL;
				82	}
				83
				84	static void
				85	test_nc_pam(void **state)
				86	{
				87	int ret, i;
				88	pthread_t tids[2];
				89
				90	assert_non_null(state);
				91
				92	ret = pthread_create(&tids[0], NULL, client_thread, *state);
				93	assert_int_equal(ret, 0);
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	94	ret = pthread_create(&tids[1], NULL, ln2_glob_test_server_thread, *state);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	95	assert_int_equal(ret, 0);
				96
				97	for (i = 0; i < 2; i++) {
				98	pthread_join(tids[i], NULL);
				99	}
				100	}
				101
				102	static int
				103	setup_f(void **state)
				104	{
				105	int ret;
				106	struct lyd_node *tree = NULL;
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	107	struct ln2_test_ctx *test_ctx;
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	108
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	109	ret = ln2_glob_test_setup(&test_ctx);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	110	assert_int_equal(ret, 0);
				111
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	112	*state = test_ctx;
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	113
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	114	ret = nc_server_config_add_address_port(test_ctx->ctx, "endpt", NC_TI_SSH, "127.0.0.1", TEST_PORT, &tree);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	115	assert_int_equal(ret, 0);
				116
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	117	ret = nc_server_config_add_ssh_hostkey(test_ctx->ctx, "endpt", "hostkey", TESTS_DIR "/data/key_ecdsa", NULL, &tree);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	118	assert_int_equal(ret, 0);
				119
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	120	ret = nc_server_config_add_ssh_user_interactive(test_ctx->ctx, "endpt", "test", &tree);
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	121	assert_int_equal(ret, 0);
				122
				123	ret = nc_server_ssh_set_pam_conf_filename("netconf.conf");
				124	assert_int_equal(ret, 0);
				125
				126	/* configure the server based on the data */
				127	ret = nc_server_config_setup_data(tree);
				128	assert_int_equal(ret, 0);
				129
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	130	lyd_free_all(tree);
				131
				132	return 0;
				133	}
				134
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	135	int
				136	main(void)
				137	{
				138	const struct CMUnitTest tests[] = {
roman	2ca058f	2024-08-14 10:35:36 +0200	[diff] [blame]	139	cmocka_unit_test_setup_teardown(test_nc_pam, setup_f, ln2_glob_test_teardown)
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	140	};
				141
roman	abe6990	2024-08-13 14:43:49 +0200	[diff] [blame]	142	/* try to get ports from the environment, otherwise use the default */
				143	if (ln2_glob_test_get_ports(1, &TEST_PORT, &TEST_PORT_STR)) {
				144	return 1;
				145	}
				146
roman	7d13668	2023-12-14 10:43:36 +0100	[diff] [blame]	147	setenv("CMOCKA_TEST_ABORT", "1", 1);
				148	return cmocka_run_group_tests(tests, NULL, NULL);
				149	}