2 * Unix SMB/CIFS implementation.
4 * Copyright (C) 2018-2019 Andreas Schneider <asn@samba.org>
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "lib/replace/replace.h"
27 #include "auth/credentials/credentials.c"
29 static int setup_talloc_context(void **state
)
31 TALLOC_CTX
*frame
= talloc_stackframe();
37 static int teardown_talloc_context(void **state
)
39 TALLOC_CTX
*frame
= *state
;
44 static void torture_creds_init(void **state
)
46 TALLOC_CTX
*mem_ctx
= *state
;
47 struct cli_credentials
*creds
= NULL
;
48 const char *username
= NULL
;
49 const char *domain
= NULL
;
50 const char *password
= NULL
;
51 enum credentials_obtained usr_obtained
= CRED_UNINITIALISED
;
52 enum credentials_obtained pwd_obtained
= CRED_UNINITIALISED
;
55 creds
= cli_credentials_init(mem_ctx
);
56 assert_non_null(creds
);
57 assert_null(creds
->username
);
58 assert_int_equal(creds
->username_obtained
, CRED_UNINITIALISED
);
60 domain
= cli_credentials_get_domain(creds
);
62 ok
= cli_credentials_set_domain(creds
, "WURST", CRED_SPECIFIED
);
64 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
65 domain
= cli_credentials_get_domain(creds
);
66 assert_string_equal(domain
, "WURST");
68 username
= cli_credentials_get_username(creds
);
69 assert_null(username
);
70 ok
= cli_credentials_set_username(creds
, "brot", CRED_SPECIFIED
);
72 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
73 username
= cli_credentials_get_username(creds
);
74 assert_string_equal(username
, "brot");
76 username
= cli_credentials_get_username_and_obtained(creds
,
78 assert_int_equal(usr_obtained
, CRED_SPECIFIED
);
79 assert_string_equal(username
, "brot");
81 password
= cli_credentials_get_password(creds
);
82 assert_null(password
);
83 ok
= cli_credentials_set_password(creds
, "SECRET", CRED_SPECIFIED
);
85 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
86 password
= cli_credentials_get_password(creds
);
87 assert_string_equal(password
, "SECRET");
89 password
= cli_credentials_get_password_and_obtained(creds
,
91 assert_int_equal(pwd_obtained
, CRED_SPECIFIED
);
92 assert_string_equal(password
, "SECRET");
94 /* Run dump to check it works */
95 cli_credentials_dump(creds
);
98 static void torture_creds_init_anonymous(void **state
)
100 TALLOC_CTX
*mem_ctx
= *state
;
101 struct cli_credentials
*creds
= NULL
;
103 creds
= cli_credentials_init_anon(mem_ctx
);
104 assert_non_null(creds
);
106 assert_string_equal(creds
->domain
, "");
107 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
109 assert_string_equal(creds
->username
, "");
110 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
112 assert_null(creds
->password
);
113 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
116 static void torture_creds_guess(void **state
)
118 TALLOC_CTX
*mem_ctx
= *state
;
119 struct cli_credentials
*creds
= NULL
;
120 const char *env_user
= getenv("USER");
123 creds
= cli_credentials_init(mem_ctx
);
124 assert_non_null(creds
);
126 setenv("PASSWD", "SECRET", 1);
127 ok
= cli_credentials_guess(creds
, NULL
);
130 assert_string_equal(creds
->username
, env_user
);
131 assert_int_equal(creds
->username_obtained
, CRED_GUESS_ENV
);
133 assert_string_equal(creds
->password
, "SECRET");
134 assert_int_equal(creds
->password_obtained
, CRED_GUESS_ENV
);
138 static void torture_creds_anon_guess(void **state
)
140 TALLOC_CTX
*mem_ctx
= *state
;
141 struct cli_credentials
*creds
= NULL
;
144 creds
= cli_credentials_init_anon(mem_ctx
);
145 assert_non_null(creds
);
147 setenv("PASSWD", "SECRET", 1);
148 ok
= cli_credentials_guess(creds
, NULL
);
151 assert_string_equal(creds
->username
, "");
152 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
154 assert_null(creds
->password
);
155 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
159 static void torture_creds_parse_string(void **state
)
161 TALLOC_CTX
*mem_ctx
= *state
;
162 struct cli_credentials
*creds
= NULL
;
164 creds
= cli_credentials_init(mem_ctx
);
165 assert_non_null(creds
);
168 cli_credentials_parse_string(creds
, "%", CRED_SPECIFIED
);
170 assert_string_equal(creds
->domain
, "");
171 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
173 assert_string_equal(creds
->username
, "");
174 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
176 assert_null(creds
->password
);
177 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
179 /* Username + password */
180 cli_credentials_parse_string(creds
, "wurst%BROT", CRED_SPECIFIED
);
182 assert_string_equal(creds
->domain
, "");
183 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
185 assert_string_equal(creds
->username
, "wurst");
186 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
188 assert_string_equal(creds
->password
, "BROT");
189 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
191 /* Domain + username + password */
192 cli_credentials_parse_string(creds
, "XXL\\wurst%BROT", CRED_SPECIFIED
);
194 assert_string_equal(creds
->domain
, "XXL");
195 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
197 assert_string_equal(creds
->username
, "wurst");
198 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
200 assert_string_equal(creds
->password
, "BROT");
201 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
204 cli_credentials_parse_string(creds
, "wurst@brot.realm", CRED_SPECIFIED
);
206 assert_string_equal(creds
->domain
, "");
207 assert_int_equal(creds
->domain_obtained
, CRED_SPECIFIED
);
209 assert_string_equal(creds
->username
, "wurst@brot.realm");
210 assert_int_equal(creds
->username_obtained
, CRED_SPECIFIED
);
212 assert_string_equal(creds
->principal
, "wurst@brot.realm");
213 assert_int_equal(creds
->principal_obtained
, CRED_SPECIFIED
);
215 assert_string_equal(creds
->password
, "BROT");
216 assert_int_equal(creds
->password_obtained
, CRED_SPECIFIED
);
219 static void torture_creds_krb5_state(void **state
)
221 TALLOC_CTX
*mem_ctx
= *state
;
222 struct cli_credentials
*creds
= NULL
;
223 struct loadparm_context
*lp_ctx
= NULL
;
226 lp_ctx
= loadparm_init_global(true);
227 assert_non_null(lp_ctx
);
229 creds
= cli_credentials_init(mem_ctx
);
230 assert_non_null(creds
);
231 assert_int_equal(creds
->kerberos_state_obtained
, CRED_UNINITIALISED
);
232 assert_int_equal(creds
->kerberos_state
, CRED_USE_KERBEROS_DESIRED
);
234 ok
= cli_credentials_set_conf(creds
, lp_ctx
);
236 assert_int_equal(creds
->kerberos_state_obtained
, CRED_SMB_CONF
);
237 assert_int_equal(creds
->kerberos_state
, CRED_USE_KERBEROS_DESIRED
);
239 ok
= cli_credentials_guess(creds
, lp_ctx
);
241 assert_int_equal(creds
->kerberos_state_obtained
, CRED_SMB_CONF
);
242 assert_int_equal(creds
->kerberos_state
, CRED_USE_KERBEROS_DESIRED
);
243 assert_int_equal(creds
->ccache_obtained
, CRED_GUESS_FILE
);
244 assert_non_null(creds
->ccache
);
246 ok
= cli_credentials_set_kerberos_state(creds
,
247 CRED_USE_KERBEROS_REQUIRED
,
250 assert_int_equal(creds
->kerberos_state_obtained
, CRED_SPECIFIED
);
251 assert_int_equal(creds
->kerberos_state
, CRED_USE_KERBEROS_REQUIRED
);
253 ok
= cli_credentials_set_kerberos_state(creds
,
254 CRED_USE_KERBEROS_DISABLED
,
257 assert_int_equal(creds
->kerberos_state_obtained
, CRED_SPECIFIED
);
258 assert_int_equal(creds
->kerberos_state
, CRED_USE_KERBEROS_REQUIRED
);
262 static void torture_creds_gensec_feature(void **state
)
264 TALLOC_CTX
*mem_ctx
= *state
;
265 struct cli_credentials
*creds
= NULL
;
268 creds
= cli_credentials_init(mem_ctx
);
269 assert_non_null(creds
);
270 assert_int_equal(creds
->gensec_features_obtained
, CRED_UNINITIALISED
);
271 assert_int_equal(creds
->gensec_features
, 0);
273 ok
= cli_credentials_set_gensec_features(creds
,
277 assert_int_equal(creds
->gensec_features_obtained
, CRED_SPECIFIED
);
278 assert_int_equal(creds
->gensec_features
, GENSEC_FEATURE_SIGN
);
280 ok
= cli_credentials_set_gensec_features(creds
,
284 assert_int_equal(creds
->gensec_features_obtained
, CRED_SPECIFIED
);
285 assert_int_equal(creds
->gensec_features
, GENSEC_FEATURE_SIGN
);
288 int main(int argc
, char *argv
[])
291 const struct CMUnitTest tests
[] = {
292 cmocka_unit_test(torture_creds_init
),
293 cmocka_unit_test(torture_creds_init_anonymous
),
294 cmocka_unit_test(torture_creds_guess
),
295 cmocka_unit_test(torture_creds_anon_guess
),
296 cmocka_unit_test(torture_creds_parse_string
),
297 cmocka_unit_test(torture_creds_krb5_state
),
298 cmocka_unit_test(torture_creds_gensec_feature
),
302 cmocka_set_test_filter(argv
[1]);
304 cmocka_set_message_output(CM_OUTPUT_SUBUNIT
);
306 rc
= cmocka_run_group_tests(tests
,
307 setup_talloc_context
,
308 teardown_talloc_context
);