diff options
author | Jakub Hrozek <jakub.hrozek@posteo.se> | 2015-09-28 17:19:57 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-09-29 14:31:37 +0200 |
commit | 118da9513524d7501eba7d52f5890e6fe706d295 (patch) | |
tree | b2d7d93f566ad5d7aa51a4dcb1eb236908b51218 | |
parent | cb2026e900b8892d3e2a45a91755461647f5b23d (diff) | |
download | pam_wrapper-118da9513524d7501eba7d52f5890e6fe706d295.tar.gz pam_wrapper-118da9513524d7501eba7d52f5890e6fe706d295.tar.xz pam_wrapper-118da9513524d7501eba7d52f5890e6fe706d295.zip |
pwrap: Wrap pam_setcred
-rw-r--r-- | src/pam_wrapper.c | 21 | ||||
-rw-r--r-- | tests/pam_example.c | 33 | ||||
-rw-r--r-- | tests/test_pam_wrapper.c | 22 |
3 files changed, 74 insertions, 2 deletions
diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c index 996ec56..b2285ad 100644 --- a/src/pam_wrapper.c +++ b/src/pam_wrapper.c @@ -193,6 +193,8 @@ typedef int (*__libpam_pam_open_session)(pam_handle_t *pamh, int flags); typedef int (*__libpam_pam_close_session)(pam_handle_t *pamh, int flags); +typedef int (*__libpam_pam_setcred)(pam_handle_t *pamh, int flags); + #define PWRAP_SYMBOL_ENTRY(i) \ union { \ __libpam_##i f; \ @@ -210,6 +212,7 @@ struct pwrap_libpam_symbols { PWRAP_SYMBOL_ENTRY(pam_getenvlist); PWRAP_SYMBOL_ENTRY(pam_open_session); PWRAP_SYMBOL_ENTRY(pam_close_session); + PWRAP_SYMBOL_ENTRY(pam_setcred); }; struct pwrap { @@ -390,6 +393,13 @@ static int libpam_pam_close_session(pam_handle_t *pamh, int flags) return pwrap.libpam.symbols._libpam_pam_close_session.f(pamh, flags); } +static int libpam_pam_setcred(pam_handle_t *pamh, int flags) +{ + pwrap_bind_symbol_libpam(pam_setcred); + + return pwrap.libpam.symbols._libpam_pam_setcred.f(pamh, flags); +} + /********************************************************* * PWRAP INIT *********************************************************/ @@ -815,6 +825,17 @@ int pam_close_session(pam_handle_t *pamh, int flags) return pwrap_pam_close_session(pamh, flags); } +static int pwrap_pam_setcred(pam_handle_t *pamh, int flags) +{ + PWRAP_LOG(PWRAP_LOG_TRACE, "pwrap_pam_setcred called"); + return libpam_pam_setcred(pamh, flags); +} + +int pam_setcred(pam_handle_t *pamh, int flags) +{ + return pwrap_pam_setcred(pamh, flags); +} + /**************************** * DESTRUCTOR ***************************/ diff --git a/tests/pam_example.c b/tests/pam_example.c index 1510453..feca3c4 100644 --- a/tests/pam_example.c +++ b/tests/pam_example.c @@ -15,6 +15,9 @@ #define HOME_VAR "HOMEDIR" #define HOME_VAR_SZ sizeof(HOME_VAR)-1 +#define CRED_VAR "CRED" +#define CRED_VAR_SZ sizeof(CRED_VAR)-1 + /* Skips leading tabs and spaces to find beginning of a key, * then walks over the key until a blank is find */ @@ -412,12 +415,38 @@ PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char *argv[]) { - (void) pamh; /* unused */ + struct pam_example_ctx pctx; + int rv; + char cred[PATH_MAX + CRED_VAR_SZ]; + (void) flags; /* unused */ (void) argc; /* unused */ (void) argv; /* unused */ - return PAM_SUCCESS; + memset(&pctx, 0, sizeof(struct pam_example_ctx)); + + rv = pam_example_get(pamh, &pctx); + if (rv != PAM_SUCCESS) { + goto done; + } + + rv = snprintf(cred, sizeof(cred), + "%s=/tmp/%s", + CRED_VAR, pctx.pli.username); + if (rv <= 0) { + rv = PAM_BUF_ERR; + goto done; + } + + rv = pam_putenv(pamh, cred); + if (rv != PAM_SUCCESS) { + goto done; + } + + rv = PAM_SUCCESS; +done: + pam_example_free(&pctx); + return rv; } PAM_EXTERN int diff --git a/tests/test_pam_wrapper.c b/tests/test_pam_wrapper.c index a37c312..605e8be 100644 --- a/tests/test_pam_wrapper.c +++ b/tests/test_pam_wrapper.c @@ -386,6 +386,25 @@ static void test_pam_chauthtok_prelim_failed(void **state) assert_int_equal(rv, PAM_AUTH_ERR); } +static void test_pam_setcred(void **state) +{ + int rv; + const char *v; + struct pwrap_test_ctx *test_ctx; + + test_ctx = (struct pwrap_test_ctx *) *state; + + v = pam_getenv(test_ctx->ph, "CRED"); + assert_null(v); + + rv = pam_setcred(test_ctx->ph, 0); + assert_int_equal(rv, PAM_SUCCESS); + + v = pam_getenv(test_ctx->ph, "CRED"); + assert_non_null(v); + assert_string_equal(v, "/tmp/testuser"); +} + int main(void) { int rc; @@ -417,6 +436,9 @@ int main(void) { cmocka_unit_test_setup_teardown(test_pam_chauthtok_prelim_failed, setup_ctx_only, teardown), + cmocka_unit_test_setup_teardown(test_pam_setcred, + setup_noconv, + teardown), }; rc = cmocka_run_group_tests(init_tests, NULL, NULL); |