aboutsummaryrefslogtreecommitdiff
path: root/include/libpamtest.h
blob: b6de8139d19968b60a86387d31f9852eef3179a3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
/*
 * Copyright (c) 2015 Andreas Schneider <asn@samba.org>
 * Copyright (c) 2015 Jakub Hrozek <jakub.hrozek@posteo.se>
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#ifndef __LIBPAMTEST_H_
#define __LIBPAMTEST_H_

#include <stdint.h>
#include <security/pam_appl.h>

/* operations */
enum pamtest_ops {
	/* These operations correspond to libpam ops */
	PAMTEST_AUTHENTICATE,
	PAMTEST_SETCRED,
	PAMTEST_ACCOUNT,
	PAMTEST_OPEN_SESSION,
	PAMTEST_CLOSE_SESSION,
	PAMTEST_CHAUTHTOK,

	/* These operation affect test output */
	PAMTEST_GETENVLIST,	/* Call pam_getenvlist. */
	PAMTEST_KEEPHANDLE,	/* Don't call pam_end() but return handle */

	/* The two below can't be set by API user, but are useful if pam_start()
	 * or pam_end() fails and the API user wants to find out what happened
	 * with pamtest_failed_case()
	 */
	PAMTEST_START,
	PAMTEST_END,

	/* Boundary.. */
	PAMTEST_SENTINEL,
};

struct pamtest_case {
	enum pamtest_ops pam_operation;	  /* The pam operation to run */
	int expected_rv;		  /* What we expect the op to return */
	int flags;			  /* Extra flags to pass to the op */

	int op_rv;			  /* What the op really returns */

	union {
		char **envlist;		/* output of PAMTEST_ENVLIST */
		pam_handle_t *ph;	/* output of PAMTEST_KEEPHANDLE */
	} case_out;		/* depends on pam_operation, mostly unused */
};

enum pamtest_err {
	PAMTEST_ERR_OK,		/* Testcases returns correspond with input */
	PAMTEST_ERR_START,	/* pam_start() failed */
	PAMTEST_ERR_CASE,	/* A testcase failed. Use pamtest_failed_case */
	PAMTEST_ERR_OP,		/* Could not run a test case */
	PAMTEST_ERR_END,	/* pam_end failed */
	PAMTEST_ERR_KEEPHANDLE, /* Handled internally */
	PAMTEST_ERR_INTERNAL,   /* Internal error - bad input or similar */
};

typedef int (*pam_conv_fn)(int num_msg,
			   const struct pam_message **msg,
			   struct pam_response **resp,
			   void *appdata_ptr);

enum pamtest_err pamtest_ex(const char *service,
			    const char *user,
			    pam_conv_fn conv_fn,
			    void *conv_userdata,
			    struct pamtest_case *test_cases);

void pamtest_free_env(char **envlist);

const struct pamtest_case *pamtest_failed_case(struct pamtest_case *test_cases);

enum pamtest_err pamtest(const char *service,
			 const char *user,
			 void *conv_userdata,
			 struct pamtest_case *test_cases);

#endif /* __LIBPAMTEST_H_ */