Test suites with dirty autoconf. Closes #20

.gitignore

@@ -18,3 +18,4 @@ Makefile
 Makefile.in
 src/pam_panic_pw/pam_panic_pw
 stamp-h1
+test/test

Makefile.am

@@ -3,3 +3,8 @@ ACLOCAL_AMFLAGS = -I m4
 AM_CPPFLAGS = -I src
 
 SUBDIRS = src/pam_panic src/pam_panic_pw
+
+.PHONY: all test clean
+
+test:
+	make -C test

configure.ac

@@ -55,6 +55,7 @@ AC_CONFIG_FILES([
     src/pam_panic/man/Makefile
     src/pam_panic_pw/Makefile
     src/pam_panic_pw/man/Makefile
+    test/Makefile
 ])
 
 AC_OUTPUT

src/pam_panic/pam_panic_authdevice.c

@@ -8,8 +8,10 @@ LICENSE :      GNU-GPLv3
 
 #include <stdint.h>
 #include <unistd.h>
-#include <security/pam_modules.h>
+#ifndef TEST
-#include <security/pam_ext.h>
+  #include <security/pam_modules.h>
+  #include <security/pam_ext.h>
+#endif
 #include <syslog.h>
 #include "pam_panic_reject.h"
 
@@ -17,20 +19,34 @@ LICENSE :      GNU-GPLv3
 
 int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){
 
-  int8_t counter = 0;
+  #ifndef TEST
-  while(access(allowed, F_OK) == -1 && access(rejected, F_OK) == -1){
+    int8_t counter = 0;
-    pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, NULL, ASK);
+    while(access(allowed, F_OK) == -1 && access(rejected, F_OK) == -1){
-    if(++counter >= 3){
+      pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, NULL, ASK);
-      pam_syslog(pamh, LOG_NOTICE, "Couldn't identify any keys. 3 tries.");
+      if(++counter >= 3){
-      return (PAM_MAXTRIES);
+        pam_syslog(pamh, LOG_NOTICE, "Couldn't identify any keys. 3 tries.");
+        return (PAM_MAXTRIES);
+      }
     }
-  }
+  #endif
 
   if(access(allowed, F_OK) != -1)
-    return (PAM_SUCCESS);
+    #ifndef TEST
+      return (PAM_SUCCESS);
+    #else
+      return 0;
+    #endif
   if(access(rejected, F_OK) != -1)
-    return reject(serious_dev, bSerious, bReboot, bPoweroff);
+    #ifndef TEST
+      return reject(serious_dev, bSerious, bReboot, bPoweroff);
+    #else
+      return 99;
+    #endif
 
-  return (PAM_MAXTRIES);
+  #ifndef TEST
+    return (PAM_MAXTRIES);
+  #else
+    return 1;
+  #endif
 
 }

src/pam_panic/pam_panic_password.c

@@ -18,17 +18,21 @@ LICENSE :      GNU-GPLv3
 #include "pam_panic_password.h"
 #include "pam_panic_reject.h"
 
+#define MSG_NOFILE "ALERT for password option: No password file detected."
+#define MSG_ERROPEN "ERROR: Couldn't open password file."
+#define MSG_CORRUPT "CRITICAL: Password file is corrupt!"
+
 
 int readPassword(pam_handle_t *pamh, char pw[2][99]){
 
   // Open file
   if(access(PPASSFILE, F_OK) == -1){
-    pam_syslog(pamh, LOG_ALERT, "ALERT for password option: No password file detected.");
+    pam_syslog(pamh, LOG_ALERT, MSG_NOFILE);
     return 2;
   }
   FILE *f = fopen(PPASSFILE, "r");
   if(f == NULL){
-    pam_syslog(pamh, LOG_ALERT, "ERROR: Couldn't open file.");
+    pam_syslog(pamh, LOG_ALERT, MSG_ERROPEN);
     return 1;
   }
 
@@ -40,7 +44,7 @@ int readPassword(pam_handle_t *pamh, char pw[2][99]){
   fclose(f);
 
   if(nread != 198){
-    pam_syslog(pamh, LOG_CRIT, "CRITICAL: Password file is corrupt!");
+    pam_syslog(pamh, LOG_CRIT, MSG_CORRUPT);
     return 3;
   }
 
@@ -103,5 +107,6 @@ int authPassword(pam_handle_t *pamh, char *serious_dev, int8_t bSerious, int8_t
   if(!strcmp(pwpanic, pw[1])){
     return reject(serious_dev, bSerious, bReboot, bPoweroff);
   } 
+
   return (PAM_AUTH_ERR);
 }

src/pam_panic/pam_panic_reject.c

@@ -8,35 +8,56 @@ LICENSE :      GNU-GPLv3
 
 #include <stdint.h>
 #include <unistd.h>
-#include <security/pam_ext.h>
+#ifdef TEST
+  #include <stdio.h>
+#else
+  #include <security/pam_ext.h>
+#endif
 #include <sys/wait.h>
 #include "config.h"
 #include "pam_panic_reject.h"
 
 int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){
   if(bSerious){
-    int ser_stat;
+    #ifndef TEST
-    int yes[2];
+      int ser_stat;
-    pipe(yes);
+      int yes[2];
-    if(fork() == 0){
+      pipe(yes);
-      close(yes[1]);
+      if(fork() == 0){
-      dup2(yes[0], 0);
+        close(yes[1]);
+        dup2(yes[0], 0);
 
-      execlp(CRYPTSETUP, CRYPTSETUP, "luksErase", serious_dev, NULL);
+        execlp(CRYPTSETUP, CRYPTSETUP, "luksErase", serious_dev, NULL);
-    }else {
+        
-      close(yes[0]);
+      }else {
-      write(yes[1], "YES\n", 4);
+        close(yes[0]);
-      close(yes[1]);
+        write(yes[1], "YES\n", 4);
+        close(yes[1]);
 
-     wait(&ser_stat);
+       wait(&ser_stat);
-    }
+      }
+    #else
+      return 0;
+    #endif
   }
 
   if(bReboot)
-    execlp(REBOOT, REBOOT, NULL);
+    #ifndef TEST
+      execlp(REBOOT, REBOOT, NULL);
+    #else
+      return 1;
+    #endif
   if(bPoweroff)
-    execlp(POWEROFF, POWEROFF, NULL);
+    #ifndef TEST
+      execlp(POWEROFF, POWEROFF, NULL);
+    #else
+      return 2;
+    #endif
 
-  return (PAM_MAXTRIES);
+  #ifndef TEST
+    return (PAM_MAXTRIES);
+  #else
+    return 3;
+  #endif
 }
 

test/Makefile.am

@@ -0,0 +1,8 @@
+bin_PROGRAMS = test
+test_SOURCES = test.h ../src/pam_panic/pam_panic_authdevice.c ../src/pam_panic/pam_panic_reject.c test.c
+test_LDFLAGS = -lpam -lcunit
+
+all:
+	@printf "Running test...\n"
+	./test
+	@printf "OK!\n"

test/test.c

@@ -0,0 +1,117 @@
+#include <stdint.h>
+#include <unistd.h>
+#include <security/pam_modules.h>
+#include "../src/pam_panic/pam_panic_authdevice.h"
+#include "../src/pam_panic/pam_panic_reject.h"
+#include <CUnit/Basic.h>
+
+
+#define STATE_GOOD 0
+#define STATE_BAD 99
+#define STATE_NA 1
+
+#define STATE_REJ_SER 0
+#define STATE_REJ_REB 1
+#define STATE_REJ_POW 2
+#define STATE_REJ_NA 3
+
+#define GOODUUID "./good"
+#define BADUUID  "./bad"
+
+char* gU = GOODUUID;
+char* bU = BADUUID;
+
+int init_suite(void) {
+  return 0;
+}
+
+int clean_suite(void) {
+  return 0;
+}
+
+
+// pam_panic_authdevice tests
+void test_authDeviceGood(void) {
+  FILE *f = fopen(gU, "w");
+  fclose(f);
+
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_GOOD);
+  unlink(gU);
+}
+
+void test_authDeviceBad(void) {
+  FILE *f = fopen(bU, "w");
+  fclose(f);
+  
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_BAD);
+  unlink(bU);
+}
+
+void test_authDeviceNA(void) {
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_NA);
+}
+
+
+// pam_panic_reject tests
+void test_rejectSerious(void) {
+  int ret = reject(NULL, 1, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_SER); 
+}
+
+void test_rejectReboot(void) {
+  int ret = reject(NULL, 0, 1, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_REB);
+}
+
+void test_rejectPoweroff(void) {
+  int ret = reject(NULL, 0, 0, 1);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_POW);
+}
+
+void test_rejectNA(void) {
+  int ret = reject(NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_NA);
+}
+
+
+
+int main(void) {
+
+  // no stdout buffering
+  setbuf(stdout, NULL);
+  
+  // init CUnit test registry
+  CU_pSuite pSuiteDevice = NULL;
+  CU_pSuite pSuiteReject = NULL;
+  if (CUE_SUCCESS != CU_initialize_registry())
+    return CU_get_error();
+
+  // Make suits
+  pSuiteDevice = CU_add_suite("Suite pam_panic_authdevice", init_suite, clean_suite);
+  pSuiteReject = CU_add_suite("Suite pam_panic_reject", init_suite, clean_suite);
+  if (pSuiteDevice == NULL
+    || pSuiteReject == NULL) { 
+    CU_cleanup_registry();
+    return CU_get_error();
+  }
+
+  // adding tests to all suits
+          // SuiteDevice
+  if (   (NULL == CU_add_test(pSuiteDevice, "Authenticate with good device?", test_authDeviceGood))
+      || (NULL == CU_add_test(pSuiteDevice, "Authenticate with bad device?", test_authDeviceBad))
+      || (NULL == CU_add_test(pSuiteDevice, "Authenticate with no device?", test_authDeviceNA))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Serious?", test_rejectSerious))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Reboot?", test_rejectReboot))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Poweroff?", test_rejectPoweroff))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Nothing?", test_rejectNA))
+     ) {
+    CU_cleanup_registry();
+    return CU_get_error();
+  }
+
+  return 0;
+}
+

test/test.h

@@ -0,0 +1 @@
+#define TEST