Test suites with dirty autoconf. Closes #20

2018-05-11 01:29:13 +02:00
parent 231cc86562
commit 3b9cb19ec8
9 changed files with 207 additions and 32 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,4 @@ Makefile
 Makefile.in
 src/pam_panic_pw/pam_panic_pw
 stamp-h1
+test/test
--- a/Makefile.am
+++ b/Makefile.am
@@ -3,3 +3,8 @@ ACLOCAL_AMFLAGS = -I m4
 AM_CPPFLAGS = -I src

 SUBDIRS = src/pam_panic src/pam_panic_pw
+
+.PHONY: all test clean
+
+test:
+	make -C test
--- a/configure.ac
+++ b/configure.ac
@@ -55,6 +55,7 @@ AC_CONFIG_FILES([
    src/pam_panic/man/Makefile
    src/pam_panic_pw/Makefile
    src/pam_panic_pw/man/Makefile
+    test/Makefile
 ])

 AC_OUTPUT
--- a/src/pam_panic/pam_panic_authdevice.c
+++ b/src/pam_panic/pam_panic_authdevice.c
@@ -8,8 +8,10 @@ LICENSE :      GNU-GPLv3

 #include <stdint.h>
 #include <unistd.h>
+#ifndef TEST
  #include <security/pam_modules.h>
  #include <security/pam_ext.h>
+#endif
 #include <syslog.h>
 #include "pam_panic_reject.h"

@@ -17,6 +19,7 @@ LICENSE :      GNU-GPLv3

 int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){

+  #ifndef TEST
    int8_t counter = 0;
    while(access(allowed, F_OK) == -1 && access(rejected, F_OK) == -1){
      pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, NULL, ASK);
@@ -25,12 +28,25 @@ int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_
        return (PAM_MAXTRIES);
      }
    }
+  #endif

  if(access(allowed, F_OK) != -1)
+    #ifndef TEST
      return (PAM_SUCCESS);
+    #else
+      return 0;
+    #endif
  if(access(rejected, F_OK) != -1)
+    #ifndef TEST
      return reject(serious_dev, bSerious, bReboot, bPoweroff);
+    #else
+      return 99;
+    #endif

+  #ifndef TEST
    return (PAM_MAXTRIES);
+  #else
+    return 1;
+  #endif

 }
--- a/src/pam_panic/pam_panic_password.c
+++ b/src/pam_panic/pam_panic_password.c
@@ -18,17 +18,21 @@ LICENSE :      GNU-GPLv3
 #include "pam_panic_password.h"
 #include "pam_panic_reject.h"

+#define MSG_NOFILE "ALERT for password option: No password file detected."
+#define MSG_ERROPEN "ERROR: Couldn't open password file."
+#define MSG_CORRUPT "CRITICAL: Password file is corrupt!"
+

 int readPassword(pam_handle_t *pamh, char pw[2][99]){

  // Open file
  if(access(PPASSFILE, F_OK) == -1){
-    pam_syslog(pamh, LOG_ALERT, "ALERT for password option: No password file detected.");
+    pam_syslog(pamh, LOG_ALERT, MSG_NOFILE);
    return 2;
  }
  FILE *f = fopen(PPASSFILE, "r");
  if(f == NULL){
-    pam_syslog(pamh, LOG_ALERT, "ERROR: Couldn't open file.");
+    pam_syslog(pamh, LOG_ALERT, MSG_ERROPEN);
    return 1;
  }

@@ -40,7 +44,7 @@ int readPassword(pam_handle_t *pamh, char pw[2][99]){
  fclose(f);

  if(nread != 198){
-    pam_syslog(pamh, LOG_CRIT, "CRITICAL: Password file is corrupt!");
+    pam_syslog(pamh, LOG_CRIT, MSG_CORRUPT);
    return 3;
  }

@@ -103,5 +107,6 @@ int authPassword(pam_handle_t *pamh, char *serious_dev, int8_t bSerious, int8_t
  if(!strcmp(pwpanic, pw[1])){
    return reject(serious_dev, bSerious, bReboot, bPoweroff);
  } 
+
  return (PAM_AUTH_ERR);
 }
--- a/src/pam_panic/pam_panic_reject.c
+++ b/src/pam_panic/pam_panic_reject.c
@@ -8,13 +8,18 @@ LICENSE :      GNU-GPLv3

 #include <stdint.h>
 #include <unistd.h>
+#ifdef TEST
+  #include <stdio.h>
+#else
  #include <security/pam_ext.h>
+#endif
 #include <sys/wait.h>
 #include "config.h"
 #include "pam_panic_reject.h"

 int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){
  if(bSerious){
+    #ifndef TEST
      int ser_stat;
      int yes[2];
      pipe(yes);
@@ -23,6 +28,7 @@ int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff)
        dup2(yes[0], 0);

        execlp(CRYPTSETUP, CRYPTSETUP, "luksErase", serious_dev, NULL);
+        
      }else {
        close(yes[0]);
        write(yes[1], "YES\n", 4);
@@ -30,13 +36,28 @@ int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff)

       wait(&ser_stat);
      }
+    #else
+      return 0;
+    #endif
  }

  if(bReboot)
+    #ifndef TEST
      execlp(REBOOT, REBOOT, NULL);
+    #else
+      return 1;
+    #endif
  if(bPoweroff)
+    #ifndef TEST
      execlp(POWEROFF, POWEROFF, NULL);
+    #else
+      return 2;
+    #endif

+  #ifndef TEST
    return (PAM_MAXTRIES);
+  #else
+    return 3;
+  #endif
 }

--- a/test/Makefile.am
+++ b/test/Makefile.am
@@ -0,0 +1,8 @@
+bin_PROGRAMS = test
+test_SOURCES = test.h ../src/pam_panic/pam_panic_authdevice.c ../src/pam_panic/pam_panic_reject.c test.c
+test_LDFLAGS = -lpam -lcunit
+
+all:
+	@printf "Running test...\n"
+	./test
+	@printf "OK!\n"
--- a/test/test.c
+++ b/test/test.c
@@ -0,0 +1,117 @@
+#include <stdint.h>
+#include <unistd.h>
+#include <security/pam_modules.h>
+#include "../src/pam_panic/pam_panic_authdevice.h"
+#include "../src/pam_panic/pam_panic_reject.h"
+#include <CUnit/Basic.h>
+
+
+#define STATE_GOOD 0
+#define STATE_BAD 99
+#define STATE_NA 1
+
+#define STATE_REJ_SER 0
+#define STATE_REJ_REB 1
+#define STATE_REJ_POW 2
+#define STATE_REJ_NA 3
+
+#define GOODUUID "./good"
+#define BADUUID  "./bad"
+
+char* gU = GOODUUID;
+char* bU = BADUUID;
+
+int init_suite(void) {
+  return 0;
+}
+
+int clean_suite(void) {
+  return 0;
+}
+
+
+// pam_panic_authdevice tests
+void test_authDeviceGood(void) {
+  FILE *f = fopen(gU, "w");
+  fclose(f);
+
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_GOOD);
+  unlink(gU);
+}
+
+void test_authDeviceBad(void) {
+  FILE *f = fopen(bU, "w");
+  fclose(f);
+  
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_BAD);
+  unlink(bU);
+}
+
+void test_authDeviceNA(void) {
+  int ret = authDevice(NULL, gU, bU, NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_NA);
+}
+
+
+// pam_panic_reject tests
+void test_rejectSerious(void) {
+  int ret = reject(NULL, 1, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_SER); 
+}
+
+void test_rejectReboot(void) {
+  int ret = reject(NULL, 0, 1, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_REB);
+}
+
+void test_rejectPoweroff(void) {
+  int ret = reject(NULL, 0, 0, 1);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_POW);
+}
+
+void test_rejectNA(void) {
+  int ret = reject(NULL, 0, 0, 0);
+  CU_ASSERT_EQUAL(ret, STATE_REJ_NA);
+}
+
+
+
+int main(void) {
+
+  // no stdout buffering
+  setbuf(stdout, NULL);
+  
+  // init CUnit test registry
+  CU_pSuite pSuiteDevice = NULL;
+  CU_pSuite pSuiteReject = NULL;
+  if (CUE_SUCCESS != CU_initialize_registry())
+    return CU_get_error();
+
+  // Make suits
+  pSuiteDevice = CU_add_suite("Suite pam_panic_authdevice", init_suite, clean_suite);
+  pSuiteReject = CU_add_suite("Suite pam_panic_reject", init_suite, clean_suite);
+  if (pSuiteDevice == NULL
+    || pSuiteReject == NULL) { 
+    CU_cleanup_registry();
+    return CU_get_error();
+  }
+
+  // adding tests to all suits
+          // SuiteDevice
+  if (   (NULL == CU_add_test(pSuiteDevice, "Authenticate with good device?", test_authDeviceGood))
+      || (NULL == CU_add_test(pSuiteDevice, "Authenticate with bad device?", test_authDeviceBad))
+      || (NULL == CU_add_test(pSuiteDevice, "Authenticate with no device?", test_authDeviceNA))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Serious?", test_rejectSerious))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Reboot?", test_rejectReboot))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Poweroff?", test_rejectPoweroff))
+      || (NULL == CU_add_test(pSuiteReject, "Reject: Nothing?", test_rejectNA))
+     ) {
+    CU_cleanup_registry();
+    return CU_get_error();
+  }
+
+  return 0;
+}
+
--- a/test/test.h
+++ b/test/test.h
@@ -0,0 +1 @@
+#define TEST