END_TEST
START_TEST(cacheremove_when_filled)
{
initdb();
ck_assert_int_eq(cachecount(), 0);
ck_assert_int_eq(cacheadd("name4", 0), 1);
ck_assert_int_eq(cacheadd("name3", 0), 1);
ck_assert_int_eq(cacheadd("name2", 0), 1);
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cachecount(), 4);
ck_assert(cacheremove("does_not_exist")==NULL);
ck_assert_int_eq(cachecount(), 4);
ck_assert(cacheremove("name1")!=NULL);
ck_assert_int_eq(cachecount(), 3);
ck_assert(cacheremove("name1")==NULL);
ck_assert_int_eq(cachecount(), 3);
ck_assert(cacheremove("name3")!=NULL);
ck_assert_int_eq(cachecount(), 2);
ck_assert(cacheremove("name4")==NULL);
ck_assert_int_eq(cachecount(), 1);
ck_assert(cacheremove("name2")==NULL);
ck_assert_int_eq(cachecount(), 0);
}
END_TEST
START_TEST(cacheadd_success)
{
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cacheadd("name1", 1), 1);
ck_assert_int_eq(cacheadd("name2", 1), 1);
ck_assert_int_eq(cacheadd("name2", 1), 1);
}
END_TEST
START_TEST(cachestatus_filled)
{
initdb();
disable_logprints();
ck_assert_int_eq(cachecount(), 0);
ck_assert_int_eq(cacheadd("name4", 0), 1);
ck_assert_int_eq(cacheadd("name3", 0), 1);
ck_assert_int_eq(cacheadd("name2", 0), 1);
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cachecount(), 4);
cachestatus();
}
END_TEST
START_TEST(cacheshow_filled)
{
initdb();
ck_assert_int_eq(cachecount(), 0);
ck_assert_int_eq(cacheadd("name4", 0), 1);
ck_assert_int_eq(cacheadd("name3", 0), 1);
ck_assert_int_eq(cacheadd("name2", 0), 1);
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cachecount(), 4);
suppress_output();
cacheshow();
}
END_TEST
START_TEST(cacheflush_flushes_cache)
{
initdb();
disable_logprints();
ck_assert_int_eq(clean_testdbdir(), 1);
ck_assert_int_eq(create_zerosize_dbfile("name1"), 1);
ck_assert_int_eq(create_zerosize_dbfile("name2"), 1);
ck_assert_int_eq(check_dbfile_exists("name1", 0), 1);
ck_assert_int_eq(check_dbfile_exists(".name1", 0), 0);
ck_assert_int_eq(check_dbfile_exists("name2", 0), 1);
ck_assert_int_eq(check_dbfile_exists(".name2", 0), 0);
ck_assert_int_eq(cachecount(), 0);
strcpy(data.interface, "name1");
ck_assert_int_eq(cacheupdate(), 1);
strcpy(data.interface, "name2");
ck_assert_int_eq(cacheupdate(), 1);
ck_assert_int_eq(cacheadd("notfilled", 0), 1);
ck_assert_int_eq(cachecount(), 3);
ck_assert_int_eq(cacheactivecount(), 3);
cacheflush(TESTDBDIR);
ck_assert_int_eq(cachecount(), 0);
ck_assert_int_eq(cacheactivecount(), 0);
ck_assert_int_eq(check_dbfile_exists("name1", sizeof(DATA)), 1);
ck_assert_int_eq(check_dbfile_exists(".name1", 0), 1);
ck_assert_int_eq(check_dbfile_exists("name2", sizeof(DATA)), 1);
ck_assert_int_eq(check_dbfile_exists(".name2", 0), 1);
ck_assert_int_eq(check_dbfile_exists("notfilled", 0), 0);
ck_assert_int_eq(check_dbfile_exists(".notfilled", 0), 0);
}
void filldatabaselist(DSTATE *s)
{
DIR *dir;
struct dirent *di;
if ((dir=opendir(s->dirname))==NULL) {
snprintf(errorstring, 512, "Unable to access database directory \"%s\" (%s), exiting.", s->dirname, strerror(errno));
printe(PT_Error);
/* clean daemon stuff before exit */
if (s->rundaemon && !debug) {
close(pidfile);
unlink(cfg.pidfile);
}
ibwflush();
exit(EXIT_FAILURE);
}
while ((di=readdir(dir))) {
if ((di->d_name[0]=='.') || (strcmp(di->d_name, DATABASEFILE)==0)) {
continue;
}
if (debug) {
printf("\nProcessing file \"%s/%s\"...\n", s->dirname, di->d_name);
}
if (!cacheadd(di->d_name, s->sync)) {
snprintf(errorstring, 512, "Cache memory allocation failed, exiting.");
printe(PT_Error);
/* clean daemon stuff before exit */
if (s->rundaemon && !debug) {
close(pidfile);
unlink(cfg.pidfile);
}
ibwflush();
exit(EXIT_FAILURE);
}
s->dbcount++;
}
closedir(dir);
s->sync = 0;
/* disable update interval check for one loop if database list was refreshed */
/* otherwise increase default update interval since there's nothing else to do */
if (s->dbcount) {
s->updateinterval = 0;
intsignal = 42;
s->prevdbsave = s->current;
/* list monitored interfaces to log */
cachestatus();
} else {
s->updateinterval = 120;
}
}
END_TEST
START_TEST(cachecount_when_filled)
{
ck_assert_int_eq(cachecount(), 0);
ck_assert_int_eq(cacheactivecount(), 0);
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cachecount(), 1);
ck_assert_int_eq(cacheactivecount(), 1);
ck_assert_int_eq(cacheadd("name2", 0), 1);
ck_assert_int_eq(cachecount(), 2);
ck_assert_int_eq(cacheactivecount(), 2);
ck_assert_int_eq(cacheadd("name1", 0), 1);
ck_assert_int_eq(cachecount(), 2);
ck_assert_int_eq(cacheactivecount(), 2);
}
END_TEST
START_TEST(cachestatus_full)
{
int i;
char buffer[8];
initdb();
defaultcfg();
disable_logprints();
ck_assert_int_eq(cachecount(), 0);
for (i=1; i<=50; i++) {
snprintf(buffer, 8, "name%d", i);
ck_assert_int_eq(cacheadd(buffer, 0), 1);
ck_assert_int_eq(ibwadd(buffer, 50-i), 1);
}
ck_assert_int_eq(cachecount(), 50);
cachestatus();
}
PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,
const char **argv)
{
int i;
int r;
int try_first_pass=0;
int use_first_pass=0;
int alwaysok=0;
int mode=0;
int digits=6;
int window=0;
int valid=1800;
time_t t;
const char *user=NULL;
const char *pass=NULL;
const char *config=config_default;
const char *device=NULL;
const char *lock=NULL;
const char *replaydb=NULL;
const char *cachedb=NULL;
const char *cmp=NULL;
const char *rcmp=NULL;
char name[256];
for(i=0;i<argc;i++)if(!strcmp(argv[i],"try_first_pass"))
try_first_pass=1;
else if(!strcmp(argv[i],"use_first_pass"))use_first_pass=1;
else if(!strcmp(argv[i],"alwaysok"))alwaysok=1;
else if(!strcmp(argv[i],"retrigger"))mode=1;
else if(!strncmp(argv[i],"digits=",7))digits=atoi(&argv[i][7]);
else if(!strncmp(argv[i],"window=",7))window=atoi(&argv[i][7]);
else if(!strncmp(argv[i],"valid=",6))valid=atoi(&argv[i][6]);
else if(!strncmp(argv[i],"config=",7))config=&argv[i][7];
else if(!strncmp(argv[i],"device=",7))device=&argv[i][7];
else if(!strncmp(argv[i],"lock=",5))lock=&argv[i][5];
else if(!strncmp(argv[i],"replaydb=",9))replaydb=&argv[i][9];
else if(!strncmp(argv[i],"cachedb=",8))cachedb=&argv[i][8];
else if(!strncmp(argv[i],"cachehosts=",11))cmp=&argv[i][11];
else if(!strncmp(argv[i],"replayok=",9))rcmp=&argv[i][9];
if(config_parse((char *)config,0)||!device||!lock||
digits<6||digits>8||window<0||window>5)
{
r=PAM_SERVICE_ERR;
goto out;
}
if(cachedb&&(r=cachecheck(pamh,cachedb,cmp,valid,mode))==PAM_SUCCESS)
goto out;
if((r=preprocess(pamh,&user,&pass,name,sizeof(name),try_first_pass,
use_first_pass,digits))!=PAM_SUCCESS)goto out;
t=time(NULL);
if(rmtclient(device,lock,t,name,atoi(pass),digits,window,&r,netkey))
{
r=PAM_AUTHINFO_UNAVAIL;
goto out;
}
else if(r==PAM_SUCCESS&&replaydb)
r=replaycheck(pamh,replaydb,rcmp,name,atoi(pass),t);
if(r==PAM_SUCCESS&&cachedb)cacheadd(pamh,cachedb,cmp);
out: config_clean();
if(alwaysok)return PAM_SUCCESS;
return r;
}
