/*
* Funkcja parsująca plik konfiguracyjny w pamieci (* buf) w celu rozdzielenia
* nazw parametrów ( key ) od wartości im przypisanych. Pary nazw parametrów i
* ich wartości są następnie przypisywane do listy parametrów 'keylist' i
* zwracane jako wynik działania. Wyłuskane nazwy parametrów jak i ich wartości
* są duplikowane, dzięki czemu bufor (* buf) można swobodnie kasować i zwolnić.
*/
keylist * parse_config_buf ( char * buf ){
char * a = buf;
char * line;
char * nl, * delim;
char * k, * v;
keylist * list = NULL;
int cstart = 0;
int cend = 0;
int len;
while ( *a ){
nl = strchr ( a, '\n' );
if ( ! nl )
break;
if ( nl - a ){
line = bstrndup ( a, nl - a );
delim = strchr ( line, '=' );
if ( delim ){
k = bstrndup ( line, delim - line );
delim++;
len = strlen ( delim );
if ( *delim == '"' )
cstart = 1;
if ( delim[len - 1] == '"' )
cend = 1;
v = bstrndup ( delim + cstart, len - cstart - cend);
list = add_keylist ( list, k, v );
cstart = cend = 0;
free ( k );
free ( v );
}
free ( line );
}
a = nl + 1;
}
return list;
}
int
main(void)
{
char *data, *copy;
const char string[] = "Test string";
copy = bstrndup(string, 100);
printf("%s\n", copy);
free(copy);
copy = bstrndup(string, strlen(string));
printf("%s\n", copy);
free(copy);
copy = bstrndup(string, 4);
printf("%s\n", copy);
free(copy);
data = bmalloc(5);
memset(data, 'a', 5);
copy = bstrndup(data, 5);
printf("%s\n", copy);
free(data);
free(copy);
return 0;
}
int
main(void)
{
struct script_config config;
struct kerberos_config *krbconf;
char *user;
/*
* Load the Kerberos principal and password from a file, but set the
* principal as extra[0] and use something else bogus as the user. We
* want to test that alt_auth_map works when there's no relationship
* between the mapped principal and the user.
*/
krbconf = kerberos_setup(TAP_KRB_NEEDS_PASSWORD);
memset(&config, 0, sizeof(config));
config.user = "******";
config.authtok = krbconf->password;
config.extra[0] = krbconf->username;
config.extra[1] = krbconf->userprinc;
/*
* Generate a testing krb5.conf file with a nonexistent default realm so
* that we can be sure that our principals will stay fully-qualified in
* the logs.
*/
kerberos_generate_conf("bogus.example.com");
config.extra[2] = "bogus.example.com";
/* Test without password prompting. */
plan_lazy();
run_script("data/scripts/alt-auth/basic", &config);
run_script("data/scripts/alt-auth/basic-debug", &config);
run_script("data/scripts/alt-auth/fail", &config);
run_script("data/scripts/alt-auth/fail-debug", &config);
run_script("data/scripts/alt-auth/force", &config);
run_script("data/scripts/alt-auth/only", &config);
/*
* If the alternate account exists but the password is incorrect, we
* should not fall back to the regular account. Test with debug so that
* we don't need two principals configured.
*/
config.authtok = "bogus incorrect password";
run_script("data/scripts/alt-auth/force-fail-debug", &config);
/*
* Switch to our correct user (but wrong realm) realm to test username
* mapping to a different realm.
*/
config.authtok = krbconf->password;
config.user = krbconf->username;
config.extra[2] = krbconf->realm;
run_script("data/scripts/alt-auth/username-map", &config);
/*
* Split the username into two parts, one in the PAM configuration and one
* in the real username, so that we can test interpolation of the username
* when %s isn't the first token.
*/
config.user = &krbconf->username[1];
user = bstrndup(krbconf->username, 1);
config.extra[3] = user;
run_script("data/scripts/alt-auth/username-map-prefix", &config);
free(user);
config.extra[3] = NULL;
/*
* Ensure that we don't add the realm of the authentication username when
* the alt_auth_map already includes a realm.
*/
basprintf(&user, "*****@*****.**", krbconf->username);
config.user = user;
diag("re-running username-map with fully-qualified PAM user");
run_script("data/scripts/alt-auth/username-map", &config);
free(user);
config.user = krbconf->username;
/*
* Add the password and make the user match our authentication principal,
* and then test fallback to normal authentication when alternative
* authentication fails.
*/
config.user = krbconf->userprinc;
config.password = krbconf->password;
config.extra[2] = krbconf->realm;
run_script("data/scripts/alt-auth/fallback", &config);
run_script("data/scripts/alt-auth/fallback-debug", &config);
run_script("data/scripts/alt-auth/fallback-realm", &config);
run_script("data/scripts/alt-auth/force-fallback", &config);
run_script("data/scripts/alt-auth/only-fail", &config);
return 0;
}
