/*
* Free all the memory associated with our Kerberos setup, but don't remove
* the ticket cache. This is used when cleaning up on exit from a non-primary
* process so that test programs that fork don't remove the ticket cache still
* used by the main program.
*/
static void
kerberos_free(void)
{
test_tmpdir_free(tmpdir_ticket);
tmpdir_ticket = NULL;
if (config != NULL) {
test_file_path_free(config->keytab);
free(config->principal);
free(config->cache);
free(config->userprinc);
free(config->username);
free(config->password);
free(config->pkinit_principal);
free(config->pkinit_cert);
free(config);
config = NULL;
}
if (krb5ccname != NULL) {
putenv((char *) "KRB5CCNAME=");
free(krb5ccname);
krb5ccname = NULL;
}
if (krb5_ktname != NULL) {
putenv((char *) "KRB5_KTNAME=");
free(krb5_ktname);
krb5_ktname = NULL;
}
}
/*
* Internal helper function for remctld_start and remctld_start_fakeroot.
*
* Takes the Kerberos test configuration (the keytab principal is used as the
* server principal), the configuration file to use (found via
* test_file_path), and then any additional arguments to pass to remctld,
* ending with a NULL. Returns the PID of the running remctld process. If
* anything fails, calls bail.
*
* The path to remctld is obtained from the PATH_REMCTLD #define. If this is
* not set, remctld_start_internal calls skip_all.
*/
static struct process *
remctld_start_internal(struct kerberos_config *krbconf, const char *config,
va_list args, bool fakeroot)
{
va_list args_copy;
char *tmpdir, *pidfile, *confpath;
size_t i, length;
const char *arg, **argv;
struct process *process;
const char *path_remctld = PATH_REMCTLD;
/* Check prerequisites. */
if (path_remctld[0] == '\0')
skip_all("remctld not found");
/* Determine the location of the PID file and remove any old ones. */
tmpdir = test_tmpdir();
basprintf(&pidfile, "%s/remctld.pid", tmpdir);
if (access(pidfile, F_OK) == 0)
bail("remctld may already be running: %s exists", pidfile);
/* Build the argv used to run remctld. */
confpath = test_file_path(config);
if (confpath == NULL)
bail("cannot find remctld config %s", config);
length = 11;
va_copy(args_copy, args);
while ((arg = va_arg(args_copy, const char *)) != NULL)
length++;
va_end(args_copy);
argv = bmalloc(length * sizeof(const char *));
i = 0;
argv[i++] = path_remctld;
argv[i++] = "-mdSF";
argv[i++] = "-p";
argv[i++] = "14373";
argv[i++] = "-s";
argv[i++] = krbconf->principal;
argv[i++] = "-P";
argv[i++] = pidfile;
argv[i++] = "-f";
argv[i++] = confpath;
while ((arg = va_arg(args, const char *)) != NULL)
argv[i++] = arg;
argv[i] = NULL;
/* Start remctld using process_start or process_start_fakeroot. */
if (fakeroot)
process = process_start_fakeroot(argv, pidfile);
else
process = process_start(argv, pidfile);
/* Clean up and return. */
test_file_path_free(confpath);
free(pidfile);
test_tmpdir_free(tmpdir);
free(argv);
return process;
}
int
main(void)
{
struct kerberos_config *config;
struct remctl *r;
struct remctl_output *output;
char *tmpdir, *confpath;
FILE *conf;
const char *test[] = { "test", "test", NULL };
/* Unless we have Kerberos available, we can't really do anything. */
config = kerberos_setup(TAP_KRB_NEEDS_KEYTAB);
/* Write out our empty configuration file. */
tmpdir = test_tmpdir();
basprintf(&confpath, "%s/conf-empty", tmpdir);
conf = fopen(confpath, "w");
if (conf == NULL)
sysbail("cannot create %s", confpath);
fclose(conf);
/* Now we can start remctl with our temporary configuration file. */
remctld_start(config, "tmp/conf-empty", NULL);
plan(7);
/* Test that we get a valid UNKNOWN_COMMAND error. */
r = remctl_new();
ok(remctl_open(r, "localhost", 14373, config->principal), "remctl_open");
ok(remctl_command(r, test), "remctl_command");
output = remctl_output(r);
ok(output != NULL, "first output token is not null");
if (output == NULL)
ok_block(4, 0, "...and has correct content");
else {
is_int(REMCTL_OUT_ERROR, output->type, "...and is an error");
is_int(15, output->length, "...and is right length");
if (output->data == NULL)
ok(0, "...and has the right error message");
else
ok(memcmp("Unknown command", output->data, 15) == 0,
"...and has the right error message");
is_int(ERROR_UNKNOWN_COMMAND, output->error, "...and error number");
}
remctl_close(r);
unlink(confpath);
free(confpath);
test_tmpdir_free(tmpdir);
return 0;
}
/*
* Clean up the krb5.conf file generated by kerberos_generate_conf and free
* the memory used to set the environment variable. This doesn't fail if the
* file and variable are already gone, allowing it to be harmlessly run
* multiple times.
*
* Normally called via an atexit handler.
*/
void
kerberos_cleanup_conf(void)
{
char *path;
if (tmpdir_conf != NULL) {
basprintf(&path, "%s/krb5.conf", tmpdir_conf);
unlink(path);
free(path);
test_tmpdir_free(tmpdir_conf);
tmpdir_conf = NULL;
}
putenv((char *) "KRB5_CONFIG=");
free(krb5_config);
krb5_config = NULL;
}
/*
* Free the resources associated with tracking a process, without doing
* anything to the process. This is kept separate so that we can free
* resources during shutdown in a non-primary process.
*/
static void
process_free(struct process *process)
{
struct process **prev;
/* Do nothing if called with a NULL argument. */
if (process == NULL)
return;
/* Remove the process from the global list. */
prev = &processes;
while (*prev != NULL && *prev != process)
prev = &(*prev)->next;
if (*prev == process)
*prev = process->next;
/* Free resources. */
free(process->pidfile);
free(process->logfile);
test_tmpdir_free(process->tmpdir);
free(process);
}
int
main(void)
{
char *path, *tmp;
FILE *output;
const char *build;
struct stat st;
size_t length;
output = fopen("c-tmpdir.output", "w");
if (output == NULL)
sysbail("cannot create c-tmpdir.output");
fprintf(output, "Path to temporary directory: %s/tmp\n",
getenv("C_TAP_BUILD"));
fclose(output);
build = getenv("C_TAP_BUILD");
length = strlen(build) + strlen("/tmp") + 1;
path = bcalloc_type(length, char);
sprintf(path, "%s/tmp", build);
if (access(path, F_OK) == 0)
bail("%s already exists", path);
free(path);
path = test_tmpdir();
printf("Path to temporary directory: %s\n", path);
if (stat(path, &st) < 0)
sysbail("cannot stat %s", path);
if (!S_ISDIR(st.st_mode))
sysbail("%s is not a directory", path);
tmp = bstrdup(path);
test_tmpdir_free(path);
if (stat(tmp, &st) == 0)
bail("temporary directory not removed");
free(tmp);
return 0;
}
int
main(void)
{
struct script_config config;
struct kerberos_password *password;
DIR *tmpdir;
struct dirent *file;
char *tmppath, *path;
/* Load the Kerberos principal and password from a file. */
password = kerberos_config_password();
if (password == NULL)
skip_all("Kerberos tests not configured");
memset(&config, 0, sizeof(config));
config.user = password->username;
config.password = password->password;
config.extra[0] = password->principal;
/* Generate a testing krb5.conf file. */
kerberos_generate_conf(password->realm);
/* Get the temporary directory and store that as the %1 substitution. */
tmppath = test_tmpdir();
config.extra[1] = tmppath;
plan_lazy();
/*
* We need to ensure that the only thing in the test temporary directory
* is the krb5.conf file that we generated, since we're going to check for
* cleanup by looking for any out-of-place files.
*/
tmpdir = opendir(tmppath);
if (tmpdir == NULL)
sysbail("cannot open directory %s", tmppath);
while ((file = readdir(tmpdir)) != NULL) {
if (strcmp(file->d_name, ".") == 0 || strcmp(file->d_name, "..") == 0)
continue;
if (strcmp(file->d_name, "krb5.conf") == 0)
continue;
basprintf(&path, "%s/%s", tmppath, file->d_name);
if (unlink(path) < 0)
sysbail("cannot delete temporary file %s", path);
free(path);
}
closedir(tmpdir);
/*
* Authenticate only, call pam_end, and be sure the ticket cache is
* gone. The auth-only script sets ccache_dir to the temporary directory,
* so the module will create a temporary ticket cache there and then
* should clean it up.
*/
run_script("data/scripts/cache-cleanup/auth-only", &config);
path = NULL;
tmpdir = opendir(tmppath);
if (tmpdir == NULL)
sysbail("cannot open directory %s", tmppath);
while ((file = readdir(tmpdir)) != NULL) {
if (strcmp(file->d_name, ".") == 0 || strcmp(file->d_name, "..") == 0)
continue;
if (strcmp(file->d_name, "krb5.conf") == 0)
continue;
if (path == NULL)
basprintf(&path, "%s/%s", tmppath, file->d_name);
}
closedir(tmpdir);
if (path != NULL)
diag("found stray temporary file %s", path);
ok(path == NULL, "ticket cache cleaned up");
if (path != NULL)
free(path);
test_tmpdir_free(tmppath);
kerberos_config_password_free(password);
return 0;
}
