void
test_update_config_files(void)
{
int code;
struct afsconf_dir *dir;
char *dirname;
afs_int32 local = -1;
dirname = afstest_BuildTestConfig();
write_krb_conf(dirname, "SOME.REALM.ORG");
dir = afsconf_Open(dirname);
if (dir == NULL) {
fprintf(stderr, "Unable to configure directory.\n");
exit(1);
}
code = afsconf_IsLocalRealmMatch(dir, &local, "jdoe", NULL, "SOME.REALM.ORG");
ok(code == 0 && local == 1, "before update: [email protected]");
code = afsconf_IsLocalRealmMatch(dir, &local, "jdoe", NULL, "MY.REALM.ORG");
ok(code == 0 && local == 0, "before update: [email protected]");
write_krb_conf(dirname, "MY.REALM.ORG MY.OTHER.REALM.ORG");
write_krb_excl(dirname);
update_csdb(dirname);
_afsconf_Touch(dir); /* forces reopen */
code = afsconf_IsLocalRealmMatch(dir, &local, "jdoe", NULL, "MY.REALM.ORG");
ok(code == 0 && local == 1, "after update: [email protected]");
code = afsconf_IsLocalRealmMatch(dir, &local, "admin", NULL, "MY.REALM.ORG");
ok(code == 0 && local == 0, "after update: [email protected]");
afstest_UnlinkTestConfig(dirname);
}
static int
kerberosSuperUser(struct afsconf_dir *adir, char *tname, char *tinst,
char *tcell, struct rx_identity **identity)
{
char tcell_l[MAXKTCREALMLEN] = "";
char *tmp;
int code;
afs_int32 islocal;
int flag;
/* generate lowercased version of cell name */
if (tcell) {
strcpy(tcell_l, tcell);
tmp = tcell_l;
while (*tmp) {
*tmp = tolower(*tmp);
tmp++;
}
}
code = afsconf_IsLocalRealmMatch(adir, &islocal, tname, tinst, tcell);
if (code) {
return 0;
}
/* start with no authorization */
flag = 0;
/* localauth special case */
if ((tinst == NULL || strlen(tinst) == 0) &&
(tcell == NULL || strlen(tcell) == 0)
&& !strcmp(tname, AUTH_SUPERUSER)) {
if (identity)
*identity = rx_identity_new(RX_ID_KRB4, AFS_LOCALAUTH_NAME,
AFS_LOCALAUTH_NAME, AFS_LOCALAUTH_LEN);
flag = 1;
/* cell of connection matches local cell or one of the realms */
} else if (islocal) {
if (CompFindUser(adir, tname, ".", tinst, NULL, identity)) {
flag = 1;
}
/* cell of conn doesn't match local cell or realm */
} else {
if (CompFindUser(adir, tname, ".", tinst, tcell, identity)) {
flag = 1;
} else if (CompFindUser(adir, tname, ".", tinst, tcell_l, identity)) {
flag = 1;
}
}
return flag;
}
/**
* Return true if this name is a member of the local realm.
*/
int
BU_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
{
struct afsconf_dir *dir = (struct afsconf_dir *)rock;
afs_int32 islocal = 0; /* default to no */
int code;
code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
if (code) {
LogError(code, "Failed local realm check; name=%s, inst=%s, cell=%s\n",
name, inst, cell);
}
return islocal;
}
/**
* Return true if this name is a member of the local realm.
*/
static int
KA_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
{
struct afsconf_dir *dir = (struct afsconf_dir *)rock;
afs_int32 islocal = 0; /* default to no */
int code;
code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
if (code) {
ViceLog(0,
("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
code, name, inst, cell));
}
return islocal;
}
void
run_edge_tests(struct afsconf_dir *dir)
{
afs_int32 local = -1;
int code = 0;
char *name = "jdoe";
char *inst = "";
char *cell = "";
/* null argument checks */
code = afsconf_IsLocalRealmMatch(dir, &local, NULL, inst, cell);
ok(code == EINVAL, "null name: code=%d", code);
code = afsconf_IsLocalRealmMatch(dir, &local, name, NULL, cell);
ok(code == 0, "null inst: code=%d", code);
code = afsconf_IsLocalRealmMatch(dir, &local, name, inst, NULL);
ok(code == 0, "null cell: code=%d", code);
/* large ticket test */
name = make_string(64);
inst = make_string(64);
cell = make_string(64);
code = afsconf_IsLocalRealmMatch(dir, &local, name, inst, cell);
ok(code == 0, "name size 64: code=%d", code);
free(name);
free(inst);
free(cell);
name = make_string(255);
inst = NULL;
cell = "my.realm.org";
code = afsconf_IsLocalRealmMatch(dir, &local, name, inst, cell);
ok(code == 0, "name size 255: code=%d", code);
free(name);
}
void
run_tests(struct afsconf_dir *dir, int setnum, char *setname)
{
struct testcase *t;
int code;
for (t = testset[setnum]; t->name; t++) {
afs_int32 local = -1;
code = afsconf_IsLocalRealmMatch(dir, &local, t->name, t->inst, t->cell);
ok(code == 0, "%s: test case %s/%s/%s",
setname,
t->name ? t->name : "(null)",
t->inst ? t->inst : "(null)",
t->cell ? t->cell : "(null)");
if (code==0) {
ok(local == t->expectedLocal, "... expected %d, got %d", t->expectedLocal, local);
}
}
}