lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-07-29 13:01:13 +03:00
Code Activity

feat: add gssapi server callbacks tests

Browse Source 
Signed-off-by: Gauravsingh Sisodia <xaerru@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Sahana Prasad <sahana@redhat.com>
This commit is contained in:
Gauravsingh Sisodia
2024-06-10 15:51:09 +00:00
committed by Sahana Prasad
parent 965a94b515
commit 3bfa6e8637
9 changed files with 1049 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

139
tests/server/torture_gssapi_server_auth.c
View File

@ -31,8 +31,8 @@ free_test_server_state(void **state)
SAFE_FREE(tss);
}
static int
setup_default_server(void **state)
static void
setup_config(void **state)
{
struct torture_state *s = NULL;
struct server_state_st *ss = NULL;
@ -48,10 +48,6 @@ setup_default_server(void **state)
char kdc_env[255] = {0};
int rc;
char pid_str[1024];
pid_t pid;
assert_non_null(state);
tss = (struct test_server_st *)calloc(1, sizeof(struct test_server_st));
@ -135,9 +131,6 @@ setup_default_server(void **state)
ss->max_tries = 3;
ss->error = 0;
tss->state = s;
tss->ss = ss;
/* Use the default session handling function */
ss->handle_session = default_handle_session_cb;
assert_non_null(ss->handle_session);
@ -145,6 +138,28 @@ setup_default_server(void **state)
/* Do not use global configuration */
ss->parse_global_config = false;
tss->state = s;
tss->ss = ss;
*state = tss;
}
static int
setup_default_server(void **state)
{
struct torture_state *s = NULL;
struct server_state_st *ss = NULL;
struct test_server_st *tss = NULL;
char pid_str[1024];
pid_t pid;
int rc;
setup_config(state);
tss = *state;
ss = tss->ss;
s = tss->state;
/* Start the server using the default values */
pid = fork_run_server(ss, free_test_server_state, &tss);
if (pid < 0) {
@ -257,9 +272,8 @@ session_teardown(void **state)
return 0;
}
static void
torture_gssapi_server_auth(void **state)
torture_gssapi_server_auth_no_client_cred(void **state)
{
struct test_server_st *tss = *state;
struct torture_state *s;
@ -290,6 +304,27 @@ torture_gssapi_server_auth(void **state)
rc = ssh_userauth_gssapi(session);
assert_int_equal(rc, SSH_AUTH_DENIED);
torture_teardown_kdc_server((void **)&s);
}
static void
torture_gssapi_server_auth_invalid_host(void **state)
{
struct test_server_st *tss = *state;
struct torture_state *s;
ssh_session session;
int rc;
assert_non_null(tss);
s = tss->state;
assert_non_null(s);
session = s->ssh.session;
assert_non_null(session);
rc = ssh_connect(session);
assert_int_equal(rc, SSH_OK);
/* Invalid host principal */
torture_setup_kdc_server(
(void **)&s,
@ -302,6 +337,27 @@ torture_gssapi_server_auth(void **state)
rc = ssh_userauth_gssapi(session);
assert_int_equal(rc, SSH_AUTH_ERROR);
torture_teardown_kdc_server((void **)&s);
}
static void
torture_gssapi_server_auth(void **state)
{
struct test_server_st *tss = *state;
struct torture_state *s;
ssh_session session;
int rc;
assert_non_null(tss);
s = tss->state;
assert_non_null(s);
session = s->ssh.session;
assert_non_null(session);
rc = ssh_connect(session);
assert_int_equal(rc, SSH_OK);
/* Valid */
torture_setup_kdc_server(
(void **)&s,
@ -317,11 +373,72 @@ torture_gssapi_server_auth(void **state)
torture_teardown_kdc_server((void **)&s);
}
static void
torture_gssapi_auth_server_identity(void **state)
{
struct test_server_st *tss = *state;
struct torture_state *s;
ssh_session session;
int rc;
assert_non_null(tss);
s = tss->state;
assert_non_null(s);
session = s->ssh.session;
assert_non_null(session);
rc = ssh_connect(session);
assert_ssh_return_code(session, rc);
/* Invalid server identity option */
torture_setup_kdc_server(
(void **)&s,
"kadmin.local addprinc -randkey host/server.libssh.site \n"
"kadmin.local ktadd -k $(dirname $0)/d/ssh.keytab host/server.libssh.site \n"
"kadmin.local addprinc -pw bar alice \n"
"kadmin.local list_principals",
"echo bar | kinit alice");
ssh_options_set(session,
SSH_OPTIONS_GSSAPI_SERVER_IDENTITY,
"invalid.libssh.site");
rc = ssh_userauth_gssapi(session);
assert_int_equal(rc, SSH_AUTH_ERROR);
torture_teardown_kdc_server((void **)&s);
/* Valid server identity option*/
torture_setup_kdc_server(
(void **)&s,
"kadmin.local addprinc -randkey host/server.libssh.site \n"
"kadmin.local ktadd -k $(dirname $0)/d/ssh.keytab host/server.libssh.site \n"
"kadmin.local addprinc -pw bar alice \n"
"kadmin.local list_principals",
"echo bar | kinit alice");
ssh_options_set(session,
SSH_OPTIONS_GSSAPI_SERVER_IDENTITY,
"server.libssh.site");
rc = ssh_userauth_gssapi(session);
assert_int_equal(rc, SSH_AUTH_SUCCESS);
torture_teardown_kdc_server((void **)&s);
}
int
torture_run_tests(void)
{
int rc;
struct CMUnitTest tests[] = {
cmocka_unit_test_setup_teardown(torture_gssapi_server_auth_no_client_cred,
session_setup,
session_teardown),
cmocka_unit_test_setup_teardown(torture_gssapi_server_auth_invalid_host,
session_setup,
session_teardown),
cmocka_unit_test_setup_teardown(torture_gssapi_auth_server_identity,
session_setup,
session_teardown),
cmocka_unit_test_setup_teardown(torture_gssapi_server_auth,
session_setup,
session_teardown),