From 6a03f6cefec7cefc5151a165e7824d712a0f5e14 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 7 Mar 2024 13:51:27 +0100
Subject: [PATCH] tests: Introduce chown wrapper to avoid OpenSSH touching PTY
 ownership

The OpenSSH as part of the new test torture_request_pty_modes attempts to chown
the pty to the faked user, which is obviously not permitted when the test does
not run as a root. But since all the permissions for SSH are faked, just
ignoring these requests should be safe enough giving expected results.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 tests/CMakeLists.txt  | 13 ++++++++++++-
 tests/chown_wrapper.c | 21 +++++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 tests/chown_wrapper.c

diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt
index c4f97fc6..e8c77883 100644
--- a/tests/CMakeLists.txt
+++ b/tests/CMakeLists.txt
@@ -234,6 +234,16 @@ if (CLIENT_TESTING OR SERVER_TESTING)
         set(CHROOT_WRAPPER "${CHROOT_WRAPPER_LIBRARY}")
     endif()
 
+    # chown wrapper
+    add_library(chown_wrapper SHARED chown_wrapper.c)
+    set(CHOWN_WRAPPER_LIBRARY
+        ${libssh_BINARY_DIR}/lib/${CMAKE_SHARED_LIBRARY_PREFIX}chown_wrapper${CMAKE_SHARED_LIBRARY_SUFFIX})
+    set(TEST_TARGET_LIBRARIES
+        ${TEST_TARGET_LIBRARIES}
+        chown_wrapper
+    )
+    set(CHOWN_WRAPPER "${CHOWN_WRAPPER_LIBRARY}")
+
     # ssh_ping
     add_executable(ssh_ping ssh_ping.c)
     target_compile_options(ssh_ping PRIVATE ${DEFAULT_C_COMPILE_FLAGS})
@@ -253,7 +263,8 @@ if (CLIENT_TESTING OR SERVER_TESTING)
     configure_file(etc/pam.d/sshd.in ${CMAKE_CURRENT_BINARY_DIR}/etc/pam.d/sshd @ONLY)
 
 
-    set(TORTURE_ENVIRONMENT "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}:${CHROOT_WRAPPER}")
+    set(TORTURE_ENVIRONMENT
+        "LD_PRELOAD=${SOCKET_WRAPPER_LIBRARY}:${NSS_WRAPPER_LIBRARY}:${UID_WRAPPER_LIBRARY}:${PAM_WRAPPER_LIBRARY}:${CHROOT_WRAPPER}:${CHOWN_WRAPPER}")
     if (priv_wrapper_FOUND)
         list(APPEND TORTURE_ENVIRONMENT PRIV_WRAPPER=1 PRIV_WRAPPER_CHROOT_DISABLE=1)
         list(APPEND TORTURE_ENVIRONMENT PRIV_WRAPPER_PRCTL_DISABLE="ALL" PRIV_WRAPPER_SETRLIMIT_DISABLE="ALL")
diff --git a/tests/chown_wrapper.c b/tests/chown_wrapper.c
new file mode 100644
index 00000000..ee6910ed
--- /dev/null
+++ b/tests/chown_wrapper.c
@@ -0,0 +1,21 @@
+#define _GNU_SOURCE
+#include <unistd.h>
+#include <string.h>
+#include <dlfcn.h>
+
+typedef int (*__libc_chown)(const char *pathname, uid_t owner, gid_t group);
+
+/* silent gcc */
+int chown(const char *pathname, uid_t owner, gid_t group);
+
+int chown(const char *pathname, uid_t owner, gid_t group)
+{
+    __libc_chown original_chown;
+    if (strlen(pathname) > 7 && strncmp(pathname, "/dev/pt", 7) == 0) {
+        /* fake it! */
+        return 0;
+    }
+
+    original_chown = (__libc_chown)dlsym(RTLD_NEXT, "chown");
+    return (*original_chown)(pathname, owner, group);
+}