1 /*
2 * Check pam_debug return values.
3 *
4 * Copyright (c) 2020 Dmitry V. Levin <ldv@altlinux.org>
5 */
6
7 #include "test_assert.h"
8
9 #include <limits.h>
10 #include <stdio.h>
11 #include <string.h>
12 #include <unistd.h>
13 #include <security/pam_appl.h>
14
15 #define MODULE_NAME "pam_debug"
16 #define TEST_NAME "tst-" MODULE_NAME "-retval"
17
18 static const char service_file[] = TEST_NAME ".service";
19 static const char user_name[] = "";
20 static const char args[] = " auth=perm_denied"
21 " cred=cred_unavail"
22 " acct=acct_expired"
23 " prechauthtok=success"
24 " chauthtok=service_err"
25 " open_session=buf_err"
26 " close_session=system_err";
27 static struct pam_conv conv;
28
29 int
30 main(void)
31 {
32 pam_handle_t *pamh = NULL;
33 FILE *fp;
34 char cwd[PATH_MAX];
35
36 ASSERT_NE(NULL, getcwd(cwd, sizeof(cwd)));
37
38 ASSERT_NE(NULL, fp = fopen(service_file, "w"));
39 ASSERT_LT(0, fprintf(fp, "#%%PAM-1.0\n"
40 "auth required %s/.libs/%s.so %s\n"
41 "account required %s/.libs/%s.so %s\n"
42 "password required %s/.libs/%s.so %s\n"
43 "session required %s/.libs/%s.so %s\n",
44 cwd, MODULE_NAME, args,
45 cwd, MODULE_NAME, args,
46 cwd, MODULE_NAME, args,
47 cwd, MODULE_NAME, args));
48 ASSERT_EQ(0, fclose(fp));
49
50 ASSERT_EQ(PAM_SUCCESS,
51 pam_start_confdir(service_file, user_name, &conv, ".", &pamh));
52 ASSERT_NE(NULL, pamh);
53 ASSERT_EQ(PAM_PERM_DENIED, pam_authenticate(pamh, 0));
54 ASSERT_EQ(PAM_CRED_UNAVAIL, pam_setcred(pamh, 0));
55 ASSERT_EQ(PAM_ACCT_EXPIRED, pam_acct_mgmt(pamh, 0));
56 ASSERT_EQ(PAM_SERVICE_ERR, pam_chauthtok(pamh, 0));
57 ASSERT_EQ(PAM_BUF_ERR, pam_open_session(pamh, 0));
58 ASSERT_EQ(PAM_SYSTEM_ERR, pam_close_session(pamh, 0));
59 ASSERT_EQ(PAM_SUCCESS, pam_end(pamh, 0));
60 pamh = NULL;
61
62 ASSERT_EQ(0, unlink(service_file));
63
64 return 0;
65 }