1 /*
2 * Redistribution and use in source and binary forms, with or without
3 * modification, are permitted provided that the following conditions
4 * are met:
5 * 1. Redistributions of source code must retain the above copyright
6 * notice, and the entire permission notice in its entirety,
7 * including the disclaimer of warranties.
8 * 2. Redistributions in binary form must reproduce the above copyright
9 * notice, this list of conditions and the following disclaimer in the
10 * documentation and/or other materials provided with the distribution.
11 * 3. The name of the author may not be used to endorse or promote
12 * products derived from this software without specific prior
13 * written permission.
14 *
15 * ALTERNATIVELY, this product may be distributed under the terms of
16 * the GNU Public License, in which case the provisions of the GPL are
17 * required INSTEAD OF the above restrictions. (This clause is
18 * necessary due to a potential bad interaction between the GPL and
19 * the restrictions contained in a BSD-style copyright.)
20 *
21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34 /*
35 * Check bigcrypt handling
36 * First use exact password, 9 characters (24 characters crypt)
37 * Second use shorter password, 8 characters
38 * Third use wrong password, 9 characters
39 */
40
41 #ifdef HAVE_CONFIG_H
42 #include <config.h>
43 #endif
44
45 #include <stdio.h>
46 #include <stdlib.h>
47 #include <string.h>
48 #include <security/pam_appl.h>
49
50 static int in_test;
51
52 /* A conversation function which uses an internally-stored value for
53 the responses. */
54 static int
55 fake_conv (int num_msg, const struct pam_message **msgm UNUSED,
56 struct pam_response **response, void *appdata_ptr UNUSED)
57 {
58 struct pam_response *reply;
59 int count;
60
61 /* Sanity test. */
62 if (num_msg <= 0)
63 return PAM_CONV_ERR;
64
65 /* Allocate memory for the responses. */
66 reply = calloc (num_msg, sizeof (struct pam_response));
67 if (reply == NULL)
68 return PAM_CONV_ERR;
69
70 /* Each prompt elicits the same response. */
71 for (count = 0; count < num_msg; ++count)
72 {
73 reply[count].resp_retcode = 0;
74 /* first call get a password, second one a too short one */
75 if (in_test == 1)
76 reply[count].resp = strdup ("pamunix01");
77 else if (in_test == 2)
78 reply[count].resp = strdup ("pamunix0");
79 else
80 reply[count].resp = strdup ("pamunix11");
81 }
82
83 /* Set the pointers in the response structure and return. */
84 *response = reply;
85 return PAM_SUCCESS;
86 }
87
88 static struct pam_conv conv = {
89 fake_conv,
90 NULL
91 };
92
93
94 /* Check that errors of optional modules are ignored and that
95 required modules after a sufficient one are not executed. */
96
97 int
98 main(int argc, char *argv[])
99 {
100 pam_handle_t *pamh=NULL;
101 const char *user="tstpamunix";
102 int retval;
103 int debug = 0;
104
105 if (argc > 1 && strcmp (argv[1], "-d") == 0)
106 debug = 1;
107
108 retval = pam_start("tst-pam_unix3", user, &conv, &pamh);
109 if (retval != PAM_SUCCESS)
110 {
111 if (debug)
112 fprintf (stderr, "unix3: pam_start returned %d\n", retval);
113 return 1;
114 }
115
116 /* Try one, first input is correct, second is NULL */
117 in_test = 1;
118 retval = pam_authenticate (pamh, 0);
119 if (retval != PAM_SUCCESS)
120 {
121 if (debug)
122 fprintf (stderr, "unix3-1: pam_authenticate returned %d\n", retval);
123 return 1;
124 }
125
126 /* Try two, second input is too short */
127 in_test = 2;
128 retval = pam_authenticate (pamh, 0);
129 if (retval != PAM_AUTH_ERR)
130 {
131 if (debug)
132 fprintf (stderr, "unix3-2: pam_authenticate returned %d\n", retval);
133 return 1;
134 }
135
136 /* Third try, third input is wrong */
137 in_test = 3;
138 retval = pam_authenticate (pamh, 0);
139 if (retval != PAM_AUTH_ERR)
140 {
141 if (debug)
142 fprintf (stderr, "unix3-3: pam_authenticate returned %d\n", retval);
143 return 1;
144 }
145
146
147 retval = pam_end (pamh,retval);
148 if (retval != PAM_SUCCESS)
149 {
150 if (debug)
151 fprintf (stderr, "unix3: pam_end returned %d\n", retval);
152 return 1;
153 }
154 return 0;
155 }