LCOV - code coverage report
Current view: top level - source4/auth/tests - kerberos.c (source / functions) Hit Total Coverage
Test: coverage report for support-claim-type-attributes 6b5c566e Lines: 58 58 100.0 %
Date: 2023-11-21 12:31:41 Functions: 4 4 100.0 %

          Line data    Source code
       1             : #include <time.h>
       2             : #include <stdlib.h>
       3             : #include <stdarg.h>
       4             : #include <stddef.h>
       5             : #include <setjmp.h>
       6             : #include <stdint.h>
       7             : #include <cmocka.h>
       8             : 
       9             : #include "includes.h"
      10             : #include "system/kerberos.h"
      11             : #include "auth/kerberos/kerberos.h"
      12             : #include "auth/credentials/credentials.h"
      13             : #include "auth/credentials/credentials_krb5.h"
      14             : #include "auth/kerberos/kerberos_credentials.h"
      15             : #include "auth/kerberos/kerberos_util.h"
      16             : 
      17           2 : static void internal_obsolete_keytab_test(int num_principals, int num_kvnos,
      18             :                                           krb5_kvno kvno, const char *kt_name)
      19             : {
      20           2 :         krb5_context krb5_ctx;
      21           2 :         krb5_keytab keytab;
      22           2 :         krb5_keytab_entry kt_entry;
      23           2 :         krb5_kt_cursor cursor;
      24           2 :         krb5_error_code code;
      25             : 
      26           2 :         int i,j;
      27           2 :         char princ_name[] = "user0";
      28           2 :         char expect_princ_name[] = "user0@samba.example.com";
      29           2 :         bool found_previous;
      30           2 :         const char *error_str;
      31             : 
      32           2 :         TALLOC_CTX *tmp_ctx = talloc_new(NULL);
      33           2 :         krb5_principal *principals = talloc_zero_array(tmp_ctx,
      34             :                                                        krb5_principal,
      35             :                                                        num_principals);
      36           2 :         krb5_init_context(&krb5_ctx);
      37           2 :         krb5_kt_resolve(krb5_ctx, kt_name, &keytab);
      38           2 :         ZERO_STRUCT(kt_entry);
      39             : 
      40          10 :         for(i=0; i<num_principals; i++) {
      41           6 :                 princ_name[4] = (char)i+48;
      42           6 :                 smb_krb5_make_principal(krb5_ctx, &(principals[i]),
      43             :                                     "samba.example.com", princ_name, NULL);
      44           6 :                 kt_entry.principal = principals[i];
      45          28 :                 for (j=0; j<num_kvnos; j++) {
      46          22 :                         kt_entry.vno = j+1;
      47          22 :                         krb5_kt_add_entry(krb5_ctx, keytab, &kt_entry);
      48             :                 }
      49             :         }
      50             : 
      51           2 :         code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
      52           2 :         assert_int_equal(code, 0);
      53             : #ifdef SAMBA4_USES_HEIMDAL
      54          10 :         for (i=0; i<num_principals; i++) {
      55           6 :                 expect_princ_name[4] = (char)i+48;
      56          28 :                 for (j=0; j<num_kvnos; j++) {
      57          22 :                         char *unparsed_name;
      58          22 :                         code = krb5_kt_next_entry(krb5_ctx, keytab,
      59             :                                                   &kt_entry, &cursor);
      60          22 :                         assert_int_equal(code, 0);
      61          22 :                         assert_int_equal(kt_entry.vno, j+1);
      62             : #else
      63             :         /* MIT - For MEMORY type keytabs, krb5_kt_add_entry() adds an
      64             :          * entry to the beginning of the keytab table, not the end */
      65             :         for (i=num_principals-1; i>=0; i--) {
      66             :                 expect_princ_name[4] = (char)i+48;
      67             :                 for (j=num_kvnos; j>0; j--) {
      68             :                         char *unparsed_name;
      69             :                         code = krb5_kt_next_entry(krb5_ctx, keytab,
      70             :                                                   &kt_entry, &cursor);
      71             :                         assert_int_equal(code, 0);
      72             :                         assert_int_equal(kt_entry.vno, j);
      73             : #endif
      74          22 :                         krb5_unparse_name(krb5_ctx, kt_entry.principal,
      75             :                                           &unparsed_name);
      76          22 :                         assert_string_equal(expect_princ_name, unparsed_name);
      77             :                 }
      78             :         }
      79             : 
      80           2 :         smb_krb5_remove_obsolete_keytab_entries(tmp_ctx, krb5_ctx, keytab,
      81             :                                                 num_principals, principals,
      82             :                                                 kvno, &found_previous,
      83             :                                                 &error_str);
      84             : 
      85           2 :         code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
      86           2 :         assert_int_equal(code, 0);
      87             : #ifdef SAMBA4_USES_HEIMDAL
      88          10 :         for (i=0; i<num_principals; i++) {
      89             : #else /* MIT - reverse iterate through entries */
      90             :         for (i=num_principals-1; i>=0; i--) {
      91             : #endif
      92           6 :                 char *unparsed_name;
      93           6 :                 expect_princ_name[4] = (char)i+48;
      94           6 :                 code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
      95           6 :                 assert_int_equal(code, 0);
      96           6 :                 assert_int_equal(kt_entry.vno, kvno-1);
      97           6 :                 krb5_unparse_name(krb5_ctx, kt_entry.principal, &unparsed_name);
      98           6 :                 assert_string_equal(expect_princ_name, unparsed_name);
      99             :         }
     100           2 :         code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
     101           2 :         assert_int_not_equal(code, 0);
     102           2 : }
     103             : 
     104           1 : static void test_krb5_remove_obsolete_keytab_entries_many(void **state)
     105             : {
     106           1 :         internal_obsolete_keytab_test(5, 4, (krb5_kvno)5, "MEMORY:LOL2");
     107           1 : }
     108             : 
     109           1 : static void test_krb5_remove_obsolete_keytab_entries_one(void **state)
     110             : {
     111           1 :         internal_obsolete_keytab_test(1, 2, (krb5_kvno)3, "MEMORY:LOL");
     112           1 : }
     113             : 
     114           1 : int main(int argc, const char **argv)
     115             : {
     116           1 :         const struct CMUnitTest tests[] = {
     117             :                 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_one),
     118             :                 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_many),
     119             :         };
     120             : 
     121           1 :         cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
     122           1 :         return cmocka_run_group_tests(tests, NULL, NULL);
     123             : }

Generated by: LCOV version 1.14