source4/auth/tests/kerberos.c

   1 #include <time.h>
   2 #include <stdlib.h>
   3 #include <stdarg.h>
   4 #include <stddef.h>
   5 #include <setjmp.h>
   6 #include <stdint.h>
   7 #include <cmocka.h>
   8
   9 #include "includes.h"
  10 #include "system/kerberos.h"
  11 #include "auth/kerberos/kerberos.h"
  12 #include "auth/credentials/credentials.h"
  13 #include "auth/credentials/credentials_proto.h"
  14 #include "auth/credentials/credentials_krb5.h"
  15 #include "auth/kerberos/kerberos_credentials.h"
  16 #include "auth/kerberos/kerberos_util.h"
  17
  18 static void internal_obsolete_keytab_test(int num_principals, int num_kvnos,
  19                                           krb5_kvno kvno, const char *kt_name)
  20 {
  21         krb5_context krb5_ctx;
  22         krb5_keytab keytab;
  23         krb5_keytab_entry kt_entry;
  24         krb5_kt_cursor cursor;
  25         krb5_error_code code;
  26
  27         int i,j;
  28         char princ_name[6] = "user0";
  29         char expect_princ_name[23] = "user0@samba.example.com";
  30         bool found_previous;
  31         const char *error_str;
  32
  33         TALLOC_CTX *tmp_ctx = talloc_new(NULL);
  34         krb5_principal *principals = talloc_zero_array(tmp_ctx,
  35                                                        krb5_principal,
  36                                                        num_principals);
  37         krb5_init_context(&krb5_ctx);
  38         krb5_kt_resolve(krb5_ctx, kt_name, &keytab);
  39         ZERO_STRUCT(kt_entry);
  40
  41         for(i=0; i<num_principals; i++) {
  42                 princ_name[4] = (char)i+48;
  43                 smb_krb5_make_principal(krb5_ctx, &(principals[i]),
  44                                     "samba.example.com", princ_name, NULL);
  45                 kt_entry.principal = principals[i];
  46                 for (j=0; j<num_kvnos; j++) {
  47                         kt_entry.vno = j+1;
  48                         krb5_kt_add_entry(krb5_ctx, keytab, &kt_entry);
  49                 }
  50         }
  51
  52         code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
  53         assert_int_equal(code, 0);
  54         for (i=0; i<num_principals; i++) {
  55                 expect_princ_name[4] = (char)i+48;
  56                 for (j=0; j<num_kvnos; j++) {
  57                         char *unparsed_name;
  58                         code = krb5_kt_next_entry(krb5_ctx, keytab,
  59                                                   &kt_entry, &cursor);
  60                         assert_int_equal(code, 0);
  61                         assert_int_equal(kt_entry.vno, j+1);
  62                         krb5_unparse_name(krb5_ctx, kt_entry.principal,
  63                                           &unparsed_name);
  64                         assert_string_equal(expect_princ_name, unparsed_name);
  65                 }
  66         }
  67
  68         smb_krb5_remove_obsolete_keytab_entries(tmp_ctx, krb5_ctx, keytab,
  69                                                 num_principals, principals,
  70                                                 kvno, &found_previous,
  71                                                 &error_str);
  72
  73         code = krb5_kt_start_seq_get(krb5_ctx, keytab, &cursor);
  74         assert_int_equal(code, 0);
  75         for (i=0; i<num_principals; i++) {
  76                 char *unparsed_name;
  77                 expect_princ_name[4] = (char)i+48;
  78                 code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
  79                 assert_int_equal(code, 0);
  80                 assert_int_equal(kt_entry.vno, kvno-1);
  81                 krb5_unparse_name(krb5_ctx, kt_entry.principal, &unparsed_name);
  82                 assert_string_equal(expect_princ_name, unparsed_name);
  83         }
  84         code = krb5_kt_next_entry(krb5_ctx, keytab, &kt_entry, &cursor);
  85         assert_int_not_equal(code, 0);
  86 }
  87
  88 static void test_krb5_remove_obsolete_keytab_entries_many(void **state)
  89 {
  90         internal_obsolete_keytab_test(5, 4, (krb5_kvno)5, "MEMORY:LOL2");
  91 }
  92
  93 static void test_krb5_remove_obsolete_keytab_entries_one(void **state)
  94 {
  95         internal_obsolete_keytab_test(1, 2, (krb5_kvno)3, "MEMORY:LOL");
  96 }
  97
  98 int main(int argc, const char **argv)
  99 {
 100         const struct CMUnitTest tests[] = {
 101                 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_one),
 102                 cmocka_unit_test(test_krb5_remove_obsolete_keytab_entries_many),
 103         };
 104
 105         cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
 106         return cmocka_run_group_tests(tests, NULL, NULL);
 107 }