Mercurial > crates > nonstick
annotate testharness/src/lib.rs @ 171:e27c5c667a5a
Create full new types for return code and flags, separate end to end.
This plumbs the ReturnCode and RawFlags types through the places where
we call into or are called from PAM.
Also adds Sun documentation to the project.
| author | Paul Fisher <paul@pfish.zone> |
|---|---|
| date | Fri, 25 Jul 2025 20:52:14 -0400 |
| parents | 77470e45e397 |
| children | 6727cbe56f4a |
| rev | line source |
|---|---|
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
1 //! The nonstick library |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
2 |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
3 use crate::nonstick::items::ItemsMut; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
4 use std::cell::Cell; |
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
5 extern crate nonstick; |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
6 |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
7 use nonstick::conv::{ErrorMsg, InfoMsg, MaskedQAndA, QAndA}; |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
8 use nonstick::{ |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
9 error, info, pam_hooks, AuthnFlags, AuthtokAction, AuthtokFlags, ErrorCode, ModuleClient, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
10 PamModule, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
11 }; |
|
169
77470e45e397
Set up stuff to work the way Sun expects it to.
Paul Fisher <paul@pfish.zone>
parents:
168
diff
changeset
|
12 use std::ffi::CStr; |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
13 use std::os::unix::ffi::OsStrExt; |
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
14 |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
15 struct TestHarness; |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
16 |
|
146
1bc52025156b
Split PAM items into their own separate struct.
Paul Fisher <paul@pfish.zone>
parents:
127
diff
changeset
|
17 impl<M: ModuleClient> PamModule<M> for TestHarness { |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
18 fn authenticate(handle: &mut M, args: Vec<&CStr>, _: AuthnFlags) -> nonstick::Result<()> { |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
19 let strings: Vec<_> = args.iter().map(|&a| Vec::from(a.to_bytes())).collect(); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
20 if strings != vec![Vec::from(b"param"), Vec::from(b"param2")] { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
21 return Err(ErrorCode::SystemError); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
22 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
23 let username = handle.username(None)?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
24 if username != "initial" { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
25 return Err(ErrorCode::UserUnknown); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
26 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
27 handle |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
28 .items_mut() |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
29 .set_user(Some("updated-in-process".as_ref()))?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
30 handle.set_module_data("florgus", Cell::new(99))?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
31 let authtok = handle.authtok(Some("custom".as_ref()))?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
32 if authtok.as_bytes() != b"valid" { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
33 return Err(ErrorCode::AuthenticationError); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
34 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
35 let info = InfoMsg::new("Watch out!".as_ref()); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
36 let err = ErrorMsg::new("It's broken!".as_ref()); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
37 let public = QAndA::new("How many?".as_ref()); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
38 let private = MaskedQAndA::new("Where?".as_ref()); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
39 let msgs = &[ |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
40 info.exchange(), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
41 err.exchange(), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
42 public.exchange(), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
43 private.exchange(), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
44 ]; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
45 handle.communicate(msgs); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
46 let public = public.answer()?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
47 info!(handle, "public question: {:?}", public); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
48 let private = private.answer()?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
49 info!(handle, "private question: {:?}", private); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
50 if public.as_bytes() == b"123" && private.as_bytes() == b"abc" { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
51 Ok(()) |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
52 } else { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
53 Err(ErrorCode::Abort) |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
54 } |
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
55 } |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
56 |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
57 fn account_management(handle: &mut M, _: Vec<&CStr>, _: AuthnFlags) -> nonstick::Result<()> { |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
58 let value: &Cell<i32> = match handle.username(None)?.as_bytes() { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
59 b"initial" => return Err(ErrorCode::AccountExpired), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
60 b"updated-in-process" => handle.get_module_data("florgus"), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
61 _ => return Err(ErrorCode::UserUnknown), |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
62 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
63 .ok_or(ErrorCode::SessionError)?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
64 let florgus_str: Option<&i32> = handle.get_module_data("florgus"); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
65 if let Some(s) = florgus_str { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
66 error!( |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
67 handle, |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
68 "module_data type mismatch: florgus = <{s}> but should not be set" |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
69 ) |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
70 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
71 if value.get() != 99 { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
72 error!(handle, "wrong value! {}", value.get()); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
73 return Err(ErrorCode::AuthTokError); |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
74 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
75 let password = handle.authtok(None)?; |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
76 if password.as_bytes() == b"valid" { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
77 Err(ErrorCode::NewAuthTokRequired) |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
78 } else { |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
79 Ok(()) |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
80 } |
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
81 } |
|
159
634cd5f2ac8b
Separate logging into its own trait apart from the rest of PAM.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
82 |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
83 fn change_authtok( |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
84 handle: &mut M, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
85 _: Vec<&CStr>, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
86 action: AuthtokAction, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
87 _flags: AuthtokFlags, |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
88 ) -> nonstick::Result<()> { |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
89 match action { |
|
171
e27c5c667a5a
Create full new types for return code and flags, separate end to end.
Paul Fisher <paul@pfish.zone>
parents:
169
diff
changeset
|
90 AuthtokAction::Validate => { |
|
167
0cabe7b94a4f
Check for old_authtok in change_authtok to emulate real behavior.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
91 if handle.old_authtok(None)?.as_bytes() != b"old token!" { |
|
0cabe7b94a4f
Check for old_authtok in change_authtok to emulate real behavior.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
92 return Err(ErrorCode::AuthenticationError); |
|
0cabe7b94a4f
Check for old_authtok in change_authtok to emulate real behavior.
Paul Fisher <paul@pfish.zone>
parents:
166
diff
changeset
|
93 } |
|
168
6642e89d29a2
more closely follow real password change flow
Paul Fisher <paul@pfish.zone>
parents:
167
diff
changeset
|
94 Ok(()) |
|
6642e89d29a2
more closely follow real password change flow
Paul Fisher <paul@pfish.zone>
parents:
167
diff
changeset
|
95 } |
|
6642e89d29a2
more closely follow real password change flow
Paul Fisher <paul@pfish.zone>
parents:
167
diff
changeset
|
96 AuthtokAction::Update => { |
|
166
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
97 let password = handle.authtok(None)?; |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
98 if password.as_bytes() != b"acceptable" { |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
99 return Err(ErrorCode::PermissionDenied); |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
100 } |
|
2f5913131295
Separate flag/action flags into flags and action.
Paul Fisher <paul@pfish.zone>
parents:
163
diff
changeset
|
101 Ok(()) |
|
163
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
102 } |
|
a75a66cb4181
Add end-to-end tests; fix issues found by tests.
Paul Fisher <paul@pfish.zone>
parents:
159
diff
changeset
|
103 } |
|
159
634cd5f2ac8b
Separate logging into its own trait apart from the rest of PAM.
Paul Fisher <paul@pfish.zone>
parents:
146
diff
changeset
|
104 } |
|
104
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
105 } |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
106 |
|
a2676475e86b
Create the very start of a test suite.
Paul Fisher <paul@pfish.zone>
parents:
diff
changeset
|
107 pam_hooks!(TestHarness); |