pam_test

package
v0.4.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 30, 2025 License: GPL-3.0 Imports: 25 Imported by: 0

Documentation

Overview

Package pam_test includes test tools for the PAM module

Package pam_test includes test tools for the PAM module

Index

Constants

View Source 
const (
	// ErrIgnore is returned when we've an incomplete error.
	// Since libpam won't ever return [pam.ErrIgnore] when used directly, we use
	// [pam.ErrIncomplete] as synonymous of it.
	ErrIgnore = pam.ErrIncomplete

	// ErrInvalid is an invalid error value.
	ErrInvalid = pam.ErrAbort

	// ErrInvalidMethod is used on invalid method calls.
	ErrInvalidMethod = pam.ErrCredInsufficient

	// ErrReturnMismatch is used on unexpected return values.
	ErrReturnMismatch = pam.ErrCred

	// ErrInvalidArguments is used on invalid arguments.
	ErrInvalidArguments = pam.ErrAuthtokDisableAging

	// ErrArgumentTypeMismatch is used on invalid arguments types.
	ErrArgumentTypeMismatch = pam.ErrAuthtokLockBusy
)
View Source 
const (
	// RunnerEnvLogFile is the environment variable used by the test client to set the log file.
	RunnerEnvLogFile = "AUTHD_PAM_RUNNER_LOG_FILE"
	// RunnerEnvSupportsConversation is the environment variable used by the test client to set whether it supports PAM conversations.
	RunnerEnvSupportsConversation = "AUTHD_PAM_RUNNER_SUPPORTS_CONVERSATION"
	// RunnerEnvExecModule is the environment variable used by the test client to set the exec module library path.
	RunnerEnvExecModule = "AUTHD_PAM_RUNNER_EXEC_MODULE"
	// RunnerEnvExecChildPath is the environment variable used by the test client to get the PAM exec child client application.
	RunnerEnvExecChildPath = "AUTHD_PAM_RUNNER_EXEC_CHILD_PATH"
	// RunnerEnvTestName is the environment variable used by the test client to set the test name.
	RunnerEnvTestName = "AUTHD_PAM_RUNNER_TEST_NAME"
	// RunnerEnvUser is the environment variable used by the test client to set the PAM user to use.
	RunnerEnvUser = "AUTHD_PAM_RUNNER_USER"
	// RunnerEnvConnectionTimeout is the environment variable used by the test client to set the PAM connection timeout.
	RunnerEnvConnectionTimeout = "AUTHD_PAM_CONNECTION_TIMEOUT"
	// RunnerEnvEnvs is the environment variable used by the test client to set the PAM child environment variables.
	RunnerEnvEnvs = "AUTHD_PAM_RUNNER_ENVS"
	// RunnerEnvService is the environment variable used by the test client to set the PAM service name.
	RunnerEnvService = "AUTHD_PAM_RUNNER_SERVICE"
)
View Source 
const (
	// RunnerActionLogin is the runner action for login operation.
	RunnerActionLogin = RunnerAction(authd.SessionMode_AUTH)
	// RunnerActionPasswd is the runner action for passwd operation.
	RunnerActionPasswd = RunnerAction(authd.SessionMode_PASSWD)
)

Variables

View Source 
var Actions = map[string]Action{
	Account.String():  Account,
	Auth.String():     Auth,
	Password.String(): Password,
	Session.String():  Session,
	Include.String():  Include,
}

Actions is a map with all the available Actions by their name.

Functions

func CreateService 

func CreateService(path string, serviceName string, services []ServiceLine) (string, error)

CreateService creates a service file and returns its path.

func FormUILayout 

func FormUILayout() *authd.UILayout

FormUILayout returns an authd.UILayout for forms.

func IsAddressSanitizerActive 

func IsAddressSanitizerActive() bool

IsAddressSanitizerActive can be used to detect if address sanitizer is active.

func MaybeDoLeakCheck 

func MaybeDoLeakCheck()

MaybeDoLeakCheck triggers the garbage collector and if the go program is compiled with -asan flag, do a memory leak check. This is meant to be used as a test Cleanup function, to force Go detecting if allocated resources have been released, e.g. using t.Cleanup(pam_test.MaybeDoLeakCheck).

func NewModuleTransactionDummy 

func NewModuleTransactionDummy(convHandler pam.ConversationHandler) pam.ModuleTransaction

NewModuleTransactionDummy returns a new PamModuleTransactionDummy.

func NewPasswordUILayout 

func NewPasswordUILayout() *authd.UILayout

NewPasswordUILayout returns an authd.UILayout for new password forms.

func QrCodeUILayout 

func QrCodeUILayout(opts ...QrCodeOptions) *authd.UILayout

QrCodeUILayout returns an authd.UILayout for qr code.

func WithAvailableBrokers 

func WithAvailableBrokers(ret []*authd.ABResponse_BrokerInfo, err error) func(o *options)

WithAvailableBrokers is the option to define the AvailableBrokers return values.

func WithEndSessionReturn 

func WithEndSessionReturn(err error) func(o *options)

WithEndSessionReturn is the option to define the EndSession return values.

func WithGetAuthenticationModesReturn 

func WithGetAuthenticationModesReturn(ret []*authd.GAMResponse_AuthenticationMode, err error) func(o *options)

WithGetAuthenticationModesReturn is the option to define the GetAuthenticationModes return values.

func WithGetPreviousBrokerReturn 

func WithGetPreviousBrokerReturn(ret string, err error) func(o *options)

WithGetPreviousBrokerReturn is the option to define the GetPreviousBroker return values.

func WithIgnoreSessionIDChecks 

func WithIgnoreSessionIDChecks() func(o *options)

WithIgnoreSessionIDChecks is the option to ignore session ID checks.

func WithIgnoreSessionIDGeneration 

func WithIgnoreSessionIDGeneration() func(o *options)

WithIgnoreSessionIDGeneration is the option to ignore session ID checks.

func WithIsAuthenticatedMaxRetries 

func WithIsAuthenticatedMaxRetries(maxRetries int) func(o *options)

WithIsAuthenticatedMaxRetries is the option to define the IsAuthenticated max retries return values.

func WithIsAuthenticatedMessage 

func WithIsAuthenticatedMessage(message string) func(o *options)

WithIsAuthenticatedMessage is the option to define the IsAuthenticated message return values.

func WithIsAuthenticatedReturn 

func WithIsAuthenticatedReturn(ret *authd.IAResponse, err error) func(o *options)

WithIsAuthenticatedReturn is the option to define the IsAuthenticated return values.

func WithIsAuthenticatedWantSecret added in v0.4.1 

func WithIsAuthenticatedWantSecret(secret string) func(o *options)

WithIsAuthenticatedWantSecret is the option to define the IsAuthenticated wanted secret.

func WithIsAuthenticatedWantSkip 

func WithIsAuthenticatedWantSkip() func(o *options)

WithIsAuthenticatedWantSkip is the option to define the IsAuthenticated skip.

func WithIsAuthenticatedWantWait 

func WithIsAuthenticatedWantWait(wait time.Duration) func(o *options)

WithIsAuthenticatedWantWait is the option to define the IsAuthenticated wait duration.

func WithPreviousBrokerForUser 

func WithPreviousBrokerForUser(user string, brokerID string) func(o *options)

WithPreviousBrokerForUser is the option to define the default broker ID for users.

func WithQrCodeCode 

func WithQrCodeCode(code string) func(l *authd.UILayout)

WithQrCodeCode is an option for QrCodeUILayout to set the code parameter in QrCode UI.

func WithQrCodeRenders 

func WithQrCodeRenders(renders *bool) func(l *authd.UILayout)

WithQrCodeRenders is an option for QrCodeUILayout to set the rendering parameter in QrCode UI.

func WithSelectAuthenticationModeReturn 

func WithSelectAuthenticationModeReturn(ret *authd.UILayout, err error) func(o *options)

WithSelectAuthenticationModeReturn is the option to define the SelectAuthenticationMode return values.

func WithSelectBrokerReturn 

func WithSelectBrokerReturn(ret *authd.SBResponse, err error) func(o *options)

WithSelectBrokerReturn is the option to define the SelectBroker return values.

func WithSetDefaultBrokerReturn 

func WithSetDefaultBrokerReturn(err error) func(o *options)

WithSetDefaultBrokerReturn is the option to define the SetDefaultBroker return values.

func WithUILayout 

func WithUILayout(authModeID string, label string, uiLayout *authd.UILayout) func(o *options)

WithUILayout is the option to define the UI layouts supported return values.

Types

type Action 

type Action int

Action represents a PAM action to perform. 

const (
	// Account is the account.
	Account Action = iota + 1
	// Auth is the auth.
	Auth
	// Password is the password.
	Password
	// Session is the session.
	Session
	// Include allows to include system services.
	Include
)

func (Action) String 

func (a Action) String() string

String is the method to stringify an to their PAM config file representation.

type BinaryRequestDummy 

type BinaryRequestDummy struct {
	// contains filtered or unexported fields
}

BinaryRequestDummy is a dummy pam.BinaryConvRequester implementation.

func NewBinaryRequestDummy 

func NewBinaryRequestDummy(ptr pam.BinaryPointer) *BinaryRequestDummy

NewBinaryRequestDummy creates a new BinaryConvRequest with finalizer for response BinaryResponse.

func NewBinaryRequestDummyFromBytes 

func NewBinaryRequestDummyFromBytes(bytes []byte) *BinaryRequestDummy

NewBinaryRequestDummyFromBytes creates a new BinaryConvRequestDummy from an array of bytes.

func (BinaryRequestDummy) CreateResponse 

func (b BinaryRequestDummy) CreateResponse(ptr pam.BinaryPointer) pam.BinaryConvResponse

CreateResponse creates a new BinaryConvResponse from the request.

func (BinaryRequestDummy) Pointer 

func (b BinaryRequestDummy) Pointer() pam.BinaryPointer

Pointer returns the conversation style of the StringConvRequest.

func (*BinaryRequestDummy) Release 

func (b *BinaryRequestDummy) Release()

Release releases the resources allocated by the request.

func (BinaryRequestDummy) Style 

func (b BinaryRequestDummy) Style() pam.Style

Style returns the response style for the request, so always BinaryPrompt.

type BinaryResponseDummy 

type BinaryResponseDummy struct {
	// contains filtered or unexported fields
}

BinaryResponseDummy is an implementation of pam.BinaryConvResponse.

func (BinaryResponseDummy) Data 

func (b BinaryResponseDummy) Data() pam.BinaryPointer

Data returns the response native pointer, it's up to the protocol to parse it accordingly.

func (BinaryResponseDummy) Decode 

func (b BinaryResponseDummy) Decode(decoder pam.BinaryDecoder) (
	[]byte, error)

Decode decodes the binary data using the provided decoder function.

func (*BinaryResponseDummy) Release 

func (b *BinaryResponseDummy) Release()

Release releases the memory associated with the pointer.

func (BinaryResponseDummy) Style 

func (b BinaryResponseDummy) Style() pam.Style

Style returns the response style for the response, so always BinaryPrompt.

type Control 

type Control int

Control represents how a PAM module should controlled in PAM service file. 

const (
	// Required implies that the module is required.
	Required Control = iota + 1
	// Requisite implies that the module is requisite.
	Requisite
	// Sufficient implies that the module is sufficient.
	Sufficient
	// SufficientRequisite implies that the module is sufficient but we'll die on any error.
	SufficientRequisite
	// Optional implies that the module is optional.
	Optional
)

func NewControl added in v0.4.1 

func NewControl(controlValue string) Control

NewControl allows to create a new custom control for the given string.

func (Control) String 

func (c Control) String() string

String is the method to stringify a control to their PAM config file representation.

type DummyClient 

type DummyClient struct {
	// contains filtered or unexported fields
}

DummyClient is a dummy implementation of authd.PAMClient.

func NewDummyClient 

func NewDummyClient(privateKey *rsa.PrivateKey, args ...DummyClientOptions) *DummyClient

NewDummyClient returns a Dummy client with the given options.

func (*DummyClient) AvailableBrokers 

func (dc *DummyClient) AvailableBrokers(ctx context.Context, in *authd.Empty, opts ...grpc.CallOption) (*authd.ABResponse, error)

AvailableBrokers simulates AvailableBrokers using the provided parameters.

func (*DummyClient) CurrentSessionID 

func (dc *DummyClient) CurrentSessionID() string

CurrentSessionID returns the selected BrokerID on the client.

func (*DummyClient) EndSession 

func (dc *DummyClient) EndSession(ctx context.Context, in *authd.ESRequest, opts ...grpc.CallOption) (*authd.Empty, error)

EndSession simulates EndSession using the provided parameters.

func (*DummyClient) GetAuthenticationModes 

func (dc *DummyClient) GetAuthenticationModes(ctx context.Context, in *authd.GAMRequest, opts ...grpc.CallOption) (*authd.GAMResponse, error)

GetAuthenticationModes simulates GetAuthenticationModes using the provided parameters.

func (*DummyClient) GetPreviousBroker 

func (dc *DummyClient) GetPreviousBroker(ctx context.Context, in *authd.GPBRequest, opts ...grpc.CallOption) (*authd.GPBResponse, error)

GetPreviousBroker simulates GetPreviousBroker using the provided parameters.

func (*DummyClient) IsAuthenticated 

func (dc *DummyClient) IsAuthenticated(ctx context.Context, in *authd.IARequest, opts ...grpc.CallOption) (*authd.IAResponse, error)

IsAuthenticated simulates IsAuthenticated using the provided parameters.

func (*DummyClient) SelectAuthenticationMode 

func (dc *DummyClient) SelectAuthenticationMode(ctx context.Context, in *authd.SAMRequest, opts ...grpc.CallOption) (*authd.SAMResponse, error)

SelectAuthenticationMode simulates SelectAuthenticationMode using the provided parameters.

func (*DummyClient) SelectBroker 

func (dc *DummyClient) SelectBroker(ctx context.Context, in *authd.SBRequest, opts ...grpc.CallOption) (*authd.SBResponse, error)

SelectBroker simulates SelectBroker using the provided parameters.

func (*DummyClient) SelectedBrokerID 

func (dc *DummyClient) SelectedBrokerID() string

SelectedBrokerID returns the selected BrokerID on the client.

func (*DummyClient) SelectedLang 

func (dc *DummyClient) SelectedLang() string

SelectedLang returns the selected Lang on the client.

func (*DummyClient) SelectedUsername 

func (dc *DummyClient) SelectedUsername() string

SelectedUsername returns the selected Username on the client.

func (*DummyClient) SetDefaultBrokerForUser 

func (dc *DummyClient) SetDefaultBrokerForUser(ctx context.Context, in *authd.SDBFURequest, opts ...grpc.CallOption) (*authd.Empty, error)

SetDefaultBrokerForUser simulates SetDefaultBrokerForUser using the provided parameters.

type DummyClientOptions 

type DummyClientOptions func(*options)

DummyClientOptions is the function signature used to tweak the daemon creation.

type ErrorTest 

type ErrorTest pam.Error

ErrorTest is like pam.Error but we redefine some hopefully unused errors to values for testing purposes.

func (ErrorTest) ToPamError 

func (et ErrorTest) ToPamError() pam.Error

ToPamError returns the actual error for a test error.

type FallBackModule 

type FallBackModule int

FallBackModule is a type to represent the module that should be used as fallback. 

const (
	// NoFallback add no fallback module.
	NoFallback FallBackModule = iota + 1
	// Permit uses a module that always permits.
	Permit
	// Deny uses a module that always denys.
	Deny
	// Ignore uses a module that we use as ignore return value.
	Ignore
)

func (FallBackModule) String 

func (a FallBackModule) String() string

type ModuleTransactionDummy 

type ModuleTransactionDummy struct {
	Items map[pam.Item]string
	Env   map[string]string
	Data  map[string]any
	// contains filtered or unexported fields
}

ModuleTransactionDummy is an implementation of pam.ModuleTransaction for testing purposes.

func (*ModuleTransactionDummy) GetData 

func (m *ModuleTransactionDummy) GetData(key string) (any, error)

GetData allows to get any value from the module data saved using SetData that is preserved across the whole time the module is loaded.

func (*ModuleTransactionDummy) GetEnv 

func (m *ModuleTransactionDummy) GetEnv(name string) string

GetEnv is used to retrieve a PAM environment variable.

func (*ModuleTransactionDummy) GetEnvList 

func (m *ModuleTransactionDummy) GetEnvList() (map[string]string, error)

GetEnvList returns a copy of the PAM environment as a map.

func (*ModuleTransactionDummy) GetItem 

func (m *ModuleTransactionDummy) GetItem(item pam.Item) (string, error)

GetItem retrieves a PAM information item.

func (*ModuleTransactionDummy) GetUser 

func (m *ModuleTransactionDummy) GetUser(prompt string) (string, error)

GetUser is similar to GetItem(User), but it would start a conversation if no user is currently set in PAM.

func (*ModuleTransactionDummy) InvokeHandler 

func (m *ModuleTransactionDummy) InvokeHandler(handler pam.ModuleHandlerFunc,
	flags pam.Flags, args []string) error

InvokeHandler is called by the C code to invoke the proper handler.

func (*ModuleTransactionDummy) PutEnv 

func (m *ModuleTransactionDummy) PutEnv(nameVal string) error

PutEnv adds or changes the value of PAM environment variables.

NAME=value will set a variable to a value. NAME= will set a variable to an empty value. NAME (without an "=") will delete a variable.

func (*ModuleTransactionDummy) SetData 

func (m *ModuleTransactionDummy) SetData(key string, data any) error

SetData allows to save any value in the module data that is preserved during the whole time the module is loaded.

func (*ModuleTransactionDummy) SetItem 

func (m *ModuleTransactionDummy) SetItem(item pam.Item, value string) error

SetItem sets a PAM information item.

func (*ModuleTransactionDummy) StartBinaryConv 

func (m *ModuleTransactionDummy) StartBinaryConv(bytes []byte) (
	pam.BinaryConvResponse, error)

StartBinaryConv starts a binary conversation using the provided bytes.

func (*ModuleTransactionDummy) StartConv 

func (m *ModuleTransactionDummy) StartConv(req pam.ConvRequest) (
	pam.ConvResponse, error)

StartConv initiates a PAM conversation using the provided ConvRequest.

func (*ModuleTransactionDummy) StartConvMulti 

func (m *ModuleTransactionDummy) StartConvMulti(requests []pam.ConvRequest) (
	responses []pam.ConvResponse, err error)

StartConvMulti initiates a PAM conversation with multiple ConvRequest's.

func (*ModuleTransactionDummy) StartStringConv 

func (m *ModuleTransactionDummy) StartStringConv(style pam.Style, prompt string) (
	pam.StringConvResponse, error)

StartStringConv starts a text-based conversation using the provided style and prompt.

func (*ModuleTransactionDummy) StartStringConvf 

func (m *ModuleTransactionDummy) StartStringConvf(style pam.Style, format string, args ...interface{}) (
	pam.StringConvResponse, error)

StartStringConvf allows to start string conversation with formatting support.

type QrCodeOptions 

type QrCodeOptions func(*authd.UILayout)

QrCodeOptions is the function signature used to tweak the qrcode.

type RunnerAction 

type RunnerAction authd.SessionMode

RunnerAction is the type for Pam Runner actions.

func RunnerActionFromString 

func RunnerActionFromString(action string) RunnerAction

RunnerActionFromString gets the RunnerAction from its string representation.

func (RunnerAction) Result 

func (action RunnerAction) Result() RunnerResultAction

Result returns the RunnerResultAction for the provided RunnerAction.

func (RunnerAction) String 

func (action RunnerAction) String() string

type RunnerResultAction 

type RunnerResultAction int

RunnerResultAction is the type for Pam Runner actions results. 

const (
	// RunnerResultActionAuthenticate is the string for Authentication action.
	RunnerResultActionAuthenticate RunnerResultAction = iota
	// RunnerResultActionChangeAuthTok is the string for ChangeAuthTok action.
	RunnerResultActionChangeAuthTok
	// RunnerResultActionAcctMgmt is the string for the AcctMgmt action.
	RunnerResultActionAcctMgmt
)

func (RunnerResultAction) Message 

func (result RunnerResultAction) Message(user string) string

Message returns the result message for the [PamResultMessage] that the runner writes.

func (RunnerResultAction) MessageWithError 

func (result RunnerResultAction) MessageWithError(user string, err error) string

MessageWithError returns the result message for the [PamResultMessage] that the runner writes, including the error message or the exit state.

func (RunnerResultAction) String 

func (result RunnerResultAction) String() string

type ServiceLine 

type ServiceLine struct {
	Action  Action
	Control Control
	Module  string
	Args    []string
}

ServiceLine is the representation of a PAM module service file line.

type StringResponseDummy 

type StringResponseDummy struct {
	// contains filtered or unexported fields
}

StringResponseDummy is a simple implementation of pam.StringConvResponse.

func (StringResponseDummy) Response 

func (s StringResponseDummy) Response() string

Response returns the string response of the StringResponseDummy.

func (StringResponseDummy) Style 

func (s StringResponseDummy) Style() pam.Style

Style returns the conversation style of the StringResponseDummy.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.