openafs/tests/auth/authcon-t.c

/*
 * Copyright (c) 2010 Your File System Inc. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

/*!
 * Test those bits of the authcon interface that we can test without involving
 * the cache manager.
 */

#include <afsconfig.h>
#include <afs/param.h>

#include <roken.h>

#include <rx/rx.h>
#include <rx/rxkad.h>
#include <afs/cellconfig.h>

#include <tap/basic.h>
#include "common.h"

int
main(int argc, char **argv)
{
    struct afsconf_dir *dir;
    char *dirname;
    struct rx_securityClass **classes;
    struct rx_securityClass *secClass;
    int secIndex;
    int numClasses;
    struct afsconf_typedKey *key;

    plan(9);
    dirname = afstest_BuildTestConfig();

    dir = afsconf_Open(dirname);
    if (dir == NULL) {
	fprintf(stderr, "Unable to configure directory.\n");
        exit(1);
    }

    rx_Init(0);

    /* Server Security objects */

    afsconf_BuildServerSecurityObjects(dir, &classes, &numClasses);
    is_int(3, numClasses, "3 security classes are returned, as expected");
    ok(classes[1] == NULL, "The rxvab class is undefined, as requested");
    free(classes);

    afsconf_SetSecurityFlags(dir, AFSCONF_SECOPTS_ALWAYSENCRYPT);

    afsconf_BuildServerSecurityObjects(dir, &classes, &numClasses);
    is_int(4, numClasses, "When encryption is enabled, 4 classes are returned");

    /* Up to date checks */

    ok(afsconf_UpToDate(dir), "Newly opened directory is up to date");
    is_int(0, afsconf_AddKey(dir,
			     1, "\x19\x16\xfe\xe6\xba\x77\x2f\xfd", 0),
	   "Adding key worked");
    ok(!afsconf_UpToDate(dir), "Directory with newly added key isn't");
    afsconf_ClientAuth(dir, &secClass, &secIndex);
    ok(afsconf_UpToDate(dir), "afsconf_ClientAuth() resets UpToDate check");
    afsconf_DeleteKey(dir, 1);
    ok(!afsconf_UpToDate(dir), "Directory with newly deleted key isn't");
    afsconf_GetLatestKeyByTypes(dir, afsconf_rxkad, 0, &key);
    ok(afsconf_UpToDate(dir), "afsconf_GetLatestKeyByTypes resest UpToDate");

    return 0;
}
afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00			`/*`
			`* Copyright (c) 2010 Your File System Inc. All rights reserved.`
			`*`
			`* Redistribution and use in source and binary forms, with or without`
			`* modification, are permitted provided that the following conditions`
			`* are met:`
			`* 1. Redistributions of source code must retain the above copyright`
			`* notice, this list of conditions and the following disclaimer.`
			`* 2. Redistributions in binary form must reproduce the above copyright`
			`* notice, this list of conditions and the following disclaimer in the`
			`* documentation and/or other materials provided with the distribution.`
			`*`
			* THIS SOFTWARE IS PROVIDED BY THE AUTHOR `AS IS'' AND ANY EXPRESS OR
			`* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES`
			`* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.`
			`* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,`
			`* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT`
			`* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,`
			`* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY`
			`* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT`
			`* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF`
			`* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.`
			`*/`

			`/*!`
			`* Test those bits of the authcon interface that we can test without involving`
			`* the cache manager.`
			`*/`

			`#include <afsconfig.h>`
			`#include <afs/param.h>`

			`#include <roken.h>`

			`#include <rx/rx.h>`
			`#include <rx/rxkad.h>`
			`#include <afs/cellconfig.h>`

			`#include <tap/basic.h>`
			`#include "common.h"`

			`int`
			`main(int argc, char **argv)`
			`{`
			`struct afsconf_dir *dir;`
			`char *dirname;`
			`struct rx_securityClass **classes;`
auth: Rework afsconf_UpToDate to use CellServDB Rework the afsconf_UpToDate check so that it uses the modifcation of the CellServDB, and not the KeyFile to determine whether the configuration information has been changed under us or not. afsconf defines the CellServDB as being the single sentinel for a config directory being changed, and our tools are careful to always touch the CellServDB when updating anything else there. Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate, rather than including this logic twice. Change-Id: I8ef5f67afbb5982bb25e12407ea5dc5dc1512840 Reviewed-on: http://gerrit.openafs.org/4203 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-05 23:09:18 +00:00			`struct rx_securityClass *secClass;`
			`int secIndex;`
afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00			`int numClasses;`
auth: Rework afsconf_UpToDate to use CellServDB Rework the afsconf_UpToDate check so that it uses the modifcation of the CellServDB, and not the KeyFile to determine whether the configuration information has been changed under us or not. afsconf defines the CellServDB as being the single sentinel for a config directory being changed, and our tools are careful to always touch the CellServDB when updating anything else there. Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate, rather than including this logic twice. Change-Id: I8ef5f67afbb5982bb25e12407ea5dc5dc1512840 Reviewed-on: http://gerrit.openafs.org/4203 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-05 23:09:18 +00:00			`struct afsconf_typedKey *key;`
afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00
auth: Rework afsconf_UpToDate to use CellServDB Rework the afsconf_UpToDate check so that it uses the modifcation of the CellServDB, and not the KeyFile to determine whether the configuration information has been changed under us or not. afsconf defines the CellServDB as being the single sentinel for a config directory being changed, and our tools are careful to always touch the CellServDB when updating anything else there. Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate, rather than including this logic twice. Change-Id: I8ef5f67afbb5982bb25e12407ea5dc5dc1512840 Reviewed-on: http://gerrit.openafs.org/4203 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-05 23:09:18 +00:00			`plan(9);`
tests: Move common code to its own directory Move code for faking up an OpenAFS configuration directory into its own "common" directory, as it's going to be of use to more tests than just those in auth. Change-Id: I9c80dd66763e222deca98bc7744ff317111c6ed8 Reviewed-on: http://gerrit.openafs.org/4806 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-05-30 17:47:35 +01:00			`dirname = afstest_BuildTestConfig();`
afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00
			`dir = afsconf_Open(dirname);`
			`if (dir == NULL) {`
			`fprintf(stderr, "Unable to configure directory.\n");`
			`exit(1);`
			`}`

tests: Fix the authcon test to avoid pthread errors Fix the authcon test so that it avoids pthread errors by initialising rx before calling into any of the rxkad routines. Change-Id: I175203fd91660e27a8b468e6f1c6189f32b22259 Reviewed-on: http://gerrit.openafs.org/4212 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-13 15:45:37 +00:00			`rx_Init(0);`

afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00			`/* Server Security objects */`

			`afsconf_BuildServerSecurityObjects(dir, &classes, &numClasses);`
			`is_int(3, numClasses, "3 security classes are returned, as expected");`
			`ok(classes[1] == NULL, "The rxvab class is undefined, as requested");`
			`free(classes);`

			`afsconf_SetSecurityFlags(dir, AFSCONF_SECOPTS_ALWAYSENCRYPT);`

			`afsconf_BuildServerSecurityObjects(dir, &classes, &numClasses);`
			`is_int(4, numClasses, "When encryption is enabled, 4 classes are returned");`

auth: Rework afsconf_UpToDate to use CellServDB Rework the afsconf_UpToDate check so that it uses the modifcation of the CellServDB, and not the KeyFile to determine whether the configuration information has been changed under us or not. afsconf defines the CellServDB as being the single sentinel for a config directory being changed, and our tools are careful to always touch the CellServDB when updating anything else there. Also, rework the _afsconf_Check() code so that it uses afsconf_UpToDate, rather than including this logic twice. Change-Id: I8ef5f67afbb5982bb25e12407ea5dc5dc1512840 Reviewed-on: http://gerrit.openafs.org/4203 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-05 23:09:18 +00:00			`/* Up to date checks */`

			`ok(afsconf_UpToDate(dir), "Newly opened directory is up to date");`
			`is_int(0, afsconf_AddKey(dir,`
			`1, "\x19\x16\xfe\xe6\xba\x77\x2f\xfd", 0),`
			`"Adding key worked");`
			`ok(!afsconf_UpToDate(dir), "Directory with newly added key isn't");`
			`afsconf_ClientAuth(dir, &secClass, &secIndex);`
			`ok(afsconf_UpToDate(dir), "afsconf_ClientAuth() resets UpToDate check");`
			`afsconf_DeleteKey(dir, 1);`
			`ok(!afsconf_UpToDate(dir), "Directory with newly deleted key isn't");`
			`afsconf_GetLatestKeyByTypes(dir, afsconf_rxkad, 0, &key);`
			`ok(afsconf_UpToDate(dir), "afsconf_GetLatestKeyByTypes resest UpToDate");`

afsconf: Rework security flags BuildServerSecurityObjects takes a set of flags, which makes it hard to use it as a callback function. Rework this so that the security flags are part of the afsconf directory structure, and so BuildServerSecurityObjects only takes a rock, and its return parameters. Update all of the callers for this new function, and add tests for it to the test suite. Change-Id: I48219ed199d128c6aec3765ca425bda9e464b937 Reviewed-on: http://gerrit.openafs.org/4201 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementia.org> 2011-03-04 22:37:10 +00:00			`return 0;`
			`}`