From 1defd7b456a47bcb499bf508239c2ee95e59d268 Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Thu, 6 Jan 2011 11:05:28 -0500 Subject: [PATCH] Add regression tests for iolog_path() --- MANIFEST | 3 + Makefile.in | 5 +- common/Makefile.in | 1 - compat/Makefile.in | 1 - doc/Makefile.in | 1 - include/Makefile.in | 1 - plugins/sample/Makefile.in | 1 - plugins/sample_group/Makefile.in | 1 - plugins/sudoers/Makefile.in | 18 +- .../regress/iolog_path/check_iolog_path.c | 198 ++++++++++++++++++ plugins/sudoers/regress/iolog_path/data | 48 +++++ src/Makefile.in | 1 - zlib/Makefile.in | 1 - 13 files changed, 263 insertions(+), 17 deletions(-) create mode 100644 plugins/sudoers/regress/iolog_path/check_iolog_path.c create mode 100644 plugins/sudoers/regress/iolog_path/data diff --git a/MANIFEST b/MANIFEST index 6917df251..6b3b84a8a 100644 --- a/MANIFEST +++ b/MANIFEST @@ -157,6 +157,7 @@ plugins/sudoers/insults.h plugins/sudoers/interfaces.c plugins/sudoers/interfaces.h plugins/sudoers/iolog.c +plugins/sudoers/iolog_path.c plugins/sudoers/ldap.c plugins/sudoers/linux_audit.c plugins/sudoers/linux_audit.h @@ -170,6 +171,8 @@ plugins/sudoers/plugin_error.c plugins/sudoers/pwutil.c plugins/sudoers/redblack.c plugins/sudoers/redblack.h +plugins/sudoers/regress/iolog_path/check_iolog_path.c +plugins/sudoers/regress/iolog_path/data plugins/sudoers/set_perms.c plugins/sudoers/sudo_nss.c plugins/sudoers/sudo_nss.h diff --git a/Makefile.in b/Makefile.in index 4caa95cce..e126dd0a6 100644 --- a/Makefile.in +++ b/Makefile.in @@ -50,7 +50,7 @@ LIBTOOL_DEPS = @LIBTOOL_DEPS@ SHELL = @SHELL@ -all: config.status +all check: config.status for d in $(SUBDIRS) $(SAMPLES); do (cd $$d && $(MAKE) $@) || break; done install-dirs install-binaries install-includes install-plugin uninstall: config.status @@ -71,9 +71,6 @@ ChangeLog: fi; \ fi -check: - @echo nothing to check - config.status: @if [ ! -s config.status ]; then \ echo "Please run configure first"; \ diff --git a/common/Makefile.in b/common/Makefile.in index 8ea4ae86a..0f10cabb3 100644 --- a/common/Makefile.in +++ b/common/Makefile.in @@ -93,7 +93,6 @@ install-plugin: uninstall: check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/compat/Makefile.in b/compat/Makefile.in index 9c45c1f12..854255c48 100644 --- a/compat/Makefile.in +++ b/compat/Makefile.in @@ -123,7 +123,6 @@ install-plugin: uninstall: check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f mksiglist siglist.c *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/doc/Makefile.in b/doc/Makefile.in index 2fe56a255..6efd45abd 100644 --- a/doc/Makefile.in +++ b/doc/Makefile.in @@ -177,7 +177,6 @@ uninstall: $(DESTDIR)$(mandirform)/sudoers.ldap.$(mansectform) check: - @echo nothing to check clean: -rm -f varsub diff --git a/include/Makefile.in b/include/Makefile.in index 15fa7d145..3a3051ef2 100644 --- a/include/Makefile.in +++ b/include/Makefile.in @@ -64,7 +64,6 @@ uninstall: -rm -f $(DESTDIR)$(includedir)/sudo_plugin.h check: - @echo nothing to check clean: diff --git a/plugins/sample/Makefile.in b/plugins/sample/Makefile.in index ebc35b65c..481e90290 100644 --- a/plugins/sample/Makefile.in +++ b/plugins/sample/Makefile.in @@ -101,7 +101,6 @@ uninstall: -$(LIBTOOL) --mode=uninstall rm -f $(DESDTDIR)/$(plugindir)/sample_plugin.la check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/plugins/sample_group/Makefile.in b/plugins/sample_group/Makefile.in index 9a0d591d3..a6d9deaae 100644 --- a/plugins/sample_group/Makefile.in +++ b/plugins/sample_group/Makefile.in @@ -104,7 +104,6 @@ uninstall: -$(LIBTOOL) --mode=uninstall rm -f $(DESDTDIR)/$(plugindir)/sample_group.la check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in index 609bdbd0c..70acbf194 100644 --- a/plugins/sudoers/Makefile.in +++ b/plugins/sudoers/Makefile.in @@ -114,6 +114,9 @@ REPLAY_OBJS = getdate.o sudoreplay.o error.o TEST_OBJS = interfaces.o testsudoers.o tsgetgrpw.o error.o group_plugin.o \ net_ifs.o +CHECK_IOLOG_PATH_OBJS = check_iolog_path.o error.o iolog_path.o pwutil.o \ + redblack.o + VERSION = @PACKAGE_VERSION@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ @@ -129,9 +132,6 @@ INSDEP = $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \ all: $(PROGS) -Makefile: $(srcdir)/Makefile.in - (cd $(top_builddir) && ./config.status --file plugins/sudoers/Makefile) - .SUFFIXES: .o .c .h .l .y .lo .c.o: @@ -163,6 +163,9 @@ sudoreplay: $(REPLAY_OBJS) $(LIBS) testsudoers: libsudoers.la $(TEST_OBJS) $(LIBS) $(LIBTOOL) --mode=link $(CC) -o $@ $(TEST_OBJS) $(LDFLAGS) libsudoers.la $(LIBS) $(NET_LIBS) @LIBDL@ +check_iolog_path: $(CHECK_IOLOG_PATH_OBJS) $(LIBS) + $(LIBTOOL) --mode=link $(CC) -o $@ $(CHECK_IOLOG_PATH_OBJS) $(LDFLAGS) $(LIBS) + # Uncomment the following if you want "make distclean" to clean the parser @DEV@GENERATED = gram.h gram.c toke.c def_data.c def_data.h getdate.c @@ -292,6 +295,8 @@ sia.lo: $(authdir)/sia.c $(AUTHDEP) $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(authdir)/sia.c # Command dependencies (sudoreplay, testsudoers, visudo) +check_iolog_path.o: $(srcdir)/regress/iolog_path/check_iolog_path.c $(SUDODEP) + $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/regress/iolog_path/check_iolog_path.c error.o: $(top_srcdir)/src/error.c $(incdir)/error.h $(incdir)/missing.h $(top_builddir)/config.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(top_srcdir)/src/error.c find_path.o: find_path.lo @@ -299,8 +304,11 @@ getdate.o: $(devdir)/getdate.c $(incdir)/missing.h $(top_builddir)/config.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(devdir)/getdate.c goodpath.o: goodpath.lo interfaces.o: interfaces.lo +iolog_path.o: iolog_path.lo net_ifs.o: $(top_srcdir)/src/net_ifs.c $(SUDODEP) $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(top_srcdir)/src/net_ifs.c +pwutil.o: pwutil.lo +redblack.o: redblack.lo sudoreplay.o: $(srcdir)/sudoreplay.c $(incdir)/alloc.h $(incdir)/missing.h $(incdir)/error.h $(incdir)/missing.h $(top_builddir)/config.h $(CC) -c $(CPPFLAGS) $(CFLAGS) $(DEFS) $(srcdir)/sudoreplay.c testsudoers.o: $(srcdir)/testsudoers.c $(SUDODEP) $(srcdir)/parse.h $(incdir)/list.h $(srcdir)/interfaces.h $(devdir)/gram.h @@ -344,8 +352,8 @@ uninstall: -cmp $(DESTDIR)$(sudoersdir)/sudoers $(srcdir)/sudoers >/dev/null && \ rm -f $(DESTDIR)$(sudoersdir)/sudoers -check: - @echo nothing to check +check: check_iolog_path + ./check_iolog_path $(srcdir)/regress/iolog_path/data clean: -$(LIBTOOL) --mode=clean rm -f $(PROGS) *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/plugins/sudoers/regress/iolog_path/check_iolog_path.c b/plugins/sudoers/regress/iolog_path/check_iolog_path.c new file mode 100644 index 000000000..b5a2b08b2 --- /dev/null +++ b/plugins/sudoers/regress/iolog_path/check_iolog_path.c @@ -0,0 +1,198 @@ +/* + * Copyright (c) 2010 Todd C. Miller + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include +#include +#ifdef STDC_HEADERS +# include +# include +#else +# ifdef HAVE_STDLIB_H +# include +# endif +#endif /* STDC_HEADERS */ +#ifdef HAVE_STRING_H +# if defined(HAVE_MEMORY_H) && !defined(STDC_HEADERS) +# include +# endif +# include +#endif /* HAVE_STRING_H */ +#ifdef HAVE_STRINGS_H +# include +#endif /* HAVE_STRINGS_H */ +#ifdef HAVE_SETLOCALE +# include +#endif +#include +#include +#include + +#define _SUDO_MAIN +#include "sudoers.h" +#include "def_data.c" + +struct sudo_user sudo_user; +struct passwd *list_pw; + +static void +usage(void) +{ + fprintf(stderr, "usage: check_iolog_path datafile\n"); + exit(1); +} + +static int +do_check(char *dir_in, char *file_in, char *tdir_out, char *tfile_out) +{ + char *path, *slash; + char dir_out[4096], file_out[4096]; + struct tm *timeptr; + time_t now; + int error = 0; + + /* + * Expand any strftime(3) escapes + * XXX - want to pass timeptr to expand_iolog_path + */ + time(&now); + timeptr = localtime(&now); + strftime(dir_out, sizeof(dir_out), tdir_out, timeptr); + strftime(file_out, sizeof(file_out), tfile_out, timeptr); + + path = expand_iolog_path(NULL, dir_in, file_in, &slash); + *slash = '\0'; + if (strcmp(path, dir_out) != 0) { + warningx("%s: expected %s, got %s", dir_in, dir_out, path); + error = 1; + } + if (strcmp(slash + 1, file_out) != 0) { + warningx("%s: expected %s, got %s", file_in, file_out, slash + 1); + error = 1; + } + + return error; +} + +#define MAX_STATE 12 + +int +main(int argc, char *argv[]) +{ + struct passwd pw, rpw; + size_t len; + FILE *fp; + char line[2048]; + char *file_in = NULL, *file_out = NULL; + char *dir_in = NULL, *dir_out = NULL; + int state = 0; + int errors = 0; + int tests = 0; + + if (argc != 2) + usage(); + + fp = fopen(argv[1], "r"); + if (fp == NULL) + errorx(1, "unable to open %s", argv[1]); + + memset(&pw, 0, sizeof(pw)); + memset(&rpw, 0, sizeof(rpw)); + sudo_user.pw = &pw; + sudo_user._runas_pw = &rpw; + + /* + * Input consists of 12 lines: + * sequence number + * user name + * user gid + * runas user name + * runas gid + * hostname [short form] + * command + * dir [with escapes] + * file [with escapes] + * expanded dir + * expanded file + * empty line + */ + while (fgets(line, sizeof(line), fp) != NULL) { + len = strcspn(line, "\n"); + line[len] = '\0'; + + switch (state) { + case 0: + strlcpy(sudo_user.sessid, line, sizeof(sudo_user.sessid)); + break; + case 1: + if (user_name != NULL) + free(user_name); + user_name = strdup(line); + break; + case 2: + user_gid = atoi(line); + break; + case 3: + if (runas_pw->pw_name != NULL) + free(runas_pw->pw_name); + runas_pw->pw_name = strdup(line); + break; + case 4: + runas_pw->pw_gid = atoi(line); + break; + case 5: + user_shost = strdup(line); + break; + case 6: + user_base = strdup(line); + break; + case 7: + dir_in = strdup(line); + break; + case 8: + file_in = strdup(line); + break; + case 9: + dir_out = strdup(line); + break; + case 10: + file_out = strdup(line); + break; + case 11: + errors += do_check(dir_in, file_in, dir_out, file_out); + tests++; + break; + default: + errorx(1, "internal error, invalid state %d", state); + } + state = (state + 1) % MAX_STATE; + } + + if (tests != 0) { + printf("iolog_path: %d test%s run, %d errors, %d%% success rate\n", + tests, tests == 1 ? "" : "s", errors, + (tests - errors) * 100 / tests); + } + + exit(errors); +} + +void +cleanup(int gotsig) +{ + return; +} diff --git a/plugins/sudoers/regress/iolog_path/data b/plugins/sudoers/regress/iolog_path/data new file mode 100644 index 000000000..afcd54606 --- /dev/null +++ b/plugins/sudoers/regress/iolog_path/data @@ -0,0 +1,48 @@ +000001 +nobody +1 +root +0 +somehost +id +/var/log/sudo-io +%{seq} +/var/log/sudo-io +00/00/01 + +000001 +nobody +1 +root +0 +somehost +id +/var/log/sudo-io/%{user} +%{seq} +/var/log/sudo-io/nobody +00/00/01 + +000001 +nobody +1 +root +0 +somehost +su +/var/log/sudo-io/%{user}/%{runas_user} +%{command}_%Y%m%s_%H%M +/var/log/sudo-io/nobody/root +su_%Y%m%s_%H%M + +000001 +nobody +1 +root +0 +somehost +su +/var/log/sudo-io/ +/%{user}/%{runas_user}/%{command}_%Y%m%s_%H%M +/var/log/sudo-io +nobody/root/su_%Y%m%s_%H%M + diff --git a/src/Makefile.in b/src/Makefile.in index 8aefa2602..160d06755 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -167,7 +167,6 @@ uninstall: $(DESTDIR)$(noexecdir)/$(noexecfile) \ check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f $(PROGS) *.lo *.o *.la *.a stamp-* core *.core core.* diff --git a/zlib/Makefile.in b/zlib/Makefile.in index 2dd05d2b2..1cdd5fada 100644 --- a/zlib/Makefile.in +++ b/zlib/Makefile.in @@ -104,7 +104,6 @@ install-plugin: uninstall: check: - @echo nothing to check clean: -$(LIBTOOL) --mode=clean rm -f *.lo *.o *.la *.a stamp-* core *.core core.* -- 2.40.0