|
|
bb7cd1 |
From a531a785f57be7ae228ca04a7af606debd66eeb1 Mon Sep 17 00:00:00 2001
|
|
|
bb7cd1 |
From: Sumit Bose <sbose@redhat.com>
|
|
|
bb7cd1 |
Date: Wed, 3 May 2017 16:30:12 +0200
|
|
|
bb7cd1 |
Subject: [PATCH 158/160] PAM: send user name hint response when needed
|
|
|
bb7cd1 |
MIME-Version: 1.0
|
|
|
bb7cd1 |
Content-Type: text/plain; charset=UTF-8
|
|
|
bb7cd1 |
Content-Transfer-Encoding: 8bit
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
If the PAM client didn't send a user name and promtusername is enable
|
|
|
bb7cd1 |
the PAM responder will tell pam_sss to ask for an optional user name as
|
|
|
bb7cd1 |
well.
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
Resolves:
|
|
|
bb7cd1 |
https://pagure.io/SSSD/sssd/issue/3395
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
|
|
|
bb7cd1 |
(cherry picked from commit 32474fa2f0a6dc09386bab405fc3461cb3dd12ac)
|
|
|
bb7cd1 |
---
|
|
|
bb7cd1 |
src/responder/pam/pamsrv_cmd.c | 72 ++++++++++------
|
|
|
bb7cd1 |
src/tests/cmocka/test_pam_srv.c | 180 +++++++++++++++++++++++++++++-----------
|
|
|
bb7cd1 |
2 files changed, 177 insertions(+), 75 deletions(-)
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
|
|
|
bb7cd1 |
index 080cfafa709d63542fbf57d26fab11f0a367dea7..49a05657e03feef564d6196029da4cacc2ab8eaf 100644
|
|
|
bb7cd1 |
--- a/src/responder/pam/pamsrv_cmd.c
|
|
|
bb7cd1 |
+++ b/src/responder/pam/pamsrv_cmd.c
|
|
|
bb7cd1 |
@@ -1414,7 +1414,7 @@ static void pam_forwarder_lookup_by_cert_done(struct tevent_req *req)
|
|
|
bb7cd1 |
struct cache_req_result **results;
|
|
|
bb7cd1 |
struct pam_auth_req *preq = tevent_req_callback_data(req,
|
|
|
bb7cd1 |
struct pam_auth_req);
|
|
|
bb7cd1 |
- const char *cert_user;
|
|
|
bb7cd1 |
+ const char *cert_user = NULL;
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
ret = cache_req_recv(preq, req, &results);
|
|
|
bb7cd1 |
talloc_zfree(req);
|
|
|
bb7cd1 |
@@ -1439,35 +1439,55 @@ static void pam_forwarder_lookup_by_cert_done(struct tevent_req *req)
|
|
|
bb7cd1 |
goto done;
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
- if (preq->cert_user_objs->count != 1) {
|
|
|
bb7cd1 |
- DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
bb7cd1 |
- "More than one user mapped to certificate.\n");
|
|
|
bb7cd1 |
- /* TODO: send pam response to ask for a user name */
|
|
|
bb7cd1 |
- ret = ERR_NO_CREDS;
|
|
|
bb7cd1 |
- goto done;
|
|
|
bb7cd1 |
- }
|
|
|
bb7cd1 |
- cert_user = ldb_msg_find_attr_as_string(
|
|
|
bb7cd1 |
+ if (preq->cert_user_objs->count == 1) {
|
|
|
bb7cd1 |
+ cert_user = ldb_msg_find_attr_as_string(
|
|
|
bb7cd1 |
preq->cert_user_objs->msgs[0],
|
|
|
bb7cd1 |
SYSDB_NAME, NULL);
|
|
|
bb7cd1 |
+ if (cert_user == NULL) {
|
|
|
bb7cd1 |
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
bb7cd1 |
+ "Certificate user object has not name.\n");
|
|
|
bb7cd1 |
+ ret = ENOENT;
|
|
|
bb7cd1 |
+ goto done;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ DEBUG(SSSDBG_FUNC_DATA,
|
|
|
bb7cd1 |
+ "Found certificate user [%s].\n", cert_user);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ ret = sss_parse_name_for_domains(preq->pd,
|
|
|
bb7cd1 |
+ preq->cctx->rctx->domains,
|
|
|
bb7cd1 |
+ preq->cctx->rctx->default_domain,
|
|
|
bb7cd1 |
+ cert_user,
|
|
|
bb7cd1 |
+ &preq->pd->domain,
|
|
|
bb7cd1 |
+ &preq->pd->user);
|
|
|
bb7cd1 |
+ if (ret != EOK) {
|
|
|
bb7cd1 |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
bb7cd1 |
+ "sss_parse_name_for_domains failed.\n");
|
|
|
bb7cd1 |
+ goto done;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ if (preq->cctx->rctx->domains->user_name_hint) {
|
|
|
bb7cd1 |
+ ret = add_pam_cert_response(preq->pd, cert_user,
|
|
|
bb7cd1 |
+ preq->token_name,
|
|
|
bb7cd1 |
+ preq->module_name,
|
|
|
bb7cd1 |
+ preq->key_id,
|
|
|
bb7cd1 |
+ SSS_PAM_CERT_INFO_WITH_HINT);
|
|
|
bb7cd1 |
+ if (ret != EOK) {
|
|
|
bb7cd1 |
+ DEBUG(SSSDBG_OP_FAILURE, "add_pam_cert_response failed.\n");
|
|
|
bb7cd1 |
+ preq->pd->pam_status = PAM_AUTHINFO_UNAVAIL;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+ ret = EOK;
|
|
|
bb7cd1 |
+ preq->pd->pam_status = PAM_SUCCESS;
|
|
|
bb7cd1 |
+ pam_reply(preq);
|
|
|
bb7cd1 |
+ goto done;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ /* Without user name hints the certificate must map to single user
|
|
|
bb7cd1 |
+ * if no login name was given */
|
|
|
bb7cd1 |
if (cert_user == NULL) {
|
|
|
bb7cd1 |
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
bb7cd1 |
- "Certificate user object has not name.\n");
|
|
|
bb7cd1 |
- ret = ENOENT;
|
|
|
bb7cd1 |
- goto done;
|
|
|
bb7cd1 |
- }
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- DEBUG(SSSDBG_FUNC_DATA, "Found certificate user [%s].\n",
|
|
|
bb7cd1 |
- cert_user);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- ret = sss_parse_name_for_domains(preq->pd,
|
|
|
bb7cd1 |
- preq->cctx->rctx->domains,
|
|
|
bb7cd1 |
- preq->cctx->rctx->default_domain,
|
|
|
bb7cd1 |
- cert_user,
|
|
|
bb7cd1 |
- &preq->pd->domain,
|
|
|
bb7cd1 |
- &preq->pd->user);
|
|
|
bb7cd1 |
- if (ret != EOK) {
|
|
|
bb7cd1 |
- DEBUG(SSSDBG_OP_FAILURE,
|
|
|
bb7cd1 |
- "sss_parse_name_for_domains failed.\n");
|
|
|
bb7cd1 |
+ "More than one user mapped to certificate.\n");
|
|
|
bb7cd1 |
+ ret = ERR_NO_CREDS;
|
|
|
bb7cd1 |
goto done;
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c
|
|
|
bb7cd1 |
index 35afbdd81d004236885ee80914771ccb4b8acff4..0f92f05417025e41a702127099d1d01e269412dc 100644
|
|
|
bb7cd1 |
--- a/src/tests/cmocka/test_pam_srv.c
|
|
|
bb7cd1 |
+++ b/src/tests/cmocka/test_pam_srv.c
|
|
|
bb7cd1 |
@@ -747,57 +747,83 @@ static int test_pam_cert_check_gdm_smartcard(uint32_t status, uint8_t *body,
|
|
|
bb7cd1 |
return EOK;
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
+static int test_pam_cert_check_ex(uint32_t status, uint8_t *body, size_t blen,
|
|
|
bb7cd1 |
+ enum response_type type, const char *name)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ size_t rp = 0;
|
|
|
bb7cd1 |
+ uint32_t val;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(status, 0);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ assert_int_equal(val, pam_test_ctx->exp_pam_status);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ if (name == NULL || *name == '\0') {
|
|
|
bb7cd1 |
+ assert_int_equal(val, 1);
|
|
|
bb7cd1 |
+ } else {
|
|
|
bb7cd1 |
+ assert_int_equal(val, 2);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ assert_int_equal(val, SSS_PAM_DOMAIN_NAME);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ assert_int_equal(val, 9);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(*(body + rp + val - 1), 0);
|
|
|
bb7cd1 |
+ assert_string_equal(body + rp, TEST_DOM_NAME);
|
|
|
bb7cd1 |
+ rp += val;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ assert_int_equal(val, type);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
+ assert_int_equal(val, (strlen(name) + 1
|
|
|
bb7cd1 |
+ + sizeof(TEST_TOKEN_NAME)
|
|
|
bb7cd1 |
+ + sizeof(TEST_MODULE_NAME)
|
|
|
bb7cd1 |
+ + sizeof(TEST_KEY_ID)));
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(*(body + rp + strlen(name)), 0);
|
|
|
bb7cd1 |
+ assert_string_equal(body + rp, name);
|
|
|
bb7cd1 |
+ rp += strlen(name) + 1;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(*(body + rp + sizeof(TEST_TOKEN_NAME) - 1), 0);
|
|
|
bb7cd1 |
+ assert_string_equal(body + rp, TEST_TOKEN_NAME);
|
|
|
bb7cd1 |
+ rp += sizeof(TEST_TOKEN_NAME);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(*(body + rp + sizeof(TEST_MODULE_NAME) - 1), 0);
|
|
|
bb7cd1 |
+ assert_string_equal(body + rp, TEST_MODULE_NAME);
|
|
|
bb7cd1 |
+ rp += sizeof(TEST_MODULE_NAME);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(*(body + rp + sizeof(TEST_KEY_ID) - 1), 0);
|
|
|
bb7cd1 |
+ assert_string_equal(body + rp, TEST_KEY_ID);
|
|
|
bb7cd1 |
+ rp += sizeof(TEST_KEY_ID);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ assert_int_equal(rp, blen);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ return EOK;
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
static int test_pam_cert_check(uint32_t status, uint8_t *body, size_t blen)
|
|
|
bb7cd1 |
{
|
|
|
bb7cd1 |
- size_t rp = 0;
|
|
|
bb7cd1 |
- uint32_t val;
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(status, 0);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, pam_test_ctx->exp_pam_status);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, 2);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, SSS_PAM_DOMAIN_NAME);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, 9);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(*(body + rp + val - 1), 0);
|
|
|
bb7cd1 |
- assert_string_equal(body + rp, TEST_DOM_NAME);
|
|
|
bb7cd1 |
- rp += val;
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, SSS_PAM_CERT_INFO);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- SAFEALIGN_COPY_UINT32(&val, body + rp, &rp);
|
|
|
bb7cd1 |
- assert_int_equal(val, (sizeof("pamuser@"TEST_DOM_NAME)
|
|
|
bb7cd1 |
- + sizeof(TEST_TOKEN_NAME)
|
|
|
bb7cd1 |
- + sizeof(TEST_MODULE_NAME)
|
|
|
bb7cd1 |
- + sizeof(TEST_KEY_ID)));
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(*(body + rp + sizeof("pamuser@"TEST_DOM_NAME) - 1), 0);
|
|
|
bb7cd1 |
- assert_string_equal(body + rp, "pamuser@"TEST_DOM_NAME);
|
|
|
bb7cd1 |
- rp += sizeof("pamuser@"TEST_DOM_NAME);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(*(body + rp + sizeof(TEST_TOKEN_NAME) - 1), 0);
|
|
|
bb7cd1 |
- assert_string_equal(body + rp, TEST_TOKEN_NAME);
|
|
|
bb7cd1 |
- rp += sizeof(TEST_TOKEN_NAME);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(*(body + rp + sizeof(TEST_MODULE_NAME) - 1), 0);
|
|
|
bb7cd1 |
- assert_string_equal(body + rp, TEST_MODULE_NAME);
|
|
|
bb7cd1 |
- rp += sizeof(TEST_MODULE_NAME);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(*(body + rp + sizeof(TEST_KEY_ID) - 1), 0);
|
|
|
bb7cd1 |
- assert_string_equal(body + rp, TEST_KEY_ID);
|
|
|
bb7cd1 |
- rp += sizeof(TEST_KEY_ID);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- assert_int_equal(rp, blen);
|
|
|
bb7cd1 |
-
|
|
|
bb7cd1 |
- return EOK;
|
|
|
bb7cd1 |
+ return test_pam_cert_check_ex(status, body, blen,
|
|
|
bb7cd1 |
+ SSS_PAM_CERT_INFO, "pamuser@"TEST_DOM_NAME);
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+static int test_pam_cert_check_with_hint(uint32_t status, uint8_t *body,
|
|
|
bb7cd1 |
+ size_t blen)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ return test_pam_cert_check_ex(status, body, blen,
|
|
|
bb7cd1 |
+ SSS_PAM_CERT_INFO_WITH_HINT,
|
|
|
bb7cd1 |
+ "pamuser@"TEST_DOM_NAME);
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+static int test_pam_cert_check_with_hint_no_user(uint32_t status, uint8_t *body,
|
|
|
bb7cd1 |
+ size_t blen)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ return test_pam_cert_check_ex(status, body, blen,
|
|
|
bb7cd1 |
+ SSS_PAM_CERT_INFO_WITH_HINT, "");
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
static int test_pam_offline_chauthtok_check(uint32_t status,
|
|
|
bb7cd1 |
@@ -1895,6 +1921,33 @@ void test_pam_preauth_cert_no_logon_name(void **state)
|
|
|
bb7cd1 |
assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
+void test_pam_preauth_cert_no_logon_name_with_hint(void **state)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ int ret;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ set_cert_auth_param(pam_test_ctx->pctx, NSS_DB);
|
|
|
bb7cd1 |
+ pam_test_ctx->rctx->domains->user_name_hint = true;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ /* If no logon name is given the user is looked by certificate first.
|
|
|
bb7cd1 |
+ * Since user name hint is enabled we do not have to search the user
|
|
|
bb7cd1 |
+ * during pre-auth and there is no need for an extra mocked response as in
|
|
|
bb7cd1 |
+ * test_pam_preauth_cert_no_logon_name. */
|
|
|
bb7cd1 |
+ mock_input_pam_cert(pam_test_ctx, NULL, NULL, NULL,
|
|
|
bb7cd1 |
+ test_lookup_by_cert_cb, TEST_TOKEN_CERT, false);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ will_return(__wrap_sss_packet_get_cmd, SSS_PAM_PREAUTH);
|
|
|
bb7cd1 |
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ set_cmd_cb(test_pam_cert_check_with_hint);
|
|
|
bb7cd1 |
+ ret = sss_cmd_execute(pam_test_ctx->cctx, SSS_PAM_PREAUTH,
|
|
|
bb7cd1 |
+ pam_test_ctx->pam_cmds);
|
|
|
bb7cd1 |
+ assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ /* Wait until the test finishes with EOK */
|
|
|
bb7cd1 |
+ ret = test_ev_loop(pam_test_ctx->tctx);
|
|
|
bb7cd1 |
+ assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
void test_pam_preauth_cert_no_logon_name_double_cert(void **state)
|
|
|
bb7cd1 |
{
|
|
|
bb7cd1 |
int ret;
|
|
|
bb7cd1 |
@@ -1917,6 +1970,29 @@ void test_pam_preauth_cert_no_logon_name_double_cert(void **state)
|
|
|
bb7cd1 |
assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
+void test_pam_preauth_cert_no_logon_name_double_cert_with_hint(void **state)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ int ret;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ set_cert_auth_param(pam_test_ctx->pctx, NSS_DB);
|
|
|
bb7cd1 |
+ pam_test_ctx->rctx->domains->user_name_hint = true;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ mock_input_pam_cert(pam_test_ctx, NULL, NULL, NULL,
|
|
|
bb7cd1 |
+ test_lookup_by_cert_double_cb, TEST_TOKEN_CERT, false);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ will_return(__wrap_sss_packet_get_cmd, SSS_PAM_PREAUTH);
|
|
|
bb7cd1 |
+ will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ set_cmd_cb(test_pam_cert_check_with_hint_no_user);
|
|
|
bb7cd1 |
+ ret = sss_cmd_execute(pam_test_ctx->cctx, SSS_PAM_PREAUTH,
|
|
|
bb7cd1 |
+ pam_test_ctx->pam_cmds);
|
|
|
bb7cd1 |
+ assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ /* Wait until the test finishes with EOK */
|
|
|
bb7cd1 |
+ ret = test_ev_loop(pam_test_ctx->tctx);
|
|
|
bb7cd1 |
+ assert_int_equal(ret, EOK);
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
void test_pam_preauth_no_cert_no_logon_name(void **state)
|
|
|
bb7cd1 |
{
|
|
|
bb7cd1 |
int ret;
|
|
|
bb7cd1 |
@@ -2426,8 +2502,14 @@ int main(int argc, const char *argv[])
|
|
|
bb7cd1 |
cmocka_unit_test_setup_teardown(test_pam_preauth_cert_no_logon_name,
|
|
|
bb7cd1 |
pam_test_setup, pam_test_teardown),
|
|
|
bb7cd1 |
cmocka_unit_test_setup_teardown(
|
|
|
bb7cd1 |
+ test_pam_preauth_cert_no_logon_name_with_hint,
|
|
|
bb7cd1 |
+ pam_test_setup, pam_test_teardown),
|
|
|
bb7cd1 |
+ cmocka_unit_test_setup_teardown(
|
|
|
bb7cd1 |
test_pam_preauth_cert_no_logon_name_double_cert,
|
|
|
bb7cd1 |
pam_test_setup, pam_test_teardown),
|
|
|
bb7cd1 |
+ cmocka_unit_test_setup_teardown(
|
|
|
bb7cd1 |
+ test_pam_preauth_cert_no_logon_name_double_cert_with_hint,
|
|
|
bb7cd1 |
+ pam_test_setup, pam_test_teardown),
|
|
|
bb7cd1 |
cmocka_unit_test_setup_teardown(test_pam_preauth_no_cert_no_logon_name,
|
|
|
bb7cd1 |
pam_test_setup, pam_test_teardown),
|
|
|
bb7cd1 |
cmocka_unit_test_setup_teardown(
|
|
|
bb7cd1 |
--
|
|
|
bb7cd1 |
2.9.4
|
|
|
bb7cd1 |
|