diff options
author | Robert Ancell <robert.ancell@canonical.com> | 2012-04-05 16:52:27 +1000 |
---|---|---|
committer | Robert Ancell <robert.ancell@canonical.com> | 2012-04-05 16:52:27 +1000 |
commit | 0cb944622f385adac949e9e8d401c4dca9addac7 (patch) | |
tree | 6df45c79e0935fead7db03011c6523f81a6edef4 /tests | |
parent | 7b617015d751c29e06f6989fcd770e6bbd132a97 (diff) | |
download | lightdm-0cb944622f385adac949e9e8d401c4dca9addac7.tar.gz |
Fix PAM conversations after authentication from locking up sessions
Fix PAM informational messages locking up autologin
Diffstat (limited to 'tests')
-rw-r--r-- | tests/Makefile.am | 6 | ||||
-rw-r--r-- | tests/scripts/pam.conf | 30 | ||||
-rw-r--r-- | tests/src/libsystem.c | 41 | ||||
-rw-r--r-- | tests/src/test-runner.c | 2 | ||||
-rwxr-xr-x | tests/test-login-pam | 2 | ||||
-rwxr-xr-x | tests/test-pam | 2 |
6 files changed, 81 insertions, 2 deletions
diff --git a/tests/Makefile.am b/tests/Makefile.am index d7011ef9..d036b0b1 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -15,6 +15,8 @@ TESTS = \ test-autologin-session-crash \ test-autologin-password \ test-autologin-new-authtok \ + test-pam \ + test-login-pam \ test-denied \ test-expired \ test-cred-error \ @@ -106,7 +108,6 @@ TESTS = \ test-switch-to-user-existing-session \ test-switch-to-user-no-password \ test-switch-to-user-logout \ - scripts/util-path.conf \ test-vnc-login \ test-xdmcp-login \ test-no-accounts-service \ @@ -205,6 +206,7 @@ EXTRA_DIST = \ scripts/login-multi-info-prompt.conf \ scripts/login-new-authtok.conf \ scripts/login-no-password.conf \ + scripts/login-pam.conf \ scripts/login-pick-session.conf \ scripts/login-previous-session.conf \ scripts/login-two-factor.conf \ @@ -216,6 +218,7 @@ EXTRA_DIST = \ scripts/no-console-kit.conf \ scripts/no-keyboard-layout.conf \ scripts/no-language.conf \ + scripts/pam.conf \ scripts/plymouth-active-vt.conf \ scripts/plymouth-inactive-vt.conf \ scripts/plymouth-no-seat.conf \ @@ -235,6 +238,7 @@ EXTRA_DIST = \ scripts/switch-to-user-logout.conf \ scripts/switch-to-user-no-password.conf \ scripts/system-xauthority.conf \ + scripts/util-path.conf \ scripts/user-renamed.conf \ scripts/user-renamed-invalid.conf \ scripts/vnc-login.conf \ diff --git a/tests/scripts/pam.conf b/tests/scripts/pam.conf new file mode 100644 index 00000000..64078dc9 --- /dev/null +++ b/tests/scripts/pam.conf @@ -0,0 +1,30 @@ +# +# Check we handle conversations during each PAM method +# + +[LightDM] +minimum-display-number=50 + +[SeatDefaults] +autologin-user=log-pam + +#?RUNNER DAEMON-START + +# X server starts +#?XSERVER :50 START +#?XSERVER :50 INDICATE-READY + +# LightDM connects to X server +#?XSERVER :50 ACCEPT-CONNECT + +# Session starts +#?SESSION :50 START USER=log-pam +#?XSERVER :50 ACCEPT-CONNECT +#?SESSION :50 CONNECT-XSERVER + +# Cleanup +#?*STOP-DAEMON +# Don't know what order they will terminate +#?(SESSION :50 TERMINATE SIGNAL=15|XSERVER :50 TERMINATE SIGNAL=15) +#?(SESSION :50 TERMINATE SIGNAL=15|XSERVER :50 TERMINATE SIGNAL=15) +#?RUNNER DAEMON-EXIT STATUS=0 diff --git a/tests/src/libsystem.c b/tests/src/libsystem.c index 13abda8c..9a8b6de7 100644 --- a/tests/src/libsystem.c +++ b/tests/src/libsystem.c @@ -445,6 +445,27 @@ pam_start (const char *service_name, const char *user, const struct pam_conv *co return PAM_SUCCESS; } +static void +send_info (pam_handle_t *pamh, const char *message) +{ + struct pam_message **msg; + struct pam_response *resp = NULL; + + msg = calloc (1, sizeof (struct pam_message *)); + msg[0] = malloc (sizeof (struct pam_message)); + msg[0]->msg_style = PAM_TEXT_INFO; + msg[0]->msg = message; + pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr); + free (msg[0]); + free (msg); + if (resp) + { + if (resp[0].resp) + free (resp[0].resp); + free (resp); + } +} + int pam_authenticate (pam_handle_t *pamh, int flags) { @@ -484,6 +505,9 @@ pam_authenticate (pam_handle_t *pamh, int flags) free (resp); } + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_authenticate"); + /* Crash on authenticate */ if (strcmp (pamh->user, "crash-authenticate") == 0) kill (getpid (), SIGSEGV); @@ -731,6 +755,9 @@ pam_open_session (pam_handle_t *pamh, int flags) if (strcmp (pamh->user, "session-error") == 0) return PAM_SESSION_ERR; + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_open_session"); + if (strcmp (pamh->user, "make-home-dir") == 0) { struct passwd *entry; @@ -747,6 +774,9 @@ pam_close_session (pam_handle_t *pamh, int flags) if (pamh == NULL) return PAM_SYSTEM_ERR; + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_close_session"); + return PAM_SUCCESS; } @@ -759,6 +789,9 @@ pam_acct_mgmt (pam_handle_t *pamh, int flags) if (!pamh->user) return PAM_USER_UNKNOWN; + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_acct_mgmt"); + if (strcmp (pamh->user, "denied") == 0) return PAM_PERM_DENIED; if (strcmp (pamh->user, "expired") == 0) @@ -780,6 +813,9 @@ pam_chauthtok (pam_handle_t *pamh, int flags) if (pamh == NULL) return PAM_SYSTEM_ERR; + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_chauthtok"); + msg = malloc (sizeof (struct pam_message *) * 1); msg[0] = malloc (sizeof (struct pam_message)); msg[0]->msg_style = PAM_PROMPT_ECHO_OFF; @@ -815,6 +851,9 @@ pam_setcred (pam_handle_t *pamh, int flags) if (pamh == NULL) return PAM_SYSTEM_ERR; + if (strcmp (pamh->user, "log-pam") == 0) + send_info (pamh, "pam_setcred"); + /* Put the test directories into the path */ e = g_strdup_printf ("PATH=%s/tests/src/.libs:%s/tests/src:%s/tests/src:%s/src:%s", BUILDDIR, BUILDDIR, SRCDIR, BUILDDIR, pam_getenv (pamh, "PATH")); pam_putenv (pamh, e); @@ -858,7 +897,7 @@ pam_end (pam_handle_t *pamh, int pam_status) { if (pamh == NULL) return PAM_SYSTEM_ERR; - + free (pamh->service_name); if (pamh->user) free (pamh->user); diff --git a/tests/src/test-runner.c b/tests/src/test-runner.c index a8ed5860..491a16c8 100644 --- a/tests/src/test-runner.c +++ b/tests/src/test-runner.c @@ -1389,6 +1389,8 @@ main (int argc, char **argv) {"cred-expired", "password", TRUE, "Cred Expired", NULL, NULL, NULL, NULL, 1028}, /* This account has cannot access their credentials */ {"cred-unavail", "password", TRUE, "Cred Unavail", NULL, NULL, NULL, NULL, 1029}, + /* This account sends informational messages for each PAM function that is called */ + {"log-pam", "password", TRUE, "Log PAM", NULL, NULL, NULL, NULL, 1030}, {NULL, NULL, FALSE, NULL, NULL, NULL, NULL, NULL, 0} }; passwd_data = g_string_new (""); diff --git a/tests/test-login-pam b/tests/test-login-pam new file mode 100755 index 00000000..e6e52f25 --- /dev/null +++ b/tests/test-login-pam @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner login-pam test-gobject-greeter diff --git a/tests/test-pam b/tests/test-pam new file mode 100755 index 00000000..d8527e8d --- /dev/null +++ b/tests/test-pam @@ -0,0 +1,2 @@ +#!/bin/sh +./src/dbus-env ./src/test-runner pam test-gobject-greeter |