diff options
| author | Marco Trevisan (Treviño) <[email protected]> | 2023-09-19 18:21:03 +0200 |
|---|---|---|
| committer | Marco Trevisan (Treviño) <[email protected]> | 2023-09-19 18:46:25 +0200 |
| commit | 1cab6e699cc2486f7e1879b41a10b7b76806206b (patch) | |
| tree | f4bf41965f81a140cb3eb11411aed895ff72c748 | |
| parent | ca3e79e6055a0ac8e68903036973493007e497fa (diff) | |
transaction_test: Add more authentication tests to run as user
So that it's possible also to verify an info text conversation
| -rw-r--r-- | test-services/deny-service | 2 | ||||
| -rw-r--r-- | test-services/echo-service | 3 | ||||
| -rw-r--r-- | transaction_test.go | 40 |
3 files changed, 45 insertions, 0 deletions
diff --git a/test-services/deny-service b/test-services/deny-service new file mode 100644 index 0000000..c73363a --- /dev/null +++ b/test-services/deny-service @@ -0,0 +1,2 @@ +# Custom stack to deny permit, independent of the user name/pass +auth requisite pam_deny.so diff --git a/test-services/echo-service b/test-services/echo-service new file mode 100644 index 0000000..1734a00 --- /dev/null +++ b/test-services/echo-service @@ -0,0 +1,3 @@ +# Custom stack to always permit, independent of the user name/pass +auth optional pam_echo.so This is an info message for user %u on %s +auth required pam_permit.so diff --git a/transaction_test.go b/transaction_test.go index acf7053..780c06c 100644 --- a/transaction_test.go +++ b/transaction_test.go @@ -204,6 +204,46 @@ func TestPAM_ConfDir_FailNoServiceOrUnsupported(t *testing.T) { } } +func TestPAM_ConfDir_InfoMessage(t *testing.T) { + u, _ := user.Current() + var infoText string + tx, err := StartConfDir("echo-service", u.Username, + ConversationFunc(func(s Style, msg string) (string, error) { + switch s { + case TextInfo: + infoText = msg + return "", nil + } + return "", errors.New("unexpected") + }), "test-services") + if err != nil { + t.Fatalf("start #error: %v", err) + } + err = tx.Authenticate(0) + if err != nil { + t.Fatalf("authenticate #error: %v", err) + } + if infoText != "This is an info message for user " + u.Username + " on echo-service" { + t.Fatalf("Unexpected info message: %v", infoText) + } +} + +func TestPAM_ConfDir_Deny(t *testing.T) { + u, _ := user.Current() + tx, err := StartConfDir("deny-service", u.Username, Credentials{}, "test-services") + if err != nil { + t.Fatalf("start #error: %v", err) + } + err = tx.Authenticate(0) + if err == nil { + t.Fatalf("authenticate #expected an error") + } + s := err.Error() + if len(s) == 0 { + t.Fatalf("error #expected an error message") + } +} + func TestItem(t *testing.T) { tx, _ := StartFunc("passwd", "test", func(s Style, msg string) (string, error) { return "", nil |