clones/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2024-09-21 10:27:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tests: pam-test was restricted to pam_matrix

Browse Source 
valgrind and asan were indicating issues with pam_oath, so
avoid using it in the testsuite.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
This commit is contained in:
Nikos Mavrogiannopoulos 2018-04-14 18:15:52 +02:00
parent cf8304cadf
commit 0bb085de4a
3 changed files with 6 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -32,7 +32,6 @@ seccomp: libseccomp-dev / libseccomp-devel
occtl: libreadline-dev / readline-devel
libnl-route-3-dev / libnl3-devel
GSSAPI: libkrb5-dev / krb5-devel
OATH: liboath-dev / liboath-devel
Radius: libradcli-dev / radcli-devel
```
@ -54,7 +53,6 @@ libpam-wrapper / pam_wrapper
libnss-wrapper / nss_wrapper
libsocket-wrapper / socket_wrapper
gss-ntlmssp / gssntlmssp
libpam-oath / pam_oath
haproxy / haproxy
iputils-ping / iputils
```

1
tests/data/pam/ocserv.in
View File

@ -1,6 +1,5 @@
#%PAM-1.0
auth required @PAMWRAPDIR@/pam_matrix.so passdb=./data/pam/passdb
auth requisite @PAMDIR@/pam_oath.so debug usersfile=./data/pam/users.oath window=20
account required @PAMWRAPDIR@/pam_matrix.so passdb=./data/pam/passdb
account required @PAMWRAPDIR@/pam_matrix.so passdb=./data/pam/passdb
session required @PAMWRAPDIR@/pam_matrix.so passdb=./data/pam/passdb

17
tests/test-pam
View File

@ -27,7 +27,7 @@ VERBOSE=1
. `dirname $0`/common.sh
echo "Testing PAM backend with username-password-otp... "
echo "Testing PAM backend with username-password... "
export PAMDIR=pam
update_config test-pam.config
@ -35,23 +35,18 @@ launch_sr_pam_server -d 1 -f -c ${CONFIG} & PID=$!
wait_server $PID
echo ""
echo "Connecting with wrong password and OTP... "
( echo -e "testuser\n9999999\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u testuser --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
echo "Connecting with wrong password... "
( echo -e "testuser\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u testuser --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
fail $PID "Received cookie with wrong cred"
echo ""
echo "Connecting with wrong username... "
( echo -e "testuser123\n328482\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
( echo -e "testuser123\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
fail $PID "Received cookie with wrong cred"
echo ""
echo "Connecting with wrong OTP... "
( echo -e "testuser123\n328489\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u testuser --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1 ) &&
fail $PID "Received cookie with wrong cred"
echo ""
echo "Connecting with correct password and OTP... "
( echo -e "testuser123\n328482\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u testuser --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly ) ||#>/dev/null 2>&1 ) ||
echo "Connecting with correct password... "
( echo -e "testuser123\n" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -v $ADDRESS:$PORT --authgroup group2 -u testuser --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly ) ||#>/dev/null 2>&1 ) ||
fail $PID "Could not receive cookie from server"
cleanup