From 06eaf7232e9a920468c0f8d74dcf2fe8b555501c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 13 Apr 2024 14:24:36 +0200 Subject: Adding upstream version 1:10.11.6. Signed-off-by: Daniel Baumann --- plugin/auth_pam/testing/CMakeLists.txt | 15 ++++++ plugin/auth_pam/testing/mariadb_mtr.conf | 4 ++ plugin/auth_pam/testing/pam_mariadb_mtr.c | 84 +++++++++++++++++++++++++++++++ 3 files changed, 103 insertions(+) create mode 100644 plugin/auth_pam/testing/CMakeLists.txt create mode 100644 plugin/auth_pam/testing/mariadb_mtr.conf create mode 100644 plugin/auth_pam/testing/pam_mariadb_mtr.c (limited to 'plugin/auth_pam/testing') diff --git a/plugin/auth_pam/testing/CMakeLists.txt b/plugin/auth_pam/testing/CMakeLists.txt new file mode 100644 index 00000000..151823b9 --- /dev/null +++ b/plugin/auth_pam/testing/CMakeLists.txt @@ -0,0 +1,15 @@ +# gcc pam_mariadb_mtr.c -shared -lpam -fPIC -o pam_mariadb_mtr.so + +ADD_LIBRARY(pam_mariadb_mtr MODULE pam_mariadb_mtr.c) +SET_TARGET_PROPERTIES (pam_mariadb_mtr PROPERTIES PREFIX "") +TARGET_LINK_LIBRARIES(pam_mariadb_mtr pam) + +IF(CMAKE_C_COMPILER_ID MATCHES "Clang") + SET_SOURCE_FILES_PROPERTIES( + pam_mariadb_mtr.c + PROPERTY COMPILE_FLAGS "-Wno-incompatible-pointer-types-discards-qualifiers") +ENDIF() + +SET(dest DESTINATION "${INSTALL_MYSQLTESTDIR}/suite/plugins/pam" COMPONENT Test) +INSTALL(TARGETS pam_mariadb_mtr ${dest}) +INSTALL(FILES mariadb_mtr.conf RENAME mariadb_mtr ${dest}) diff --git a/plugin/auth_pam/testing/mariadb_mtr.conf b/plugin/auth_pam/testing/mariadb_mtr.conf new file mode 100644 index 00000000..241afb43 --- /dev/null +++ b/plugin/auth_pam/testing/mariadb_mtr.conf @@ -0,0 +1,4 @@ +# Put it in /etc/pam.d/mariadb_mtr + +auth required pam_mariadb_mtr.so pam_test +account required pam_permit.so diff --git a/plugin/auth_pam/testing/pam_mariadb_mtr.c b/plugin/auth_pam/testing/pam_mariadb_mtr.c new file mode 100644 index 00000000..108aeb94 --- /dev/null +++ b/plugin/auth_pam/testing/pam_mariadb_mtr.c @@ -0,0 +1,84 @@ +/* + This code is in the public domain and has no copyright. + + Pam module to test pam authentication plugin. Used in pam tests. + Linux only. + + Install as appropriate (for example, in /lib/security/). + see also mariadb_mtr.conf +*/ + +#include +#include +#include +#include + +#define N 3 + +int pam_sm_authenticate(pam_handle_t *pamh, int flags __attribute__((unused)), + int argc, const char *argv[]) +{ + struct pam_conv *conv; + struct pam_response *resp = 0; + int pam_err, retval = PAM_SYSTEM_ERR; + struct pam_message msg[N] = { + { PAM_TEXT_INFO, (char*)"Challenge input first." }, + { PAM_PROMPT_ECHO_OFF, (char*)"Enter:" }, + { PAM_ERROR_MSG, (char*)"Now, the magic number!" } + }; + const struct pam_message *msgp[N] = { msg, msg+1, msg+2 }; + char *r1 = 0, *r2 = 0; + + pam_err = pam_get_item(pamh, PAM_CONV, (const void **)&conv); + if (pam_err != PAM_SUCCESS) + goto ret; + + pam_err = (*conv->conv)(N, msgp, &resp, conv->appdata_ptr); + + if (pam_err != PAM_SUCCESS || !resp || !((r1= resp[1].resp))) + goto ret; + + if (strcmp(r1, "cleartext good") == 0) + retval = PAM_SUCCESS; + else if (strcmp(r1, "cleartext bad") == 0) + retval = PAM_AUTH_ERR; + else + { + free(resp); + resp= NULL; + msg[0].msg_style = PAM_PROMPT_ECHO_ON; + msg[0].msg = (char*)"PIN:"; + pam_err = (*conv->conv)(1, msgp, &resp, conv->appdata_ptr); + + if (pam_err != PAM_SUCCESS || !resp || !((r2= resp[0].resp))) + goto ret; + + /* Produce the crash for testing purposes. */ + if (strcmp(r1, "crash pam module") == 0 && atoi(r2) == 616) + abort(); + + if (strlen(r1) == (size_t)atoi(r2) % 100) + retval = PAM_SUCCESS; + else + retval = PAM_AUTH_ERR; + } + + if (argc > 0 && argv[0]) + pam_set_item(pamh, PAM_USER, argv[0]); + +ret: + free(resp); + free(r1); + free(r2); + return retval; +} + +int pam_sm_setcred(pam_handle_t *pamh __attribute__((unused)), + int flags __attribute__((unused)), + int argc __attribute__((unused)), + const char *argv[] __attribute__((unused))) +{ + + return PAM_SUCCESS; +} + -- cgit v1.2.3