diff options
Diffstat (limited to 'lib/iolog/regress/iolog_filter')
-rw-r--r-- | lib/iolog/regress/iolog_filter/check_iolog_filter.c | 203 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test1/log | 3 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test1/timing | 44 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test1/ttyin | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test1/ttyin.filtered | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test1/ttyout | 7 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test2/log | 3 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test2/timing | 73 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test2/ttyin | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test2/ttyin.filtered | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test2/ttyout | 4 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test3/log | 3 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test3/timing | 54 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test3/ttyin | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test3/ttyin.filtered | 1 | ||||
-rw-r--r-- | lib/iolog/regress/iolog_filter/test3/ttyout | 6 |
16 files changed, 406 insertions, 0 deletions
diff --git a/lib/iolog/regress/iolog_filter/check_iolog_filter.c b/lib/iolog/regress/iolog_filter/check_iolog_filter.c new file mode 100644 index 0000000..d24f12f --- /dev/null +++ b/lib/iolog/regress/iolog_filter/check_iolog_filter.c @@ -0,0 +1,203 @@ +/* + * SPDX-License-Identifier: ISC + * + * Copyright (c) 2022 Todd C. Miller <Todd.Miller@sudo.ws> + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include <config.h> + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <fcntl.h> +#include <unistd.h> + +#define SUDO_ERROR_WRAP 0 + +#include "sudo_compat.h" +#include "sudo_util.h" +#include "sudo_fatal.h" + +#include "sudo_iolog.h" + +sudo_dso_public int main(int argc, char *argv[]); + +int +main(int argc, char *argv[]) +{ + int dfd = -1, ttyin_fd = -1, ttyout_fd = -1, ttyin_ok_fd = -1; + int ch, i, ntests = 0, errors = 0; + void *passprompt_regex = NULL; + + initprogname(argc > 0 ? argv[0] : "check_iolog_filter"); + + while ((ch = getopt(argc, argv, "v")) != -1) { + switch (ch) { + case 'v': + /* ignore */ + break; + default: + fprintf(stderr, "usage: %s [-v] iolog_dir ...\n", getprogname()); + return EXIT_FAILURE; + } + } + argc -= optind; + argv += optind; + + passprompt_regex = iolog_pwfilt_alloc(); + if (passprompt_regex == NULL) + sudo_fatalx("unable to allocate memory"); + if (!iolog_pwfilt_add(passprompt_regex, "(?i)password[: ]*")) + exit(1); + + for (i = 0; i < argc; i++) { + struct iolog_file iolog_timing = { true }; + struct timing_closure timing; + const char *logdir = argv[i]; + char tbuf[8192], fbuf[8192]; + ssize_t nread; + + ntests++; + + /* I/O logs consist of multiple files in a directory. */ + dfd = open(logdir, O_RDONLY); + if (dfd == -1) { + sudo_warn("%s", logdir); + errors++; + continue; + } + + if (!iolog_open(&iolog_timing, dfd, IOFD_TIMING, "r")) { + sudo_warn("timing"); + errors++; + goto next; + } + + ttyout_fd = openat(dfd, "ttyout", O_RDONLY, 0644); + if (ttyout_fd == -1) { + sudo_warn("ttyout"); + errors++; + goto next; + } + + ttyin_fd = openat(dfd, "ttyin", O_RDONLY, 0644); + if (ttyin_fd == -1) { + sudo_warn("ttyin"); + errors++; + goto next; + } + + ttyin_ok_fd = openat(dfd, "ttyin.filtered", O_RDONLY, 0644); + if (ttyin_ok_fd == -1) { + sudo_warn("ttyin.filtered"); + errors++; + goto next; + } + + memset(&timing, 0, sizeof(timing)); + timing.decimal = "."; + for (;;) { + char *newbuf = NULL; + const char *name; + int fd; + + if (iolog_read_timing_record(&iolog_timing, &timing) != 0) + break; + + switch (timing.event) { + case IO_EVENT_TTYOUT: + fd = ttyout_fd; + name = "ttyout"; + break; + case IO_EVENT_TTYIN: + fd = ttyin_fd; + name = "ttyin"; + break; + default: + continue; + } + + if (timing.u.nbytes > sizeof(tbuf)) { + sudo_warn("buffer too small, %zu > %zu", timing.u.nbytes, + sizeof(tbuf)); + errors++; + continue; + } + + nread = read(fd, tbuf, timing.u.nbytes); + if ((size_t)nread != timing.u.nbytes) { + if (nread == -1) + sudo_warn("%s/%s", argv[i], name); + else + sudo_warnx("%s/%s: short read", argv[i], name); + errors++; + continue; + } + + /* Apply filter. */ + if (!iolog_pwfilt_run(passprompt_regex, timing.event, tbuf, + timing.u.nbytes, &newbuf)) { + errors++; + continue; + } + + if (timing.event == IO_EVENT_TTYIN) { + nread = read(ttyin_ok_fd, fbuf, timing.u.nbytes); + if (nread == -1) { + if (nread == -1) + sudo_warn("%s/ttyin.filtered", argv[i]); + else + sudo_warnx("%s/ttyin.filtered: short read", argv[i]); + errors++; + free(newbuf); + break; + } + if (memcmp(fbuf, newbuf ? newbuf : tbuf, timing.u.nbytes) != 0) { + sudo_warnx("%s: ttyin mismatch at byte %lld", argv[i], + (long long)lseek(fd, 0, SEEK_CUR)); + errors++; + free(newbuf); + break; + } + } + + free(newbuf); + } +next: + if (ttyin_fd != -1) { + close(ttyin_fd); + ttyin_fd = -1; + } + if (ttyin_ok_fd != -1) { + close(ttyin_ok_fd); + ttyin_ok_fd = -1; + } + if (dfd != -1) { + close(dfd); + dfd = -1; + } + if (iolog_timing.enabled) + iolog_close(&iolog_timing, NULL); + } + iolog_pwfilt_free(passprompt_regex); + + if (ntests != 0) { + printf("iolog_filter: %d test%s run, %d errors, %d%% success rate\n", + ntests, ntests == 1 ? "" : "s", errors, + (ntests - errors) * 100 / ntests); + } + + return errors; +} diff --git a/lib/iolog/regress/iolog_filter/test1/log b/lib/iolog/regress/iolog_filter/test1/log new file mode 100644 index 0000000..551adfb --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test1/log @@ -0,0 +1,3 @@ +1645151020:millert:root::/dev/ttypb:24:80 +/home/millert +/usr/bin/passwd diff --git a/lib/iolog/regress/iolog_filter/test1/timing b/lib/iolog/regress/iolog_filter/test1/timing new file mode 100644 index 0000000..3a62388 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test1/timing @@ -0,0 +1,44 @@ +4 0.087089703 32 +4 0.000503221 13 +3 1.617732029 1 +3 0.671818399 1 +3 0.632182533 1 +3 0.135484597 1 +3 0.120171445 1 +3 0.120200768 1 +3 0.239782513 1 +3 0.064059449 1 +3 0.184048364 1 +3 0.135992479 1 +3 0.167905298 1 +3 0.087948033 1 +3 0.135913060 1 +3 0.136306311 1 +3 0.279830387 1 +3 0.280221744 1 +4 0.000453682 2 +4 0.001188404 20 +3 0.678534827 1 +3 1.912119627 1 +3 0.303804149 1 +3 0.071831900 1 +3 0.248608651 1 +3 0.088758738 1 +3 0.262821628 1 +3 0.111839737 1 +3 0.184326849 1 +3 0.119709565 1 +3 0.184446495 1 +3 0.089439595 1 +3 0.150353799 1 +3 0.152035883 1 +3 0.392237165 1 +3 0.183498720 1 +3 0.136099560 1 +3 0.256165394 1 +4 0.000392254 2 +4 0.000348360 35 +4 0.000330782 13 +3 0.871580665 1 +4 0.000434371 2 +4 0.001150945 23 diff --git a/lib/iolog/regress/iolog_filter/test1/ttyin b/lib/iolog/regress/iolog_filter/test1/ttyin new file mode 100644 index 0000000..5a2067d --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test1/ttyin @@ -0,0 +1 @@ +A new password?
A bad password...
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test1/ttyin.filtered b/lib/iolog/regress/iolog_filter/test1/ttyin.filtered new file mode 100644 index 0000000..d4943b3 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test1/ttyin.filtered @@ -0,0 +1 @@ +***************
*****************
*
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test1/ttyout b/lib/iolog/regress/iolog_filter/test1/ttyout new file mode 100644 index 0000000..bac1f87 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test1/ttyout @@ -0,0 +1,7 @@ +Changing password for millert.
+New password:
+Retype new password:
+Mismatch; try again, EOF to quit.
+New password:
+
+Password unchanged.
diff --git a/lib/iolog/regress/iolog_filter/test2/log b/lib/iolog/regress/iolog_filter/test2/log new file mode 100644 index 0000000..8790573 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test2/log @@ -0,0 +1,3 @@ +1645153850:millert:millert::/dev/ttypb:24:80 +/home/millert +/usr/bin/su testdude diff --git a/lib/iolog/regress/iolog_filter/test2/timing b/lib/iolog/regress/iolog_filter/test2/timing new file mode 100644 index 0000000..7e6b1cc --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test2/timing @@ -0,0 +1,73 @@ +4 0.077895153 9 +3 9.876530326 1 +3 0.191980568 1 +3 0.168017746 1 +3 0.088081740 1 +3 0.183886638 1 +3 0.071966892 1 +3 0.175772878 1 +3 0.672270691 1 +4 0.000336085 2 +4 0.022264031 8 +3 4.721817713 1 +4 0.001379444 1 +3 0.086406844 1 +4 0.000383615 1 +3 0.055583229 1 +4 0.000353543 1 +3 0.079726966 1 +4 0.000336390 1 +3 0.063626746 1 +4 0.000719018 1 +3 0.135204338 1 +4 0.000342720 1 +3 0.095976209 1 +4 0.000338049 1 +3 0.047259669 1 +4 0.000339501 1 +3 0.399809817 1 +4 0.000345392 1 +3 0.111587761 1 +4 0.000366589 1 +3 0.087582640 1 +4 0.000328160 1 +3 0.480159500 1 +4 0.000370778 3 +3 0.143285883 1 +4 0.000332529 3 +3 0.135841236 1 +4 0.000343729 3 +3 0.223401313 1 +4 0.000329496 1 +3 0.063760060 1 +4 0.000382349 1 +3 0.087442363 1 +4 0.000345787 1 +3 0.095598655 1 +4 0.000343712 1 +3 0.560106197 1 +4 0.000405183 3 +3 0.151363786 1 +4 0.000345085 3 +3 0.167809002 1 +4 0.000326037 3 +3 0.135471962 1 +4 0.000378004 3 +3 0.111681517 1 +4 0.000329093 1 +3 0.127537491 1 +4 0.000355403 1 +3 0.103896235 1 +4 0.000320608 1 +3 0.095563437 1 +4 0.000327463 1 +3 0.087808248 1 +4 0.000321244 1 +3 0.503531970 1 +4 0.000338699 1 +3 1.383887942 1 +4 0.000324499 3 +4 0.000334583 11 +4 0.000324866 8 +3 0.999440679 1 +4 0.000365851 5 diff --git a/lib/iolog/regress/iolog_filter/test2/ttyin b/lib/iolog/regress/iolog_filter/test2/ttyin new file mode 100644 index 0000000..29482c0 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test2/ttyin @@ -0,0 +1 @@ +test123
echo hi ereherethere!
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test2/ttyin.filtered b/lib/iolog/regress/iolog_filter/test2/ttyin.filtered new file mode 100644 index 0000000..e3c303d --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test2/ttyin.filtered @@ -0,0 +1 @@ +*******
echo hi ereherethere!
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test2/ttyout b/lib/iolog/regress/iolog_filter/test2/ttyout new file mode 100644 index 0000000..dbb7124 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test2/ttyout @@ -0,0 +1,4 @@ +Password:
+xerxes$ echo hi ere here there!
+hi there!
+xerxes$ ^D
diff --git a/lib/iolog/regress/iolog_filter/test3/log b/lib/iolog/regress/iolog_filter/test3/log new file mode 100644 index 0000000..f0500f4 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test3/log @@ -0,0 +1,3 @@ +1645201461:millert:root::/dev/ttyp0:24:80 +/home/millert +/usr/bin/ssh -oPubkeyAuthentication=no localhost diff --git a/lib/iolog/regress/iolog_filter/test3/timing b/lib/iolog/regress/iolog_filter/test3/timing new file mode 100644 index 0000000..03b67f4 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test3/timing @@ -0,0 +1,54 @@ +4 0.158768144 1 +4 0.000406264 27 +3 4.390837642 1 +3 0.119705081 1 +3 0.175600726 1 +3 0.064357615 1 +3 0.239945395 1 +3 0.088142451 1 +3 0.143665762 1 +3 0.071941169 1 +3 0.208359675 1 +3 0.145706215 1 +3 0.302231926 1 +3 0.079805215 1 +3 0.112114024 1 +3 0.143802378 1 +3 0.160033289 1 +4 0.000416283 2 +4 0.042939142 40 +4 0.000399448 27 +3 1.084753026 1 +3 0.087720859 1 +3 0.215896027 1 +3 0.167921572 1 +3 0.304253899 1 +3 0.103807201 1 +3 0.191962088 1 +3 0.071989566 1 +3 0.296183440 1 +3 0.162262688 1 +3 0.125661454 1 +3 0.192164590 1 +4 0.000394039 2 +4 0.034617321 40 +4 0.000414822 27 +3 0.796676353 1 +3 0.119589531 1 +3 0.120189440 1 +3 0.080002264 1 +3 0.120104599 1 +3 0.087897523 1 +3 0.088072936 1 +3 0.111980459 1 +3 0.064099904 1 +3 0.440166638 1 +3 0.159957933 1 +3 0.063988834 1 +3 0.247906778 1 +3 0.167767797 1 +3 0.151961605 1 +3 0.176237322 1 +3 0.368288839 1 +4 0.000364019 2 +4 0.034413644 79 diff --git a/lib/iolog/regress/iolog_filter/test3/ttyin b/lib/iolog/regress/iolog_filter/test3/ttyin new file mode 100644 index 0000000..224e0b4 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test3/ttyin @@ -0,0 +1 @@ +not a password
nope, sorry
try again please
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test3/ttyin.filtered b/lib/iolog/regress/iolog_filter/test3/ttyin.filtered new file mode 100644 index 0000000..bc6dfb5 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test3/ttyin.filtered @@ -0,0 +1 @@ +**************
***********
****************
\ No newline at end of file diff --git a/lib/iolog/regress/iolog_filter/test3/ttyout b/lib/iolog/regress/iolog_filter/test3/ttyout new file mode 100644 index 0000000..b6befb9 --- /dev/null +++ b/lib/iolog/regress/iolog_filter/test3/ttyout @@ -0,0 +1,6 @@ +
root@localhost's password:
+Permission denied, please try again.
+
root@localhost's password:
+Permission denied, please try again.
+
root@localhost's password:
+root@localhost: Permission denied (publickey,password,keyboard-interactive).
|