1/* $NetBSD: test_acl.c,v 1.2 2017/01/28 21:31:49 christos Exp $ */ 2 3/* 4 * Copyright (c) 2004 Kungliga Tekniska H��gskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * 3. Neither the name of KTH nor the names of its contributors may be 20 * used to endorse or promote products derived from this software without 21 * specific prior written permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY 24 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 26 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE 27 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 28 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 29 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 30 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 31 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 32 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 33 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ 34 35#include "krb5_locl.h" 36#include <err.h> 37 38#define RETVAL(c, r, e, s) \ 39 do { if (r != e) krb5_errx(c, 1, "%s", s); } while (0) 40#define STRINGMATCH(c, s, _s1, _s2) \ 41 do { \ 42 if (_s1 == NULL || _s2 == NULL) \ 43 krb5_errx(c, 1, "s1 or s2 is NULL"); \ 44 if (strcmp(_s1,_s2) != 0) \ 45 krb5_errx(c, 1, "%s", s); \ 46 } while (0) 47 48static void 49test_match_string(krb5_context context) 50{ 51 krb5_error_code ret; 52 char *s1, *s2; 53 54 ret = krb5_acl_match_string(context, "foo", "s", "foo"); 55 RETVAL(context, ret, 0, "single s"); 56 ret = krb5_acl_match_string(context, "foo foo", "s", "foo"); 57 RETVAL(context, ret, EACCES, "too many strings"); 58 ret = krb5_acl_match_string(context, "foo bar", "ss", "foo", "bar"); 59 RETVAL(context, ret, 0, "two strings"); 60 ret = krb5_acl_match_string(context, "foo bar", "ss", "foo", "bar"); 61 RETVAL(context, ret, 0, "two strings double space"); 62 ret = krb5_acl_match_string(context, "foo \tbar", "ss", "foo", "bar"); 63 RETVAL(context, ret, 0, "two strings space + tab"); 64 ret = krb5_acl_match_string(context, "foo", "ss", "foo", "bar"); 65 RETVAL(context, ret, EACCES, "one string, two format strings"); 66 ret = krb5_acl_match_string(context, "foo", "ss", "foo", "foo"); 67 RETVAL(context, ret, EACCES, "one string, two format strings (same)"); 68 ret = krb5_acl_match_string(context, "foo \t", "s", "foo"); 69 RETVAL(context, ret, 0, "ending space"); 70 71 ret = krb5_acl_match_string(context, "foo/bar", "f", "foo/bar"); 72 RETVAL(context, ret, 0, "liternal fnmatch"); 73 ret = krb5_acl_match_string(context, "foo/bar", "f", "foo/*"); 74 RETVAL(context, ret, 0, "foo/*"); 75 ret = krb5_acl_match_string(context, "foo/bar.example.org", "f", 76 "foo/*.example.org"); 77 RETVAL(context, ret, 0, "foo/*.example.org"); 78 ret = krb5_acl_match_string(context, "foo/bar.example.com", "f", 79 "foo/*.example.org"); 80 RETVAL(context, ret, EACCES, "foo/*.example.com"); 81 82 ret = krb5_acl_match_string(context, "foo/bar/baz", "f", "foo/*/baz"); 83 RETVAL(context, ret, 0, "foo/*/baz"); 84 85 ret = krb5_acl_match_string(context, "foo", "r", &s1); 86 RETVAL(context, ret, 0, "ret 1"); 87 STRINGMATCH(context, "ret 1 match", s1, "foo"); free(s1); 88 89 ret = krb5_acl_match_string(context, "foo bar", "rr", &s1, &s2); 90 RETVAL(context, ret, 0, "ret 2"); 91 STRINGMATCH(context, "ret 2 match 1", s1, "foo"); free(s1); 92 STRINGMATCH(context, "ret 2 match 2", s2, "bar"); free(s2); 93 94 ret = krb5_acl_match_string(context, "foo bar", "sr", "bar", &s1); 95 RETVAL(context, ret, EACCES, "ret mismatch"); 96 if (s1 != NULL) krb5_errx(context, 1, "s1 not NULL"); 97 98 ret = krb5_acl_match_string(context, "foo", "l", "foo"); 99 RETVAL(context, ret, EINVAL, "unknown letter"); 100} 101 102 103int 104main(int argc, char **argv) 105{ 106 krb5_context context; 107 krb5_error_code ret; 108 109 setprogname(argv[0]); 110 111 ret = krb5_init_context(&context); 112 if (ret) 113 errx (1, "krb5_init_context failed: %d", ret); 114 115 test_match_string(context); 116 117 krb5_free_context(context); 118 119 return 0; 120} 121