commit: d064738bad821f05b5851c20501fad2e2207cb3f
parent 510ee8a7f2e78d8ac433293ef2ca27bdf45ff345
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sat, 8 Oct 2022 19:11:53 +0200
Add testsuite
Diffstat:
6 files changed, 89 insertions(+), 4 deletions(-)
diff --git a/.gitignore b/.gitignore
@@ -2,3 +2,4 @@
# SPDX-License-Identifier: AGPL-3.0-only
/login
/su
+/common_test
diff --git a/Kyuafile b/Kyuafile
@@ -0,0 +1,8 @@
+syntax(2)
+--Copyright © 2022 Haelwenn (lanodan) Monnier <contact+skeud@hacktivis.me>
+--SPDX-License-Identifier: AGPL-3.0-only
+
+test_suite("skeud")
+
+-- /BEGIN/,$|LC_ALL=C.UTF-8 sort
+atf_test_program{name="common_test"}
diff --git a/Makefile b/Makefile
@@ -10,6 +10,7 @@ BINDIR ?= $(PREFIX)/bin
MANDIR ?= $(PREFIX)/share/man
SYS_EXE = login su
+TEST_EXE = common_test
MAN1 = login.1
all: $(SYS_EXE)
@@ -27,6 +28,13 @@ su_SRC = su.c common.c
su: $(su_SRC) Makefile
$(CC) -std=c11 $(CFLAGS) -o $@ $(su_SRC) -lcrypt $(LDFLAGS)
+common_test: common_test.c common.c Makefile
+ $(CC) -std=c11 $(CFLAGS) `pkg-config --cflags atf-c` -o $@ common_test.c common.c `pkg-config --libs atf-c` -lcrypt $(LDFLAGS)
+
+.PHONY: test
+test: $(TEST_EXE)
+ kyua test || (kyua report --verbose; false)
+
.PHONY: install
install: all
mkdir -p $(DESTDIR)$(SYS_BINDIR)/
@@ -43,7 +51,7 @@ format:
.PHONY: clean
clean:
- rm $(SYS_EXE)
+ rm $(SYS_EXE) $(TEST_EXE)
.PHONY: lint
lint:
diff --git a/common.c b/common.c
@@ -12,14 +12,14 @@
#include <termios.h> // tcgetattr, tcsetattr
#include <unistd.h> // crypt
-static size_t
+size_t
smin(size_t a, size_t b)
{
return a < b ? a : b;
}
// Needs to be constant-time so the hash can't be guessed via using a rainbow-table
-static bool
+bool
hash_match(char *a, char *b)
{
/* flawfinder: ignore CWE-126 */
diff --git a/common.h b/common.h
@@ -4,5 +4,7 @@
#include <stdbool.h> // bool
#include <sys/types.h> // ssize_t
-ssize_t skeud_getpass(char **password);
+size_t smin(size_t a, size_t b);
+bool hash_match(char *a, char *b);
bool skeud_crypt_check(char *hash, char *password);
+ssize_t skeud_getpass(char **password);
diff --git a/common_test.c b/common_test.c
@@ -0,0 +1,66 @@
+// SPDX-FileCopyrightText: 2022 Haelwenn (lanodan) Monnier <contact+skeud@hacktivis.me>
+// SPDX-License-Identifier: AGPL-3.0-only
+
+#include "common.h"
+
+#include <atf-c.h> // ATF*, atf*
+
+ATF_TC(smin_tc);
+ATF_TC_HEAD(smin_tc, tc) { atf_tc_set_md_var(tc, "descr", "smin returns correct values"); }
+ATF_TC_BODY(smin_tc, tc)
+{
+ ATF_CHECK(smin(1, 2) == 1);
+ ATF_CHECK(smin(1, 1) == 1);
+ ATF_CHECK(smin(2, 1) == 1);
+}
+
+ATF_TC(hash_match_tc);
+ATF_TC_HEAD(hash_match_tc, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "hash_match returns correct values");
+}
+ATF_TC_BODY(hash_match_tc, tc)
+{
+ // Maybe check for constant time somehow?
+ ATF_CHECK(hash_match("foo", "foo"));
+ ATF_CHECK(!hash_match("foo", "bar"));
+ ATF_CHECK(!hash_match("foo", "fooo"));
+ ATF_CHECK(!hash_match("fooo", "foo"));
+}
+
+ATF_TC(skeud_crypt_check_tc);
+ATF_TC_HEAD(skeud_crypt_check_tc, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "skeud_crypt_check returns correct values");
+}
+ATF_TC_BODY(skeud_crypt_check_tc, tc)
+{
+ ATF_CHECK(!skeud_crypt_check(NULL, "foobar"));
+ ATF_CHECK(!skeud_crypt_check("", "foobar"));
+ ATF_CHECK(!skeud_crypt_check("x", "foobar"));
+ ATF_CHECK(!skeud_crypt_check("foobar", "foobar"));
+
+ // DES: openssl passwd -noverify
+ ATF_CHECK(skeud_crypt_check("FmuFhHU.nJlkg", "foobar"));
+
+ // MD5: openssl passwd -1 -noverify
+ ATF_CHECK(skeud_crypt_check("$1$L0.ptviH$oU/aJvI7BwUtWXzeJ3nGU.", "foobar"));
+
+ // SHA256: openssl passwd -5 -noverify
+ ATF_CHECK(skeud_crypt_check("$5$8VryLuwDTzZ8MSZX$2UIaWB5LcMlhXv7UQIBcFeq8/Dr6PswXZP/SJ09L01B",
+ "foobar"));
+
+ // SHA512: openssl passwd -6 -noverify
+ ATF_CHECK(skeud_crypt_check("$6$QUEEGuX9dkGlNkTP$IJwcvb6tpm63hoOfm9QJjEgjte/"
+ "OpcQS3S43zDN95G3diJ5Xc/OlhhbCkUyV/A0ARhgQj2D/4m/DWhwvvs3A91",
+ "foobar"));
+}
+
+ATF_TP_ADD_TCS(tp)
+{
+ ATF_TP_ADD_TC(tp, smin_tc);
+ ATF_TP_ADD_TC(tp, hash_match_tc);
+ ATF_TP_ADD_TC(tp, skeud_crypt_check_tc);
+
+ return atf_no_error();
+}
