2 * Test for the Heimdal shared module API.
4 * Written by Russ Allbery <rra@stanford.edu>
6 * The Board of Trustees of the Leland Stanford Junior University
8 * See LICENSE for licensing terms.
12 #include <portable/system.h>
18 /* kadm5-pwcheck.h isn't always installed by Heimdal. */
19 #ifdef HAVE_KADM5_PWCHECK_H
20 # include <kadm5-pwcheck.h>
22 # define KADM5_PASSWD_VERSION_V1 1
25 (*kadm5_passwd_quality_check_func)(krb5_context context,
26 krb5_principal principal,
32 struct kadm5_pw_policy_check_func {
34 kadm5_passwd_quality_check_func func;
37 struct kadm5_pw_policy_verifier {
41 const struct kadm5_pw_policy_check_func *funcs;
43 #endif /* !HAVE_KADM5_PWCHECK_H */
47 * Expects a principal and a password to check on the command line. Loads the
48 * Heimdal plugin, converts the input into the necessary format, calls the
49 * plugin, and reports the results. Exits with a status matching the return
50 * value of the plugin function.
52 * We assume that the plugin is available as:
54 * BUILD/../plugin/.libs/passwd_strength.so
56 * since we don't want to embed Libtool's libtldl just to run a test.
59 main(int argc, char *argv[])
67 krb5_error_code status;
69 struct kadm5_pw_policy_verifier *verifier;
71 char error[BUFSIZ] = "";
74 * If we're not building with Heimdal, we can't run this test. Exit with
75 * a special status to communicate this to the test wrapper.
77 #ifndef HAVE_KRB5_REALM
81 /* Build the path of the plugin. */
83 fprintf(stderr, "Wrong number of arguments\n");
86 build = getenv("BUILD");
88 fprintf(stderr, "No BUILD environment variable set\n");
91 length = strlen(build) + strlen("/../plugin/.libs/passwd_strength.so");
92 path = malloc(length + 1);
94 fprintf(stderr, "Cannot allocate memory: %s\n", strerror(errno));
97 strlcpy(path, build, length + 1);
98 strlcat(path, "/../plugin/.libs/passwd_strength.so", length + 1);
100 /* Initialize the data structures. */
101 status = krb5_init_context(&ctx);
103 fprintf(stderr, "Cannot initialize Kerberos context\n");
106 status = krb5_parse_name(ctx, argv[1], &princ);
108 fprintf(stderr, "Cannot parse principal name\n");
111 password.length = strlen(argv[2]);
112 password.data = argv[2];
114 /* Load the module and find the correct symbol. */
115 handle = dlopen(path, RTLD_NOW);
116 if (handle == NULL) {
117 fprintf(stderr, "Cannot dlopen %s: %s\n", path, dlerror());
120 verifier = dlsym(handle, "kadm5_password_verifier");
121 if (verifier == NULL) {
122 fprintf(stderr, "Cannot get kadm5_password_verifier symbol: %s\n",
126 if (strcmp(verifier->name, "krb5-strength") != 0
127 || strcmp(verifier->vendor, "Russ Allbery") != 0
128 || verifier->version != KADM5_PASSWD_VERSION_V1
129 || verifier->funcs == NULL
130 || strcmp(verifier->funcs[0].name, "krb5-strength") != 0
131 || verifier->funcs[0].func == NULL
132 || verifier->funcs[1].name != NULL) {
133 fprintf(stderr, "Invalid metadata in plugin\n");
136 result = (verifier->funcs[0].func)(ctx, princ, &password, NULL, error,
138 if (error[0] != '\0')
139 fprintf(stderr, "%s\n", error);