check-local: $(check_PROGRAMS)
cd tests && ./runtests -l '$(abs_top_srcdir)/tests/TESTS'
+# Used by maintainers to check the source code with cppcheck.
+check-cppcheck:
+ cd $(abs_top_srcdir) && \
+ find . -name .git -prune -o -name '*.[ch]' -print \
+ | cppcheck -q --force --error-exitcode=2 --file-list=- \
+ --suppressions-list=tests/data/cppcheck.supp \
+ --enable=warning,performance,portability,style
+
# Used by maintainers to run the test suite under valgrind.
check-valgrind: $(check_PROGRAMS)
rm -rf $(abs_top_builddir)/tmp-valgrind
* The context structure is the internal state maintained by the pam-krb5
* module between calls to the various public interfaces.
*
+ * Copyright 2005-2009, 2014, 2020 Russ Allbery <eagle@eyrie.org>
* Copyright 2011
* The Board of Trustees of the Leland Stanford Junior University
- * Copyright 2005, 2006, 2007, 2008, 2009, 2014 Russ Allbery <eagle@eyrie.org>
* Copyright 2005 Andres Salomon <dilinger@debian.org>
- * Copyright 1999, 2000 Frank Cusack <fcusack@fcusack.com>
+ * Copyright 1999-2000 Frank Cusack <fcusack@fcusack.com>
*
* See LICENSE for licensing terms.
*/
pamret = pam_get_data(args->pamh, "pam_krb5", (void *) &args->config->ctx);
if (pamret != PAM_SUCCESS)
args->config->ctx = NULL;
- if (pamret == 0 && args->config->ctx == NULL)
+ if (pamret == PAM_SUCCESS && args->config->ctx == NULL)
return PAM_SERVICE_ERR;
if (args->config->ctx != NULL)
args->user = args->config->ctx->name;
/*
* Internal prototypes and structures for pam-krb5.
*
+ * Copyright 2005-2009, 2014, 2020 Russ Allbery <eagle@eyrie.org>
* Copyright 2011, 2012
* The Board of Trustees of the Leland Stanford Junior University
- * Copyright 2005, 2006, 2007, 2008, 2009, 2014 Russ Allbery <eagle@eyrie.org>
* Copyright 2005 Andres Salomon <dilinger@debian.org>
- * Copyright 1999, 2000 Frank Cusack <fcusack@fcusack.com>
+ * Copyright 1999-2000 Frank Cusack <fcusack@fcusack.com>
*
* See LICENSE for licensing terms.
*/
* to create the user's ticket cache. The shared code is abstracted here into
* the pamk5_setcred function.
*
- * Copyright 2005, 2006, 2007, 2008, 2009, 2014, 2017
+ * Copyright 2005-2009, 2014, 2017, 2020
* Russ Allbery <eagle@eyrie.org>
* Copyright 2011
* The Board of Trustees of the Leland Stanford Junior University
* Copyright 2005 Andres Salomon <dilinger@debian.org>
- * Copyright 1999, 2000 Frank Cusack <fcusack@fcusack.com>
+ * Copyright 1999-2000 Frank Cusack <fcusack@fcusack.com>
*
* See LICENSE for licensing terms.
*/
#include <portable/pam.h>
#include <portable/system.h>
+#include <assert.h>
#include <errno.h>
#include <pwd.h>
* with its weird PAM handling, so we're going to cobble up a new context
* for ourselves.
*/
- pamk5_context_fetch(args);
- if (args->config->ctx == NULL) {
+ pamret = pamk5_context_fetch(args);
+ if (pamret != PAM_SUCCESS) {
putil_debug(args, "no context found, creating one");
pamret = create_session_context(args);
if (pamret != PAM_SUCCESS || args->config->ctx == NULL)
--- /dev/null
+// Suppressions file for cppcheck. -*- conf -*-
+//
+// This includes suppressions for all of my projects, including files that
+// aren't in rra-c-util, for ease of sharing between projects. The ones that
+// don't apply to a particular project should hopefully be harmless.
+//
+// To determine the correct suppression to add for a new error, run cppcheck
+// with the --xml flag and then add a suppression for the error id, file
+// location, and line.
+//
+// Copyright 2018-2020 Russ Allbery <eagle@eyrie.org>
+//
+// Copying and distribution of this file, with or without modification, are
+// permitted in any medium without royalty provided the copyright notice and
+// this notice are preserved. This file is offered as-is, without any
+// warranty.
+//
+// SPDX-License-Identifier: FSFAP
+
+// I like declaring variables at the top of a function rather than cluttering
+// every if and loop body with declarations.
+variableScope
+
+// strlen of a constant string is more maintainable code than hard-coding the
+// string length.
+constArgument:tests/runtests.c:804
+
+// False positive due to recursive function.
+knownConditionTrueFalse:portable/getopt.c:146
+
+// False positive since the string comes from a command-line define.
+knownConditionTrueFalse:tests/tap/remctl.c:79
+
+// Stored in the returned ai struct, but cppcheck can't see the assignment
+// because of the struct sockaddr * cast.
+memleak:portable/getaddrinfo.c:236
+
+// Bug in cppcheck 1.89. The address of this variable is passed to a Windows
+// function (albeit through a cast).
+nullPointer:portable/winsock.c:61
+
+// Setting the variable to NULL explicitly after deallocation.
+redundantAssignment:tests/pam-util/options-t.c
+
+// (remctl) Bug in cppcheck 1.89. The address of these variables are passed
+// to a PHP function.
+uninitvar:php/php_remctl.c:119
+uninitvar:php/php_remctl.c:123
+uninitvar:php/php_remctl.c:315
+uninitvar:php/php5_remctl.c:125
+uninitvar:php/php5_remctl.c:129
+uninitvar:php/php5_remctl.c:321
+
+// (pam-krb5) cppcheck doesn't recognize the unused attribute on labels.
+unusedLabel:auth.c:872
* avoid requiring user configuration).
*
* Written by Russ Allbery <eagle@eyrie.org>
+ * Copyright 2020 Russ Allbery <eagle@eyrie.org>
* Copyright 2012
* The Board of Trustees of the Leland Stanford Junior University
*
diag("re-running username-map with fully-qualified PAM user");
run_script("data/scripts/alt-auth/username-map", &config);
free(user);
- config.user = krbconf->username;
/*
* Add the password and make the user match our authentication principal,
* created (so without setuid and with chown doing nothing).
*
* Written by Russ Allbery <eagle@eyrie.org>
- * Copyright 2017 Russ Allbery <eagle@eyrie.org>
+ * Copyright 2017, 2020 Russ Allbery <eagle@eyrie.org>
* Copyright 2011, 2012
* The Board of Trustees of the Leland Stanford Junior University
*
/* Change the authenticating user and test search_k5login. */
pwd.pw_name = (char *) "testuser";
+ pam_set_pwd(&pwd);
config.user = "testuser";
basprintf(&k5login, "%s/.k5login", pwd.pw_dir);
file = fopen(k5login, "w");
/* Test search_k5login when no .k5login file exists. */
pwd.pw_name = krbconf->username;
+ pam_set_pwd(&pwd);
config.user = krbconf->username;
diag("testing search_k5login with no .k5login file");
run_script("data/scripts/cache/search-k5login", &config);