aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Gabriel <mike.gabriel@das-netzwerkteam.de>2021-06-08 16:10:19 +0200
committerMike Gabriel <mike.gabriel@das-netzwerkteam.de>2021-06-08 16:10:19 +0200
commitb139d20c0e599ac394db0f70d563263d6fbb68d3 (patch)
treeda5167740ddaed9472e47925426fee4c3b0a54cd
parentff383ef1a8ab732269621a50fa4f42a4974872ce (diff)
parent0294977b5458ee2c0ba77b6b2b94fb4a4d6a1310 (diff)
downloadlibpam-freerdp2-master.tar.gz
libpam-freerdp2-master.tar.bz2
libpam-freerdp2-master.zip
Merge branch 'sunweaver-pr/travis-ci'HEADmaster
Attributes GH PR #2: https://github.com/ArcticaProject/libpam-freerdp2/pull/2
-rw-r--r--.build.yml107
-rw-r--r--.travis.yml43
-rw-r--r--src/Makefile.am1
-rw-r--r--src/freerdp2-auth-check.c10
-rw-r--r--src/pam-freerdp2.c8
-rw-r--r--tests/mock_guest.c25
-rw-r--r--tests/mock_pam.c62
-rw-r--r--tests/mock_pam.h1
8 files changed, 214 insertions, 43 deletions
diff --git a/.build.yml b/.build.yml
new file mode 100644
index 0000000..be14505
--- /dev/null
+++ b/.build.yml
@@ -0,0 +1,107 @@
+#########################################################
+# THE FOLLOWING LINES IS USED BY docker-build
+##########################################################
+requires:
+ archlinux:
+ # Useful URL: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=libpam-freerdp2
+ - clang
+ - gcc
+ - git
+ - make
+ - startup-notification
+ - which
+ # FIXME: add missing build-dependencies
+
+ debian:
+ # Useful URL: https://salsa.debian.org/debian-remote-team/libpam-freerdp2
+ - autopoint
+ - clang
+ - clang-tools
+ - g++
+ - cppcheck
+ - git
+ - make
+ - libtool
+ - freerdp2-dev
+ - libgtest-dev
+ - libpam0g-dev
+ - pkg-config
+
+ ubuntu:
+ - autopoint
+ - clang
+ - clang-tools
+ - g++
+ - git
+ - make
+ - libtool
+ - freerdp2-dev
+ - libgtest-dev
+ - libpam0g-dev
+ - pkg-config
+
+variables:
+ - 'CHECKERS="
+ -enable-checker deadcode.DeadStores
+ -enable-checker alpha.deadcode.UnreachableCode
+ -enable-checker alpha.core.CastSize
+ -enable-checker alpha.core.CastToStruct
+ -enable-checker alpha.core.IdenticalExpr
+ -enable-checker alpha.core.SizeofPtr
+ -enable-checker alpha.security.ArrayBoundV2
+ -enable-checker alpha.security.MallocOverflow
+ -enable-checker alpha.security.ReturnPtrRange
+ -enable-checker alpha.unix.SimpleStream
+ -enable-checker alpha.unix.cstring.BufferOverlap
+ -enable-checker alpha.unix.cstring.NotNullTerminated
+ -enable-checker alpha.unix.cstring.OutOfBounds
+ -enable-checker alpha.core.FixedAddr
+ -enable-checker security.insecureAPI.strcpy"'
+
+build_scripts:
+ - if [ ${DISTRO_NAME} == "debian" ];then
+ - export CFLAGS+=" -Wsign-compare -Wunused-parameter"
+ - cppcheck --enable=warning,style,performance,portability,information,missingInclude .
+ - fi
+ -
+ - if [ -e ./autogen.sh ]; then
+ - NOCONFIGURE=1 ./autogen.sh
+ - scan-build $CHECKERS ./configure --prefix=/usr --enable-gtk-doc --enable-compile-warnings=maximum
+ - elif [ -e ./CMakeLists.txt ]; then
+ - if [ ${DISTRO_NAME} == "debian" ];then
+ - scan-build $CHECKERS cmake . -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_TESTS=ON
+ - else
+ - scan-build $CHECKERS cmake . -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON
+ - fi
+ - elif [ -e ./configure.ac ]; then
+ - autoreconf -vfi
+ - scan-build $CHECKERS ./configure --prefix=/usr --enable-gtk-doc --enable-compile-warnings=maximum
+ - else
+ - exit 1
+ - fi
+ -
+ - if [ $CPU_COUNT -gt 1 ]; then
+ - if [ ${DISTRO_NAME} == "debian" ];then
+ - scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make -j $CPU_COUNT
+ - make clean
+ - fi
+ - scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT
+ - else
+ - if [ ${DISTRO_NAME} == "debian" ];then
+ - scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make
+ - make clean
+ - fi
+ - scan-build $CHECKERS --keep-cc -o html-report make
+ - fi
+
+after_scripts:
+ - if [ ${BUILD_TYPE} == "scripts" ];then
+ - XVFB_RUN="$(which xvfb-run || true)"
+ - if [ ${DISTRO_NAME} == "debian" ];then
+ - if [ -e ./autogen.sh ] || [ -e ./configure.ac ]; then
+ - ${XVFB_RUN} make check
+ - elif [ -e ./CMakeLists.txt ]; then
+ - ${XVFB_RUN} env CTEST_OUTPUT_ON_FAILURE=1 make test
+ - fi
+ - fi
+ - fi
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..6ebac89
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,43 @@
+# vim: set ts=2 sts=2 sw=2 expandtab :
+dist: bionic
+language: shell
+os: linux
+
+arch:
+ - amd64
+ - ppc64le
+
+services:
+ - docker
+
+addons:
+ apt:
+ packages:
+ - python3-pip
+ - python3-setuptools
+
+before_install:
+ # let's use the Ayatana Indicators project's docker build script...
+ - curl -Ls -o docker-build https://github.com/AyatanaIndicators/ayatana-dev-scripts/raw/master/travis/docker-build
+ - chmod +x docker-build
+
+install:
+ - pip3 install wheel
+ - pip3 install PyGithub
+ - ./docker-build --name ${DISTRO} --config .build.yml --install
+
+script:
+ - ./docker-build --name ${DISTRO} --verbose --config .build.yml --build scripts
+
+env:
+# temp disable of archlinux builds, see https://gitlab.archlinux.org/archlinux/archlinux-docker/-/issues/56
+# - DISTRO="archlinux:latest"
+ - DISTRO="debian:testing"
+ - DISTRO="debian:stable"
+# - DISTRO="ubuntu:rolling"
+ - DISTRO="ubuntu:focal"
+
+jobs:
+ exclude:
+ - env: DISTRO="archlinux:latest"
+ arch: ppc64le
diff --git a/src/Makefile.am b/src/Makefile.am
index 581b080..ab3deed 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -44,6 +44,7 @@ freerdp2_auth_check_SOURCES = \
$(NULL)
freerdp2_auth_check_CFLAGS = \
+ -Wall -Werror \
$(FREERDP2_CFLAGS) \
$(WINPR2_CFLAGS) \
$(COVERAGE_CFLAGS) \
diff --git a/src/freerdp2-auth-check.c b/src/freerdp2-auth-check.c
index 04558fb..ab3b1fd 100644
--- a/src/freerdp2-auth-check.c
+++ b/src/freerdp2-auth-check.c
@@ -24,31 +24,31 @@
BOOL
-auth_context_new (freerdp * instance, rdpContext * context)
+auth_context_new (freerdp __attribute__((unused)) *instance, rdpContext __attribute__((unused)) *context)
{
return TRUE;
}
void
-auth_context_free (freerdp * instance, rdpContext * context)
+auth_context_free (freerdp __attribute__((unused)) *instance, rdpContext __attribute__((unused)) *context)
{
return;
}
BOOL
-auth_pre_connect (freerdp * instance)
+auth_pre_connect (freerdp __attribute__((unused)) *instance)
{
return TRUE;
}
BOOL
-auth_post_connect (freerdp * instance)
+auth_post_connect (freerdp __attribute__((unused)) *instance)
{
return TRUE;
}
int
-main (int argc, char * argv[])
+main (int argc, char *argv[])
{
char password[512];
if (argc != 4) {
diff --git a/src/pam-freerdp2.c b/src/pam-freerdp2.c
index 18a4c18..593dde5 100644
--- a/src/pam-freerdp2.c
+++ b/src/pam-freerdp2.c
@@ -240,7 +240,7 @@ get_item (pam_handle_t * pamh, int type)
/* Authenticate. We need to make sure we have a user account, that
there are remote accounts and then verify them with FreeRDP */
PAM_EXTERN int
-pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_authenticate (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv)
{
char * username = NULL;
char * password = NULL;
@@ -305,7 +305,7 @@ pid_t session_pid = 0;
give the credentials to the session itself so that it can startup the
xfreerdp viewer for the login */
PAM_EXTERN int
-pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv)
+pam_sm_open_session (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv)
{
char * username = NULL;
char * password = NULL;
@@ -372,7 +372,7 @@ done:
/* Close Session. Make sure our little guy has died so he doesn't become
a zombie and eat things. */
PAM_EXTERN int
-pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
+pam_sm_close_session (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv)
{
if (session_pid == 0) {
return PAM_IGNORE;
@@ -452,7 +452,7 @@ unpriveleged_kill (struct passwd * pwdent)
/* LightDM likes to have this function around, but we don't need it as we
don't have a token hanging around. */
PAM_EXTERN int
-pam_sm_setcred (pam_handle_t *pamh, int flags, int argc, const char ** argv)
+pam_sm_setcred (pam_handle_t __attribute__((unused)) *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv)
{
return PAM_SUCCESS;
}
diff --git a/tests/mock_guest.c b/tests/mock_guest.c
index 7673995..4d10bfb 100644
--- a/tests/mock_guest.c
+++ b/tests/mock_guest.c
@@ -22,39 +22,44 @@ static struct passwd guest = { "guest",
"/tmp",
"/bin/true" };
struct passwd *
-getpwnam (const char *username)
+getpwnam (const char __attribute__((unused)) *username)
{ return &guest; }
int
-setgroups(size_t size, const gid_t *list)
+setgroups(size_t __attribute__((unused)) size,
+ const gid_t __attribute__((unused)) *list)
{
errno = EPERM;
return -1;
}
int
-setgid(gid_t gid)
+setgid(gid_t __attribute__((unused)) gid)
{ return 0; }
int
-setuid(uid_t uid)
+setuid(uid_t __attribute__((unused)) uid)
{ return 0; }
int
-setegid(gid_t gid)
+setegid(gid_t __attribute__((unused)) gid)
{ return 0; }
int
-seteuid(uid_t uid)
+seteuid(uid_t __attribute__((unused)) uid)
{ return 0; }
-int chmod(const char *path, mode_t mode)
+int chmod(const char __attribute__((unused)) *path,
+ mode_t __attribute__((unused)) mode)
{ return 0; }
-int chown(const char *path, uid_t owner, gid_t group)
+int chown(const char __attribute__((unused)) *path,
+ uid_t __attribute__((unused)) owner,
+ gid_t __attribute__((unused)) group)
{ return 0; }
-int execvp(const char *file, char *const argv[])
+int execvp(const char __attribute__((unused)) *file,
+ char __attribute__((unused)) *const argv[])
{
return 0;
}
@@ -84,7 +89,7 @@ socket_sucker ()
serv_addr.sun_family = AF_UNIX;
- int printsize = snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path) - 1, "%s/%s", home, ".freerdp2-socket");
+ unsigned long int printsize = (unsigned long int)snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path) - 1, "%s/%s", home, ".freerdp2-socket");
if (printsize > sizeof(serv_addr.sun_path) - 1 || printsize < 0) {
return -1;
}
diff --git a/tests/mock_pam.c b/tests/mock_pam.c
index ce57973..f32d95f 100644
--- a/tests/mock_pam.c
+++ b/tests/mock_pam.c
@@ -19,37 +19,44 @@ struct pam_handle {
/* note: the other fields have been omitted */
};
-int fake_conv (int num_msg, const struct pam_message **msg,
- struct pam_response **resp, void *appdata_ptr)
+int fake_conv (int __attribute__((unused)) num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void __attribute__((unused)) *appdata_ptr)
{
struct pam_response *response = NULL;
response = malloc (sizeof (struct pam_response));
- if (response == NULL)
+ if (response == NULL) {
return PAM_BUF_ERR;
+ }
response->resp_retcode = 0;
- if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_GUESTLOGIN) == 0)
+ if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_GUESTLOGIN) == 0) {
response->resp = strdup ("guest"); /* IMPORTANT: this needs to be in /etc/passwd */
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_USER) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_USER) == 0) {
response->resp = strdup ("ruser");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_HOST) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_HOST) == 0) {
response->resp = strdup ("protocol://rhost/dummy");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_PASSWORD) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_PASSWORD) == 0) {
response->resp = strdup ("password");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_DOMAIN) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_DOMAIN) == 0) {
response->resp = strdup ("domain");
- else
+ } else {
+ free(response);
return PAM_SYMBOL_ERR; /* leaks... */
+ }
*resp = response;
return PAM_SUCCESS;
}
-int fake_conv_empty_password (int num_msg, const struct pam_message **msg,
- struct pam_response **resp, void *appdata_ptr)
+int fake_conv_empty_password (int __attribute__((unused)) num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void __attribute__((unused)) *appdata_ptr)
{
struct pam_response *response = NULL;
response = malloc (sizeof (struct pam_response));
@@ -59,18 +66,20 @@ int fake_conv_empty_password (int num_msg, const struct pam_message **msg,
response->resp_retcode = 0;
- if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_GUESTLOGIN) == 0)
+ if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_GUESTLOGIN) == 0) {
response->resp = strdup ("guest"); /* IMPORTANT: this needs to be in /etc/passwd */
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_USER) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_USER) == 0) {
response->resp = strdup ("ruser");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_HOST) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_HOST) == 0) {
response->resp = strdup ("protocol://rhost/dummy");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_PASSWORD) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_PASSWORD) == 0) {
response->resp = strdup ("");
- else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_DOMAIN) == 0)
+ } else if (strcmp((*msg)->msg, PAM_FREERDP2_PROMPT_DOMAIN) == 0) {
response->resp = strdup ("domain");
- else
+ } else {
+ free(response);
return PAM_SYMBOL_ERR; /* leaks... */
+ }
*resp = response;
@@ -109,20 +118,22 @@ int PAM_NONNULL((1)) pam_get_item (const pam_handle_t *pamh, int type, const voi
if (pamh == NULL)
return PAM_SYSTEM_ERR;
- if (type == PAM_CONV)
+ if (type == PAM_CONV) {
*value = pamh->conv;
- else if (pamh->item[type] != NULL)
+ } else if (pamh->item[type] != NULL) {
*value = pamh->item[type];
- else
+ } else {
*value = NULL; /* will result in a prompt conversation */
+ }
return PAM_SUCCESS;
}
int PAM_NONNULL((1)) pam_set_item (pam_handle_t *pamh, int type, const void *value)
{
- if (pamh == NULL)
+ if (pamh == NULL) {
return PAM_SYSTEM_ERR;
+ }
void **slot, *tmp;
size_t nsize, osize;
@@ -130,10 +141,12 @@ int PAM_NONNULL((1)) pam_set_item (pam_handle_t *pamh, int type, const void *val
slot = &pamh->item[type];
osize = nsize = 0;
- if (*slot != NULL)
+ if (*slot != NULL) {
osize = strlen((const char *)*slot) + 1;
- if (value != NULL)
+ }
+ if (value != NULL) {
nsize = strlen((const char *)value) + 1;
+ }
if (*slot != NULL) {
memset(*slot, 0xd0, osize);
@@ -141,8 +154,9 @@ int PAM_NONNULL((1)) pam_set_item (pam_handle_t *pamh, int type, const void *val
}
if (value != NULL) {
- if ((tmp = malloc(nsize)) == NULL)
+ if ((tmp = malloc(nsize)) == NULL) {
return PAM_BUF_ERR;
+ }
memcpy(tmp, value, nsize);
} else {
tmp = NULL;
diff --git a/tests/mock_pam.h b/tests/mock_pam.h
index 7fe0467..df837df 100644
--- a/tests/mock_pam.h
+++ b/tests/mock_pam.h
@@ -11,6 +11,7 @@
#define __MOCK_PAM_H__
#define LIBPAM_COMPILE
+#include <security/_pam_types.h>
#include <security/pam_modules.h>
#include <security/pam_modutil.h>
#include <security/pam_appl.h>