aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/pam-freerdp.c5
-rw-r--r--tests/mock_pam.c42
-rw-r--r--tests/mock_pam.h1
-rw-r--r--tests/test-freerdp-wrapper.cc10
4 files changed, 58 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 8979e6e..ff09ce4 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -120,6 +120,11 @@ get_item (pam_handle_t * pamh, int type)
}
if (type == PAM_AUTHTOK) {
+ if (strlen(promptval) == 0){
+ free(promptval);
+ return NULL;
+ }
+
if (mlock(promptval, strlen(promptval) + 1) != 0) {
free(promptval);
return NULL;
diff --git a/tests/mock_pam.c b/tests/mock_pam.c
index 6368b84..2a1dcc7 100644
--- a/tests/mock_pam.c
+++ b/tests/mock_pam.c
@@ -47,7 +47,37 @@ int fake_conv (int num_msg, const struct pam_message **msg,
return PAM_SUCCESS;
}
+int fake_conv_empty_password (int num_msg, const struct pam_message **msg,
+ struct pam_response **resp, void *appdata_ptr)
+{
+ struct pam_response *response = NULL;
+ response = malloc (sizeof (struct pam_response));
+
+ if (response == NULL)
+ return PAM_BUF_ERR;
+
+ response->resp_retcode = 0;
+
+ if (strcmp((*msg)->msg, "login:") == 0)
+ response->resp = strdup ("guest"); /* IMPORTANT: this needs to be in /etc/passwd */
+ else if (strcmp((*msg)->msg, "remote login:") == 0)
+ response->resp = strdup ("ruser");
+ else if (strcmp((*msg)->msg, "remote host:") == 0)
+ response->resp = strdup ("protocol://rhost/dummy");
+ else if (strcmp((*msg)->msg, "password:") == 0)
+ response->resp = strdup ("");
+ else if (strcmp((*msg)->msg, "domain:") == 0)
+ response->resp = strdup ("domain");
+ else
+ return PAM_SYMBOL_ERR; /* leaks... */
+
+ *resp = response;
+
+ return PAM_SUCCESS;
+}
+
struct pam_conv static_conv = { &fake_conv, (void *)NULL };
+struct pam_conv static_conv_empty_pswd = { &fake_conv_empty_password, (void *)NULL };
pam_handle_t *pam_handle_new (void)
{
@@ -61,6 +91,18 @@ pam_handle_t *pam_handle_new (void)
return newh;
}
+pam_handle_t *pam_handle_empty_pswd_new (void)
+{
+ pam_handle_t *newh = malloc (sizeof (pam_handle_t));
+
+ if (newh != NULL) {
+ newh->conv = &static_conv_empty_pswd;
+ memset(newh->item, 0, sizeof(void *) * PAM_NUM_ITEMS);
+ }
+
+ return newh;
+}
+
int pam_get_item (const pam_handle_t *pamh, int type, const void **value)
{
if (pamh == NULL)
diff --git a/tests/mock_pam.h b/tests/mock_pam.h
index eb88a2e..c9c4f36 100644
--- a/tests/mock_pam.h
+++ b/tests/mock_pam.h
@@ -17,6 +17,7 @@
typedef struct pam_handle pam_handle_t;
pam_handle_t *pam_handle_new (void);
+pam_handle_t *pam_handle_empty_pswd_new (void);
int pam_get_item (const pam_handle_t *pamh, int type, const void **value);
int pam_set_item (pam_handle_t *pamh, int type, const void *value);
diff --git a/tests/test-freerdp-wrapper.cc b/tests/test-freerdp-wrapper.cc
index 147682d..6ba670f 100644
--- a/tests/test-freerdp-wrapper.cc
+++ b/tests/test-freerdp-wrapper.cc
@@ -58,6 +58,16 @@ namespace {
// that I got all of the wrapper and pam to link there
}
+ TEST_F(FreerdpclientWrapperTest, canHandleEmptyPassword) {
+ const char *argv[] = { NULL };
+
+ pam_handle_t *pamh = pam_handle_empty_pswd_new ();
+
+ EXPECT_EQ (PAM_AUTH_ERR,
+ pam_sm_authenticate (pamh, 0, 0, argv));
+
+ }
+
TEST_F(FreerdpclientWrapperTest, canCallPamOpenSession) {
const char *argv[] = { NULL };