diff options
author | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2021-06-08 15:46:14 +0200 |
---|---|---|
committer | Mike Gabriel <mike.gabriel@das-netzwerkteam.de> | 2021-06-08 15:46:14 +0200 |
commit | c162a63997a3592f4d8a031cd31ee31bd1f17353 (patch) | |
tree | 41743b4bbc532fc03b5db7c64c9db50ee0591c88 | |
parent | 3dcfac9148de47b625e421092ab4d6f407bd623d (diff) | |
parent | a5f1e6f66a82a3630919353a396e77845586121b (diff) | |
download | libpam-x2go-master.tar.gz libpam-x2go-master.tar.bz2 libpam-x2go-master.zip |
Attributes GH PR #3: https://github.com/ArcticaProject/libpam-x2go/pull/3
-rw-r--r-- | .build.yml | 107 | ||||
-rw-r--r-- | .travis.yml | 43 | ||||
-rw-r--r-- | src/pam-x2go.c | 8 | ||||
-rw-r--r-- | tests/mock_guest.c | 26 | ||||
-rw-r--r-- | tests/mock_pam.c | 42 |
5 files changed, 196 insertions, 30 deletions
diff --git a/.build.yml b/.build.yml new file mode 100644 index 0000000..8ee4cb8 --- /dev/null +++ b/.build.yml @@ -0,0 +1,107 @@ +######################################################### +# THE FOLLOWING LINES IS USED BY docker-build +########################################################## +requires: + archlinux: + # Useful URL: https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=libpam-x2go + - clang + - gcc + - git + - make + - startup-notification + - which + # FIXME: add missing build-dependencies + + debian: + # Useful URL: https://salsa.debian.org/debian-remote-team/libpam-x2go + - autopoint + - clang + - clang-tools + - g++ + - cppcheck + - git + - make + - libtool + - libssh-dev + - libgtest-dev + - libpam0g-dev + - pkg-config + + ubuntu: + - autopoint + - clang + - clang-tools + - g++ + - git + - make + - libtool + - libssh-dev + - libgtest-dev + - libpam0g-dev + - pkg-config + +variables: + - 'CHECKERS=" + -enable-checker deadcode.DeadStores + -enable-checker alpha.deadcode.UnreachableCode + -enable-checker alpha.core.CastSize + -enable-checker alpha.core.CastToStruct + -enable-checker alpha.core.IdenticalExpr + -enable-checker alpha.core.SizeofPtr + -enable-checker alpha.security.ArrayBoundV2 + -enable-checker alpha.security.MallocOverflow + -enable-checker alpha.security.ReturnPtrRange + -enable-checker alpha.unix.SimpleStream + -enable-checker alpha.unix.cstring.BufferOverlap + -enable-checker alpha.unix.cstring.NotNullTerminated + -enable-checker alpha.unix.cstring.OutOfBounds + -enable-checker alpha.core.FixedAddr + -enable-checker security.insecureAPI.strcpy"' + +build_scripts: + - if [ ${DISTRO_NAME} == "debian" ];then + - export CFLAGS+=" -Wsign-compare -Wunused-parameter" + - cppcheck --enable=warning,style,performance,portability,information,missingInclude . + - fi + - + - if [ -e ./autogen.sh ]; then + - NOCONFIGURE=1 ./autogen.sh + - scan-build $CHECKERS ./configure --prefix=/usr --enable-gtk-doc --enable-compile-warnings=maximum + - elif [ -e ./CMakeLists.txt ]; then + - if [ ${DISTRO_NAME} == "debian" ];then + - scan-build $CHECKERS cmake . -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON -DENABLE_TESTS=ON + - else + - scan-build $CHECKERS cmake . -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_VERBOSE_MAKEFILE=ON + - fi + - elif [ -e ./configure.ac ]; then + - autoreconf -vfi + - scan-build $CHECKERS ./configure --prefix=/usr --enable-gtk-doc --enable-compile-warnings=maximum + - else + - exit 1 + - fi + - + - if [ $CPU_COUNT -gt 1 ]; then + - if [ ${DISTRO_NAME} == "debian" ];then + - scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make -j $CPU_COUNT + - make clean + - fi + - scan-build $CHECKERS --keep-cc -o html-report make -j $CPU_COUNT + - else + - if [ ${DISTRO_NAME} == "debian" ];then + - scan-build $CHECKERS --keep-cc --use-cc=clang --use-c++=clang++ -o html-report make + - make clean + - fi + - scan-build $CHECKERS --keep-cc -o html-report make + - fi + +after_scripts: + - if [ ${BUILD_TYPE} == "scripts" ];then + - XVFB_RUN="$(which xvfb-run || true)" + - if [ ${DISTRO_NAME} == "debian" ];then + - if [ -e ./autogen.sh ] || [ -e ./configure.ac ]; then + - ${XVFB_RUN} make check + - elif [ -e ./CMakeLists.txt ]; then + - ${XVFB_RUN} env CTEST_OUTPUT_ON_FAILURE=1 make test + - fi + - fi + - fi diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..6ebac89 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,43 @@ +# vim: set ts=2 sts=2 sw=2 expandtab : +dist: bionic +language: shell +os: linux + +arch: + - amd64 + - ppc64le + +services: + - docker + +addons: + apt: + packages: + - python3-pip + - python3-setuptools + +before_install: + # let's use the Ayatana Indicators project's docker build script... + - curl -Ls -o docker-build https://github.com/AyatanaIndicators/ayatana-dev-scripts/raw/master/travis/docker-build + - chmod +x docker-build + +install: + - pip3 install wheel + - pip3 install PyGithub + - ./docker-build --name ${DISTRO} --config .build.yml --install + +script: + - ./docker-build --name ${DISTRO} --verbose --config .build.yml --build scripts + +env: +# temp disable of archlinux builds, see https://gitlab.archlinux.org/archlinux/archlinux-docker/-/issues/56 +# - DISTRO="archlinux:latest" + - DISTRO="debian:testing" + - DISTRO="debian:stable" +# - DISTRO="ubuntu:rolling" + - DISTRO="ubuntu:focal" + +jobs: + exclude: + - env: DISTRO="archlinux:latest" + arch: ppc64le diff --git a/src/pam-x2go.c b/src/pam-x2go.c index f9ae42b..ab627ac 100644 --- a/src/pam-x2go.c +++ b/src/pam-x2go.c @@ -225,7 +225,7 @@ get_item (pam_handle_t * pamh, int type) /* Authenticate. We need to make sure we have a user account, that there are remote accounts and then verify them with X2Go */ PAM_EXTERN int -pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) +pam_sm_authenticate (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv) { char * username = NULL; char * password = NULL; @@ -290,7 +290,7 @@ pid_t session_pid = 0; give the credentials to the session itself so that it can startup the PyHoca (X2Go) client for the login */ PAM_EXTERN int -pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv) +pam_sm_open_session (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv) { char * username = NULL; char * password = NULL; @@ -357,7 +357,7 @@ done: /* Close Session. Make sure our little guy has died so he doesn't become a zombie and eat things. */ PAM_EXTERN int -pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, const char **argv) +pam_sm_close_session (pam_handle_t *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv) { if (session_pid == 0) { return PAM_IGNORE; @@ -437,7 +437,7 @@ unpriveleged_kill (struct passwd * pwdent) /* LightDM likes to have this function around, but we don't need it as we don't have a token hanging around. */ PAM_EXTERN int -pam_sm_setcred (pam_handle_t *pamh, int flags, int argc, const char ** argv) +pam_sm_setcred (pam_handle_t __attribute__((unused)) *pamh, int __attribute__((unused)) flags, int __attribute__((unused)) argc, const char __attribute__((unused)) **argv) { return PAM_SUCCESS; } diff --git a/tests/mock_guest.c b/tests/mock_guest.c index 316e851..6bdfc6f 100644 --- a/tests/mock_guest.c +++ b/tests/mock_guest.c @@ -24,42 +24,48 @@ static struct passwd guest = { "guest", "/tmp", "/bin/true" }; struct passwd * -getpwnam (const char *username) +getpwnam (const char __attribute__((unused)) *username) { return &guest; } int -setgroups(size_t size, const gid_t *list) +setgroups(size_t __attribute__((unused)) size, + const __attribute__((unused)) gid_t *list) { errno = EPERM; return -1; } int -setgid(gid_t gid) +setgid(gid_t __attribute__((unused)) gid) { return 0; } int -setuid(uid_t uid) +setuid(uid_t __attribute__((unused)) uid) { return 0; } int -setegid(gid_t gid) +setegid(gid_t __attribute__((unused)) gid) { return 0; } int -seteuid(uid_t uid) +seteuid(uid_t __attribute__((unused)) uid) { return 0; } -int chmod(const char *path, mode_t mode) +int chmod(const char __attribute__((unused)) *path, + mode_t __attribute__((unused)) mode) { return 0; } -int chown(const char *path, uid_t owner, gid_t group) +int chown(const char __attribute__((unused)) *path, + uid_t __attribute__((unused)) owner, + gid_t __attribute__((unused)) group) { return 0; } -int execvp(const char *file, char *const argv[]) +int execvp(const char __attribute__((unused)) *file, + char __attribute__((unused)) *const argv[]) { return 0; } + /* wrap _exit, to make sure the gcov_exit function installed with atexit() is really called to collect coverage statistics */ void _exit (int exitcode) @@ -86,7 +92,7 @@ socket_sucker () serv_addr.sun_family = AF_UNIX; - int printsize = snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path) - 1, "%s/%s", home, ".x2go-socket"); + long unsigned int printsize = (long unsigned int)snprintf(serv_addr.sun_path, sizeof(serv_addr.sun_path) - 1, "%s/%s", home, ".x2go-socket"); if (printsize > sizeof(serv_addr.sun_path) - 1 || printsize < 0) { return -1; } diff --git a/tests/mock_pam.c b/tests/mock_pam.c index 9111092..21fdde3 100644 --- a/tests/mock_pam.c +++ b/tests/mock_pam.c @@ -21,29 +21,34 @@ struct pam_handle { /* note: the other fields have been omitted */ }; -int fake_conv (int num_msg, const struct pam_message **msg, - struct pam_response **resp, void *appdata_ptr) +int fake_conv (int __attribute__((unused)) num_msg, + const struct pam_message **msg, + struct pam_response **resp, + void __attribute__((unused)) *appdata_ptr) { struct pam_response *response = NULL; response = malloc (sizeof (struct pam_response)); - if (response == NULL) + if (response == NULL) { return PAM_BUF_ERR; + } response->resp_retcode = 0; - if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_GUESTLOGIN) == 0) + if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_GUESTLOGIN) == 0) { response->resp = strdup ("guest"); /* IMPORTANT: this needs to be in /etc/passwd */ - else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_USER) == 0) + } else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_USER) == 0) { response->resp = strdup ("ruser"); - else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_HOST) == 0) + } else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_HOST) == 0) { response->resp = strdup ("protocol://rhost/dummy"); - else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_PASSWORD) == 0) + } else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_PASSWORD) == 0) { response->resp = strdup ("password"); - else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_COMMAND) == 0) + } else if (strcmp((*msg)->msg, PAM_X2GO_PROMPT_COMMAND) == 0) { response->resp = strdup ("rcommand"); - else + } else { + free(response); return PAM_SYMBOL_ERR; /* leaks... */ + } *resp = response; @@ -66,23 +71,26 @@ pam_handle_t *pam_handle_new (void) int PAM_NONNULL((1)) pam_get_item (const pam_handle_t *pamh, int type, const void **value) { - if (pamh == NULL) + if (pamh == NULL) { return PAM_SYSTEM_ERR; + } - if (type == PAM_CONV) + if (type == PAM_CONV) { *value = pamh->conv; - else if (pamh->item[type] != NULL) + } else if (pamh->item[type] != NULL) { *value = pamh->item[type]; - else + } else { *value = NULL; /* will result in a prompt conversation */ + } return PAM_SUCCESS; } int PAM_NONNULL((1)) pam_set_item (pam_handle_t *pamh, int type, const void *value) { - if (pamh == NULL) + if (pamh == NULL) { return PAM_SYSTEM_ERR; + } void **slot, *tmp; size_t nsize, osize; @@ -90,10 +98,12 @@ int PAM_NONNULL((1)) pam_set_item (pam_handle_t *pamh, int type, const void *val slot = &pamh->item[type]; osize = nsize = 0; - if (*slot != NULL) + if (*slot != NULL) { osize = strlen((const char *)*slot) + 1; - if (value != NULL) + } + if (value != NULL) { nsize = strlen((const char *)value) + 1; + } if (*slot != NULL) { memset(*slot, 0xd0, osize); |