Create initial testing framework

Includes dlopentest from neverrend Closes: CyberNinjas/pam_aad#9
sheylatrudo · Mar 14, 2019 · e2e46ee · e2e46ee
1 parent 6a49be6
commit e2e46ee
Show file tree

Hide file tree

Showing 8 changed files with 430 additions and 5 deletions.
diff --git a/.gitignore b/.gitignore
@@ -274,6 +274,6 @@ libtool
 src/.deps/
 src/.dirstamp
 src/*.lo
-simple-pam/
-pam-test.conf
-src/pam_aad.c.old
+
+# Use git add -f to override
+test/*
diff --git a/.travis.yml b/.travis.yml
@@ -7,3 +7,5 @@ services:
 
 script:
   - docker build . -t cyberninjas/pam_aad
+  - docker build test -t cyberninjas/pam_aad:testing
+  - docker run cyberninjas/pam_aad:testing
diff --git a/Dockerfile b/Dockerfile
@@ -28,11 +28,13 @@ RUN git clone https://github.com/antirez/sds libsds && \
     cp -a libsds.so.2.0.0 /usr/local/lib/ && \
     ln -s /usr/local/lib/libsds.so.2.0.0 /usr/local/lib/libsds.so && \
     ln -s /usr/local/lib/libsds.so.2.0.0 /usr/local/lib/libsds.so.2 && \
-    mkdir -p /usr/local/include/sds && cp -a sds.h /usr/local/include/sds/
+    ldconfig && mkdir -p /usr/local/include/sds && \
+    cp -a sds.h /usr/local/include/sds/ 
 
 WORKDIR /usr/src/pam_aad
 COPY . /usr/src/pam_aad
 
+ENV PAMDIR "/lib/x86_64-linux-gnu/security"
 RUN ./bootstrap.sh && \
-    ./configure --with-pam-dir=/lib/x86_64-linux-gnu/security && \
+    ./configure --with-pam-dir="${PAMDIR}" && \
     make && make install
diff --git a/test/Dockerfile b/test/Dockerfile
@@ -0,0 +1,12 @@
+FROM cyberninjas/pam_aad:latest
+
+RUN apt update && apt install -y \
+        gdb \
+        openssh-server \
+        pamtester \
+        strace \
+        syslog-ng \
+        vim
+
+WORKDIR /usr/src/pam_aad
+CMD ["make", "-eC", "test"]
diff --git a/test/Makefile b/test/Makefile
@@ -0,0 +1,9 @@
+PAMDIR = "${PREFIX}/lib/security"
+
+all: dlopen 
+
+dlopentest:
+	${CC} ${CFLAGS} ${LDFLAGS} -fPIE -fstack-protector -Wall -o $@ $@.c -ldl
+
+dlopen: dlopentest
+	./dlopentest "${PAMDIR}/pam_aad.so"
diff --git a/test/dlopentest.c b/test/dlopentest.c
@@ -0,0 +1,35 @@
+/*
+ * This test ensures the integrity of the compiled PAM module,
+ * by attempting to dlopen the module, and checking for the
+ * required symbols needed for a PAM module.
+ */
+#include <dlfcn.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+int main(int argc, const char *argv[])
+{
+    if (argc != 2) {
+	printf("Usage: ./dlopentest <path_to_pam_module>\n");
+	exit(1);
+    }
+
+    void *libhandle = dlopen(argv[1], RTLD_NOW);
+    if (libhandle == NULL) {
+	printf("%s", dlerror());
+	exit(1);
+    }
+    void *sym = dlsym(libhandle, "pam_sm_authenticate");
+    if (sym == NULL) {
+	printf("%s", dlerror());
+	exit(1);
+    }
+    sym = dlsym(libhandle, "pam_sm_setcred");
+    if (sym == NULL) {
+	printf("%s", dlerror());
+	exit(1);
+    }
+    dlclose(libhandle);
+
+    return EXIT_SUCCESS;
+}