- int ret = -1;
- unsigned int attempt, max_attempt, expire_sec;
-
- attempt = max_attempt = expire_sec = 0;
-
- SecurityServer::AccessProvider privider(TEST04_SUBJECT);
- privider.applyAndSwithToUser(APP_UID, APP_GID);
-
- /*
- * now SS should return error
- * at the moment SS doesn't check return code from
- * authorize_SS_API_caller_socket() so it should give access
- * you can check in logs if it's working properly
- * has access result = 1
- * no access result = 0
- * D/SECURITY_SERVER( 2510): security-server-main.c: authorize_SS_API_caller_socket(205) >
- * [SECURE_LOG] SS_SMACK: caller_pid=5278, subject=subject_allow,
- * object=security-server::api-password-check, access=w, result=1,
- * caller_path=/usr/bin/security-server-tests-server
- * E/SECURITY_SERVER( 2510): security-server-main.c: authorize_SS_API_caller_socket(207) >
- * [SECURE_LOG] SS_SMACK: caller_pid=5278, subject=subject_allow,
- * object=security-server::api-password-check, access=w, result=0,
- * caller_path=/usr/bin/security-server-tests-server
- */
-
- ret = security_server_set_pwd_validity(10);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_set_pwd_validity should return access denied,"
- " ret: " << ret);
-
- ret = security_server_set_pwd_max_challenge(5);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_set_pwd_max_challenge should return access denied,"
- " ret: " << ret);
-
- ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_is_pwd_valid should return access denied,"
- " ret: " << ret);
-
- usleep(PASSWORD_RETRY_TIMEOUT_US);
- ret = security_server_set_pwd("12345", "12346", 0, 0);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_set_pwd should return access denied,"
- " ret: " << ret);
-
- ret = security_server_reset_pwd("12346",0, 0);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_reset_pwd should return access denied,"
- " ret: " << ret);
- usleep(PASSWORD_RETRY_TIMEOUT_US);
- ret = security_server_chk_pwd("12346", &attempt, &max_attempt, &expire_sec);
- RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
- "security_server_chk_pwd should return access denied,"
- " ret: " << ret);