* @author Bumjin Im (bj.im@samsung.com)
* @author Pawel Polawski (p.polawski@partner.samsung.com)
* @author Radoslaw Bartosiak (r.bartosiak@samsung.com)
+ * @author Jan Olszak (j.olszak@samsung.com)
* @version 2.0
* @brief Test cases for security server
*
#include <dlog.h>
#include "test.h"
+
+#define TEST_PASSWORD "IDLEPASS"
+#define SECOND_TEST_PASSWORD "OTHERIDLEPASS"
+#define THIRD_TEST_PASSWORD "THIRDPASS"
+/**
+ * Reset security-server.
+ *
+ * Function should be run at the begining of every test, so every test is independent of each other.
+ */
+void reset_security_server(){
+ int ret;
+ unsigned int attempt, max_attempt, expire_sec;
+ system("if [ -d /opt/data/security-server ]; then \n rm -rf /opt/data/security-server/*; \n fi");
+ sync();
+ system("killall -SIGKILL security-server");
+ sleep(1);
+
+}
+
+
RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_PASSWORD);
+
+/**
+ * Confirm there is no password before tests are run.
+ */
RUNNER_TEST(tc01_clear_environment)
{
int ret;
RUNNER_IGNORED_MSG("I'm not root");
}
+ sleep(1);
}
+/**
+ * Basic test of setting validity period.
+ */
RUNNER_TEST(tc02_security_server_set_pwd_validity)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+
+ // TESTS:
+ // WITHOUT password
ret = security_server_set_pwd_validity(10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
ret = security_server_set_pwd_validity(11);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
+
+ // WITH password
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ ret = security_server_set_pwd_validity(10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ ret = security_server_set_pwd_validity(11);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ sleep(1);
}
+/**
+ * Basic test of setting maximum number of password challenges.
+ */
RUNNER_TEST(tc03_security_server_set_pwd_max_challenge)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+
+ // TESTS:
+ // WITHOUT password
ret = security_server_set_pwd_max_challenge(5);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
ret = security_server_set_pwd_max_challenge(6);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
+
+ // WITH password
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ ret = security_server_set_pwd_max_challenge(5);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ ret = security_server_set_pwd_max_challenge(6);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ sleep(1);
+ reset_security_server();
}
+/**
+ * Test checking a too long password.
+ */
RUNNER_TEST(tc04_security_server_chk_pwd_too_long_password_case)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
- ret = security_server_chk_pwd("abcdefghijklmnopqrstuvwxyz0123456", &attempt, &max_attempt, &expire_sec); /* 33 chars */
+ // 33 char password
+ ret = security_server_chk_pwd("abcdefghijklmnopqrstuvwxyz0123456", &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Test various parameter values when checking a password.
+ */
RUNNER_TEST(tc05_security_server_chk_pwd_null_input_case)
{
int ret;
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Check the given password when no password is set.
+ */
RUNNER_TEST(tc06_security_server_chk_pwd_no_password_case)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
- sleep(1);
+ // Prepare environment - there is no password now!
+ reset_security_server();
+
+ // TEST
ret = security_server_chk_pwd("isthisempty", &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(expire_sec == 0, expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
}
+/**
+ * Checks various parameter values.
+ */
RUNNER_TEST(tc07_security_server_set_pwd_null_input_case)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+
+ // TEST
ret = security_server_set_pwd(NULL, NULL, 0, 0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Test setting too long password.
+ */
RUNNER_TEST(tc08_security_server_set_pwd_too_long_input_param)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+
+ // TEST
+ // 33 char password
ret = security_server_set_pwd("abcdefghijklmnopqrstuvwxyz0123456", "abcdefghijklmnopqrstuvwxyz0123456", 0, 0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Basic password setting.
+ */
RUNNER_TEST(tc09_security_server_set_pwd_current_pwd_empty)
{
int ret;
+
+ // Prepare environment
+ reset_security_server();
+
+ // TEST
sleep(1);
- ret = security_server_set_pwd(NULL, "12345", 0, 0);
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 0, 0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Set a maximum password period.
+ */
RUNNER_TEST(tc10_security_server_set_pwd_current_pwd_max_valid_period_in_days)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- ret = security_server_set_pwd("12345", "12345", 0, UINT_MAX);
+ ret = security_server_set_pwd(TEST_PASSWORD, TEST_PASSWORD, 0, UINT_MAX);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Set a maximum password challenge number.
+ */
RUNNER_TEST(tc11_security_server_set_pwd_current_pwd_max_max_challenge)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- ret = security_server_set_pwd("12345", "12345", UINT_MAX, 0);
+ ret = security_server_set_pwd(TEST_PASSWORD, TEST_PASSWORD, UINT_MAX, 0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Set empty password.
+ */
RUNNER_TEST(tc12_security_server_set_pwd_current_pwd_nonempty2zero)
{
int ret;
- sleep(1);
- ret = security_server_set_pwd("12345", "", 0, 0);
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-RUNNER_TEST(tc13_security_server_set_pwd_current_pwd_zero2nonempty)
-{
- int ret;
+ // TEST
sleep(1);
- ret = security_server_set_pwd("", "1234", 0, 0);
- RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ ret = security_server_set_pwd(TEST_PASSWORD, "", 0, 0);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EMPTY, "ret = " << ret);
}
+/**
+ * Change password to a too long password.
+ */
RUNNER_TEST(tc14_security_server_set_pwd_current_pwd_too_long_input_param)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- /*long password*/
char* long_password = (char*) malloc(5001);
long_password[5000] = '\0';
memset(long_password, 'A', 5000);
- ret = security_server_set_pwd("12345",long_password, 0, 0);
+ ret = security_server_set_pwd(TEST_PASSWORD,long_password, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Check empty password.
+ */
RUNNER_TEST(tc15_security_server_chk_pwd_shortest_password)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
+
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
+ sleep(1);
ret = security_server_chk_pwd("", &attempt, &max_attempt, &expire_sec);
- RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EMPTY, "ret = " << ret);
}
+/**
+ * Various validity parameter values.
+ */
RUNNER_TEST(tc16_security_server_set_pwd_validity)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ // TEST
ret = security_server_set_pwd_validity(0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Check passwords validity
+ */
RUNNER_TEST(tc17_security_server_is_pwd_valid)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 2);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST:
sleep(1);
ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
RUNNER_ASSERT_MSG((expire_sec > 172795) && (expire_sec < 172805), "expire_sec = " << expire_sec);
}
+/**
+ * Various numbers of challenges.
+ */
RUNNER_TEST(tc18_security_server_set_pwd_max_challenge)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, UINT_MAX);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ // TESTS
+ sleep(1);
ret = security_server_set_pwd_max_challenge(0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ sleep(1);
ret = security_server_set_pwd_max_challenge(UINT_MAX);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ sleep(1);
ret = security_server_set_pwd_max_challenge(5);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ sleep(1);
ret = security_server_set_pwd_max_challenge(6);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-
}
+
+/**
+ * Check the max number of challenges.
+ */
RUNNER_TEST(tc19_security_server_is_pwd_valid)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
-
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
sleep(1);
+ ret = security_server_set_pwd_max_challenge(6);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
RUNNER_ASSERT_MSG(max_attempt == 6, "max_attempt = " << max_attempt);
}
+/**
+ * Basic password check.
+ */
RUNNER_TEST(tc20_security_server_chk_pwd)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- //password bellow must be the same as in tc13
- ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, ret);
sleep(1);
ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
- //printf("RET: %d\r\n", ret);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
}
+/**
+ * Check an incorrect password.
+ */
RUNNER_TEST(tc21_security_server_chk_incorrect_pwd)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ //TEST
sleep(1);
- //password here should not match the one from tc20 and tc13
- ret = security_server_chk_pwd("02345", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
}
+/**
+ * Check an incorrect password
+ */
RUNNER_TEST(tc22_security_server_set_pwd_incorrect_current)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- //1st password here should not match the one from tc20 and tc13
- ret = security_server_set_pwd("02345", "abcde", 0, 0);
+ ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
}
+/**
+ * Change password
+ */
RUNNER_TEST(tc23_security_server_set_pwd_correct_current)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- //1st password here should match the one from tc20 and tc13
- ret = security_server_set_pwd("12345", "abcde", 0, 0);
+ ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Check wrong password multiple times and then check a correct one.
+ */
RUNNER_TEST(tc24_security_server_attempt_exceeding)
{
int ret;
int i;
unsigned int attempt, max_attempt, expire_sec;
- sleep(1);
- ret = security_server_set_pwd("abcde", "12345", 10, 0);
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ // TEST
printf("5 subtests started...");
for (i = 0; i < 5; i++) {
sleep(1);
-
- ret = security_server_chk_pwd("abcde", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
RUNNER_ASSERT_MSG(attempt == i + 1, attempt);
}
printf("DONE\n");
sleep(1);
- ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
sleep(1);
RUNNER_ASSERT_MSG(max_attempt == 10, "ret = " << ret);
}
+/**
+ * Try to exceed maximum number of challenges.
+ */
RUNNER_TEST(tc25_security_server_attempt_exceeding)
{
int ret;
int i;
unsigned int attempt, max_attempt, expire_sec;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 1);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
printf("10 subtests started...");
for (i = 0; i < 10; i++) {
sleep(1);
-
- ret = security_server_chk_pwd("abcde", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
RUNNER_ASSERT_MSG(attempt == i + 1, "attempt = " << attempt);
}
+
+ // The check, that exceeds max number
+ sleep(1);
+ ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED, "ret = " << ret);
printf("DONE\n");
sleep(1);
- ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED, "ret = " << ret);
}
+/**
+ * Reset password
+ */
RUNNER_TEST(tc26_security_server_reset_pwd)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
sleep(1);
- ret = security_server_reset_pwd("12345", 0, 0);
+ ret = security_server_reset_pwd(TEST_PASSWORD, 10, 10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+/**
+ * Check too long password.
+ */
RUNNER_TEST(tc27_security_server_chk_pwd_too_long_password)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
- sleep(1);
- /*long password*/
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TEST
char* long_password = (char*) malloc(5001);
long_password[5000] = '\0';
memset(long_password, 'A', 5000);
- //1st password here should not match the one from tc20 and tc13
ret = security_server_chk_pwd(long_password, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
}
+/**
+ * Check passwords expiration (not expired)
+ */
RUNNER_TEST(tc28_security_server_check_expiration)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
- sleep(1);
- ret = security_server_set_pwd("12345", "abcde", 10, 1);
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 1);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ // TEST
sleep(1);
ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
RUNNER_ASSERT_MSG((expire_sec < 86402) && (expire_sec > 86396), "expire_sec = " << ret);
}
+/**
+ * Use various parameter values of parameters.
+ */
RUNNER_TEST(tc29_security_server_set_pwd_history)
{
int ret;
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 1);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ // TESTS
sleep(1);
ret = security_server_set_pwd_history(100);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
ret = security_server_set_pwd_history(51);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
sleep(1);
ret = security_server_set_pwd_history(-5);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
sleep(1);
ret = security_server_set_pwd_history(50);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
sleep(1);
+ ret = security_server_set_pwd_history(INT_MAX);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
+
+ sleep(1);
+ ret = security_server_set_pwd_history(INT_MIN);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
+
+ sleep(1);
ret = security_server_set_pwd_history(10);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
}
+
+
int dir_filter(const struct dirent *entry)
{
if ((strcmp(entry->d_name, ".") == 0) ||
free(mydirent);
}
+
+/**
+ * Check password history.
+ */
RUNNER_TEST(tc30_security_server_check_history)
{
int ret;
int i;
char buf1[33], buf2[33];
+ // Prepare environment
+ reset_security_server();
+
clean_password_dir();
sleep(1);
+ ret = security_server_set_pwd_history(10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+
+ sleep(1);
ret = security_server_reset_pwd("history0", 0, 0);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
clean_password_dir();
}
+/**
+ * Replay attack
+ */
RUNNER_TEST(tc31_security_server_replay_attack)
{
int ret;
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
}
+/**
+ * Expired password
+ */
RUNNER_TEST(tc32_security_server_challenge_on_expired_password)
{
int ret;
unsigned int attempt, max_attempt, expire_sec;
struct timeval cur_time;
- sleep(1);
- ret = security_server_set_pwd("history60", "newpwd23", 4, 1);
-
+ // Prepare environment
+ reset_security_server();
+ ret = security_server_set_pwd(NULL, TEST_PASSWORD, 4, 1);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
+ // TEST
sleep(1);
- ret = security_server_chk_pwd("newpwd23", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
ret = gettimeofday(&cur_time, NULL);
RUNNER_ASSERT_MSG(ret > -1, ret);
sleep(1);
- ret = security_server_chk_pwd("newpwd23", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXPIRED, "ret = " << ret);
sleep(1);
- ret = security_server_chk_pwd("newpwd23_invalid", &attempt, &max_attempt, &expire_sec);
+ ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
}
+/**
+ * Reset password
+ */
+RUNNER_TEST(tc33_security_server_reset_by_null_pwd)
+{
+ int ret;
+ // Prepare environment
+ reset_security_server();
+
+ // TEST
+ sleep(1);
+ ret = security_server_reset_pwd(NULL, 10, 10);
+ RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
+}
int main(int argc, char *argv[])