4 ## this is a test script for regressing changes to the secret@here PAM
14 my $whoami = `/usr/bin/whoami`; chomp $whoami;
16 my $user_domain = "$whoami\@local.host";
18 my $pid = open2(\*Reader, \*Writer, "../agents/secret\@here blah")
19 or die "failed to load secret\@here agent";
21 unless (-f (getpwuid($<))[7]."/.secret\@here") {
22 print STDERR "server: ". "no " .(getpwuid($<))[7]. "/.secret\@here file\n";
26 WriteBinaryPrompt(\*Writer, 0x02, "secret\@here/$user_domain|$cookie");
28 my ($control, $data) = ReadBinaryPrompt(\*Reader);
30 print STDERR "server: ". "reply: control=$control, data=$data\n";
32 die "expected 1 (OK) for the first agent reply; got $control";
34 my ($seqid, $a_cookie) = split '\|', $data;
36 # server needs to convince agent that it knows the secret before
37 # agent will give a valid response
38 my $secret = IdentifyLocalSecret($user_domain);
39 my $digest = CreateDigest($a_cookie."|".$cookie."|".$secret);
41 print STDERR "server: ". "digest = $digest\n";
42 WriteBinaryPrompt(\*Writer, 0x01, "$seqid|$digest");
44 # The agent will authenticate us and then reply with its
45 # authenticating digest. we check that before we're done.
47 ($control, $data) = ReadBinaryPrompt(\*Reader);
48 if ($control != 0x03) {
49 die "server: agent did not reply with a 'done' prompt ($control)\n";
52 unless ($data eq CreateDigest($secret."|".$cookie."|".$a_cookie)) {
53 die "server: agent is not authenticated\n";
56 print STDERR "server: agent appears to know secret\n";
58 my $session_authenticated_ticket
59 = CreateDigest($cookie."|".$secret."|".$a_cookie);
61 print STDERR "server: should putenv("
62 ."\"AUTH_SESSION_TICKET=$session_authenticated_ticket\")\n";
66 sub CreateDigest ($) {
69 my $pid = open2(\*MD5out, \*MD5in, "/usr/bin/md5sum -")
70 or die "you'll need /usr/bin/md5sum installed";
72 my $oldfd = select MD5in; $|=1; select $oldfd;
76 ($reply) = split /\s/, $reply;
77 print STDERR "server: ". "md5 said: <$reply>\n";
83 sub ReadBinaryPrompt ($) {
87 my $count = read($fd, $buffer, 5);
89 # no more packets to read
94 # broken packet header
98 my ($length, $control) = unpack("N C", $buffer);
100 # broken packet length
106 while ($count = read($fd, $buffer, $length)) {
108 if ($count != $length) {
113 print STDERR "server: ". "data is [$data]\n";
115 return ($control, $data);
122 sub WriteBinaryPrompt ($$$) {
123 my ($fd, $control, $data) = @_;
125 my $length = 5 + length($data);
126 printf STDERR "server: ". "{%d|0x%.2x|%s}\n", $length, $control, $data;
127 my $bp = pack("N C a*", $length, $control, $data);
130 print STDERR "server: ". "control passed to agent\@here\n";
133 sub IdentifyLocalSecret ($) {
134 my ($identifier) = @_;
137 my $whoami = `/usr/bin/whoami` ; chomp $whoami;
138 if (open SECRETS, "< " .(getpwuid($<))[7]. "/.secret\@here") {
140 while (defined ($line = <SECRETS>)) {
141 my ($id, $sec) = split /[\s]/, $line;
142 if ((defined $id) && ($id eq $identifier)) {