Added the config option of a pre-login banner

Resolves: #313

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>

tests/Makefile.am

@@ -96,7 +96,7 @@ dist_check_SCRIPTS += test-pass test-pass-cert test-cert test-group-pass \
 	test-enc-key test-sighup-key-change test-get-cert test-san-cert \
 	test-gssapi test-pass-opt-cert test-cert-opt-pass test-gssapi-opt-pass \
 	test-gssapi-opt-cert haproxy-auth test-maintenance \
-	test-group-name flowcontrol
+	test-group-name flowcontrol banner
 
 if HAVE_CWRAP_PAM
 dist_check_SCRIPTS += test-pam test-pam-noauth

tests/banner

@@ -0,0 +1,72 @@
+#!/bin/bash
+#
+# Copyright (C) 2013 Nikos Mavrogiannopoulos
+#
+# This file is part of ocserv.
+#
+# ocserv is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# ocserv is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with GnuTLS; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# tests whether the pre-login-banner is printed
+
+SERV="${SERV:-../src/ocserv}"
+srcdir=${srcdir:-.}
+NO_NEED_ROOT=1
+PORT=4173
+TMPFILE=ocserv-plbanner.$$.tmp
+PIDFILE=ocserv-pid.$$.tmp
+
+. `dirname $0`/common.sh
+
+function finish {
+  set +e
+  echo " * Cleaning up..."
+  test -n "${PIDFILE}" && test -f "${PIDFILE}" && kill $(cat ${PIDFILE}) >/dev/null 2>&1
+  test -n "${PIDFILE}" && rm -f ${PIDFILE} >/dev/null 2>&1
+  test -n "${CONFIG}" && rm -f ${CONFIG} >/dev/null 2>&1
+  test -n "${TMPFILE}" && rm -f ${TMPFILE} >/dev/null 2>&1
+}
+trap finish EXIT
+
+echo "Testing banner printing... "
+
+update_config test1.config
+launch_sr_server -d 1 -p ${PIDFILE} -f -c ${CONFIG} & PID=$!
+wait_server $PID
+
+sleep 3
+
+echo "Connecting to obtain cookie... "
+( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT  $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >${TMPFILE} 2>&1 ) ||
+	fail $PID "Could not receive cookie from server"
+
+grep "AN UNPREDICTABLE BANNER" ${TMPFILE} >/dev/null
+if test $? != 0;then
+	echo "The banner was not printed"
+	cat $TMPFILE
+	exit 1
+fi
+
+echo "Connecting to obtain cookie with wrong password... "
+( echo "tost" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT  $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >${TMPFILE} 2>&1 ) &&
+	fail $PID "Received cookie when we shouldn't"
+
+grep "AN UNPREDICTABLE BANNER" ${TMPFILE} >/dev/null
+if test $? != 0;then
+	echo "The banner was not printed"
+	cat $TMPFILE
+	exit 1
+fi
+
+exit 0

tests/data/test1.config

@@ -12,6 +12,8 @@ max-ban-score = 0
 # A banner to be displayed on clients
 #banner = "Welcome"
 
+pre-login-banner = "AN UNPREDICTABLE BANNER"
+
 # Use listen-host to limit to specific IPs or to the IPs of a provided hostname.
 #listen-host = [IP|HOSTNAME]
 
@@ -107,12 +109,6 @@ auth-timeout = 40
 # a failed authentication attempt.
 #min-reauth-time = 2
 
-# Cookie validity time (in seconds)
-# Once a client is authenticated he's provided a cookie with
-# which he can reconnect. This option sets the maximum lifetime
-# of that cookie.
-cookie-validity = 172800
-
 # Script to call when a client connects and obtains an IP
 # Parameters are passed on the environment.
 # REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client), 
@@ -122,12 +118,6 @@ cookie-validity = 172800
 #connect-script = /usr/bin/myscript
 #disconnect-script = /usr/bin/myscript
 
-# UTMP
-use-utmp = true
-
-# PID file
-pid-file = ./ocserv.pid
-
 # The default server directory. Does not require any devices present.
 #chroot-dir = /path/to/chroot