-/* -*- mode: C; c-file-style: "gnu" -*- */
-/* dbus-auth-script.c Test DBusAuth using a special script file (internal to D-BUS implementation)
+/* -*- mode: C; c-file-style: "gnu"; indent-tabs-mode: nil; -*- */
+/* dbus-auth-script.c Test DBusAuth using a special script file (internal to D-Bus implementation)
*
* Copyright (C) 2003 Red Hat, Inc.
*
- * Licensed under the Academic Free License version 1.2
+ * Licensed under the Academic Free License version 2.1
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#include <config.h>
-#ifdef DBUS_BUILD_TESTS
+#ifdef DBUS_ENABLE_EMBEDDED_TESTS
#include "dbus-auth-script.h"
#include "dbus-auth.h"
#include "dbus-string.h"
#include "dbus-hash.h"
+#include "dbus-credentials.h"
#include "dbus-internals.h"
-#include "dbus-marshal.h"
-#include "dbus-userdb.h"
+#include "dbus-authorization.h"
/**
* @defgroup DBusAuthScript code for running unit test scripts for DBusAuth
return DBUS_AUTH_STATE_HAVE_BYTES_TO_SEND;
else if (_dbus_string_starts_with_c_str (str, "NEED_DISCONNECT"))
return DBUS_AUTH_STATE_NEED_DISCONNECT;
- else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED_WITH_UNUSED_BYTES"))
- return DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES;
else if (_dbus_string_starts_with_c_str (str, "AUTHENTICATED"))
return DBUS_AUTH_STATE_AUTHENTICATED;
else
return "HAVE_BYTES_TO_SEND";
case DBUS_AUTH_STATE_NEED_DISCONNECT:
return "NEED_DISCONNECT";
- case DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES:
- return "AUTHENTICATED_WITH_UNUSED_BYTES";
case DBUS_AUTH_STATE_AUTHENTICATED:
return "AUTHENTICATED";
}
return "unknown";
}
+static char **
+split_string (DBusString *str)
+{
+ int i, j, k, count, end;
+ char **array;
+
+ end = _dbus_string_get_length (str);
+
+ i = 0;
+ _dbus_string_skip_blank (str, i, &i);
+ for (count = 0; i < end; count++)
+ {
+ _dbus_string_find_blank (str, i, &i);
+ _dbus_string_skip_blank (str, i, &i);
+ }
+
+ array = dbus_new0 (char *, count + 1);
+ if (array == NULL)
+ return NULL;
+
+ i = 0;
+ _dbus_string_skip_blank (str, i, &i);
+ for (k = 0; k < count; k++)
+ {
+ _dbus_string_find_blank (str, i, &j);
+
+ array[k] = dbus_malloc (j - i + 1);
+ if (array[k] == NULL)
+ {
+ dbus_free_string_array (array);
+ return NULL;
+ }
+ memcpy (array[k],
+ _dbus_string_get_const_data_len (str, i, j - i), j - i);
+ array[k][j - i] = '\0';
+
+ _dbus_string_skip_blank (str, j, &i);
+ }
+ array[k] = NULL;
+
+ return array;
+}
+
+static void
+auth_set_unix_credentials(DBusAuth *auth,
+ dbus_uid_t uid,
+ dbus_pid_t pid)
+{
+ DBusCredentials *credentials;
+
+ credentials = _dbus_credentials_new ();
+ if (credentials == NULL)
+ _dbus_assert_not_reached ("no memory");
+
+ if (uid != DBUS_UID_UNSET)
+ _dbus_credentials_add_unix_uid (credentials, uid);
+ if (pid != DBUS_PID_UNSET)
+ _dbus_credentials_add_pid (credentials, pid);
+
+ _dbus_auth_set_credentials (auth, credentials);
+
+ _dbus_credentials_unref (credentials);
+}
+
/**
* Runs an "auth script" which is a script for testing the
* authentication protocol. Scripts send and receive data, and then
_dbus_auth_script_run (const DBusString *filename)
{
DBusString file;
- DBusError error;
+ DBusError error = DBUS_ERROR_INIT;
DBusString line;
dbus_bool_t retval;
int line_no;
DBusString from_auth;
DBusAuthState state;
DBusString context;
+ DBusString guid;
retval = FALSE;
auth = NULL;
+ _dbus_string_init_const (&guid, "5fa01f4202cd837709a3274ca0df9d00");
_dbus_string_init_const (&context, "org_freedesktop_test");
if (!_dbus_string_init (&file))
return FALSE;
}
- dbus_error_init (&error);
if (!_dbus_file_get_contents (&file, filename, &error)) {
_dbus_warn ("Getting contents of %s failed: %s\n",
_dbus_string_get_const_data (filename), error.message);
state = DBUS_AUTH_STATE_NEED_DISCONNECT;
line_no = 0;
+
next_iteration:
while (_dbus_string_pop_line (&file, &line))
{
line_no += 1;
+ /* _dbus_warn ("%s\n", _dbus_string_get_const_data (&line)); */
+
_dbus_string_delete_leading_blanks (&line);
if (auth != NULL)
/* Ignore this comment */
goto next_iteration;
}
+#ifdef DBUS_WIN
+ else if (_dbus_string_starts_with_c_str (&line,
+ "WIN_ONLY"))
+ {
+ /* Ignore this line */
+ goto next_iteration;
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
+ "UNIX_ONLY"))
+ {
+ /* skip this file */
+ _dbus_warn ("skipping unix only auth script\n");
+ retval = TRUE;
+ goto out;
+ }
+#endif
+#ifdef DBUS_UNIX
+ else if (_dbus_string_starts_with_c_str (&line,
+ "UNIX_ONLY"))
+ {
+ /* Ignore this line */
+ goto next_iteration;
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
+ "WIN_ONLY"))
+ {
+ /* skip this file */
+ _dbus_warn ("skipping windows only auth script\n");
+ retval = TRUE;
+ goto out;
+ }
+#endif
else if (_dbus_string_starts_with_c_str (&line,
"CLIENT"))
{
- DBusCredentials creds;
+ DBusCredentials *creds;
if (auth != NULL)
{
goto out;
}
- _dbus_credentials_from_current_process (&creds);
- _dbus_auth_set_credentials (auth, &creds);
+ /* test ref/unref */
+ _dbus_auth_ref (auth);
+ _dbus_auth_unref (auth);
+
+ creds = _dbus_credentials_new_from_current_process ();
+ if (creds == NULL)
+ {
+ _dbus_warn ("no memory for credentials\n");
+ _dbus_auth_unref (auth);
+ auth = NULL;
+ goto out;
+ }
+
+ if (!_dbus_auth_set_credentials (auth, creds))
+ {
+ _dbus_warn ("no memory for setting credentials\n");
+ _dbus_auth_unref (auth);
+ auth = NULL;
+ _dbus_credentials_unref (creds);
+ goto out;
+ }
+
+ _dbus_credentials_unref (creds);
}
- else if (_dbus_string_starts_with_c_str (&line,
- "SERVER"))
+ else if (_dbus_string_starts_with_c_str (&line, "SERVER") ||
+ _dbus_string_starts_with_c_str (&line, "SERVER_ANONYMOUS"))
{
- DBusCredentials creds;
+ DBusCredentials *creds;
+ DBusAuthorization *authorization;
if (auth != NULL)
{
goto out;
}
- auth = _dbus_auth_server_new ();
+ /* empty authorization, it will use default rules */
+ authorization = _dbus_authorization_new ();
+ if (authorization == NULL)
+ {
+ _dbus_warn ("no memory to create DBusAuthorization\n");
+ goto out;
+ }
+ /* if we are testing an anonymous server, we need to enable
+ * anonymous authorization, or the mech will REJECT */
+ if (_dbus_string_starts_with_c_str (&line, "SERVER_ANONYMOUS"))
+ _dbus_authorization_set_allow_anonymous (authorization, TRUE);
+
+ auth = _dbus_auth_server_new (&guid, authorization);
+ /* DBusAuth owns it, or finalized on OOM */
+ _dbus_authorization_unref (authorization);
if (auth == NULL)
{
_dbus_warn ("no memory to create DBusAuth\n");
goto out;
}
- _dbus_credentials_from_current_process (&creds);
- _dbus_auth_set_credentials (auth, &creds);
+ /* test ref/unref */
+ _dbus_auth_ref (auth);
+ _dbus_auth_unref (auth);
+
+ creds = _dbus_credentials_new_from_current_process ();
+ if (creds == NULL)
+ {
+ _dbus_warn ("no memory for credentials\n");
+ _dbus_auth_unref (auth);
+ auth = NULL;
+ goto out;
+ }
+
+ if (!_dbus_auth_set_credentials (auth, creds))
+ {
+ _dbus_warn ("no memory for setting credentials\n");
+ _dbus_auth_unref (auth);
+ auth = NULL;
+ _dbus_credentials_unref (creds);
+ goto out;
+ }
+
+ _dbus_credentials_unref (creds);
+
_dbus_auth_set_context (auth, &context);
}
else if (auth == NULL)
else if (_dbus_string_starts_with_c_str (&line,
"NO_CREDENTIALS"))
{
- DBusCredentials creds = { -1, -1, -1 };
- _dbus_auth_set_credentials (auth, &creds);
+ auth_set_unix_credentials (auth, DBUS_UID_UNSET, DBUS_PID_UNSET);
}
else if (_dbus_string_starts_with_c_str (&line,
"ROOT_CREDENTIALS"))
{
- DBusCredentials creds = { -1, 0, 0 };
- _dbus_auth_set_credentials (auth, &creds);
+ auth_set_unix_credentials (auth, 0, DBUS_PID_UNSET);
}
else if (_dbus_string_starts_with_c_str (&line,
"SILLY_CREDENTIALS"))
{
- DBusCredentials creds = { -1, 4312, 1232 };
- _dbus_auth_set_credentials (auth, &creds);
+ auth_set_unix_credentials (auth, 4312, DBUS_PID_UNSET);
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
+ "ALLOWED_MECHS"))
+ {
+ char **mechs;
+
+ _dbus_string_delete_first_word (&line);
+ mechs = split_string (&line);
+ _dbus_auth_set_mechanisms (auth, (const char **) mechs);
+ dbus_free_string_array (mechs);
}
else if (_dbus_string_starts_with_c_str (&line,
"SEND"))
goto out;
}
- /* Replace USERID_BASE64 with our username in base64 */
+ /* Replace USERID_HEX with our username in hex */
{
int where;
if (_dbus_string_find (&to_send, 0,
- "USERID_BASE64", &where))
+ "USERID_HEX", &where))
{
DBusString username;
goto out;
}
- if (!_dbus_string_append_uint (&username,
- _dbus_getuid ()))
+ if (!_dbus_append_user_from_current_process (&username))
{
_dbus_warn ("no memory for userid\n");
_dbus_string_free (&username);
goto out;
}
- _dbus_string_delete (&to_send, where, strlen ("USERID_BASE64"));
+ _dbus_string_delete (&to_send, where, strlen ("USERID_HEX"));
- if (!_dbus_string_base64_encode (&username, 0,
- &to_send, where))
+ if (!_dbus_string_hex_encode (&username, 0,
+ &to_send, where))
{
- _dbus_warn ("no memory to subst USERID_BASE64\n");
+ _dbus_warn ("no memory to subst USERID_HEX\n");
_dbus_string_free (&username);
_dbus_string_free (&to_send);
goto out;
_dbus_string_free (&username);
}
else if (_dbus_string_find (&to_send, 0,
- "USERNAME_BASE64", &where))
+ "USERNAME_HEX", &where))
{
DBusString username;
- const DBusString *u;
if (!_dbus_string_init (&username))
{
goto out;
}
- if (!_dbus_username_from_current_process (&u) ||
- !_dbus_string_copy (u, 0, &username,
- _dbus_string_get_length (&username)))
+ if (!_dbus_append_user_from_current_process (&username))
{
_dbus_warn ("no memory for username\n");
_dbus_string_free (&username);
goto out;
}
- _dbus_string_delete (&to_send, where, strlen ("USERNAME_BASE64"));
+ _dbus_string_delete (&to_send, where, strlen ("USERNAME_HEX"));
- if (!_dbus_string_base64_encode (&username, 0,
- &to_send, where))
+ if (!_dbus_string_hex_encode (&username, 0,
+ &to_send, where))
{
- _dbus_warn ("no memory to subst USERNAME_BASE64\n");
+ _dbus_warn ("no memory to subst USERNAME_HEX\n");
_dbus_string_free (&username);
_dbus_string_free (&to_send);
goto out;
}
}
else if (_dbus_string_starts_with_c_str (&line,
+ "EXPECT_HAVE_NO_CREDENTIALS"))
+ {
+ DBusCredentials *authorized_identity;
+
+ authorized_identity = _dbus_auth_get_identity (auth);
+ if (!_dbus_credentials_are_anonymous (authorized_identity))
+ {
+ _dbus_warn ("Expected anonymous login or failed login, but some credentials were authorized\n");
+ goto out;
+ }
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
+ "EXPECT_HAVE_SOME_CREDENTIALS"))
+ {
+ DBusCredentials *authorized_identity;
+
+ authorized_identity = _dbus_auth_get_identity (auth);
+ if (_dbus_credentials_are_anonymous (authorized_identity))
+ {
+ _dbus_warn ("Expected to have some credentials, but we don't\n");
+ goto out;
+ }
+ }
+ else if (_dbus_string_starts_with_c_str (&line,
"EXPECT"))
{
DBusString expected;
}
}
- if (auth != NULL &&
- state == DBUS_AUTH_STATE_AUTHENTICATED_WITH_UNUSED_BYTES)
+ if (auth == NULL)
{
- _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
+ _dbus_warn ("Auth script is bogus, did not even have CLIENT or SERVER\n");
goto out;
}
+ else if (state == DBUS_AUTH_STATE_AUTHENTICATED)
+ {
+ const DBusString *unused;
+
+ _dbus_auth_get_unused_bytes (auth, &unused);
+
+ if (_dbus_string_get_length (unused) > 0)
+ {
+ _dbus_warn ("did not expect unused bytes (scripts must specify explicitly if they are expected)\n");
+ goto out;
+ }
+ }
if (_dbus_string_get_length (&from_auth) > 0)
{
}
/** @} */
-#endif /* DBUS_BUILD_TESTS */
+#endif /* DBUS_ENABLE_EMBEDDED_TESTS */
projects / platform / upstream / dbus.git / blobdiff