#include <sys/smack.h>
#include <access_provider2.h>
-
#include <tests_common.h>
+#include <ckm-common.h>
namespace {
return ownerId.substr(1, std::string::npos);
}
- return "User::App::" + ownerId;
+ return SMACK_USER_APP_PREFIX + ownerId;
}
} // anonymous namespace
ScopedSaveData ssd(TEST_ALIAS, TEST_DATA);
- CharPtr label = get_label();
- int ret = ckmc_set_permission(TEST_ALIAS, label.get(), CKMC_PERMISSION_READ);
+ std::string ownerId = getOwnerIdFromSelf();
+ int ret = ckmc_set_permission(TEST_ALIAS, ownerId.c_str(), CKMC_PERMISSION_READ);
RUNNER_ASSERT_MSG(CKMC_ERROR_INVALID_PARAMETER == ret,
"Trying to allow myself returned: " << CKMCErrorToString(ret));
}
RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ret);
// double owner
- std::string aliasLabel = aliasWithLabel(get_label().get(), TEST_ALIAS);
+ std::string aliasLabel = aliasWithLabel(getOwnerIdFromSelf().c_str(), TEST_ALIAS);
ret = ckmc_set_permission_by_adm(APP_1, aliasWithLabel("another-owner", aliasLabel.c_str()).c_str(), APP_LABEL_1, CKMC_PERMISSION_READ);
RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER == ret);
}
ckmc_set_permission_by_adm(APP_1, aliasWithLabel("owner", TEST_ALIAS).c_str(), NULL, CKMC_PERMISSION_NONE));
// double owner
- std::string aliasLabel = aliasWithLabel(get_label().get(), TEST_ALIAS);
+ std::string aliasLabel = aliasWithLabel(getOwnerIdFromSelf().c_str(), TEST_ALIAS);
RUNNER_ASSERT(CKMC_ERROR_INVALID_PARAMETER ==
ckmc_set_permission_by_adm(APP_1, aliasWithLabel("another-owner", aliasLabel.c_str()).c_str(), APP_LABEL_1, CKMC_PERMISSION_NONE));
}
#include <fcntl.h>
#include <unistd.h>
+const std::string SMACK_USER_APP_PREFIX = "User::App::";
+
void generate_random(size_t random_bytes, char *output)
{
RUNNER_ASSERT(random_bytes>0 && output);
sm.stopService();
}
-// returns process label
-CharPtr get_label()
-{
+std::string getLabel() {
int ret;
- char* my_label = NULL;
- RUNNER_ASSERT_MSG(0 <= (ret = smack_new_label_from_self(&my_label)),
+ char* myLabel = NULL;
+ RUNNER_ASSERT_MSG(0 <= (ret = smack_new_label_from_self(&myLabel)),
"Failed to get smack label for self. Error: " << ret);
- RUNNER_ASSERT_MSG(my_label, "NULL smack label");
- return CharPtr(my_label, free);
+ RUNNER_ASSERT_MSG(myLabel, "NULL smack label");
+ std::string result = myLabel;
+ free(myLabel);
+ return result;
+}
+
+std::string getOwnerIdFromSelf() {
+ const std::string& prefix = SMACK_USER_APP_PREFIX;
+ std::string smack = getLabel();
+ if (0 == smack.compare(0, prefix.size(), prefix))
+ return smack.substr(prefix.size(), std::string::npos);
+ return "/" + smack;
}
std::string aliasWithLabel(const char *label, const char *alias)
RUNNER_ASSERT_MSG(0 == ret, "Error in smack_set_label_for_self("<<label<<"). Error: " << ret);
}
-ScopedLabel::ScopedLabel(const char* label) : m_original_label(get_label())
+ScopedLabel::ScopedLabel(const char* label) : m_original_label(getLabel())
{
change_label(label);
}
* Let it throw. If we can't restore label then remaining tests results will be
* unreliable anyway.
*/
- change_label(m_original_label.get());
+ change_label(m_original_label.c_str());
}
const char * CKMCErrorToString(int error) {
{
save_item item;
item.item_alias = std::string(alias);
- item.owner_label = std::string(get_label().get());
+ item.owner_label = getOwnerIdFromSelf();
item.owner_uid = geteuid();
item.owner_gid = getegid();
m_garbage.push_back(item);
#include <tests_common.h>
#include <sys/types.h>
+extern const std::string SMACK_USER_APP_PREFIX;
+
// support for error printing
const char * CKMCErrorToString(int error);
std::string CKMCReadableError(int error);
void start_service(ServiceIdx idx);
void stop_service(ServiceIdx idx);
-
// scoped free
typedef std::unique_ptr<char, void (*)(void *)> CharPtr;
-// returns process label
-CharPtr get_label();
+// returns process owner id
+std::string getOwnerIdFromSelf();
std::string aliasWithLabel(const char *label, const char *alias);
~ScopedLabel();
private:
- CharPtr m_original_label;
+ std::string m_original_label;
};
void save_data(const char* alias, const char *data, int expected_err = CKMC_ERROR_NONE);
{
KeyAliasPair aliases;
std::ostringstream oss;
- CharPtr my_label = get_label();
+ std::string ownerId = getOwnerIdFromSelf();
CharPtr passPtr(nullptr, free);
if (pass)
passPtr.reset(strdup(pass));
oss << "aes_" << static_cast<int>(m_type) << "_" << m_keyLen << "_key_alias";
if (suffix)
oss << suffix;
- aliases.prv = aliasWithLabel(my_label.get(),oss.str().c_str());
- aliases.pub = aliasWithLabel(my_label.get(), oss.str().c_str());
+ aliases.prv = aliasWithLabel(ownerId.c_str(),oss.str().c_str());
+ aliases.pub = aliasWithLabel(ownerId.c_str(), oss.str().c_str());
ckmc_policy_s policy;
policy.extractable = false;
oss_pub << suffix;
}
KeyAliasPair aliases = {
- aliasWithLabel(get_label().get(), oss_prv.str().c_str()),
- aliasWithLabel(get_label().get(), oss_pub.str().c_str())
+ aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_prv.str().c_str()),
+ aliasWithLabel(getOwnerIdFromSelf().c_str(), oss_pub.str().c_str())
};
CharPtr passPtr(nullptr, free);
if (pass)
auto key = CKM::Key::create(buffer, CKM::Password());
CKM::KeyShPtr key_name, key_full_addr;
CKM::Alias alias = "mykey-2";
- CharPtr top_label = get_label();
- std::string full_address = aliasWithLabel(top_label.get(), alias.c_str());
+ std::string top_label = getOwnerIdFromSelf();
+ std::string full_address = aliasWithLabel(top_label.c_str(), alias.c_str());
RUNNER_ASSERT_MSG(
CKM_API_SUCCESS == (temp = manager->saveKey(full_address, key, CKM::Policy())),