Added test cases for new security server API

[Issue#]        Test cases for get_gid, get_uid API
[Bug/Feature]   New test cases
[Cause]         New API added and need tests
[Solution]      New tests added
[Verification]  Compile, run tests

Change-Id: I846ba6934aa47be0033bcd706e5ac6391936998a

diff --git a/tests/security-server-tests/security_server_tests_client_smack.cpp b/tests/security-server-tests/security_server_tests_client_smack.cpp
index f73b97b..05ebc42 100644 (file)
--- a/tests/security-server-tests/security_server_tests_client_smack.cpp
+++ b/tests/security-server-tests/security_server_tests_client_smack.cpp
@@ -586,6 +586,164 @@ RUNNER_MULTIPROCESS_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack)
     RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result2, "result2 = " << result2);
 }
 
+int apply_smack_rule(const char *subject, const char *object, const char *rule)
+{
+    struct smack_accesses *ruleHandler = NULL;
+    if (smack_accesses_new(&ruleHandler) != 0)
+        goto error;
+    if (smack_accesses_add(ruleHandler, subject, object, rule) != 0)
+        goto error;
+    if (smack_accesses_apply(ruleHandler) != 0)
+        goto error;
+
+    smack_accesses_free(ruleHandler);
+    return 0;
+
+error:
+    smack_accesses_free(ruleHandler);
+    return -1;
+}
+
+RUNNER_TEST(tc01_security_server_get_uid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //checking function
+    uid_t cookieUid, realUid;
+    realUid = getuid();
+    retval = security_server_get_uid_by_cookie(&cookie[0], &cookieUid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get UID from cookie");
+    RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID");
+
+    //checking for input parameters
+    retval = security_server_get_uid_by_cookie(NULL, &cookieUid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "Error in checking input parameters by function");
+    retval = security_server_get_uid_by_cookie(&cookie[0], NULL);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "Error in checking input parameters by function");
+}
+
+RUNNER_CHILD_TEST(tc01a_security_server_get_uid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //preapare SMACK environment
+    RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
+    RUNNER_ASSERT_MSG(smack_revoke_subject("BialyMis") == 0, "Error in smack_revoke_subject");
+    //drop privileges
+    RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
+
+    //checking function
+    uid_t cookieUid, realUid;
+    realUid = getuid();
+    retval = security_server_get_uid_by_cookie(&cookie[0], &cookieUid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_SOCKET, "Socket not protected by smack");
+}
+
+RUNNER_CHILD_TEST(tc01b_security_server_get_uid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //preapare SMACK environment
+    RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
+    RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
+    //drop privileges
+    RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
+
+    //checking function
+    uid_t cookieUid, realUid;
+    realUid = getuid();
+    retval = security_server_get_uid_by_cookie(&cookie[0], &cookieUid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get UID from cookie");
+    RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID");
+}
+
+
+
+RUNNER_TEST(tc02_security_server_get_gid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //checking function
+    gid_t cookieGid, realGid;
+    realGid = getgid();
+    retval = security_server_get_gid_by_cookie(&cookie[0], &cookieGid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get GID from cookie");
+    RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID");
+
+    //checking for input parameters
+    retval = security_server_get_gid_by_cookie(NULL, &cookieGid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "Error in checking input parameters by function");
+    retval = security_server_get_gid_by_cookie(&cookie[0], NULL);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "Error in checking input parameters by function");
+
+}
+
+RUNNER_CHILD_TEST(tc02a_security_server_get_gid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //preapare SMACK environment
+    RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
+    RUNNER_ASSERT_MSG(smack_revoke_subject("BialyMis") == 0, "Error in smack_revoke_subject");
+    //drop privileges
+    RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
+
+    //checking function
+    gid_t cookieGid, realGid;
+    realGid = getgid();
+    retval = security_server_get_gid_by_cookie(&cookie[0], &cookieGid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_SOCKET, "Socket not protected by smack");
+}
+
+RUNNER_CHILD_TEST(tc02b_security_server_get_gid_by_cookie)
+{
+    int cookieSize = security_server_get_cookie_size();
+    RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size");
+
+    std::vector<char> cookie(cookieSize);
+    int retval = security_server_request_cookie(&cookie[0], cookieSize);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie");
+
+    //preapare SMACK environment
+    RUNNER_ASSERT_MSG(smack_set_label_for_self("BialyMis") == 0, "Unable to set label for self");
+    RUNNER_ASSERT_MSG(apply_smack_rule("BialyMis", "security-server::api-cookie-check", "w") == 0, "Error in adding rule");
+    //drop privileges
+    RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges");
+
+    //checking function
+    gid_t cookieGid, realGid;
+    realGid = getgid();
+    retval = security_server_get_gid_by_cookie(&cookie[0], &cookieGid);
+    RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get GID from cookie");
+    RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID");
+}
+
+
 ////////////////////
 /////MAIN///////////
 ////////////////////

diff --git a/tests/security-server-tests/security_server_tests_weird_arguments.cpp b/tests/security-server-tests/security_server_tests_weird_arguments.cpp
index 888a25a..1badd21 100644 (file)
--- a/tests/security-server-tests/security_server_tests_weird_arguments.cpp
+++ b/tests/security-server-tests/security_server_tests_weird_arguments.cpp
@@ -119,16 +119,11 @@ RUNNER_TEST(tc04_security_server_check_privilege_weird_input_case)
     ret = security_server_check_privilege(cookie, gid);
     RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
 
-    /* invalid gid case */
-    gid = -1;
     char cookie2[cookie_size];
 
     ret = security_server_request_cookie(cookie2, cookie_size);
     RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
 
-    ret = security_server_check_privilege(cookie2, gid);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_BAD_REQUEST, "ret: " << ret);
-
     /* big gid case */
     gid = 70666;