Drop tests related to security-server 39/57039/1
authorRafal Krypa <r.krypa@samsung.com>
Thu, 14 Jan 2016 14:43:54 +0000 (15:43 +0100)
committerRafal Krypa <r.krypa@samsung.com>
Thu, 14 Jan 2016 14:47:39 +0000 (15:47 +0100)
Security-server has been removed from Tizen 3.0 images.

Change-Id: I6cd8349abd94b2136726a357f515308cb482bce9
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
27 files changed:
README
packaging/security-tests.manifest
packaging/security-tests.spec
src/CMakeLists.txt
src/ckm/CMakeLists.txt
src/ckm/clean-env.cpp [deleted file]
src/ckm/clean-env.h [deleted file]
src/ckm/password-integration.cpp [deleted file]
src/security-server-tests/CMakeLists.txt [deleted file]
src/security-server-tests/WRT_sstp_test_rules1.smack [deleted file]
src/security-server-tests/WRT_sstp_test_rules2.smack [deleted file]
src/security-server-tests/common/security_server_tests_common.cpp [deleted file]
src/security-server-tests/common/security_server_tests_common.h [deleted file]
src/security-server-tests/cookie_api.cpp [deleted file]
src/security-server-tests/security_server_clean_env.cpp [deleted file]
src/security-server-tests/security_server_clean_env.h [deleted file]
src/security-server-tests/security_server_measurer_API_speed.cpp [deleted file]
src/security-server-tests/security_server_mockup.cpp [deleted file]
src/security-server-tests/security_server_mockup.h [deleted file]
src/security-server-tests/security_server_tests_client_smack.cpp [deleted file]
src/security-server-tests/security_server_tests_mt.cpp [deleted file]
src/security-server-tests/security_server_tests_password.cpp [deleted file]
src/security-server-tests/security_server_tests_privilege.cpp [deleted file]
src/security-server-tests/security_server_tests_stress.cpp [deleted file]
src/security-server-tests/server.cpp [deleted file]
src/security-server-tests/weird_arguments.cpp [deleted file]
src/security-tests.sh

diff --git a/README b/README
index 83c2c05474f2af4d5ac2c3749f3dfac0715bc05c..38d9538be4d71a06c6b924e8bf1d4ff92c6cd759 100644 (file)
--- a/README
+++ b/README
@@ -13,14 +13,6 @@ libsmack
   libsmack-test
 libprivilege-control
   libprivilege-control-test
-security-server
-  security-server-tests-client-smack
-  security-server-tests-stress
-  security-server-tests-server
-  security-server-tests-api-speed
-  security-server-tests-password
-  security-server-tests-privilege
-  security-server-tests-dbus
 security-manager
   security-manager-tests
 cynara
index dc317950001953083998f37c2f138a4befe6dca7..c06bf7c789975e737ad53264d6f5acf907163c1d 100644 (file)
@@ -9,12 +9,6 @@
 
         <filesystem path="/usr/bin/libsmack-test" exec_label="_" />
         <filesystem path="/usr/bin/libprivilege-control-test" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-client-smack" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-server" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-password" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-privilege" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-stress" exec_label="_" />
-        <filesystem path="/usr/bin/security-server-tests-dbus" exec_label="_" />
         <filesystem path="/usr/bin/security-manager-tests" exec_label="_" />
         <filesystem path="/usr/bin/cynara-tests" exec_label="_" />
         <filesystem path="/usr/bin/ckm-tests" exec_label="User" />
index 0fadcd4eef4932fbd7ab1fc4771ad653a49b55dd..4136fdc6bb532e060296d0facc7b89348d9beca7 100644 (file)
@@ -12,7 +12,6 @@ BuildRequires: libattr-devel
 BuildRequires: pkgconfig(libcap)
 BuildRequires: pkgconfig(libsmack)
 BuildRequires: pkgconfig(libprivilege-control)
-BuildRequires: pkgconfig(security-server)
 BuildRequires: pkgconfig(security-manager)
 BuildRequires: pkgconfig(key-manager)
 BuildRequires: pkgconfig(dlog)
@@ -87,17 +86,10 @@ echo "security-tests postinst done ..."
 /usr/bin/libsmack-test
 /usr/bin/smack-dbus-tests
 /usr/bin/libprivilege-control-test
-/usr/bin/security-server-tests-client-smack
-/usr/bin/security-server-tests-server
-/usr/bin/security-server-tests-password
-/usr/bin/security-server-tests-privilege
-/usr/bin/security-server-tests-stress
 /etc/smack/test_smack_rules_full
 /etc/smack/test_smack_rules2
 /etc/smack/test_smack_rules3
 /etc/smack/test_smack_rules4
-/usr/bin/security-server-tests-mt
-/usr/bin/security-server-tests-api-speed
 /usr/bin/security-manager-tests
 /etc/smack/test_smack_rules
 /etc/smack/test_smack_rules_lnk
index a73e120cc1d7768c0d736aaf789b96494cc56290..9cb349e7cb1f1c5365170079e99aa3c828b06155 100644 (file)
@@ -87,7 +87,6 @@ ADD_SUBDIRECTORY(ckm-integration)
 ADD_SUBDIRECTORY(libprivilege-control-tests)
 ADD_SUBDIRECTORY(libsmack-tests)
 ADD_SUBDIRECTORY(smack-dbus-tests)
-ADD_SUBDIRECTORY(security-server-tests)
 ADD_SUBDIRECTORY(security-manager-tests)
 ADD_SUBDIRECTORY(cynara-tests)
 ADD_SUBDIRECTORY(libwebappenc-tests)
index 40891faa7a667018d22869ed31ab168524d21287..dfdc4185a7c1d3732c7c28e1d9f7d909bad6880f 100644 (file)
@@ -46,10 +46,8 @@ SET(CKM_SOURCES
     ${PROJECT_SOURCE_DIR}/src/ckm/async-api.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/ckm-common.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/cc-mode.cpp
-#    ${PROJECT_SOURCE_DIR}/src/ckm/password-integration.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/system-db.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/initial-values.cpp
-    ${PROJECT_SOURCE_DIR}/src/ckm/clean-env.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/test-certs.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/algo-params.cpp
     ${PROJECT_SOURCE_DIR}/src/ckm/encryption-decryption-env.cpp
diff --git a/src/ckm/clean-env.cpp b/src/ckm/clean-env.cpp
deleted file mode 100644 (file)
index 88352bd..0000000
+++ /dev/null
@@ -1,66 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_clean_env.cpp
- * @author  Zbigniew Jasinski (z.jasinski@samsung.com)
- * @version 1.0
- * @brief   Functions to prepare clean env for tests.
- *
- */
-
-#include <ftw.h>
-#include <unistd.h>
-
-#include <ckm/ckm-control.h>
-
-#include <service_manager.h>
-#include <clean-env.h>
-
-int restart_security_server() {
-    ServiceManager sm("security-server.service");
-    sm.restartService();
-
-    return 0;
-}
-
-static int nftw_rmdir_contents(const char *fpath, const struct stat * /*sb*/,
-                               int tflag, struct FTW *ftwbuf)
-{
-    if (tflag == FTW_F)
-        unlink(fpath);
-    else if (tflag == FTW_DP && ftwbuf->level != 0)
-        rmdir(fpath);
-
-    return 0;
-}
-
-/**
- * This function should be called at the begining of every SS test, so all the tests
- * are independent of each other.
- */
-int reset_security_server()
-{
-    const char* path = "/opt/data/security-server/";
-    const int max_descriptors = 10; //max number of open file descriptors by nftw function
-
-    // Clear /opt/data/security-server/ directory
-    if (access(path, F_OK) == 0) {
-        if (nftw(path, &nftw_rmdir_contents, max_descriptors, FTW_DEPTH) == -1) {
-            return 1;
-        }
-        sync();
-    }
-
-    restart_security_server();
-    auto control = CKM::Control::create();
-
-    if (!!control) {
-        control->lockUserKey(5000);
-        control->removeUserData(5000);
-        control->unlockUserKey(5000, "");
-    }
-
-    return 0;
-}
-
diff --git a/src/ckm/clean-env.h b/src/ckm/clean-env.h
deleted file mode 100644 (file)
index f6f6c9e..0000000
+++ /dev/null
@@ -1,20 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_clean_env.cpp
- * @author  Zbigniew Jasinski (z.jasinski@samsung.com)
- * @version 1.0
- * @brief   Functions to prepare clean env for tests.
- *
- */
-#pragma once
-
-#include <ftw.h>
-#include <unistd.h>
-
-#include <ckm/ckm-control.h>
-
-int restart_security_server();
-int reset_security_server();
-
diff --git a/src/ckm/password-integration.cpp b/src/ckm/password-integration.cpp
deleted file mode 100644 (file)
index 3df917e..0000000
+++ /dev/null
@@ -1,264 +0,0 @@
-/*
- *  Copyright (c) 2000 - 2014 Samsung Electronics Co.
- *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License
- *
- * @file       password-integration.cpp
- * @author     Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version    1.0
- */
-#include <vector>
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-
-#include <tests_common.h>
-
-#include <ckm/ckm-control.h>
-#include <ckm/ckm-manager.h>
-#include <ckm/ckm-password.h>
-#include <ckm/ckm-type.h>
-
-#include <security-server.h>
-
-#include <access_provider2.h>
-#include <clean-env.h>
-
-CKM::Alias CKM_ALIAS1 = "ALIAS1";
-CKM::Alias CKM_ALIAS2 = "ALIAS2";
-
-CKM::RawBuffer BIN_DATA1 = {'A','B','R','A','C','A','D','A','B','R','A'};
-
-const char * PASSWORD1 = "LongPassword1";
-const char * PASSWORD2 = "LongerPassword2";
-
-static const int USER_APP = 5000;
-
-const unsigned int PASSWORD_RETRY_TIMEOUT_US = 500000;
-
-void dropPrivileges() {
-    static const std::string LABEL1 = "TestLabel1";
-    static const int GROUP_APP = 5000;
-
-    AccessProvider ap(LABEL1);
-    ap.allowAPI("key-manager::api-storage", "rw");
-    ap.applyAndSwithToUser(USER_APP, GROUP_APP);
-}
-
-RUNNER_TEST_GROUP_INIT(T401_SECURITY_SERVER_PASSWORD_INTEGRATION);
-
-RUNNER_TEST(T4010_INIT)
-{
-    reset_security_server();
-    unsigned int attempt, max_attempt, expire_sec;
-
-    int ret = security_server_chk_pwd(NULL, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
-}
-
-RUNNER_CHILD_TEST(T4011_ADD_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
-    RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
-}
-
-RUNNER_TEST(T4012_CLOSE_CKM_DB)
-{
-    auto ctl = CKM::Control::create();
-
-    int ret = ctl->lockUserKey(USER_APP);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_CHILD_TEST(T4013_GET_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-
-    // CKM will automaticly unlock with empty password
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T4014_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
-{
-    unsigned int attempt, max_attempt, expire_sec;
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    int ret = security_server_chk_pwd(NULL, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
-}
-
-RUNNER_CHILD_TEST(T4015_GET_DATA)
-{
-    dropPrivileges();
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-
-    RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data mismatch");
-}
-
-RUNNER_TEST_GROUP_INIT(T402_SECURITY_SERVER_PASSWORD_INTEGRATION);
-
-RUNNER_TEST(T4020_INIT)
-{
-    reset_security_server();
-
-    int ret = security_server_set_pwd(NULL, PASSWORD1, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
-}
-
-RUNNER_CHILD_TEST(T4021_ADD_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
-    RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
-}
-
-RUNNER_TEST(T4022_CLOSE_CKM_DB)
-{
-    unsigned int attempt, max, expire;
-
-    auto ctl = CKM::Control::create();
-
-    int ret = ctl->lockUserKey(USER_APP);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    // login with current password to get rid of invalid "NULL" DKEK
-    ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
-
-    ret = ctl->lockUserKey(USER_APP);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_CHILD_TEST(T4023_GET_DATA_NEGATIVE)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_ERROR_DB_LOCKED == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T4024_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
-{
-    unsigned int attempt, max, expire;
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    int ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error =" << ret);
-}
-
-RUNNER_CHILD_TEST(T4025_GET_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-
-    RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data missmatch");
-}
-
-RUNNER_TEST_GROUP_INIT(T403_SECURITY_SERVER_PASSWORD_INTEGRATION);
-
-RUNNER_TEST(T4030_INIT)
-{
-    reset_security_server();
-
-    int ret = security_server_set_pwd(NULL, PASSWORD1, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "");
-}
-
-RUNNER_CHILD_TEST(T4031_ADD_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    int ret = mgr->saveData(CKM_ALIAS1, BIN_DATA1, CKM::Policy());
-    RUNNER_ASSERT_MSG(ret == CKM_API_SUCCESS, "");
-}
-
-RUNNER_TEST(T4032_CLOSE_CKM_DB)
-{
-    unsigned int attempt, max, expire;
-
-    auto ctl = CKM::Control::create();
-
-    int ret = ctl->lockUserKey(USER_APP);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    // login with current password to get rid of invalid "NULL" DKEK
-    ret = security_server_chk_pwd(PASSWORD1, &attempt, &max, &expire);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
-
-    ret = ctl->lockUserKey(USER_APP);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_CHILD_TEST(T4033_GET_DATA_NEGATIVE)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_ERROR_DB_LOCKED == ret, "Error=" << CKM::ErrorToString(ret));
-}
-
-RUNNER_TEST(T4034_UNLOCK_DATABASE_WITH_SECURITY_SERVER)
-{
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    int ret = security_server_set_pwd(PASSWORD1, PASSWORD2, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "Error=" << ret);
-}
-
-RUNNER_CHILD_TEST(T4035_GET_DATA)
-{
-    dropPrivileges();
-
-    auto mgr = CKM::Manager::create();
-
-    CKM::RawBuffer buffer;
-    int ret = mgr->getData(CKM_ALIAS1, CKM::Password(), buffer);
-    RUNNER_ASSERT_MSG(CKM_API_SUCCESS == ret, "Error=" << CKM::ErrorToString(ret));
-
-    RUNNER_ASSERT_MSG(buffer == BIN_DATA1, "Data mismatch");
-}
-
-
diff --git a/src/security-server-tests/CMakeLists.txt b/src/security-server-tests/CMakeLists.txt
deleted file mode 100644 (file)
index c421753..0000000
+++ /dev/null
@@ -1,170 +0,0 @@
-# Copyright (c) 2013-2015 Samsung Electronics Co., Ltd All Rights Reserved
-#
-#   Licensed under the Apache License, Version 2.0 (the "License");
-#   you may not use this file except in compliance with the License.
-#   You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-#   Unless required by applicable law or agreed to in writing, software
-#   distributed under the License is distributed on an "AS IS" BASIS,
-#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-#   See the License for the specific language governing permissions and
-#   limitations under the License.
-#
-# @file        CMakeLists.txt
-# @author      Tomasz Swierczek (t.swierczek@samsung.com)
-# @author      Mariusz Domanski (m.domanski@samsung.com)
-# @brief
-#
-
-INCLUDE(FindPkgConfig)
-
-# Dependencies
-PKG_CHECK_MODULES(SEC_SRV_TESTS_DEP
-    libsmack
-    libprivilege-control
-    security-server
-    dlog
-    dbus-1
-    REQUIRED)
-
-# Targets definition
-
-SET(TARGET_SEC_SRV_COMMON "security-server-tests-common")
-SET(TARGET_SEC_SRV_CLIENT_SMACK_TESTS "security-server-tests-client-smack")
-SET(TARGET_SEC_SRV_TC_SERVER_TESTS "security-server-tests-server")
-SET(TARGET_SEC_SRV_PWD_TESTS "security-server-tests-password")
-SET(TARGET_SEC_SRV_PRIVILEGE_TESTS "security-server-tests-privilege")
-SET(TARGET_SEC_SRV_STRESS_TESTS "security-server-tests-stress")
-SET(TARGET_SEC_SRV_MT_TESTS "security-server-tests-mt")
-SET(TARGET_SEC_SRV_MEASURER "security-server-tests-api-speed")
-
-
-# Sources definition
-
-SET(SEC_SRV_COMMON_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/common/security_server_tests_common.cpp
-   )
-
-SET(SEC_SRV_CLIENT_SMACK_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_client_smack.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_mockup.cpp
-   )
-
-SET(SEC_SRV_TC_SERVER_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/server.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/cookie_api.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/weird_arguments.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_clean_env.cpp
-   )
-
-SET(SEC_SRV_PWD_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_password.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_clean_env.cpp
-   )
-
-SET(SEC_SRV_PRIVILEGE_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_privilege.cpp
-    ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/libprivilege-control_test_common.cpp
-   )
-
-SET(SEC_SRV_STRESS_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_stress.cpp
-   )
-
-SET(SEC_SRV_MT_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_tests_mt.cpp
-   )
-
-SET(SEC_SRV_MEASURER_SOURCES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_measurer_API_speed.cpp
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/security_server_mockup.cpp
-   )
-
-INCLUDE_DIRECTORIES(SYSTEM
-    ${SEC_SRV_TESTS_DEP_INCLUDE_DIRS}
-   )
-
-INCLUDE_DIRECTORIES(
-    ${PROJECT_SOURCE_DIR}/src/common/
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/common/
-    ${PROJECT_SOURCE_DIR}/src/libprivilege-control-tests/common/
-   )
-
-#LINK_DIRECTORIES(${SEC_SRV_PKGS_LIBRARY_DIRS})
-
-ADD_LIBRARY(${TARGET_SEC_SRV_COMMON} STATIC ${SEC_SRV_COMMON_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} ${SEC_SRV_CLIENT_SMACK_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_TC_SERVER_TESTS} ${SEC_SRV_TC_SERVER_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_PWD_TESTS} ${SEC_SRV_PWD_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_PRIVILEGE_TESTS} ${SEC_SRV_PRIVILEGE_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_STRESS_TESTS} ${SEC_SRV_STRESS_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_MT_TESTS} ${SEC_SRV_MT_SOURCES})
-ADD_EXECUTABLE(${TARGET_SEC_SRV_MEASURER} ${SEC_SRV_MEASURER_SOURCES})
-
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_CLIENT_SMACK_TESTS}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_TC_SERVER_TESTS}
-    ${TARGET_SEC_SRV_COMMON}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PWD_TESTS}
-    ${TARGET_SEC_SRV_COMMON}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_PRIVILEGE_TESTS}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_STRESS_TESTS}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MT_TESTS}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-TARGET_LINK_LIBRARIES(${TARGET_SEC_SRV_MEASURER}
-    ${TARGET_SEC_SRV_COMMON}
-    ${SEC_SRV_TESTS_DEP_LIBRARIES}
-    dpl-test-framework
-    tests-common
-    )
-
-# Installation
-
-INSTALL(TARGETS ${TARGET_SEC_SRV_CLIENT_SMACK_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_TC_SERVER_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_PWD_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_PRIVILEGE_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_STRESS_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_MT_TESTS} DESTINATION /usr/bin)
-INSTALL(TARGETS ${TARGET_SEC_SRV_MEASURER} DESTINATION /usr/bin)
-
-INSTALL(FILES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/WRT_sstp_test_rules1.smack
-    DESTINATION /usr/share/privilege-control/
-)
-
-INSTALL(FILES
-    ${PROJECT_SOURCE_DIR}/src/security-server-tests/WRT_sstp_test_rules2.smack
-    DESTINATION /usr/share/privilege-control/
-)
diff --git a/src/security-server-tests/WRT_sstp_test_rules1.smack b/src/security-server-tests/WRT_sstp_test_rules1.smack
deleted file mode 100644 (file)
index 4dece48..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-~APP~ sstp_test_book_1 rwxatl
-sstp_test_subject_1 ~APP~ rwxatl
diff --git a/src/security-server-tests/WRT_sstp_test_rules2.smack b/src/security-server-tests/WRT_sstp_test_rules2.smack
deleted file mode 100644 (file)
index 4dece48..0000000
+++ /dev/null
@@ -1,2 +0,0 @@
-~APP~ sstp_test_book_1 rwxatl
-sstp_test_subject_1 ~APP~ rwxatl
diff --git a/src/security-server-tests/common/security_server_tests_common.cpp b/src/security-server-tests/common/security_server_tests_common.cpp
deleted file mode 100644 (file)
index cd54523..0000000
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *    Licensed under the Apache License, Version 2.0 (the "License");
- *    you may not use this file except in compliance with the License.
- *    You may obtain a copy of the License at
- *
- *        http://www.apache.org/licenses/LICENSE-2.0
- *
- *    Unless required by applicable law or agreed to in writing, software
- *    distributed under the License is distributed on an "AS IS" BASIS,
- *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *    See the License for the specific language governing permissions and
- *    limitations under the License.
-*/
-
-/*
- * @file        security_server_tests_common.cpp
- * @author      Marcin Lis (m.lis@samsung.com)
- * @version     1.0
- * @brief       security-server tests commons
- */
-
-#include "security_server_tests_common.h"
-
-const unsigned int PASSWORD_RETRY_TIMEOUT_US = 500000;
-
-Cookie getCookieFromSS() {
-    Cookie cookie(security_server_get_cookie_size());
-
-    RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS ==
-            security_server_request_cookie(cookie.data(), cookie.size()),
-        "Error in security_server_request_cookie.");
-
-    return cookie;
-}
diff --git a/src/security-server-tests/common/security_server_tests_common.h b/src/security-server-tests/common/security_server_tests_common.h
deleted file mode 100644 (file)
index 3ece470..0000000
+++ /dev/null
@@ -1,35 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *    Licensed under the Apache License, Version 2.0 (the "License");
- *    you may not use this file except in compliance with the License.
- *    You may obtain a copy of the License at
- *
- *        http://www.apache.org/licenses/LICENSE-2.0
- *
- *    Unless required by applicable law or agreed to in writing, software
- *    distributed under the License is distributed on an "AS IS" BASIS,
- *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *    See the License for the specific language governing permissions and
- *    limitations under the License.
-*/
-
-/*
- * @file        security_server_tests_common.h
- * @author      Marcin Lis (m.lis@samsung.com)
- * @version     1.0
- * @brief       security-server tests commons
- */
-
-#include <security-server.h>
-#include <tests_common.h>
-
-#ifndef SECURITY_SERVER_TESTS_COMMON_H_
-#define SECURITY_SERVER_TESTS_COMMON_H_
-
-extern const unsigned int PASSWORD_RETRY_TIMEOUT_US;
-typedef std::vector<char> Cookie;
-
-Cookie getCookieFromSS();
-
-#endif /*  SECURITY_SERVER_TESTS_COMMON_H_ */
diff --git a/src/security-server-tests/cookie_api.cpp b/src/security-server-tests/cookie_api.cpp
deleted file mode 100644 (file)
index adb9569..0000000
+++ /dev/null
@@ -1,558 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-
-/*
- * @file    security_server_tests_cookie_api.cpp
- * @author  Pawel Polawski (p.polawski@partner.samsung.com)
- * @version 1.0
- * @brief   Test cases for security server cookie api
- *
- */
-
-/*
-Tested API functions in this file:
-
-    int security_server_get_cookie_size(void);
-    int security_server_request_cookie(char *cookie, size_t bufferSize);
-
-    int security_server_check_privilege(const char *cookie, gid_t privilege);
-    int security_server_check_privilege_by_cookie(const char *cookie,
-                                                  const char *object,
-                                                  const char *access_rights);
-    int security_server_get_cookie_pid(const char *cookie);
-    char *security_server_get_smacklabel_cookie(const char *cookie);
-    int security_server_get_uid_by_cookie(const char *cookie, uid_t *uid);
-    int security_server_get_gid_by_cookie(const char *cookie, gid_t *gid);
-*/
-
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_multiprocess.h>
-#include <tests_common.h>
-#include <sys/smack.h>
-#include <cstddef>
-#include <sys/types.h>
-#include <unistd.h>
-#include <access_provider.h>
-#include <security-server.h>
-#include <smack_access.h>
-#include <security_server_tests_common.h>
-#include <memory.h>
-
-const char *ROOT_USER = "root";
-const char *PROC_AUDIO_GROUP_NAME = "audio";
-
-const int KNOWN_COOKIE_SIZE = 20;
-
-RUNNER_TEST_GROUP_INIT(COOKIE_API_TESTS)
-
-/*
- * **************************************************************************
- * Test cases fot check various functions input params cases
- * **************************************************************************
- */
-
-//---------------------------------------------------------------------------
-//passing nullptr as a buffer pointer
-RUNNER_CHILD_TEST(tc_arguments_01_01_security_server_request_cookie)
-{
-    int ret = security_server_request_cookie(nullptr, KNOWN_COOKIE_SIZE);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_request_cookie() argument checking: " << ret);
-}
-
-//passing too small value as a buffer size
-RUNNER_CHILD_TEST(tc_arguments_01_02_security_server_request_cookie)
-{
-    Cookie cookie(KNOWN_COOKIE_SIZE);
-
-    int ret = security_server_request_cookie(cookie.data(), KNOWN_COOKIE_SIZE - 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL,
-                      "Error in security_server_request_cookie() argument checking: " << ret);
-}
-
-//---------------------------------------------------------------------------
-//passing nullptr as a cookie pointer
-RUNNER_CHILD_TEST(tc_arguments_02_01_security_server_check_privilege)
-{
-    int ret = security_server_check_privilege(nullptr, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_check_privilege() argument checking: " << ret);
-}
-
-//---------------------------------------------------------------------------
-//passing nullptr as a cookie pointer
-RUNNER_CHILD_TEST(tc_arguments_03_01_security_server_check_privilege_by_cookie)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    int ret = security_server_check_privilege_by_cookie(nullptr, "wiadro", "rwx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_check_privilege_by_cookie() argument checking: "
-                      << ret);
-}
-
-//passing nullptr as an object pointer
-RUNNER_CHILD_TEST(tc_arguments_03_02_security_server_check_privilege_by_cookie)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    Cookie cookie = getCookieFromSS();
-
-    int ret = security_server_check_privilege_by_cookie(cookie.data(), nullptr, "rwx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_check_privilege_by_cookie() argument checking: "
-                      << ret);
-}
-
-//passing nullptr as an access pointer
-RUNNER_CHILD_TEST(tc_arguments_03_03_security_server_check_privilege_by_cookie)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    Cookie cookie = getCookieFromSS();
-
-    int ret = security_server_check_privilege_by_cookie(cookie.data(), "wiadro", nullptr);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_check_privilege_by_cookie() argument checking: "
-                      << ret);
-}
-
-//---------------------------------------------------------------------------
-//passing nullptr as a cookie pointer
-RUNNER_CHILD_TEST(tc_arguments_04_01_security_server_get_cookie_pid)
-{
-    int ret = security_server_get_cookie_pid(nullptr);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM,
-                      "Error in security_server_get_cookie_pid() argument checking: " << ret);
-}
-
-//getting pid of non existing cookie
-RUNNER_TEST(tc_arguments_04_02_security_server_get_cookie_pid)
-{
-    const char wrong_cookie[KNOWN_COOKIE_SIZE] = {'w', 'a', 't', '?'};
-    RUNNER_ASSERT(security_server_get_cookie_pid(wrong_cookie) ==
-                  SECURITY_SERVER_API_ERROR_NO_SUCH_COOKIE);
-}
-
-//---------------------------------------------------------------------------
-//passing nullptr as a cookie pointer
-RUNNER_CHILD_TEST(tc_arguments_05_01_security_server_get_smacklabel_cookie)
-{
-    char *label = nullptr;
-    label = security_server_get_smacklabel_cookie(nullptr);
-    RUNNER_ASSERT_MSG(label == nullptr,
-                      "Error in security_server_get_smacklabel_cookie() argument checking");
-}
-
-
-
-/*
- * **************************************************************************
- * Unit tests for each function from API
- * **************************************************************************
- */
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST(tc_unit_01_01_security_server_get_cookie_size)
-{
-    int ret = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(ret == KNOWN_COOKIE_SIZE,
-                      "Error in security_server_get_cookie_size(): " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Get cookie size when smack is not loaded
-RUNNER_CHILD_TEST_NOSMACK(tc_unit_01_02_app_user_security_server_get_cookie_size_nosmack)
-{
-    int ret;
-
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-    ret = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(ret == KNOWN_COOKIE_SIZE, "ret = " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Test setting up a cookie in normal case when smack is not loaded
-RUNNER_CHILD_TEST_NOSMACK(tc_unit_01_03_app_user_security_server_request_cookie_nosmack)
-{
-    int ret;
-    int cookieSize = security_server_get_cookie_size();
-    Cookie cookie(cookieSize);
-
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    ret = security_server_request_cookie(cookie.data(), KNOWN_COOKIE_SIZE);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Test setting up a cookie when smack is not loaded but with too small
-// buffer size
-RUNNER_CHILD_TEST_NOSMACK(tc_init_01_04_app_user_security_server_request_cookie_too_small_buffer_size_nosmack)
-{
-    int ret;
-    int cookieSize = security_server_get_cookie_size();
-    Cookie cookie(cookieSize);
-
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    ret = security_server_request_cookie(cookie.data(), KNOWN_COOKIE_SIZE >> 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL, "ret = " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Get cookie size when smack is loaded
-RUNNER_CHILD_TEST_SMACK(tc_unit_01_05_app_user_security_server_get_cookie_size)
-{
-    SecurityServer::AccessProvider provider("selflabel_01_05");
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(ret == KNOWN_COOKIE_SIZE,
-                      "Error in security_server_get_cookie_size(): " << ret);
-}
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST(tc_unit_02_01_security_server_request_cookie)
-{
-    int cookieSize = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(cookieSize == KNOWN_COOKIE_SIZE,
-                    "Error in security_server_get_cookie_size(): " << cookieSize);
-
-    Cookie cookie(cookieSize);
-    int ret = security_server_request_cookie(cookie.data(), cookie.size());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                    "Error in security_server_request_cookie(): " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Test setting up a cookie in normal case when smack is loaded
-RUNNER_CHILD_TEST_SMACK(tc_unit_02_02_app_user_security_server_request_cookie)
-{
-    int cookieSize = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(cookieSize == KNOWN_COOKIE_SIZE,
-                      "Error in security_server_get_cookie_size(): " << cookieSize);
-
-    SecurityServer::AccessProvider provider("selflabel_02_01");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    Cookie cookie(cookieSize);
-    int ret = security_server_request_cookie(cookie.data(), cookie.size());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                      "Error in security_server_request_cookie(): " << ret);
-}
-
-//---------------------------------------------------------------------------
-// Test setting up a cookie when smack is loaded but with too small buffer
-// size
-RUNNER_CHILD_TEST_SMACK(tc_unit_02_03_app_user_security_server_request_cookie_too_small_buffer_size)
-{
-    int cookieSize = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(cookieSize == KNOWN_COOKIE_SIZE,
-                      "Error in security_server_get_cookie_size(): " << cookieSize);
-    cookieSize >>= 1;
-
-    SecurityServer::AccessProvider provider("selflabel_02_02");
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    Cookie cookie(cookieSize);
-    int ret = security_server_request_cookie(cookie.data(), cookie.size());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL,
-                      "Error in security_server_request_cookie(): " << ret);
-}
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST(tc_unit_03_01_security_server_check_privilege)
-{
-    Cookie cookie = getCookieFromSS();
-
-    int ret = security_server_check_privilege(cookie.data(), 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                      "Error in security_server_check_privilege(): " << ret);
-}
-
-//privileges drop and no smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_03_02_app_user_security_server_check_privilege)
-{
-    Cookie cookie = getCookieFromSS();
-
-    SecurityServer::AccessProvider provider("selflabel_03_02");
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_check_privilege(cookie.data(), 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-                      "security_server_check_privilege() should return access denied: " << ret);
-}
-
-//privileges drop and added smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_03_03_app_user_security_server_check_privilege)
-{
-    Cookie cookie = getCookieFromSS();
-
-    SecurityServer::AccessProvider provider("selflabel_03_03");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_check_privilege(cookie.data(), 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                      "Error in security_server_check_privilege(): " << ret);
-}
-
-// invalid gid
-RUNNER_CHILD_TEST(tc_unit_03_04_security_server_check_privilege_neg)
-{
-    remove_process_group(PROC_AUDIO_GROUP_NAME);
-
-    Cookie cookie = getCookieFromSS();
-    int audio_gid = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
-    RUNNER_ASSERT_MSG(audio_gid > -1,
-                         "security_server_get_gid() failed. result = " << audio_gid);
-
-    int ret = security_server_check_privilege(cookie.data(), audio_gid);
-
-    // security_server_check_privilege fails, because the process does not belong to "audio" group
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
-}
-
-// add gid
-RUNNER_CHILD_TEST(tc_unit_03_05_security_server_check_privilege)
-{
-    add_process_group(PROC_AUDIO_GROUP_NAME);
-
-    Cookie cookie = getCookieFromSS();
-    int audio_gid = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
-    RUNNER_ASSERT_MSG(audio_gid > -1,
-                         "security_server_get_gid() failed. result = " << audio_gid);
-
-    int ret = security_server_check_privilege(cookie.data(), audio_gid);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-}
-
-// test invalid cookie name
-RUNNER_TEST(tc_unit_03_06_security_server_check_privilege)
-{
-    // create invalid cookie
-    int size = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(size == KNOWN_COOKIE_SIZE, "Wrong cookie size. size = " << size);
-
-    Cookie cookie(size);
-    cookie[0] = 'a';
-    int ret = security_server_check_privilege(cookie.data(), 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
-}
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST(tc_unit_05_01_security_server_get_cookie_pid)
-{
-    Cookie cookie = getCookieFromSS();
-
-    int ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret > -1, "Error in security_server_get_cookie_pid(): " << ret);
-
-    int pid = getpid();
-    RUNNER_ASSERT_MSG(pid == ret, "No match in PID received from cookie");
-}
-
-//privileges drop and no smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_05_02_app_user_security_server_get_cookie_pid)
-{
-    Cookie cookie = getCookieFromSS();
-
-    SecurityServer::AccessProvider provider("selflabel_05_02");
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-                      "security_server_get_cookie_pid() should return access denied: " << ret);
-}
-
-//privileges drop and added smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_05_03_app_user_security_server_get_cookie_pid)
-{
-    Cookie cookie = getCookieFromSS();
-
-    SecurityServer::AccessProvider provider("selflabel_05_03");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret > -1, "Error in security_server_get_cookie_pid(): " << ret);
-
-    int pid = getpid();
-    RUNNER_ASSERT_MSG(pid == ret, "No match in PID received from cookie");
-}
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST_SMACK(tc_unit_06_01_security_server_get_smacklabel_cookie_smack)
-{
-    setLabelForSelf(__LINE__, "selflabel_06_01");
-
-    Cookie cookie = getCookieFromSS();
-
-    CStringPtr label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(strcmp(label.get(), "selflabel_06_01") == 0,
-                      "No match in smack label received from cookie, received label: "
-                      << label.get());
-}
-
-//---------------------------------------------------------------------------
-//root has access to API
-RUNNER_CHILD_TEST_NOSMACK(tc_unit_06_01_security_server_get_smacklabel_cookie_nosmack)
-{
-    Cookie cookie = getCookieFromSS();
-
-    char *receivedLabel = security_server_get_smacklabel_cookie(cookie.data());
-    RUNNER_ASSERT_MSG(receivedLabel != nullptr,
-                         "security_server_get_smacklabel_cookie returned nullptr");
-    std::string label(receivedLabel);
-    free(receivedLabel);
-    RUNNER_ASSERT_MSG(label.empty(),
-                         "security_server_get_smacklabel_cookie returned: "
-                         << label);
-}
-
-//privileges drop and no smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_06_02_app_user_security_server_get_smacklabel_cookie)
-{
-    Cookie cookie = getCookieFromSS();
-
-    SecurityServer::AccessProvider provider("selflabel_06_02");
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    CStringPtr label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(label.get() == nullptr,
-                      "nullptr should be received due to access denied, received label: "
-                      << label.get());
-}
-
-//privileges drop and added smack rule
-RUNNER_CHILD_TEST_SMACK(tc_unit_06_03_app_user_security_server_get_smacklabel_cookie)
-{
-    SecurityServer::AccessProvider provider("selflabel_06_03");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    Cookie cookie = getCookieFromSS();
-
-    CStringPtr label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(strcmp(label.get(), "selflabel_06_03") == 0,
-                      "No match in smack label received from cookie, received label: "
-                      << label.get());
-}
-
-//---------------------------------------------------------------------------
-// apply smack labels and drop privileges
-RUNNER_CHILD_TEST_SMACK(tc_unit_09_01_app_user_cookie_API_access_allow)
-{
-    add_process_group(PROC_AUDIO_GROUP_NAME);
-
-    SecurityServer::AccessProvider provider("subject_1d6eda7d");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    Cookie cookie = getCookieFromSS();
-
-    int ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
-    RUNNER_ASSERT_MSG(ret > -1, "Failed to get \"" << PROC_AUDIO_GROUP_NAME
-                         << "\" gid. Result: " << ret);
-
-    ret = security_server_check_privilege(cookie.data(), ret);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    int root_gid = security_server_get_gid(ROOT_USER);
-    RUNNER_ASSERT_MSG(root_gid > -1, "root_gid: " << root_gid);
-
-    ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret == getpid(), "ret: " << ret);
-
-    CStringPtr ss_label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(ss_label.get() != nullptr, "ss_label: " << ss_label.get());
-
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-
-    ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-}
-
-// disable access and drop privileges
-RUNNER_CHILD_TEST_SMACK(tc_unit_09_02_app_user_cookie_API_access_deny)
-{
-    SecurityServer::AccessProvider provider("subject_1d414140");
-
-    Cookie cookie = getCookieFromSS();
-
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_check_privilege(cookie.data(), DB_ALARM_GID);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-            "security_server_check_privilege should return access denied, "
-            "ret: " << ret);
-
-    ret = security_server_get_gid(ROOT_USER);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-            "security_server_get_gid should return access denied, "
-            "ret: " << ret);
-
-    ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-            "security_server_get_cookie_pid should return access denied, "
-            "ret: " << ret);
-
-    CStringPtr ss_label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(ss_label.get() == nullptr,
-            "access should be denied so label should be nullptr: " << ss_label.get());
-
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-
-    ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-            "security_server_check_privilege_by_pid should return access denied, "
-            "ret: " << ret);
-}
-
-// NOSMACK version of the test above
-RUNNER_CHILD_TEST_NOSMACK(tc_unit_09_01_app_user_cookie_API_access_allow_nosmack)
-{
-    add_process_group(PROC_AUDIO_GROUP_NAME);
-
-    // drop root privileges
-    int ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    Cookie cookie = getCookieFromSS();
-
-    ret = security_server_get_gid(PROC_AUDIO_GROUP_NAME);
-    RUNNER_ASSERT_MSG(ret > -1, "Failed to get \"" << PROC_AUDIO_GROUP_NAME
-                         << "\" gid. Result: " << ret);
-
-    ret = security_server_check_privilege(cookie.data(), ret);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                         "check_privilege failed. Result: " << ret);
-
-    ret = security_server_get_gid(ROOT_USER);
-    RUNNER_ASSERT_MSG(ret > -1, "Failed to get \"root\" gid. Result: " << ret);
-
-    ret = security_server_get_cookie_pid(cookie.data());
-    RUNNER_ASSERT_MSG(ret == getpid(),
-            "get_cookie_pid returned different pid than it should. Result: " << ret);
-
-    CStringPtr ss_label(security_server_get_smacklabel_cookie(cookie.data()));
-    RUNNER_ASSERT_MSG(ss_label.get() != nullptr, "get_smacklabel_cookie failed.");
-
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-
-    ret = security_server_check_privilege_by_pid(getpid(), "_", "rx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-                         "check_privilege_by_pid failed. Result: " << ret);
-}
diff --git a/src/security-server-tests/security_server_clean_env.cpp b/src/security-server-tests/security_server_clean_env.cpp
deleted file mode 100644 (file)
index 94833c9..0000000
+++ /dev/null
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_clean_env.cpp
- * @author  Zbigniew Jasinski (z.jasinski@samsung.com)
- * @version 1.0
- * @brief   Functions to prepare clean env for tests.
- *
- */
-
-#include <ftw.h>
-#include <unistd.h>
-
-#include <service_manager.h>
-
-int restart_security_server() {
-    ServiceManager serviceManager("security-server.service");
-    serviceManager.restartService();
-
-    return 0;
-}
-
-static int nftw_rmdir_contents(const char *fpath, const struct stat * /*sb*/,
-                               int tflag, struct FTW *ftwbuf)
-{
-    if (tflag == FTW_F)
-        unlink(fpath);
-    else if (tflag == FTW_DP && ftwbuf->level != 0)
-        rmdir(fpath);
-
-    return 0;
-}
-
-/**
- * This function should be called at the begining of every SS test, so all the tests
- * are independent of each other.
- */
-int reset_security_server()
-{
-    const char* path = "/opt/data/security-server/";
-    const int max_descriptors = 10; //max number of open file descriptors by nftw function
-
-    // Clear /opt/data/security-server/ directory
-    if (access(path, F_OK) == 0) {
-        if (nftw(path, &nftw_rmdir_contents, max_descriptors, FTW_DEPTH) == -1) {
-            return 1;
-        }
-        sync();
-    }
-
-    restart_security_server();
-    return 0;
-}
diff --git a/src/security-server-tests/security_server_clean_env.h b/src/security-server-tests/security_server_clean_env.h
deleted file mode 100644 (file)
index d84740c..0000000
+++ /dev/null
@@ -1,17 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_clean_env.h
- * @author  Zbigniew Jasinski (z.jasinski@samsung.com)
- * @version 1.0
- * @brief   Functions definitions to prepare clean env for tests.
- */
-
-#ifndef SECURITY_SERVER_CLEAN_ENV_H
-#define SECURITY_SERVER_CLEAN_ENV_H
-
-int reset_security_server();
-int restart_security_server();
-
-#endif
diff --git a/src/security-server-tests/security_server_measurer_API_speed.cpp b/src/security-server-tests/security_server_measurer_API_speed.cpp
deleted file mode 100644 (file)
index 213f9be..0000000
+++ /dev/null
@@ -1,728 +0,0 @@
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- *
- * Contact: Bumjin Im <bj.im@samsung.com>
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License
- */
-
-/*
- * @file    security_server_measurer_API_speed.cpp
- * @author  Radoslaw Bartosiak (radoslaw.bartosiak@samsung.com)
- * @version 1.0
- * @brief   Log security server API functions average execution times and some aproximation of maximal and minimal execution time.
- * @details The functions are run at least NUMBER_OF_CALLS times (time is measured at the beginning and at the end, the difference is taken as the execution time).
- * @details One test case for one function of security-server. Test pass always when there was no connection error (API calls themselves may fail).
- * @details Measured times are logged using DLP testing framework logging functions. Calls each API function many times to take the average.
- * @details This file contains TEST_CASEs. Each TEST_CASE consist of one or more RUNs, each RUN consist of one or more function calls.
- * @details Each test case contains RUNs of one function only. The time is being measured before & after each run.
- */
-
-#include <dpl/log/log.h>
-#include <dpl/singleton.h>
-#include <dpl/singleton_safe_impl.h>
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-#include <dpl/test/test_runner_multiprocess.h>
-#include <errno.h>
-#include <float.h>
-#include <fcntl.h>
-#include <security-server.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/smack.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/time.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <memory.h>
-#include "security_server_mockup.h"
-#include <smack_access.h>
-
-IMPLEMENT_SAFE_SINGLETON(DPL::Log::LogSystem);
-#include <security_server_tests_common.h>
-#include <tests_common.h>
-
-/*Number of calls in a single test*/
-#define NUMBER_OF_CALLS (5)
-#define MICROSECS_PER_SEC (1000000)
-/* number of miliseconds, process will be suspended for multiplications of this quantum */
-#define QUANTUM (10000)
-/*Strings used in tests*/
-/*name of existing user group on test device like "tel_gprs"*/
-#define EXISTING_GROUP_NAME "telephony_makecall"
-/*below labels should not be used in the system*/
-#define M60_OBJECT_LABEL "tc060MeasurerLabel"
-#define M60_SUBJECT_LABEL "tc060Subject"
-#define M70_OBJECT_LABEL "tc070MeasurerLabel"
-#define M70_SUBJECT_LABEL "tc070Subject"
-#define M160_CUSTOMER_LABEL "my_customer_label"
-#define M170_OBJECT_LABEL "myObject"
-
-namespace {
-void securityClientEnableLogSystem(void) {
-  DPL::Log::LogSystemSingleton::Instance().SetTag("SEC_SRV_API_SPEED");
-}
-}
-
-/** Store statistics from a set of function calls
-*/
-struct readwrite_stats
-{
-    timeval current_start_time; /*of last API call*/
-    timeval current_end_time;   /*of last API call*/
-    int number_of_calls;        /*till now*/
-    double total_duration;      /*of all API calls*/
-    double average_duration;
-    double minimal_duration;    /*minimum of averages*/
-    double maximal_duration;    /*maximum of averages*/
-};
-
-/*Auxiliary functions*/
-
-/**Sleep for the given time
-     @param seconds
-     @param nanoseconds
-     @return 0 on success, -1 on error if process woken earlier
-*/
-int my_nanosecsleep(long nanoseconds) {
-    timespec sleep_spec;
-    sleep_spec.tv_sec = 0;
-    sleep_spec.tv_nsec = nanoseconds;
-    return nanosleep(&sleep_spec, nullptr);
-}
-
-/**Read from pipe descriptor to buffer; retries if less than count bytes were read.
-    @param fd descriptor
-    @param buf start of buffer
-    @param count number of bytes read
-    @return number of bytes read (count)
-*/
-int my_pipe_read(int fd, void *buf, size_t count) {
-    ssize_t readf = 0;
-    ssize_t rest = count;
-    ssize_t s;
-    while (rest > 0) {
-        RUNNER_ASSERT_ERRNO_MSG(0 < (s = TEMP_FAILURE_RETRY(read(fd, ((char*)buf) + readf, rest))),
-                                   "Error in read from pipe");
-        rest -= s;
-        readf += s;
-    }
-    return readf;
-}
-
-/**Write from buffer to a pipe ; retries if less than count bytes were written.
-    @param fd descriptor
-    @param buf start of buffer
-    @param count number of bytes to write
-    @return number of bytes written (count)
-*/
-int my_pipe_write(int fd, void *buf, size_t count) {
-    ssize_t writef = 0;
-    ssize_t rest = count;
-    ssize_t s;
-    while (rest > 0) {
-        RUNNER_ASSERT_ERRNO_MSG(0 <= (s = TEMP_FAILURE_RETRY(write(fd, ((char*)buf) + writef, rest))),
-                                   "Error in write to pipe");
-        rest -= s;
-        writef += s;
-    }
-    return writef;
-}
-
-
-/** Check whether there was connection error during function call (Security Server API) based on exit code
-    @param result_code the exit code of a function
-    @return -1 if the function result code indicated network error, 0 otherwise
-*/
-int communication_succeeded(int result_code) {
-    switch(result_code)
-    {
-    case SECURITY_SERVER_API_ERROR_NO_SUCH_SERVICE:
-    case SECURITY_SERVER_API_ERROR_SOCKET:
-    case SECURITY_SERVER_API_ERROR_BAD_REQUEST:
-    case SECURITY_SERVER_API_ERROR_BAD_RESPONSE:
-        return -1;
-    default:
-        return 0;
-    }
-}
-
-/** Returns current system time (wrapper for standard system function)
-    @return current system time
-*/
-timeval my_gettime() {
-    timeval t;
-    int res = gettimeofday(&t, nullptr);
-    RUNNER_ASSERT_ERRNO_MSG(res == 0, "gettimeofday() returned error value: " << res);
-    return t;
-}
-
-/** Return a difference between two times (wrapper for standard system function)
-    @param time t1
-    @param time t2
-    @return t1 - t2
-*/
-timeval my_timersub(timeval t1, timeval t2) {
-    timeval result;
-    timersub(&t1, &t2, &result);
-    return result;
-}
-
-double timeval_to_microsecs(timeval t) {
-    return ((double)t.tv_sec * (double)MICROSECS_PER_SEC) + ((double)t.tv_usec);
-}
-
-/** Initialize statistics at the beginning of a TEST_CASE
-    @param stats [in/out] statistics to be initialized
-*/
-void initialize_stats(readwrite_stats *stats) {
-    stats->number_of_calls = 0;
-    stats->total_duration = 0.0;
-    stats->average_duration = 0.0;
-    stats->minimal_duration = DBL_MAX;
-    stats->maximal_duration = 0.0;
-}
-
-/** Save time at the beginning of a RUN
-    @param stats [in/out] statistics
-*/
-void start_stats_update(readwrite_stats *stats) {
-    stats->current_start_time = my_gettime();
-    //LogDebug("start_stats_update at:    %ld.%06ld\n", stats->current_start_time.tv_sec, stats->current_start_time.tv_usec);
-}
-
-/** Save time at the end of a RUN and updates the statistics (current_end_time, number_of_calls, total_duration, minimal_duration, maximal_duration)
-    @param stats [in/out] statistics
-*/
-void end_stats_update(readwrite_stats *stats) {
-    stats->current_end_time = my_gettime();
-    double current_duration = timeval_to_microsecs(my_timersub(stats->current_end_time, stats->current_start_time));
-    stats->total_duration += current_duration;
-    stats->number_of_calls += 1;
-    if (current_duration < stats->minimal_duration)
-        (stats->minimal_duration) = current_duration;
-    if (current_duration > stats->maximal_duration)
-        (stats->maximal_duration) = current_duration;
-}
-
-/** Updates the statistics (average_duration, number_of_new_calls, total_duration, minimal_duration, maximal_duration)
-    Function is used instead of start_stats_update and end_stats_update (e.g when current_duration and number_of_new_calls are reported by child process.
-    @param stats [in/out] statistics
-    @param number_of_new_calls number of function calls in the RUN
-    @param current_duration (total) of number_of_new calls
-*/
-void stats_update(readwrite_stats *stats, int number_of_new_calls, double current_duration) {
-    if (number_of_new_calls > 0) {
-        double current_average = (double)current_duration / (double)number_of_new_calls;
-        stats->average_duration = (double)((stats->total_duration) / (stats->number_of_calls));
-        stats->total_duration += current_duration;
-        stats->number_of_calls += number_of_new_calls;
-        if (current_average < stats->minimal_duration)
-            (stats->minimal_duration) = current_average;
-        if    (current_average > stats->maximal_duration)
-            (stats->maximal_duration) = current_average;
-     }
-     else
-         LogDebug("stats_update called after zero successful function calls \n");
-}
-
-/** Calculate the average time and calculates statistics taken by a single function call.
-    Called at the end of a TEST_CASE.
-    @param stats [in/out] statistics
-    @param function_name of the function called in tests (to be printed)
-*/
-void finish_stats(readwrite_stats *stats, const char* function_name) {
-    if ((stats->number_of_calls) > 0) {
-        stats->average_duration = (double)((stats->total_duration) / (stats->number_of_calls));
-        printf("The approx (min, max, avg) execution times for function:\n%s are: \n---(%'.2fus, %'.2fus, %'.2fus)\n", function_name, stats->minimal_duration, stats->maximal_duration, stats->average_duration);
-    }
-    else
-        LogDebug("No function call succeeded\n");
-}
-
-/*TEST CASES*/
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_API_SPEED_MEASURER)
-
-/*
- * test: Tests the tests
- * expected: The minimum shall be about (QUANTUM) = 10^-2s = 10000 us, max about (NUMBER_OF_CALLS*QUANTUM) = 5*10^-2s = 50000us, avg (average) about (0.5*NUMBER_OF_CALLS+1*QUANTUM)=3*10^-2s = 30000us. Max is no more than 50% bigger than minimum.
- */
-RUNNER_TEST(m000_security_server_test_the_tests) {
-    int ret;
-    readwrite_stats stats;
-    double expected_min_min = QUANTUM;
-    double expected_min_max = 1.5 * expected_min_min;
-    double expected_avarage_min = (((double)(NUMBER_OF_CALLS + 1)) / 2.0) * expected_min_min;
-    double expected_avarage_max = 1.5 * expected_avarage_min;
-    double expected_max_min = ((double)(NUMBER_OF_CALLS)) * expected_min_min;
-    double expected_max_max = 1.5 * expected_max_min;
-    initialize_stats(&stats);
-    for (int i=0; i < NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = my_nanosecsleep((long) ((i+1)*QUANTUM*1000));
-        RUNNER_ASSERT_MSG(ret == 0, "system sleep function returned premature wake-up; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "my_nanosecsleep");
-    RUNNER_ASSERT_MSG((stats.average_duration>expected_avarage_min) && (stats.average_duration<expected_avarage_max), "Avarage time is suspicious - check the issue; stats.average_duration=" << stats.average_duration);
-    RUNNER_ASSERT_MSG((stats.minimal_duration>expected_min_min) && (stats.minimal_duration<expected_min_max), "Minimal time is suspicious - check the issue; stats.minimal_duration=" << stats.minimal_duration);
-    RUNNER_ASSERT_MSG((stats.maximal_duration>expected_max_min) && (stats.maximal_duration<expected_max_max), "Maximal time is suspicious - check the issue; stats.maximal_duration=" << stats.maximal_duration);
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m010_security_server_security_server_get_gid) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_get_gid(EXISTING_GROUP_NAME);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_get_gid");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m030_security_server_request_cookie) {
-    int ret;
-    size_t cookie_size;
-    cookie_size = security_server_get_cookie_size();
-    char cookie[cookie_size];
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_request_cookie(cookie, cookie_size);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_request_cookie");
-}
-
-/*
- * measurer: Fails only on connection error.
- * Create new processes and measures times of first calls of security_server_request_cookie in them
- *
- */
-RUNNER_MULTIPROCESS_TEST(m031_security_server_request_cookie_first_time_only) {
-    int ret;
-    size_t cookie_size;
-    cookie_size = security_server_get_cookie_size();
-    char cookie[cookie_size];
-    readwrite_stats stats;
-
-    int pipefd[2];
-    int cpid;
-    int number_of_calls;
-    double duration_of_calls;
-    /*initialize pipes - one pipe for one child process*/
-    RUNNER_ASSERT_ERRNO_MSG(0 == pipe(pipefd), "error in pipe");
-    initialize_stats(&stats);
-    for (int i = 0; i < NUMBER_OF_CALLS; i++) {
-        RUNNER_ASSERT_ERRNO_MSG(-1 != (cpid = fork()), "error in fork    #i = " << i);
-        if (cpid == 0) {        /* Child*/
-             close(pipefd[0]);                 /* Close unused read end */
-             timeval start_time;
-             timeval end_time;
-             start_time = my_gettime();
-             ret = security_server_request_cookie(cookie, cookie_size);
-             end_time = my_gettime();
-             if (communication_succeeded(ret) == 0) {
-                 number_of_calls = 1;
-                 duration_of_calls = timeval_to_microsecs(my_timersub(end_time, start_time));
-
-             } else
-             {
-                 number_of_calls = 0;
-                 duration_of_calls = 0.0;
-             }
-             RUNNER_ASSERT_MSG(my_pipe_write(pipefd[1], &number_of_calls, sizeof(number_of_calls)) == sizeof(number_of_calls), "error in write number of calls to pipe");
-             RUNNER_ASSERT_MSG(my_pipe_write(pipefd[1], &duration_of_calls, sizeof(duration_of_calls)) == sizeof(duration_of_calls), "error in write duration of calls to pipe");
-             close(pipefd[1]);
-             exit(EXIT_SUCCESS);
-         } else
-         {   /* Parent */
-             RUNNER_ASSERT_MSG(my_pipe_read(pipefd[0], &number_of_calls, sizeof(number_of_calls)) == sizeof(number_of_calls), "error in read number of calls to pipe");
-             RUNNER_ASSERT_MSG(my_pipe_read(pipefd[0], &duration_of_calls, sizeof(duration_of_calls)) == sizeof(duration_of_calls), "error in read duration of calls to pipe");
-
-             RUNNER_ASSERT_MSG(number_of_calls > 0, "commmunication error");
-             stats_update(&stats, number_of_calls, duration_of_calls);
-         }
-        /*parent*/
-    }
-    close(pipefd[1]);                    /* Close parent descriptors */
-    close(pipefd[0]);
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m040_security_server_get_cookie_size) {
-    size_t cookie_size;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        cookie_size = security_server_get_cookie_size();
-        RUNNER_ASSERT_MSG(cookie_size > 0, "cookie_size = " << cookie_size);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_get_cookie_size");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m050_security_server_check_privilege) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    const char *existing_group_name = EXISTING_GROUP_NAME;
-    size_t cookie_size;
-    int call_gid;
-    // we use existing group name for the measurment, however this is not neccessary
-    call_gid = security_server_get_gid(existing_group_name);
-    cookie_size = security_server_get_cookie_size();
-    char recved_cookie[cookie_size];
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_check_privilege(recved_cookie, (gid_t)call_gid);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_check_privilege");
-}
-
-void testSecurityServerCheckPrivilegeByCookie(bool smack) {
-    const char *object_label = M60_OBJECT_LABEL;
-    const char *access_rights = "r";
-    const char *access_rights_ext = "rw";
-    const char *subject_label = M60_SUBJECT_LABEL;
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-
-    if (smack) {
-        SmackAccess smackAccess;
-        smackAccess.add(subject_label, object_label, access_rights);
-        smackAccess.apply();
-        RUNNER_ASSERT_MSG(0 == (ret = smack_set_label_for_self(subject_label)),
-            "Error in smack_set_label_for_self(); ret = " << ret);
-    }
-
-    Cookie cookie = getCookieFromSS();
-
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        /*odd(i) - ask for possessed privileges, even(i) ask for not possessed privileges */
-        if (i%2)
-            ret = security_server_check_privilege_by_cookie(
-                      cookie.data(),
-                      object_label,
-                      access_rights);
-        else
-            ret = security_server_check_privilege_by_cookie(
-                      cookie.data(),
-                      object_label,
-                      access_rights_ext);
-
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_check_privilege_by_cookie");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-
-RUNNER_TEST_SMACK(m060_security_server_check_privilege_by_cookie_smack) {
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    testSecurityServerCheckPrivilegeByCookie(true);
-}
-
-RUNNER_TEST_NOSMACK(m060_security_server_check_privilege_by_cookie_nosmack) {
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    testSecurityServerCheckPrivilegeByCookie(false);
-}
-
-void testSecurityServerCheckPrivilegeBySockfd(bool smack) {
-    const char *object_label = M70_OBJECT_LABEL;
-    const char *access_rights = "r";
-    const char *access_rights_ext = "rw";
-    const char *subject_label = M70_SUBJECT_LABEL;
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-
-    if (smack) {
-        SmackAccess smackAccess;
-        smackAccess.add(subject_label, object_label, access_rights);
-        smackAccess.apply();
-    }
-
-    int pid = fork();
-    RUNNER_ASSERT_ERRNO(-1 != pid);
-    if (0 == pid) {
-        // child
-        int sockfd = create_new_socket();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        if (smack)
-            RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set");
-
-        RUNNER_ASSERT_ERRNO_MSG(listen(sockfd, 5) >= 0, "child listen failed");
-
-        struct sockaddr_un client_addr;
-        socklen_t client_len = sizeof(client_addr);
-        int csockfd;
-        RUNNER_ASSERT_ERRNO_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0,
-                                   "child accept failed");
-
-        close(csockfd);
-        exit(EXIT_SUCCESS);
-        //end child
-    } else {
-        //parent
-        sleep(2);
-        int sockfd = connect_to_testserver();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-            start_stats_update(&stats);
-            /*odd(i) - ask for possessed privileges, even(i) ask for not possessed privileges */
-            if (i%2)
-                ret = security_server_check_privilege_by_sockfd(
-                            sockfd,
-                            object_label,
-                            access_rights_ext);
-            else
-                ret = security_server_check_privilege_by_sockfd(
-                             sockfd,
-                             object_label,
-                             access_rights);
-            RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-            end_stats_update(&stats);
-        }
-
-        finish_stats(&stats, "check_privilege_by_sockfd");
-    }
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-
-RUNNER_MULTIPROCESS_TEST_SMACK(m070_security_server_check_privilege_by_sockfd_smack) {
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    testSecurityServerCheckPrivilegeBySockfd(true);
-}
-
-RUNNER_MULTIPROCESS_TEST_NOSMACK(m070_security_server_check_privilege_by_sockfd_nosmack) {
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    testSecurityServerCheckPrivilegeBySockfd(false);
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m080_security_server_get_cookie_pid) {
-    int ret;
-    size_t cookie_size;
-    cookie_size = security_server_get_cookie_size();
-    char cookie[cookie_size];
-    ret = security_server_request_cookie(cookie, cookie_size);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "security_server_request_cookie failed; ret = " << ret);
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_get_cookie_pid(cookie);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_request_cookie");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m090_security_server_is_pwd_valid) {
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_is_pwd_valid");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m100_security_server_set_pwd) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_set_pwd("this_is_current_pwd", "this_is_new_pwd", 20, 365);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_set_pwd");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m110_security_server_set_pwd_validity) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_set_pwd_validity(2);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_set_pwd_validity");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m120_security_server_set_pwd_max_challenge) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_set_pwd_max_challenge(3);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_set_pwd_max_challenge");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m130_security_server_reset_pwd) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_reset_pwd("apud", 1, 2);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_reset_pwd");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m140_security_server_chk_pwd) {
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_chk_pwd("is_this_password", &attempt, &max_attempt, &expire_sec);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_chk_pwd");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m150_security_server_set_pwd_history) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_set_pwd_history(100);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_set_pwd_history");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m160_security_server_app_give_access) {
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    const char* customer_label = M160_CUSTOMER_LABEL;
-    int customer_pid = getpid();
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_app_give_access(customer_label, customer_pid);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_app_give_access");
-}
-
-/*
- * measurer: Fails only on connection error.
- */
-RUNNER_TEST(m170_security_server_check_privilege_by_pid) {
-
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
-    int ret;
-    readwrite_stats stats;
-    initialize_stats(&stats);
-    int pid = getpid();
-    const char *object = M170_OBJECT_LABEL;
-    const char *access_rights = "rw";
-    for (int i = 1; i <= NUMBER_OF_CALLS; i++) {
-        start_stats_update(&stats);
-        ret = security_server_check_privilege_by_pid(pid, object, access_rights);
-        RUNNER_ASSERT_MSG(communication_succeeded(ret) == 0, "commmunication error; ret = " << ret);
-        end_stats_update(&stats);
-    }
-    finish_stats(&stats, "security_server_check_privilege_by_pid");
-}
-
-
-int main(int argc, char *argv[])
-{
-    securityClientEnableLogSystem();
-    DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-    return 0;
-}
diff --git a/src/security-server-tests/security_server_mockup.cpp b/src/security-server-tests/security_server_mockup.cpp
deleted file mode 100644 (file)
index 4fc9811..0000000
+++ /dev/null
@@ -1,113 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_mockup.cpp
- * @author  Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief   All mockups required in security-server tests.
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <fcntl.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <poll.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <security-server.h>
-
-#include <dpl/log/log.h>
-
-#define SECURITY_SERVER_TEST_SOCK_PATH "/tmp/.security_server_sock_mockup"
-
-/* Create a Unix domain socket and bind */
-int create_new_socket()
-{
-    int localsockfd = -1, flags;
-    struct sockaddr_un serveraddr;
-    mode_t sock_mode;
-
-    if (-1 == remove(SECURITY_SERVER_TEST_SOCK_PATH)) {
-        LogDebug("Unable to remove " << SECURITY_SERVER_TEST_SOCK_PATH);
-    }
-
-    /* Create Unix domain socket */
-    if ((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
-    {
-        localsockfd = -1;
-        LogDebug("Socket creation failed");
-        goto error;
-    }
-
-    /* Make socket as non blocking */
-    if ((flags = fcntl(localsockfd, F_GETFL, 0)) < 0 ||
-        fcntl(localsockfd, F_SETFL, flags) < 0)
-    {
-        close(localsockfd);
-        localsockfd = -1;
-        LogDebug("Cannot go to nonblocking mode");
-        goto error;
-    }
-
-    bzero (&serveraddr, sizeof(serveraddr));
-    serveraddr.sun_family = AF_UNIX;
-    strncpy(serveraddr.sun_path, SECURITY_SERVER_TEST_SOCK_PATH,
-        strlen(SECURITY_SERVER_TEST_SOCK_PATH) + 1);
-
-    /* Bind the socket */
-    if ((bind(localsockfd, (struct sockaddr*)&serveraddr, sizeof(serveraddr))) < 0)
-    {
-        LogDebug("Cannot bind");
-        close(localsockfd);
-        localsockfd = -1;
-        goto error;
-    }
-
-    /* Change permission to accept all processes that has different uID/gID */
-    sock_mode = (S_IRWXU | S_IRWXG | S_IRWXO);
-
-    /* Flawfinder hits this chmod function as level 5 CRITICAL as race condition flaw *
-     *   * Flawfinder recommends to user fchmod insted of chmod
-     *       * But, fchmod doesn't work on socket file so there is no other choice at this point */
-    if (chmod(SECURITY_SERVER_TEST_SOCK_PATH, sock_mode) < 0)        /* Flawfinder: ignore */
-    {
-        LogDebug("chmod() error");
-        close(localsockfd);
-        localsockfd = -1;
-        goto error;
-    }
-error:
-    return localsockfd;
-}
-
-int connect_to_testserver()
-{
-    struct sockaddr_un clientaddr;
-    int client_len = 0, localsockfd;
-
-    /* Create a socket */
-    if ((localsockfd = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
-    {
-        LogDebug("Error on socket. Errno: " << errno);
-        return -1;
-    }
-
-    bzero(&clientaddr, sizeof(clientaddr));
-    clientaddr.sun_family = AF_UNIX;
-    strncpy(clientaddr.sun_path, SECURITY_SERVER_TEST_SOCK_PATH, strlen(SECURITY_SERVER_TEST_SOCK_PATH));
-    clientaddr.sun_path[strlen(SECURITY_SERVER_TEST_SOCK_PATH)] = 0;
-    client_len = sizeof(clientaddr);
-    if (connect(localsockfd, (struct sockaddr*)&clientaddr, client_len) < 0)
-    {
-        LogDebug("Error on connect. Errno: " << errno);
-        close(localsockfd);
-        return -1;
-    }
-    return localsockfd;
-}
-
diff --git a/src/security-server-tests/security_server_mockup.h b/src/security-server-tests/security_server_mockup.h
deleted file mode 100644 (file)
index 617e75a..0000000
+++ /dev/null
@@ -1,18 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_client_smack.cpp
- * @author  Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.0
- * @brief   Mockups.
- */
-
-#ifndef _SS_CLIENT_SERVER_
-#define _SS_CLIENT_SERVER_
-
-int create_new_socket();
-int connect_to_testserver();
-
-#endif
-
diff --git a/src/security-server-tests/security_server_tests_client_smack.cpp b/src/security-server-tests/security_server_tests_client_smack.cpp
deleted file mode 100644 (file)
index fa7c13b..0000000
+++ /dev/null
@@ -1,548 +0,0 @@
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_client_smack.cpp
- * @author  Bartlomiej Grzelewski (b.grzelewski@samsung.com)
- * @version 1.1
- * @brief   Test cases for security-server-client-smack.
- */
-
-#include <unistd.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/smack.h>
-#include <sys/wait.h>
-#include <sys/un.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <errno.h>
-
-#include <memory>
-#include <functional>
-
-#include <dpl/log/log.h>
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-#include <dpl/test/test_runner_multiprocess.h>
-#include "security_server_mockup.h"
-
-#include <security-server.h>
-#include <access_provider.h>
-#include "tests_common.h"
-#include <memory.h>
-
-#define PROPER_COOKIE_SIZE 20
-
-
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_CLIENT_SMACK)
-
-/*
- * test: tc04_security_server_get_gid
- * description: Checking for security_server_get_gid
- *              with nonexisting gid and existing one
- * expected: security_server_get_gid should return
- *           SECURITY_SERVER_ERROR_NO_SUCH_OBJECT with first call
- *           and group id with second call
- */
-RUNNER_CHILD_TEST_SMACK(tc04_security_server_get_gid)
-{
-    SecurityServer::AccessProvider provider("tc04mylabel");
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_get_gid("abc123xyz_pysiaczek");
-    LogDebug("ret = " << ret);
-    RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT == ret, "Ret: " << ret);
-    ret = security_server_get_gid("root");
-    LogDebug("ret = " << ret);
-    RUNNER_ASSERT_MSG(0 == ret, "Ret: " << ret);
-}
-
-/*
- * test: tc05_check_privilege_by_cookie
- * description: Function security_server_check_privilege_by_cookie should
- * return status of access rights of cookie owner. In this case cookie owner
- * is the same process that ask for the rights.
- * expected: Function call with access rights set to "r" should return SUCCESS,
- * with "rw" should return ACCESS DENIED.
- */
-RUNNER_CHILD_TEST_SMACK(tc05_check_privilege_by_cookie)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    char cookie[20];
-    const char *object_label = "tc05objectlabel";
-    const char *access_rights = "r";
-    const char *access_rights_ext = "rw";
-    const char *subject_label = "tc05subjectlabel";
-
-    SecurityServer::AccessProvider provider(subject_label);
-    provider.allowSS();
-    provider.addObjectRule(object_label, access_rights);
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
-        security_server_request_cookie(cookie,20));
-
-    RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
-        security_server_check_privilege_by_cookie(
-            cookie,
-            object_label,
-            access_rights));
-
-    RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED ==
-        security_server_check_privilege_by_cookie(
-            cookie,
-            object_label,
-            access_rights_ext));
-}
-
-/*
- * test: security_server_check_privilege_by_sockfd
- * description: This test will create dummy server that will accept connection
- * and die. The client will try to check access rights using connection descriptor.
- * expected: Function call with access rights set to "r" should return SUCCESS,
- * with "rw" should return ACCESS DENIED.
- */
-RUNNER_MULTIPROCESS_TEST_SMACK(tc06_check_privilege_by_sockfd)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    const char *object_label = "tc06objectlabel";
-    const char *access_rights = "r";
-    const char *access_rights_ext = "rw";
-    const char *subject_label = "tc06subjectlabel";
-
-    int result1 = -1;
-    int result2 = -1;
-
-    smack_accesses *handle;
-    RUNNER_ASSERT(0 == smack_accesses_new(&handle));
-    RUNNER_ASSERT(0 == smack_accesses_add(handle,
-            subject_label,
-            object_label,
-            access_rights));
-    RUNNER_ASSERT(0 == smack_accesses_apply(handle));
-    smack_accesses_free(handle);
-
-    int pid = fork();
-    char *label;
-    RUNNER_ASSERT_ERRNO(-1 != pid);
-
-    if (0 == pid) {
-        // child
-        RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set");
-
-        int sockfd = create_new_socket();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        label = security_server_get_smacklabel_sockfd(sockfd);
-        RUNNER_ASSERT_MSG(label != nullptr, "security_server_get_smacklabel_sockfd failed");
-        RUNNER_ASSERT_MSG(strcmp(label,"") == 0, "label is \"" << label << "\"");
-        free(label);
-
-        RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-        RUNNER_ASSERT_ERRNO_MSG(listen(sockfd, 5) >= 0, "child listen failed");
-
-        label = security_server_get_smacklabel_sockfd(sockfd);
-        RUNNER_ASSERT_MSG(label != nullptr, "security_server_get_smacklabel_sockfd failed");
-        RUNNER_ASSERT_MSG(strcmp(label,"") == 0, "label is \"" << label << "\"");
-        free(label);
-
-        struct sockaddr_un client_addr;
-        socklen_t client_len = sizeof(client_addr);
-        int csockfd;
-        RUNNER_ASSERT_ERRNO_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0,
-                                   "child accept failed");
-
-        usleep(500);
-
-        close(csockfd);
-        exit(0);
-    } else {
-        // parent
-        sleep(1);
-        int sockfd = connect_to_testserver();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        label = security_server_get_smacklabel_sockfd(sockfd);
-        RUNNER_ASSERT_MSG(label != nullptr, "security_server_get_smacklabel_sockfd failed");
-        RUNNER_ASSERT_MSG(strcmp(label,subject_label) == 0, "label is \"" << label << "\"" << ", subject_label is \"" << subject_label << "\"" );
-        free(label);
-
-        result1 = security_server_check_privilege_by_sockfd(
-            sockfd,
-            object_label,
-            access_rights);
-        result2 = security_server_check_privilege_by_sockfd(
-            sockfd,
-            object_label,
-            access_rights_ext);
-    }
-
-    RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result = " << result1);
-    RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, "result = " << result2);
-}
-
-/*
- * test: security_server_check_privilege_by_sockfd
- * description: This test will create dummy server that will accept connection
- * and die. The client will try to check access rights using connection descriptor.
- * Because we read a smack label not from socket directly, but from from pid of process
- * on the other end of socket - that's why smack label will be updated.
- * In this test client is running under root and server is not - to test the extreme case.
- * expected: Function call with access rights set to "r" should return SUCCESS,
- * with "rw" should return ACCESS DENIED.
- */
-RUNNER_MULTIPROCESS_TEST_SMACK(tc07_check_privilege_by_sockfd)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    const char *object_label = "tc07objectlabel";
-    const char *access_rights = "r";
-    const char *access_rights_ext = "rw";
-    const char *subject_label = "tc07subjectlabel";
-
-    int result1 = -1;
-    int result2 = -1;
-
-    SmackAccess access;
-    access.add(subject_label, object_label, access_rights);
-    access.apply();
-
-    int pid = fork();
-    RUNNER_ASSERT_ERRNO(-1 != pid);
-
-    if (0 == pid) {
-
-        pid = fork();
-        RUNNER_ASSERT_ERRNO(-1 != pid);
-
-        if (0 == pid) {
-            // child
-            int sockfd = create_new_socket();
-            RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed");
-
-            SockUniquePtr sockfd_ptr(&sockfd);
-
-            RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(subject_label), "child label " << subject_label << " not set");
-
-            RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-            RUNNER_ASSERT_ERRNO_MSG(listen(sockfd, 5) >= 0, "child listen failed");
-
-            struct sockaddr_un client_addr;
-            socklen_t client_len = sizeof(client_addr);
-            int csockfd = TEMP_FAILURE_RETRY(accept(sockfd,(struct sockaddr*)&client_addr, &client_len));
-            if (csockfd >= 0)
-                close(csockfd);
-            LogDebug("Exit!");
-            exit(0);
-        } else {
-            // parent
-            sleep(1);
-            int sockfd = connect_to_testserver();
-            RUNNER_ASSERT_MSG(sockfd >= 0, "connect_to_testserver() failed");
-
-            result1 = security_server_check_privilege_by_sockfd(
-                sockfd,
-                object_label,
-                access_rights);
-            result2 = security_server_check_privilege_by_sockfd(
-                sockfd,
-                object_label,
-                access_rights_ext);
-
-            close(sockfd);
-
-            RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result1 = " << result1);
-            RUNNER_ASSERT_MSG(SECURITY_SERVER_API_ERROR_ACCESS_DENIED == result2, " result2 = " << result2);
-        }
-    }
-}
-
-///////////////////////////
-/////NOSMACK ENV TESTS/////
-///////////////////////////
-
-RUNNER_CHILD_TEST_NOSMACK(tc04_security_server_get_gid_nosmack)
-{
-    int ret;
-
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    ret = security_server_get_gid("definitely_not_existing_object");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT, "ret = " << ret);
-    ret = security_server_get_gid("root");
-    RUNNER_ASSERT_MSG(ret == 0, "ret = " << ret);
-}
-
-/*
- * NOSMACK version of tc05 test.
- *
- * Correct behaviour of smack_accesses_apply and smack_set_label_for_self was checked by libsmack
- * tests. We assume, that those tests pass. Additionally security_server_check_privilege_by_cookie
- * should return SUCCESS no matter what access_rights we give to this function.
- */
-RUNNER_CHILD_TEST_NOSMACK(tc05_check_privilege_by_cookie_nosmack)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    char cookie[20];
-    const char* object_label = "tc05objectlabel";
-
-    RUNNER_ASSERT(security_server_request_cookie(cookie,20) == SECURITY_SERVER_API_SUCCESS);
-
-    RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-    RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
-        security_server_check_privilege_by_cookie(cookie, object_label, "r"));
-
-    //On NOSMACK env security server should return success on any accesses, even those that are
-    //incorrect.
-    RUNNER_ASSERT(SECURITY_SERVER_API_SUCCESS ==
-        security_server_check_privilege_by_cookie(cookie, object_label, "rw"));
-}
-
-/**
- * NOSMACK version of tc06 test.
- *
- * Differences between this and SMACK version (server):
- * - Skipped setting access_rights
- * - Skipped setting label for server
- * - get_smacklabel_sockfd is called only once for server, almost right after fork and creation
- *   of socket (because it should do nothing when SMACK is off)
- * - After get_smacklabel_sockfd privileges are dropped and server is prepared to accept connections
- *   from client
- *
- * For client the only difference are expected results from check_privilege_by_sockfd - both should
- * return SUCCESS.
- */
-RUNNER_MULTIPROCESS_TEST_NOSMACK(tc06_check_privilege_by_sockfd_nosmack)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    const char* object_label = "tc06objectlabel";
-
-    int result1 = -1;
-    int result2 = -1;
-
-    int pid = fork();
-    char* label;
-    RUNNER_ASSERT_ERRNO(pid >= 0);
-
-    int ret;
-
-    if (pid == 0) { //child process - server
-        //create new socket
-        int sockfd = create_new_socket();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        //check if get_smacklabel_sockfd works correctly
-        label = security_server_get_smacklabel_sockfd(sockfd);
-        RUNNER_ASSERT_MSG(label != nullptr, "security_server_get_smacklabel_sockfd failed");
-        ret = strcmp(label, "");
-        free(label);
-        RUNNER_ASSERT_MSG(ret == 0, "label is \"" << label << "\"");
-
-        RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-        RUNNER_ASSERT_ERRNO_MSG(listen(sockfd, 5) >= 0, "child listen failed");
-
-        struct sockaddr_un client_addr;
-        socklen_t client_len = sizeof(client_addr);
-
-        int csockfd;
-        RUNNER_ASSERT_ERRNO_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0,
-                                   "child accept failed");
-
-        //wait a little bit for parent to do it's job
-        usleep(200);
-
-        //if everything works, cleanup and return 0
-        close(csockfd);
-        exit(0);
-    } else {
-        //parent
-        sleep(1);
-        int sockfd = connect_to_testserver();
-        RUNNER_ASSERT_MSG(sockfd >= 0, "Failed to connect to server.");
-
-        SockUniquePtr sockfd_ptr(&sockfd);
-
-        label = security_server_get_smacklabel_sockfd(sockfd);
-        RUNNER_ASSERT_MSG(label != nullptr, "get_smacklabel_sockfd failed.");
-        ret = strcmp(label, "");
-        free(label);
-        RUNNER_ASSERT_MSG(ret == 0, "label is \"" << label << "\"");
-
-        result1 = security_server_check_privilege_by_sockfd(sockfd, object_label, "r");
-        result2 = security_server_check_privilege_by_sockfd(sockfd, object_label, "rw");
-    }
-
-    RUNNER_ASSERT_MSG(result1 == SECURITY_SERVER_API_SUCCESS, "result = " << result1);
-    RUNNER_ASSERT_MSG(result2 == SECURITY_SERVER_API_SUCCESS, "result = " << result2);
-}
-
-/**
- * NOSMACK version of tc07 test.
- */
-RUNNER_MULTIPROCESS_TEST_NOSMACK(tc07_check_privilege_by_sockfd_nosmack)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    const char* object_label = "tc07objectlabel";
-
-    int result1 = -1;
-    int result2 = -1;
-
-    int pid = fork();
-    RUNNER_ASSERT_ERRNO(-1 != pid);
-
-    if (pid == 0) {
-
-        pid = fork();
-        RUNNER_ASSERT_ERRNO(-1 != pid);
-
-        if (pid == 0) { //child process
-            //Create socket
-            int sockfd = create_new_socket();
-            RUNNER_ASSERT_MSG(sockfd >= 0, "create_new_socket() failed");
-
-            SockUniquePtr sockfd_ptr(&sockfd);
-
-            //Drop privileges
-            RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-            //Prepare for accepting
-            RUNNER_ASSERT_ERRNO_MSG(listen(sockfd, 5) >= 0, "child listen failed");
-
-            struct sockaddr_un client_addr;
-            socklen_t client_len = sizeof(client_addr);
-
-            //Accept connections
-            int csockfd;
-            RUNNER_ASSERT_ERRNO_MSG((csockfd = accept(sockfd,(struct sockaddr*)&client_addr, &client_len)) > 0,
-                                       "child accept failed");
-
-            //wait a little bit for parent to do it's job
-            usleep(200);
-
-            //cleanup and kill child
-            close(csockfd);
-            exit(0);
-        } else {    //parent process
-            //Drop root privileges
-            RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-            //Wait for server to set up
-            sleep(1);
-
-            //Connect and check privileges
-            int sockfd = connect_to_testserver();
-            RUNNER_ASSERT_MSG(sockfd >= 0, "Failed to create socket fd.");
-
-            result1 = security_server_check_privilege_by_sockfd(sockfd, object_label, "r");
-            result2 = security_server_check_privilege_by_sockfd(sockfd, object_label, "rw");
-
-            close(sockfd);
-
-            //Both results (just like in the previous test case) should return success.
-            RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result1, "result1 = " << result1);
-            RUNNER_ASSERT_MSG(SECURITY_SERVER_API_SUCCESS == result2, "result2 = " << result2);
-        }
-    }
-}
-
-RUNNER_TEST_SMACK(tc18_security_server_get_smacklabel_cookie) {
-    int res;
-
-    char *label_smack = nullptr;
-    char *label_ss = nullptr;
-    char *cookie = nullptr;
-
-    int cookie_size = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(PROPER_COOKIE_SIZE == cookie_size, "Wrong cookie size from security-server");
-
-    cookie = (char*) calloc(cookie_size, 1);
-    RUNNER_ASSERT_MSG(nullptr != cookie, "Memory allocation error");
-
-    res = security_server_request_cookie(cookie, cookie_size);
-    if (res != SECURITY_SERVER_API_SUCCESS) {
-        free(cookie);
-        RUNNER_ASSERT_MSG(res == SECURITY_SERVER_API_SUCCESS, "Error in requesting cookie from security-server");
-    }
-
-    label_ss = security_server_get_smacklabel_cookie(cookie);
-    free(cookie);
-    RUNNER_ASSERT_MSG(label_ss != nullptr, "Error in getting label by cookie");
-
-
-    std::string label_cookie(label_ss);
-    free(label_ss);
-
-    res = smack_new_label_from_self(&label_smack);
-    if (res < 0) {
-        free(label_smack);
-        RUNNER_ASSERT_MSG(res == 0, "Error in getting self SMACK label");
-    }
-    std::string label_self(label_smack ? label_smack : "");
-    free(label_smack);
-
-    RUNNER_ASSERT_MSG(label_self == label_cookie, "No match in SMACK labels");
-
-
-    //TODO: here could be label change using SMACK API and checking if it
-    //is changed using security-server API function based on the same cookie
-}
-
-/**
- * NOSMACK version of tc_security_server_get_smacklabel_cookie test.
- *
- * Most of this test goes exactly as the original one. The only difference are the labels:
- * - We assume that libsmack tests passed and smack_new_label_from_self will return -1 and nullptr
- *   label - there is no need to re-check it.
- * - Label acquired from security_server_get_smacklabel_cookie should be an empty string.
- */
-RUNNER_TEST_NOSMACK(tc18_security_server_get_smacklabel_cookie_nosmack) {
-    int res;
-
-    char* label_ss = nullptr;
-    char* cookie = nullptr;
-
-    int cookie_size = security_server_get_cookie_size();
-    RUNNER_ASSERT_MSG(PROPER_COOKIE_SIZE == cookie_size,
-            "Wrong cookie size from security-server. Size: " << cookie_size);
-
-    cookie = (char*) calloc(cookie_size, sizeof(char));
-    RUNNER_ASSERT_MSG(nullptr != cookie, "Memory allocation error");
-
-    //Request cookie from SS
-    res = security_server_request_cookie(cookie, cookie_size);
-    CookieUniquePtr cookie_ptr(cookie);
-    cookie = nullptr;
-    RUNNER_ASSERT_MSG(res == SECURITY_SERVER_API_SUCCESS,
-            "Error in requesting cookie from security-server. Result: " << res);
-
-    label_ss = security_server_get_smacklabel_cookie(cookie_ptr.get());
-    RUNNER_ASSERT_MSG(label_ss != nullptr, "Error in getting label by cookie");
-
-    std::string label(label_ss);
-    free(label_ss);
-    RUNNER_ASSERT_MSG(label.empty(), "label_ss is not an empty string.");
-
-}
-
-////////////////////
-/////MAIN///////////
-////////////////////
-
-int main(int argc, char *argv[])
-{
-    return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
diff --git a/src/security-server-tests/security_server_tests_mt.cpp b/src/security-server-tests/security_server_tests_mt.cpp
deleted file mode 100644 (file)
index c1da88b..0000000
+++ /dev/null
@@ -1,150 +0,0 @@
-/*
- * Copyright (c) 2011 Samsung Electronics Co., Ltd All Rights Reserved
- *
- *    Licensed under the Apache License, Version 2.0 (the "License");
- *    you may not use this file except in compliance with the License.
- *    You may obtain a copy of the License at
- *
- *        http://www.apache.org/licenses/LICENSE-2.0
- *
- *    Unless required by applicable law or agreed to in writing, software
- *    distributed under the License is distributed on an "AS IS" BASIS,
- *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *    See the License for the specific language governing permissions and
- *    limitations under the License.
- */
-/*
- * @file       security_server_tests_mt.cpp
- * @author     Krzysztof Jackiewicz (k.jackiewicz@samsung.com)
- * @version    1.0
- * @brief      This test creates multiple processes that connect to security
- *             server and perform random operations using its API. The purpose
- *             of this test is to check if security-server crashes when under
- *             heavy load. Test succeeds if all processes finish.
- */
-
-#include <dpl/log/log.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <security-server.h>
-#include <sys/wait.h>
-#include <random>
-#include <functional>
-#include <chrono>
-
-namespace {
-const size_t PROC_TOTAL = 1000; // total number of processes to spawn
-const size_t PROC_MAX = 10;     // max number of processes working at the same time
-const size_t LOOPS = 50;        // number of loop repeats
-
-std::default_random_engine generator(std::chrono::system_clock::now().time_since_epoch().count());
-
-// common function data
-struct Data {
-    char *cookie;   // not owned
-
-    Data(char *c) : cookie(c) {}
-};
-
-
-// test functions
-void request_cookie(const Data&)
-{
-    char cookie[20];
-    security_server_request_cookie(cookie, 20);
-}
-
-void check_privilege(const Data &d)
-{
-    int ret = security_server_get_gid("audio");
-    security_server_check_privilege(d.cookie, ret);
-}
-
-void check_privilege_by_cookie(const Data &d)
-{
-    security_server_check_privilege_by_cookie(d.cookie, "label", "rwxat");
-}
-
-void get_cookie_pid(const Data &d)
-{
-    security_server_get_cookie_pid(d.cookie);
-}
-
-void get_smack_label(const Data &d)
-{
-    char *label = security_server_get_smacklabel_cookie(d.cookie);
-    free(label);
-}
-
-void random_sleep(const Data&)
-{
-    std::uniform_int_distribution<size_t> distribution(0,100);
-    usleep(distribution(generator));
-}
-
-
-// list of test functions
-std::vector<std::function<void(const Data&)> > functions = {
-    random_sleep,
-    request_cookie,
-    check_privilege,
-    check_privilege_by_cookie,
-    get_cookie_pid,
-    get_smack_label
-};
-} // namespace
-
-// randomly calls test functions
-void security_server_magic()
-{
-    char cookie[20];
-    security_server_request_cookie(cookie, 20);
-    Data d(cookie);
-
-    // random loop number
-    std::uniform_int_distribution<size_t> l_dist(0,LOOPS);
-    size_t loops = l_dist(generator);
-
-    // random function call
-    std::uniform_int_distribution<size_t> distribution(0,functions.size() - 1);
-    auto rnd = std::bind(distribution, generator);
-    for (size_t i = 0; i < loops; ++i) {
-        functions[rnd()](d);
-    }
-}
-
-int main()
-{
-    size_t current = 0;
-    size_t spawned = 0;
-    for (;;) {
-        if (current >= PROC_MAX || spawned >= PROC_TOTAL) {
-            int status;
-            int ret = wait(&status);
-
-            // all processes spawned, no more children to wait for
-            if (spawned >= PROC_TOTAL && ret <= 0)
-                break;
-
-            current--;
-        }
-
-        // spawn predefined number of processes
-        if (spawned < PROC_TOTAL) {
-            pid_t pid = fork();
-            if (pid == 0) {
-                LogDebug("START " << spawned);
-                security_server_magic();
-                LogError("STOP " << spawned);
-                exit(0);
-            }
-            else {
-                //LogWarning("PID " << pid);
-                spawned++;
-                current++;
-            }
-        }
-    }
-    LogInfo("Finished");
-    return 0;
-}
diff --git a/src/security-server-tests/security_server_tests_password.cpp b/src/security-server-tests/security_server_tests_password.cpp
deleted file mode 100644 (file)
index b9f0584..0000000
+++ /dev/null
@@ -1,1526 +0,0 @@
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_password.cpp
- * @author  Bumjin Im (bj.im@samsung.com)
- * @author  Pawel Polawski (p.polawski@partner.samsung.com)
- * @author  Radoslaw Bartosiak (r.bartosiak@samsung.com)
- * @author  Jan Olszak (j.olszak@samsung.com)
- * @version 2.0
- * @brief   Test cases for security server
- *
- * WARNING: In this file test order is very important. They have to always be run
- * in correct order. This is done by correct test case names ("tcXX_").
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <limits.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <fcntl.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <sys/socket.h>
-#include <sys/time.h>
-#include <dirent.h>
-#include "security-server.h"
-#include <dpl/test/test_runner.h>
-#include <tests_common.h>
-#include <dlog.h>
-#include "security_server_clean_env.h"
-#include "security_server_tests_common.h"
-
-
-// the maximum time (in seconds) passwords can expire in
-const unsigned int PASSWORD_INFINITE_EXPIRATION_TIME = 0xFFFFFFFF;
-
-// test passwords
-const char* TEST_PASSWORD =         "IDLEPASS";
-const char* SECOND_TEST_PASSWORD =  "OTHERIDLEPASS";
-const char* THIRD_TEST_PASSWORD =   "THIRDPASS";
-const char* FOURTH_TEST_PASSWORD =  "FOURTHPASS";
-
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_PASSWORD);
-
-struct SystemClock {
-    SystemClock(time_t sft)
-      : m_original(time(0))
-      , m_shift(0)
-    {
-        shift(sft);
-    }
-
-    SystemClock()
-      : m_original(time(0))
-      , m_shift(0)
-    {}
-
-    void shift(time_t sft) {
-        m_shift += sft;
-        time_t shifted = m_original + m_shift;
-        RUNNER_ASSERT_ERRNO(0 == stime(&shifted));
-    }
-
-    ~SystemClock() {
-        if (std::uncaught_exception()) {
-            stime(&m_original);
-            return;
-        }
-
-        RUNNER_ASSERT_ERRNO(0 == stime(&m_original));
-    }
-private:
-    time_t m_original;
-    time_t m_shift;
-};
-
-
-/**
- * Confirm there is no password before tests are run.
- */
-RUNNER_TEST(tc01_clear_environment)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    if (getuid() == 0)
-    {
-        reset_security_server();
-
-        ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-
-        RUNNER_ASSERT_MSG(expire_sec == 0, "expire_sec = " << expire_sec);
-        RUNNER_ASSERT_MSG(max_attempt == 0, "max_attempt = " << max_attempt);
-        RUNNER_ASSERT_MSG(attempt == 0, "attempt = " << attempt);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-    }
-    else
-    {
-        SLOGD("To run the test as non root user, please remove password files (/opt/data/security-server/*) in root shell\n");
-        SLOGD("If not, you will see some failures\n");
-
-        RUNNER_IGNORED_MSG("I'm not root");
-    }
-}
-
-/**
- * Basic test of setting validity period.
- */
-RUNNER_TEST(tc02_security_server_set_pwd_validity)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TESTS:
-    // WITHOUT password
-    ret = security_server_set_pwd_validity(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-
-    ret = security_server_set_pwd_validity(11);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-
-    // WITH password
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_validity(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_validity(11);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Basic test of setting maximum number of password challenges.
- */
-RUNNER_TEST(tc03_security_server_set_pwd_max_challenge)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TESTS:
-    // WITHOUT password
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(6);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-
-    // WITH password
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(6);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Test checking a too long password.
- */
-RUNNER_TEST(tc04_security_server_chk_pwd_too_long_password_case)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // 33 char password
-    ret = security_server_chk_pwd("abcdefghijklmnopqrstuvwxyz0123456", &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Test various parameter values when checking a password.
- */
-RUNNER_TEST(tc05_security_server_chk_pwd_null_input_case)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    ret = security_server_chk_pwd(nullptr, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_chk_pwd("password", nullptr, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_chk_pwd("password", &attempt, nullptr, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_chk_pwd("password", &attempt, &max_attempt, nullptr);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Check the given password when no password is set.
- */
-RUNNER_TEST(tc06_security_server_chk_pwd_no_password_case)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment - there is no password now!
-    reset_security_server();
-
-    // TEST
-    ret = security_server_chk_pwd("isthisempty", &attempt, &max_attempt, &expire_sec);
-
-    RUNNER_ASSERT_MSG(expire_sec == 0, expire_sec);
-    RUNNER_ASSERT_MSG(max_attempt == 0, max_attempt);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret = " << ret);
-}
-
-/**
- * Checks various parameter values.
- */
-RUNNER_TEST(tc07_security_server_set_pwd_null_input_case)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TEST
-    ret = security_server_set_pwd(nullptr, nullptr, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Test setting too long password.
- */
-RUNNER_TEST(tc08_security_server_set_pwd_too_long_input_param)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TEST
-    // 33 char password
-    ret = security_server_set_pwd("abcdefghijklmnopqrstuvwxyz0123456", "abcdefghijklmnopqrstuvwxyz0123456", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Basic password setting.
- */
-RUNNER_TEST(tc09_security_server_set_pwd_current_pwd_empty)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TEST
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Set a maximum password period.
- */
-RUNNER_TEST(tc10_security_server_set_pwd_current_pwd_max_valid_period_in_days)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    // UINT_MAX will cause api error, it is to big value
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, UINT_MAX);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    // calculate max applicable valid days that will not be rejected by ss
-    // ensure, that after conversion from days to seconds in ss there will be no uint overflow
-    unsigned int valid_days = ((UINT_MAX - time(nullptr)) / 86400) - 1;
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, valid_days);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Set a maximum password challenge number.
- */
-RUNNER_TEST(tc11_security_server_set_pwd_current_pwd_max_max_challenge)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, UINT_MAX, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Set empty password.
- */
-RUNNER_TEST(tc12_security_server_set_pwd_current_pwd_nonempty2zero)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, "", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Change password to a too long password.
- */
-RUNNER_TEST(tc14_security_server_set_pwd_current_pwd_too_long_input_param)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    std::string lng_pwd(5000, 'A');
-    ret = security_server_set_pwd(TEST_PASSWORD,lng_pwd.c_str(), 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Check empty password.
- */
-RUNNER_TEST(tc15_security_server_chk_pwd_empty_password)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd("", &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Various validity parameter values.
- */
-RUNNER_TEST(tc16_security_server_set_pwd_validity)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    ret = security_server_set_pwd_validity(0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_validity(1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //When trying to set UINT_MAX we should get error.
-    ret = security_server_set_pwd_validity(UINT_MAX);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_validity(2);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Check passwords validity
- */
-RUNNER_TEST(tc17_security_server_is_pwd_valid)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 2);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST:
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST,  "ret = " << ret);
-    RUNNER_ASSERT_MSG((expire_sec > 172795) && (expire_sec < 172805),  "expire_sec = " << expire_sec);
-}
-
-/**
- * Various numbers of challenges.
- */
-RUNNER_TEST(tc18_security_server_set_pwd_max_challenge)
-{
-    int ret;
-    // Prepare environment
-    reset_security_server();
-    // calculate max applicable valid days that will not be rejected by ss
-    // ensure, that after conversion from days to seconds in ss there will be no uint overflow
-    unsigned int valid_days = ((UINT_MAX - time(nullptr)) / 86400) - 1;
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, valid_days);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TESTS
-    ret = security_server_set_pwd_max_challenge(0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(UINT_MAX);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(6);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-
-/**
- * Check the max number of challenges.
- */
-RUNNER_TEST(tc19_security_server_is_pwd_valid)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_max_challenge(6);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG(max_attempt == 6,  "max_attempt = " << max_attempt);
-}
-
-/**
- * Basic password check.
- */
-RUNNER_TEST(tc20_security_server_chk_pwd)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, ret);
-
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-}
-
-/**
- * Check an incorrect password.
- */
-RUNNER_TEST(tc21_security_server_chk_incorrect_pwd)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
-}
-
-/**
- * Check an incorrect password
- */
-RUNNER_TEST(tc22_security_server_set_pwd_incorrect_current)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,  "ret = " << ret);
-}
-
-/**
- * Change password
- */
-RUNNER_TEST(tc23_security_server_set_pwd_correct_current)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Check wrong password multiple times and then check a correct one.
- */
-RUNNER_TEST(tc24_security_server_attempt_exceeding)
-{
-    int ret;
-    unsigned int i, attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    printf("5 subtests started...");
-    for (i = 1; i <= 5; i++) {
-        usleep(PASSWORD_RETRY_TIMEOUT_US);
-        ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
-        RUNNER_ASSERT_MSG(attempt == i, "attempt = " << attempt << ", expected " << i);
-    }
-    printf("DONE\n");
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG(attempt == 0, "ret = " << ret);
-    RUNNER_ASSERT_MSG(max_attempt == 10, "ret = " << ret);
-}
-
-/**
- * Try to exceed maximum number of challenges.
- */
-RUNNER_TEST(tc25_security_server_attempt_exceeding)
-{
-    int ret;
-    unsigned int i, attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    printf("10 subtests started...");
-    for (i = 1; i <= 10; i++) {
-        usleep(PASSWORD_RETRY_TIMEOUT_US);
-        ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
-        RUNNER_ASSERT_MSG(attempt == i, "attempt = " << attempt << ", expected " << i);
-    }
-
-    // The check, that exceeds max number
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED, "ret = " << ret);
-    printf("DONE\n");
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(TEST_PASSWORD,  &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED, "ret = " << ret);
-}
-
-/**
- * Reset password
- */
-RUNNER_TEST(tc26_security_server_reset_pwd)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 5, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    ret = security_server_reset_pwd(TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Check too long password.
- */
-RUNNER_TEST(tc27_security_server_chk_pwd_too_long_password)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 5, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    std::string lng_pwd(5000, 'A');
-    ret = security_server_chk_pwd(lng_pwd.c_str(),  &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/**
- * Check passwords expiration (not expired)
- */
-RUNNER_TEST(tc28_security_server_check_expiration)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 5, 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG((expire_sec < 86402) && (expire_sec > 86396), "expire_sec = " << ret);
-}
-
-/**
- * Use various parameter values of parameters.
- */
-RUNNER_TEST(tc29_security_server_set_pwd_history)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 5, 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TESTS
-    ret = security_server_set_pwd_history(100);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(51);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(-5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(50);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(INT_MAX);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(INT_MIN);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-
-    ret = security_server_set_pwd_history(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-
-
-int dir_filter(const struct dirent *entry)
-{
-    if ((strcmp(entry->d_name, ".") == 0) ||
-        (strcmp(entry->d_name, "..") == 0) ||
-        (strcmp(entry->d_name, "attempts") == 0) ||
-        (strcmp(entry->d_name, "history") == 0))
-        return (0);
-    else
-        return (1);
-}
-
-void clean_password_dir(void)
-{
-    int ret;
-    int i;
-    struct dirent **mydirent;
-
-    ret = scandir("/opt/data/security-server", &mydirent, &dir_filter, alphasort);
-    i = ret;
-    while (i--)
-        free(mydirent[i]);
-    free(mydirent);
-}
-
-
-/**
- * Check password history.
- */
-RUNNER_TEST(tc30_security_server_check_history)
-{
-    int ret;
-    int i;
-    char buf1[33], buf2[33];
-
-    // Prepare environment
-    reset_security_server();
-
-    clean_password_dir();
-
-    ret = security_server_set_pwd_history(9);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_reset_pwd("history0", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    printf("11 subtests started...");
-    for (i = 0; i < 11; i++) {
-        sprintf(buf1, "history%d", i);
-        sprintf(buf2, "history%d", i + 1);
-
-        usleep(PASSWORD_RETRY_TIMEOUT_US);
-        ret = security_server_set_pwd(buf1, buf2, 0, 0);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    }
-    printf("DONE\n");
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd("history11", "history1", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd("history1", "history8", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd("history1", "history12", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    printf("48 subtests started...");
-    for (i = 12; i < 60; i++) {
-        usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-        sprintf(buf1, "history%d", i);
-        sprintf(buf2, "history%d", i + 1);
-
-        ret = security_server_set_pwd(buf1, buf2, 0, 0);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    }
-    printf("DONE\n");
-
-    clean_password_dir();
-}
-
-/**
- * Replay attack
- */
-RUNNER_TEST(tc31_security_server_replay_attack)
-{
-    int ret;
-    int i = 0;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd("quickquickquick", &attempt, &max_attempt, &expire_sec);
-
-    while (ret == SECURITY_SERVER_API_ERROR_PASSWORD_RETRY_TIMER) {
-        i += 100000;
-
-        ret = security_server_chk_pwd("quickquickquick", &attempt, &max_attempt, &expire_sec);
-        usleep(i);
-    }
-
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
-}
-
-/**
- * Expired password
- */
-RUNNER_TEST(tc32_security_server_challenge_on_expired_password)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-    struct timeval cur_time;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 4, 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = gettimeofday(&cur_time, nullptr);
-    RUNNER_ASSERT_ERRNO(ret != -1);
-
-    cur_time.tv_sec += (expire_sec + 1);
-    ret = settimeofday(&cur_time, nullptr);
-    RUNNER_ASSERT_ERRNO(ret != -1);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXPIRED, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, "ret = " << ret);
-}
-
-/**
- * Reset password
- */
-RUNNER_TEST(tc33_security_server_reset_by_null_pwd)
-{
-    int ret;
-
-    // Prepare environment
-    reset_security_server();
-
-    // TEST
-    ret = security_server_reset_pwd(nullptr, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret = " << ret);
-}
-
-/*
- * Use this instead of security_server_chk_pwd directly to verify the function output.
- * For example:
- * verify_chk_pwd("password", SECURITY_SERVER_API_SUCCESS, 2, 5, "debug string")
- */
-void verify_chk_pwd (
-    const char* challenge,
-    int expected_result,
-    unsigned int expected_current_attempt,
-    unsigned int expected_max_attempt,
-    const std::string &info = std::string())
-{
-    /* ensure that initial values differ from expected ones */
-    unsigned int attempt = expected_current_attempt - 1;
-    unsigned int max_attempt = expected_max_attempt - 1;
-    unsigned int expire_sec = PASSWORD_INFINITE_EXPIRATION_TIME - 1;
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    int ret = security_server_chk_pwd(challenge, &attempt, &max_attempt, &expire_sec);
-
-    // validate returned value
-    RUNNER_ASSERT_MSG(ret == expected_result,
-        info << "security_server_chk_pwd returned "
-         << ret << " (expected: " << expected_result << ")");
-
-    // validate current attempts value
-    RUNNER_ASSERT_MSG(attempt == expected_current_attempt,
-        info << "security_server_chk_pwd returned attempt = " << attempt <<
-        " (expected: " << expected_current_attempt << ")");
-
-    // validate max attempt value
-    RUNNER_ASSERT_MSG(max_attempt == expected_max_attempt,
-        info << "security_server_chk_pwd returned max_attempt = " << max_attempt <<
-        " (expected: " << expected_max_attempt << ")");
-
-    RUNNER_ASSERT_MSG(expire_sec == PASSWORD_INFINITE_EXPIRATION_TIME,
-        info << "security_server_chk_pwd returned expire_sec = " << expire_sec <<
-        " (expected: " << PASSWORD_INFINITE_EXPIRATION_TIME << ")");
-}
-
-/**
- * Reach last attempt few times in a row (before exceeding max_attempt).
- */
-RUNNER_TEST(tc34_security_server_max_attempts)
-{
-    // Prepare environment
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // change max attempts number few times
-    std::vector<unsigned int> max_challenge_tab = {1, 4, 2};
-
-    for (size_t pass = 0; pass < max_challenge_tab.size(); ++pass) {
-        unsigned int max_challenges = max_challenge_tab[pass];
-
-        ret = security_server_set_pwd_max_challenge(max_challenges);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-        // max_challenges-1 wrong password attempts
-        for (unsigned int attempt_nr = 1; attempt_nr < max_challenges; ++attempt_nr)
-            verify_chk_pwd(SECOND_TEST_PASSWORD,
-                           SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-                           attempt_nr,
-                           max_challenges,
-                           std::string("pass = ") + std::to_string(pass) +
-                                       ", attempt = " + std::to_string(attempt_nr));
-
-        // Check correct password finally
-        verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS,
-                       max_challenges, max_challenges);
-    }
-}
-
-/**
- * Decrease 'max challenge' number after several missed attempts.
- */
-RUNNER_TEST(tc35_security_server_decrease_max_attempts)
-{
-    const unsigned int max_challenge_more = 10;
-    const unsigned int max_challenge_less = 5;
-
-    // Prepare environment
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, max_challenge_more, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // missed attempts
-    for (unsigned int attempt = 1; attempt <= max_challenge_more; ++attempt)
-        verify_chk_pwd(SECOND_TEST_PASSWORD,
-                       SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-                       attempt,
-                       max_challenge_more,
-                       std::string("attempt = ") + std::to_string(attempt));
-
-    // lower max_challenge
-    ret = security_server_set_pwd_max_challenge(max_challenge_less);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // try valid password - should pass (curr attempts is reset)
-    verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, max_challenge_less);
-
-    // remove max attempts limit
-    ret = security_server_set_pwd_max_challenge(0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // try valid password again - should pass
-    verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0);
-
-    // try to change the password - should pass
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // validate new password
-    verify_chk_pwd(SECOND_TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0);
-}
-
-/**
- * Change password few times and challenge previous passwords - checks if security_server_set_pwd
- * works as it should.
- */
-RUNNER_TEST(tc36_security_server_challenge_previous_passwords)
-{
-    const int history_depth = 5;
-    const unsigned int max_challenge = 3;
-    std::string prev_pass, new_pass = TEST_PASSWORD;
-
-    // Prepare environment
-    reset_security_server();
-
-    int ret = security_server_set_pwd_history(history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_reset_pwd(TEST_PASSWORD, max_challenge, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    for (int depth = 0; depth < history_depth; ++depth) {
-        prev_pass = new_pass;
-
-        //generate password name
-        new_pass = "history" + std::to_string(depth+1);
-
-        usleep(PASSWORD_RETRY_TIMEOUT_US);
-        ret = security_server_set_pwd(prev_pass.c_str(), new_pass.c_str(), max_challenge, 0);
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-        // challenge initial password
-        verify_chk_pwd(
-            TEST_PASSWORD,
-            SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-            1,
-            max_challenge,
-            std::string("depth = ") + std::to_string(depth));
-
-        // challenge previous password
-        verify_chk_pwd(
-            prev_pass.c_str(),
-            SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-            2,
-            max_challenge,
-            std::string("depth = ") + std::to_string(depth));
-    }
-}
-
-/**
- * Challenge correct and incorrect passwords, check security_server_chk_pwd output.
- * This test simulates user's behaviour - challenges valid and invalid passwords
- * in various combinations.
- */
-RUNNER_TEST(tc37_security_server_challenge_mixed)
-{
-    // Prepare environment
-    reset_security_server();
-
-    const unsigned int max_challenge = 2;
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, max_challenge, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // 2x correct pwd - verify that 'cuurrent attempt' isn't increased
-    for (unsigned int i = 0; i < max_challenge; ++i)
-        verify_chk_pwd(
-            TEST_PASSWORD,
-            SECURITY_SERVER_API_SUCCESS,
-            1,
-            max_challenge,
-            std::string("i = ") + std::to_string(i));
-
-    // Ensure that challenging valid password resets 'cuurrent attempt' value.
-    // If it didn't, the test would fail in third loop pass.
-    for (unsigned int i = 0; i < max_challenge + 1; ++i) {
-        // incorrect pwd
-        verify_chk_pwd(
-            SECOND_TEST_PASSWORD,
-            SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-            1,
-            max_challenge,
-            std::string("i = ") + std::to_string(i));
-
-        // correct pwd
-        verify_chk_pwd(
-            TEST_PASSWORD,
-            SECURITY_SERVER_API_SUCCESS,
-            2,
-            max_challenge,
-            std::string("i = ") + std::to_string(i));
-    }
-
-    // incorrect pwd 2x - 'cuurrent attempt' reaches max_challenge -
-    // any further attempts (even correct) are blocked
-    for (unsigned int i = 1; i <= max_challenge; ++i)
-        verify_chk_pwd(
-            SECOND_TEST_PASSWORD,
-            SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-            i,
-            max_challenge,
-            std::string("i = ") + std::to_string(i));
-
-    // correct - refused
-    for (unsigned int i = 1; i <= max_challenge; ++i)
-        verify_chk_pwd(
-            TEST_PASSWORD,
-            SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED,
-            max_challenge + i,
-            max_challenge,
-            std::string("i = ") + std::to_string(i));
-}
-
-/*
- * Pasword change mixed with history depth change.
- */
-RUNNER_TEST(tc38_security_server_history_depth_change)
-{
-    int ret;
-    const int initial_history_depth = 2;
-    const int decreased_history_depth = 1;
-    const int increased_history_depth = 3;
-
-    // Prepare environment
-    reset_security_server();
-
-    ret = security_server_set_pwd_history(initial_history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_reset_pwd(TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST_PASSWORD, 2nd and 3rd remembered => 1st should be refused
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    /*
-     * Lower history depth. At this point SS should treat THIRD_TEST_PASSWORD as current pwd,
-     * and SECOND_TEST_PASSWORD as a part of history.
-     */
-    ret = security_server_set_pwd_history(decreased_history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    /*
-     * Increase history depth to 3. At this point SS should remember TEST_PASSWORD
-     * and THIRD_TEST_PASSWORD only.
-     */
-    ret = security_server_set_pwd_history(increased_history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // 3rd and TEST_PASSWORD remembered => 2nd should be accepted
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // TEST_PASSWORD, 2nd and 3rd remembered => 3rd should be refused
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-}
-
-/**
- * Challenge invalid password, reset server and check if 'current attempts' is restored.
- */
-RUNNER_TEST(tc39_security_server_attempts_num_check_after_reset)
-{
-    unsigned int attempt, max_attempt, expire_sec;
-    const unsigned int max_challenge = 10;
-    const unsigned int invalid_attempts_num = 3;
-
-    // Prepare environment
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, max_challenge, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // missed attempts
-    for (unsigned int attempt = 1; attempt <= invalid_attempts_num; ++attempt)
-        verify_chk_pwd(
-            SECOND_TEST_PASSWORD,
-            SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-            attempt,
-            max_challenge);
-
-    attempt = max_attempt = expire_sec = UINT_MAX;
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG(max_attempt == max_challenge, "max_attempt = " << max_attempt);
-    RUNNER_ASSERT_MSG(attempt == invalid_attempts_num, "attempt = " << attempt);
-    RUNNER_ASSERT_MSG(expire_sec == PASSWORD_INFINITE_EXPIRATION_TIME, "expire_sec = " <<
-                      expire_sec);
-
-    // restart server - triggers loading password data from file
-    restart_security_server();
-
-    // challenge invalid password
-    verify_chk_pwd(
-        SECOND_TEST_PASSWORD,
-        SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH,
-        invalid_attempts_num + 1,
-        max_challenge);
-
-    // challenge valid password
-    verify_chk_pwd(
-        TEST_PASSWORD,
-        SECURITY_SERVER_API_SUCCESS,
-        invalid_attempts_num + 2,
-        max_challenge);
-}
-
-/**
- * Validate passwords history after security server reset.
- */
-RUNNER_TEST(tc40_security_server_history_check_after_reset)
-{
-    const unsigned int history_depth = 2;
-
-    // Prepare environment
-    reset_security_server();
-
-    int ret = security_server_set_pwd_history(history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    ret = security_server_reset_pwd(TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, FOURTH_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    // restart server - triggers loading password data from file
-    restart_security_server();
-
-    // try to reuse history passwords
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(FOURTH_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(FOURTH_TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(FOURTH_TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-/**
- * Check if SS has correct behaviour when changing history depth to 0.
- */
-RUNNER_TEST(tc41_security_server_empty_history_check)
-{
-    const unsigned int history_depth = 2;
-    const unsigned int empty_history_depth = 0;
-
-    //prepare environment
-    reset_security_server();
-
-    //set new history count
-    int ret = security_server_set_pwd_history(history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //set new password and fill history
-    ret = security_server_reset_pwd(TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(SECOND_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //make sure, that everything went OK - try setting something that would cause reuse error
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_REUSED, "ret = " << ret);
-
-    //reset history limit to no history at all
-    ret = security_server_set_pwd_history(empty_history_depth);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //make sure, that current password still exists in memory
-    //expected attempt 3 because our previous tries increased attempt counter
-    verify_chk_pwd(
-        THIRD_TEST_PASSWORD,
-        SECURITY_SERVER_API_SUCCESS,
-        3,
-        0);
-
-    //make sure that it's possible to reuse old password once history limit is set to 0
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, THIRD_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //once again try setting earlier used passwords - now API should return success
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(THIRD_TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-RUNNER_TEST(tc42_security_server_set_new_pwd_with_current_empty)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //try setting different password and giving nullptr as current once again
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(nullptr, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-}
-
-RUNNER_TEST(tc43_security_server_no_retry_timeout_is_pwd_valid)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    unsigned int attempt, max_attempt, expire_sec;
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-}
-
-RUNNER_TEST(tc44_security_server_retry_timeout_chk_pwd)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    unsigned int attempt, max_attempt, expire_sec;
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_RETRY_TIMER, "ret = " << ret);
-    ret = security_server_chk_pwd(TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_RETRY_TIMER, "ret = " << ret);
-}
-
-RUNNER_TEST(tc45_security_server_retry_timeout_set_pwd)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    ret = security_server_set_pwd(TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_RETRY_TIMER, "ret = " << ret);
-    ret = security_server_set_pwd(TEST_PASSWORD, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_RETRY_TIMER, "ret = " << ret);
-}
-
-RUNNER_TEST(tc46_security_server_no_retry_timeout_set_pwd_validity)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    ret = security_server_set_pwd_validity(11);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    ret = security_server_set_pwd_validity(11);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-RUNNER_TEST(tc47_security_server_no_retry_timeout_reset_pwd)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    ret = security_server_reset_pwd(TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    ret = security_server_reset_pwd(TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-RUNNER_TEST(tc48_security_server_no_retry_timeout_pwd_history)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    ret = security_server_set_pwd_history(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    ret = security_server_set_pwd_history(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-RUNNER_TEST(tc49_security_server_no_retry_timeout_set_pwd_max_challenge)
-{
-    //prepare environment
-    reset_security_server();
-
-    //set a password
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    //do test
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-}
-
-RUNNER_TEST(tc50_security_server_set_pwd_current_pwd_with_infinite_expiration_time)
-{
-    int ret;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    // Prepare environment
-    reset_security_server();
-    ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 10, 10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    // Assert security server sets infinite expiration time
-    ret = security_server_set_pwd(TEST_PASSWORD, SECOND_TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-
-    ret = security_server_chk_pwd(SECOND_TEST_PASSWORD, &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-    RUNNER_ASSERT_MSG(expire_sec == PASSWORD_INFINITE_EXPIRATION_TIME,
-            "invalid expiration time " << expire_sec);
-
-    clean_password_dir();
-}
-
-RUNNER_TEST(tc51_security_server_is_pwd_valid)
-{
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 1);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    unsigned int attempt, maxAttempt, validSec;
-    attempt = maxAttempt = validSec = 0;
-
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret <<
-        " atempt=" << attempt << " maxAttempt=" << maxAttempt << " validSec=" << validSec);
-
-
-    SystemClock clock(60*60*24*2);
-
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG((ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST) && (validSec == 0),
-        "ret = " << ret << " atempt=" << attempt << " maxAttempt=" << maxAttempt
-        << " validSec=" << validSec);
-}
-
-RUNNER_TEST(tc52_security_server_is_pwd_valid)
-{
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    unsigned int attempt, maxAttempt, validSec;
-    attempt = maxAttempt = validSec = 0;
-
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG((ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST) && (validSec == 0xffffffff), "ret = " << ret <<
-        " atempt=" << attempt << " maxAttempt=" << maxAttempt << " validSec=" << validSec);
-}
-
-RUNNER_TEST(tc53_security_server_is_pwd_valid)
-{
-    reset_security_server();
-
-    int ret = security_server_set_pwd(nullptr, TEST_PASSWORD, 0, 3);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret);
-
-    unsigned int attempt, maxAttempt, validSec;
-    attempt = maxAttempt = validSec = 0;
-
-    // password shoudl be valid for 3 days == (60*60*24*3) 259200 seconds
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG((validSec > 259000) && (validSec < 260000), "validSec = " << validSec);
-
-    SystemClock clock;
-    clock.shift(-60*60*24); // one day back
-
-    // password should be valid for 4 days == (60*60*24*4) 345600 seconds
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG((validSec > 345000) && (validSec < 346000), "validSec = " << validSec);
-
-    clock.shift(-60*60*24*2); // 3 days back
-
-    // password shoudl be valid for 6 days == (60*60*24*6) 518400 seconds
-    ret = security_server_is_pwd_valid(&attempt, &maxAttempt, &validSec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_PASSWORD_EXIST, "ret = " << ret);
-    RUNNER_ASSERT_MSG((validSec > 518000) && (validSec < 519000), "validSec = " << validSec);
-}
-
-int main(int argc, char *argv[])
-{
-    return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
diff --git a/src/security-server-tests/security_server_tests_privilege.cpp b/src/security-server-tests/security_server_tests_privilege.cpp
deleted file mode 100644 (file)
index c7e698f..0000000
+++ /dev/null
@@ -1,125 +0,0 @@
-#include <dpl/test/test_runner.h>
-
-#include <libprivilege-control_test_common.h>
-
-#include <security-server.h>
-#include <privilege-control.h>
-
-const char *SSTP_APP_ID = "sstp_test_app";
-const char *SSTP_OTHER_LABEL = "sstp_test_other_label";
-
-const char *SSTP_PERMS[] = {
-    "sstp_test_rules1",
-    "sstp_test_rules2",
-    nullptr
-};
-
-const char *SSTP_PERMS1[] = {
-    SSTP_PERMS[0],
-    nullptr
-};
-
-const char *SSTP_PERMS2[] = {
-    SSTP_PERMS[1],
-    nullptr
-};
-
-void check_security_server_app_has_privilege(const char *app_label,
-                                             const char *permission,
-                                             int is_enabled_expected)
-{
-    int result;
-    int is_enabled;
-
-    result = security_server_app_has_privilege(app_label, APP_TYPE_WGT, permission, &is_enabled);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error calling security_server_app_has_privilege. Result: " << result);
-
-    RUNNER_ASSERT_MSG(is_enabled == is_enabled_expected,
-            "Result of security_server_app_has_privilege should be: " << is_enabled_expected);
-}
-
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_PRIVILEGE);
-
-RUNNER_TEST(sstp_01_security_server_app_has_privilege)
-{
-    int result;
-
-    DB_BEGIN
-
-    result = perm_app_uninstall(SSTP_APP_ID);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error uninstalling app. Result" << result);
-
-    result = perm_app_install(SSTP_APP_ID);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error installing app. Result" << result);
-
-    result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error disabling app r and no r permissions. Result: " << result);
-
-    DB_END
-
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0);
-
-    DB_BEGIN
-
-    result = perm_app_enable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS1, false);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error registering app r permissions. Result: " << result);
-
-    DB_END
-
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 1);
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0);
-
-    DB_BEGIN
-
-    result = perm_app_enable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS2, false);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error registering app r permissions. Result: " << result);
-
-    DB_END
-
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 1);
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 1);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0);
-
-    DB_BEGIN
-
-    result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS1);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error disabling app r and no r permissions. Result: " << result);
-
-    DB_END
-
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 1);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0);
-
-    DB_BEGIN
-
-    result = perm_app_disable_permissions(SSTP_APP_ID, APP_TYPE_WGT, SSTP_PERMS2);
-    RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
-            "Error disabling app r and no r permissions. Result: " << result);
-
-    DB_END
-
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(USER_APP_ID, SSTP_PERMS[1], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[0], 0);
-    check_security_server_app_has_privilege(SSTP_OTHER_LABEL, SSTP_PERMS[1], 0);
-}
-
-int main(int argc, char *argv[])
-{
-    return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
diff --git a/src/security-server-tests/security_server_tests_stress.cpp b/src/security-server-tests/security_server_tests_stress.cpp
deleted file mode 100644 (file)
index b8f7e12..0000000
+++ /dev/null
@@ -1,189 +0,0 @@
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_stress.cpp
- * @author  Pawel Polawski (p.polawski@partner.samsung.com)
- * @version 1.0
- * @brief   Test cases for security server stress tests
- *
- */
-
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_multiprocess.h>
-#include <tests_common.h>
-#include <iostream>
-#include <sys/smack.h>
-#include <cstddef>
-#include <thread>
-#include <mutex>
-#include <string>
-#include <sys/types.h>
-#include <unistd.h>
-#include "security-server.h"
-#include <memory.h>
-
-std::mutex g_mutex;
-std::mutex g_msgMutex;
-size_t g_successes = 0;
-
-//number of threads
-const size_t g_threadsNumber = 5;
-
-//environment setup
-const std::string g_subject("woda");
-const std::string g_object("wiadro");
-const std::string g_rule("rwx");
-
-//for storing errors
-std::string g_errors;
-
-
-void appendError(const std::string &message)
-{
-    std::lock_guard<std::mutex> lock(g_msgMutex);
-    g_errors += message;
-    g_errors += "\n";
-}
-
-void cookie_api_thread_function(bool isSmack)
-{
-    /*
-    Tested API functions:
-
-    int security_server_get_cookie_size(void);
-    int security_server_request_cookie(char *cookie, size_t bufferSize);
-    int security_server_check_privilege(const char *cookie, gid_t privilege);
-    int security_server_check_privilege_by_cookie(const char *cookie,
-                                              const char *object,
-                                              const char *access_rights);
-    int security_server_get_cookie_pid(const char *cookie);
-    char *security_server_get_smacklabel_cookie(const char *cookie);
-    */
-
-    int ret;
-    size_t COOKIE_SIZE;
-
-    //security_server_get_cookie_size()
-    COOKIE_SIZE = security_server_get_cookie_size();
-    if (COOKIE_SIZE != 20) {
-        appendError("Error in security_server_get_cookie_size(): " + std::to_string(COOKIE_SIZE));
-        return;
-    }
-
-    //security_server_request_cookie()
-    std::vector<char> cookie(COOKIE_SIZE);
-    ret = security_server_request_cookie(cookie.data(), COOKIE_SIZE);
-    if (ret < 0) {
-        appendError("Error in security_server_request_cookie(): " + std::to_string(ret));
-        return;
-    }
-
-    //security_server_check_privilege()
-    ret = security_server_check_privilege(cookie.data(), 0);
-    if (ret < 0) {
-        appendError("Error in security_server_check_privilege(): " + std::to_string(ret));
-        return;
-    }
-
-    //security_server_check_privilege_by_cookie()
-    ret = security_server_check_privilege_by_cookie(cookie.data(), g_object.data(), g_rule.data());
-    if (ret < 0) {
-        appendError("Error in security_server_check_privilege_by_cookie(): " + std::to_string(ret));
-        return;
-    }
-
-    //security_server_get_cookie_pid
-    ret = security_server_get_cookie_pid(cookie.data());
-    if (ret < 0) {
-        appendError("Error in security_server_get_cookie_pid(): " + std::to_string(ret));
-        return;
-    }
-
-    if (isSmack) {
-        //security_server_get_smacklabel_cookie()
-        char *tmp = security_server_get_smacklabel_cookie(cookie.data());
-        std::string labelFromCookie(tmp ? tmp : "");
-        free(tmp);
-        if (labelFromCookie.size() == 0) {
-            appendError("Error in security_server_get_smacklabel_cookie(): " + labelFromCookie);
-            return;
-        }
-
-        char *labelFromSelfTmp = nullptr;
-        ret = smack_new_label_from_self(&labelFromSelfTmp);
-        if (ret < 0) {
-            appendError("Error in smack_new_label_from_self(): " + std::to_string(ret));
-            return;
-        }
-
-        std::string labelFromSelf(labelFromSelfTmp ? labelFromSelfTmp : "");
-        free(labelFromSelfTmp);
-        if (labelFromSelf != labelFromCookie) {
-            appendError("Error in comparing SMACK label: " + std::to_string(ret));
-            return;
-        }
-    }
-
-    std::lock_guard<std::mutex> lock(g_mutex);
-    ++g_successes;
-}
-
-void testFunction(bool isSmack)
-{
-    std::vector<std::thread> threadsVector;
-
-    if (isSmack) {
-        //preapre environment
-        int ret = smack_set_label_for_self(g_subject.data());
-        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_set_label_for_self()");
-
-        struct smack_accesses *rulesRaw = nullptr;
-        ret = smack_accesses_new(&rulesRaw);
-        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_new()");
-        SmackAccessesPtr rules(rulesRaw);
-        ret = smack_accesses_add(rules.get(), g_subject.data(), g_object.data(), g_rule.data());
-        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_add()");
-        ret = smack_accesses_apply(rules.get());
-        RUNNER_ASSERT_MSG(ret == 0, "Error in smack_accesses_apply()");
-    }
-
-    //spawning threads
-    for (size_t i = 0 ; i < g_threadsNumber; ++i)
-        threadsVector.push_back(std::thread(cookie_api_thread_function, isSmack));
-
-    //waiting for threads end
-    for (auto itr = threadsVector.begin(); itr != threadsVector.end(); ++itr)
-        itr->join();
-}
-
-
-RUNNER_TEST_GROUP_INIT(stress_tests)
-
-RUNNER_CHILD_TEST_SMACK(tc_stress_cookie_api_smack)
-{
-    testFunction(true);
-
-    RUNNER_ASSERT_MSG(g_successes == g_threadsNumber,
-                      "Not all threads exit with success: "
-                      << g_successes << "/ " << g_threadsNumber
-                      << std::endl << "Errors:" << std::endl << g_errors);
-}
-
-RUNNER_CHILD_TEST_NOSMACK(tc_stress_cookie_api_no_smack)
-{
-    testFunction(false);
-
-    RUNNER_ASSERT_MSG(g_successes == g_threadsNumber,
-                      "Not all threads exit with success: "
-                      << g_successes << "/ " << g_threadsNumber
-                      << std::endl << "Errors:" << std::endl << g_errors);
-}
-
-
-
-int main (int argc, char *argv[])
-{
-    return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
-
diff --git a/src/security-server-tests/server.cpp b/src/security-server-tests/server.cpp
deleted file mode 100644 (file)
index e7d94b7..0000000
+++ /dev/null
@@ -1,432 +0,0 @@
-/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_server.cpp
- * @author  Bumjin Im (bj.im@samsung.com)
- * @author  Mariusz Domanski (m.domanski@samsung.com)
- * @version 1.0
- * @brief   Test cases for security server
- */
-
-#include <stdio.h>
-#include <errno.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/param.h>
-#include <fcntl.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <poll.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/smack.h>
-#include <sys/wait.h>
-#include "security-server.h"
-#include "security_server_clean_env.h"
-#include <dpl/test/test_runner.h>
-#include <dpl/test/test_runner_child.h>
-#include <dlog.h>
-#include <privilege-control.h>
-#include <ftw.h>
-#include "security_server_tests_common.h"
-#include "tests_common.h"
-#include <smack_access.h>
-#include <access_provider.h>
-
-const char *TEST03_SUBJECT = "subject_0f09f7cc";
-const char *TEST04_SUBJECT = "subject_57dfbfc5";
-const char *TEST07_SUBJECT = "subject_cd738844";
-const char *TEST08_SUBJECT = "subject_fd84ba7f";
-
-void clear_password()
-{
-    int ret = -1;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    reset_security_server();
-
-    attempt = max_attempt = expire_sec = UINT_MAX;
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-    RUNNER_ASSERT(expire_sec == 0);
-    RUNNER_ASSERT(max_attempt == 0);
-    RUNNER_ASSERT(attempt == 0);
-
-    sleep(1);
-}
-
-void check_API_passwd(bool smack) {
-    int ret = -1;
-    int err, err_is_pwd_valid;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    err = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_SUCCESS;
-    err_is_pwd_valid = smack ? SECURITY_SERVER_API_ERROR_ACCESS_DENIED : SECURITY_SERVER_API_ERROR_PASSWORD_EXIST;
-    attempt = max_attempt = expire_sec = 0;
-
-    if (smack) {
-        SecurityServer::AccessProvider privider(TEST04_SUBJECT);
-        privider.applyAndSwithToUser(APP_UID, APP_GID);
-    } else {
-        RUNNER_ASSERT_MSG((ret = drop_root_privileges()) == 0,
-                "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-    }
-
-    ret = security_server_set_pwd_validity(APP_UID);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_set_pwd_validity has failed,"
-            " ret: " << ret);
-
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_set_pwd_max_challenge has failed,"
-            " ret: " << ret);
-
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == err_is_pwd_valid,
-            "security_server_is_pwd_valid should return password exist,"
-            " ret: " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd("12345", "12346", 0, 0);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_set_pwd has failed, ret: " << ret);
-
-    ret = security_server_reset_pwd("12346",0, 0);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_reset_pwd has failed, ret: " << ret);
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd("12346", &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_chk_pwd has failed, ret: " << ret);
-
-    ret = security_server_set_pwd_history(10);
-    RUNNER_ASSERT_MSG(ret == err,
-            "security_server_set_pwd_history has failed, ret: " << ret);
-}
-
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_SERVER);
-
-RUNNER_TEST(tc_security_server_get_gid_normal_case_trying_to_get_gid_of_tel_gprs)
-{
-    RUNNER_ASSERT(security_server_get_gid("tel_gprs") >= 0);
-}
-
-RUNNER_TEST(tc_security_server_get_gid_empty_object_name)
-{
-    RUNNER_ASSERT(security_server_get_gid("") == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
-}
-
-RUNNER_TEST(tc_security_server_get_gid_wrong_object_name_teltel)
-{
-    RUNNER_ASSERT(security_server_get_gid("teltel") == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT);
-}
-
-RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access)
-{
-    const char *subject = "abc345v34sfa";
-    const char *object = "efg678x2lkjz";
-
-    SecurityServer::AccessProvider provider(object);
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    security_server_app_give_access(subject, getpid());
-
-    RUNNER_ASSERT(1 == smack_have_access(subject, object, "rwxat"));
-}
-
-/*
- * Currently we are NOT revoking any permissions given by
- * security_server_app_give_access function
- */
-/*RUNNER_TEST(tc01b_security_server_app_give_access)
-{
-    const char *subject = "abc345v34sfa";
-    const char *object = "efg678x2lkjz";
-
-    // After part A thread from security-server will be notified about
-    // process end and revoke permissions. We need to give him some
-    // time.
-    sleep(1);
-
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "r----"));
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "-w---"));
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "--x--"));
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "---a-"));
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "----t"));
-}*/
-
-RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access)
-{
-    const char *subject = "xxx45v34sfa";
-    const char *object = "yyy78x2lkjz";
-
-    SmackAccess smack;
-    smack.add(subject, object, "-----");
-    smack.apply();
-
-    RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(object), "Error in smack_label_for_self");
-
-    RUNNER_ASSERT_MSG(drop_root_privileges() == 0, "uid = " << getuid());
-
-    RUNNER_ASSERT(SECURITY_SERVER_API_ERROR_ACCESS_DENIED ==
-            security_server_app_give_access(subject, getpid()));
-
-    RUNNER_ASSERT(0 == smack_have_access(subject, object, "r"));
-}
-
-RUNNER_TEST_SMACK(tc02_check_privilege_by_pid)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
-    int ret;
-    int pid;
-
-    pid = getpid();
-
-    //we checking existing rule, it should return positive
-    ret = security_server_check_privilege_by_pid(pid, "_", "rx");
-    RUNNER_ASSERT(ret == SECURITY_SERVER_API_SUCCESS);
-
-    //we checking rule with label that not exist
-    ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
-    RUNNER_ASSERT(ret != SECURITY_SERVER_API_SUCCESS);
-}
-
-RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow)
-{
-    int ret = -1;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    attempt = max_attempt = expire_sec = 0;
-
-    clear_password();
-
-    SecurityServer::AccessProvider provider(TEST03_SUBJECT);
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    ret = security_server_set_pwd_validity(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(nullptr, "12345", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    ret = security_server_reset_pwd("12345",0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    ret = security_server_set_pwd_history(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-}
-
-RUNNER_CHILD_TEST_SMACK(tc04_check_API_passwd_denied)
-{
-    check_API_passwd(true);
-}
-
-RUNNER_CHILD_TEST_NOSMACK(tc04_check_API_app_user_passwd_allow_nosmack)
-{
-    check_API_passwd(false);
-}
-
-RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow)
-{
-    SecurityServer::AccessProvider provider(TEST07_SUBJECT);
-    provider.allowSS();
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-}
-
-RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied)
-{
-    SecurityServer::AccessProvider provider(TEST08_SUBJECT);
-    provider.applyAndSwithToUser(APP_UID, APP_GID);
-
-    int ret = security_server_app_give_access(TEST08_SUBJECT, getpid());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED,
-            "security_server_app_give_access should return access denied,"
-            " ret: " << ret);
-}
-
-//////////////////////////////////////////
-/////////NOSMACK ENV TESTS////////////////
-//////////////////////////////////////////
-
-/**
- * NOSMACK version of tc01a and tc01c tests.
- *
- * SMACK is turned off - that means for us, that we don't need any accesses added to our process
- * in SMACK before dropping root privileges. This test drops root privileges, calls
- * security_server_app_give_access and then checks if smack_have_access returns error (because
- * SMACK is off).
- *
- * security_server_app_give_access shouldn't return anything else than success when SMACK is off,
- * hence there is only one test that replaces tests tc01a and tc01c.
- */
-RUNNER_CHILD_TEST_NOSMACK(tc01_security_server_app_give_access_nosmack)
-{
-    const char* subject = "abc345v34sfa";
-    const char* object = "efg678x2lkjz";
-    int result = 0;
-
-    result = drop_root_privileges();
-    RUNNER_ASSERT_MSG(result == 0,
-            "Failed to drop root privileges. Result: " << result << "uid = " << getuid());
-
-    result = security_server_app_give_access(subject, getpid());
-    RUNNER_ASSERT_MSG(result == SECURITY_SERVER_API_SUCCESS,
-            "Error in security_server_app_give_access. Result: " << result);
-
-    result = smack_have_access(subject, object, "rwxat");
-    RUNNER_ASSERT_MSG(result == -1,
-            "smack_have_access should return error when SMACK is off. Result: " << result);
-}
-
-/**
- * NOSMACK version of tc02 test.
- *
- * check_privilege_by_pid should always return success when SMACK is off, no matter if label is
- * real or not.
- */
-RUNNER_TEST_NOSMACK(tc02_check_privilege_by_pid_nosmack)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_pid is temporarily disabled: always returns success");
-    int ret;
-    int pid;
-
-    pid = getpid();
-
-    //we checking existing rule, it should return positive
-    ret = security_server_check_privilege_by_pid(pid, "_", "rx");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "check_privilege_by_pid for existing label failed. Result: " << ret);
-
-    //we checking rule with label that not exist
-    ret = security_server_check_privilege_by_pid(pid, "thislabelisnotreal", "rwxat");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "check_privilege_by_pid for nonexisting label failed. Result: " << ret);
-}
-
-/**
- * NOSMACK version of clear_password function.
- *
- * Compared to SMACK version of this function, this one skips adding rules and setting label.
- */
-int clear_password_nosmack()
-{
-    int ret = -1;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    if (getuid() == 0) {
-        reset_security_server();
-
-        attempt = max_attempt = expire_sec = UINT_MAX;
-        ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-
-        RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
-                "is_pwd_faild should return no password error. Result: " << ret);
-        RUNNER_ASSERT_MSG(expire_sec == 0, "expire_sec = " << expire_sec << ", should be 0.");
-        RUNNER_ASSERT_MSG(max_attempt == 0, "max_attempt = " << max_attempt << ", should be 0.");
-        RUNNER_ASSERT_MSG(attempt == 0, "attempt = " << attempt << ", should be 0.");
-
-        return 0;
-    }
-    return -1;
-}
-
-/**
- * NOSMACK version of tc03 test.
- *
- * Just as tc01a/tc01c NOSMACK replacement, we don't need to do anything with SMACK because most
- * important functions will return errors (that is smack_accesses_apply/smack_have_access etc.).
- * First clear password, then drop privileges and proceed to regular testing.
- */
-
-RUNNER_CHILD_TEST_NOSMACK(tc03_check_API_passwd_allow_nosmack)
-{
-    int ret = -1;
-    unsigned int attempt, max_attempt, expire_sec;
-
-    attempt = max_attempt = expire_sec = 0;
-
-    clear_password_nosmack();
-
-    // drop root privileges
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    ret = security_server_set_pwd_validity(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
-            "set_pwd_validity should return no password error. Result: " << ret);
-
-    ret = security_server_set_pwd_max_challenge(5);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
-            "set_pwd_max_challenge should return no password error. Result: " << ret);
-
-    ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD,
-            "is_pwd_valid should return no password error. Result: " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_set_pwd(nullptr, "12345", 0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "set_pwd failed. Result: " << ret);
-
-    ret = security_server_reset_pwd("12345",0, 0);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "reset_pwd failed. Result: " << ret);
-
-    usleep(PASSWORD_RETRY_TIMEOUT_US);
-    ret = security_server_chk_pwd("12345", &attempt, &max_attempt, &expire_sec);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "chk_pwd failed. Result: " << ret);
-
-    ret = security_server_set_pwd_history(10);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "set_pwd_history failed. Result: " << ret);
-}
-
-/**
- * NOSMACK version of tc07 test.
- *
- * Similarily to previous tests - no need to set self label because SMACK is off. Just as
- * tc01a/tc01c replacement, security_server_app_give_access should return only success. Hence the
- * NOSMACK version of tc08 test is skipped.
- */
-RUNNER_CHILD_TEST_NOSMACK(tc07_check_API_data_share_allow_nosmack)
-{
-    int ret = -1;
-
-    // drop root privileges
-    ret = drop_root_privileges();
-    RUNNER_ASSERT_MSG(ret == 0,
-            "Failed to drop root privileges. Result: " << ret << "uid = " << getuid());
-
-    ret = security_server_app_give_access(TEST07_SUBJECT, getpid());
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "app_give_access failed. Result: " << ret);
-}
-
-int main(int argc, char *argv[]) {
-    if (0 != getuid()) {
-        printf("Error: %s must be executed by root\n", argv[0]);
-        exit(1);
-    }
-    return DPL::Test::TestRunnerSingleton::Instance().ExecTestRunner(argc, argv);
-}
diff --git a/src/security-server-tests/weird_arguments.cpp b/src/security-server-tests/weird_arguments.cpp
deleted file mode 100644 (file)
index fab2d6a..0000000
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
- * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved
- */
-/*
- * @file    security_server_tests_weird_arguments.cpp
- * @author  Zbigniew Jasinski (z.jasinski@samsung.com)
- * @version 1.0
- * @brief   Test cases for security server
- *
- */
-#include "tests_common.h"
-#include "security-server.h"
-#include <dpl/test/test_runner.h>
-#include <dpl/log/log.h>
-
-RUNNER_TEST_GROUP_INIT(SECURITY_SERVER_TESTS_WEIRD_ARGUMENTS);
-
-RUNNER_TEST(tc01_security_server_get_gid_weird_input_case)
-{
-    int ret = 0;
-    char weird[] = {static_cast <char> (0xe3), 0x79, static_cast <char> (0x82), 0x0};
-
-    /* normal param case */
-    ret = security_server_get_gid("tel_sim");
-    RUNNER_ASSERT_MSG(ret > -1, "ret: " << ret);
-
-    /* wrong param case */
-    ret = security_server_get_gid("elephony_akecall");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT, "ret: " << ret);
-
-    /* weird param case */
-    ret = security_server_get_gid(weird);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_NO_SUCH_OBJECT, "ret: " << ret);
-
-    /* null param case */
-    ret = security_server_get_gid(nullptr);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* param too long case */
-    ret = security_server_get_gid("abcdefghijklmnopqrstuvwxyz01234");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* empty param case */
-    ret = security_server_get_gid("");
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-}
-
-/* from security_server_tests_server.cpp */
-
-RUNNER_TEST(tc03_security_server_request_cookie_weird_input_case)
-{
-    int ret = 0;
-    size_t cookie_size = security_server_get_cookie_size();
-
-    /* null cookie case */
-    char *cookie = nullptr;
-
-    ret = security_server_request_cookie(cookie, cookie_size);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* buffer size too small case */
-    cookie_size = 19;
-    char cookie2[cookie_size];
-
-    ret = security_server_request_cookie(cookie2, cookie_size);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_BUFFER_TOO_SMALL, "ret: " << ret);
-}
-
-RUNNER_TEST(tc04_security_server_check_privilege_weird_input_case)
-{
-    int ret = 0;
-    size_t cookie_size = security_server_get_cookie_size();
-    gid_t gid = DB_ALARM_GID;
-
-    /* null cookie case */
-    char *cookie = nullptr;
-
-    ret = security_server_check_privilege(cookie, gid);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    char cookie2[cookie_size];
-
-    ret = security_server_request_cookie(cookie2, cookie_size);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    /* big gid case */
-    gid = 70666;
-
-    ret = security_server_check_privilege(cookie2, gid);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret);
-}
-RUNNER_TEST(tc05_security_server_check_privilege_by_cookie_weird_input_case)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_cookie is temporarily disabled: always returns success");
-    int ret = 0;
-    size_t cookie_size = security_server_get_cookie_size();;
-    const char *object = "telephony_makecall";
-    const char *access_rights = "r";
-
-    /* null cookie case */
-    char *cookie = nullptr;
-    ret = security_server_check_privilege_by_cookie(cookie, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* null object case */
-    char *object2 = nullptr;
-    char cookie2[cookie_size];
-
-    ret = security_server_request_cookie(cookie2, cookie_size);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret);
-
-    ret = security_server_check_privilege_by_cookie(cookie2, object2, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* null access rights case */
-    access_rights = nullptr;
-    ret = security_server_check_privilege_by_cookie(cookie2, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-}
-
-RUNNER_TEST_SMACK(tc06_security_server_check_privilege_by_sockfd_weird_input_case)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    int ret = 0;
-    int sockfd = -1;
-    const char *object = "telephony_makecall";
-    const char *access_rights = "r";
-
-    /* invalid sockfd case */
-    ret = security_server_check_privilege_by_sockfd(sockfd, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-    sockfd = 0;
-
-    /* null object case */
-    char *object2 = nullptr;
-    ret = security_server_check_privilege_by_sockfd(sockfd, object2, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-
-    /* null access rights case */
-    access_rights = nullptr;
-    ret = security_server_check_privilege_by_sockfd(sockfd, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "ret: " << ret);
-}
-
-RUNNER_TEST(tc07_security_server_get_cookie_pid_weird_input_case)
-{
-    int ret = 0;
-    char *cookie = nullptr;
-
-    ret = security_server_get_cookie_pid(cookie);
-    RUNNER_ASSERT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM);
-}
-
-///////////////////////////
-/////NOSMACK ENV TESTS/////
-///////////////////////////
-
-/**
- * NOSMACK version of tc06 test.
- *
- * security_server_check_privilege_by_sockfd at first checks if SMACK exists and then checks if
- * params are correct. Even with incorrect params we should expect SUCCESS instead of
- * ERROR_INPUT_PARAM.
- */
-
-RUNNER_TEST_NOSMACK(tc06_security_server_check_privilege_by_sockfd_weird_input_case_nosmack)
-{
-    RUNNER_IGNORED_MSG("security_server_check_privilege_by_sockfd is temporarily disabled: always returns success");
-    int ret = 0;
-    int sockfd = -1;
-    const char* object = "telephony_makecall";
-    const char* access_rights = "r";
-
-    //invalid sockfd case
-    ret = security_server_check_privilege_by_sockfd(sockfd, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "check_privilege_by_sockfd failed. Result: " << ret);
-    sockfd = 0;
-
-    //null object case
-    char *object2 = nullptr;
-    ret = security_server_check_privilege_by_sockfd(sockfd, object2, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "check_privilege_by_sockfd failed. Result: " << ret);
-
-    //null access rights case
-    access_rights = nullptr;
-    ret = security_server_check_privilege_by_sockfd(sockfd, object, access_rights);
-    RUNNER_ASSERT_MSG(ret == SECURITY_SERVER_API_SUCCESS,
-            "check_privilege_by_sockfd failed. Result: " << ret);
-}
-
index f99127bc99cd530c191a6b918238f6c2ca9ba41a..abb898bc93207a00e80051910e040d4b99e5a885 100644 (file)
@@ -40,42 +40,6 @@ case $1 in
     echo
     libprivilege-control-test "${@:2}"
     ;;
-"ss-clientsmack")
-    echo "========================================================================="
-    echo "SECURITY SERVER TEST CLIENT SMACK"
-    echo
-    security-server-tests-client-smack "${@:2}"
-    ;;
-"ss-stress")
-    echo "========================================================================="
-    echo "SECURITY SERVER TEST STRESS"
-    echo
-    security-server-tests-stress "${@:2}"
-    ;;
-"ss-server")
-    echo "========================================================================="
-    echo "SECURITY SERVER TEST SERVER"
-    echo
-    security-server-tests-server "${@:2}"
-    ;;
-"ss-api-speed")
-    echo "========================================================================="
-    echo "SECURITY SERVER MEASURER SERVER"
-    echo
-    security-server-tests-api-speed "${@:2}"
-    ;;
-"ss-password")
-    echo "========================================================================="
-    echo "SECURITY SERVER TEST PASSWORD"
-    echo
-    security-server-tests-password "${@:2}"
-    ;;
-"ss-privilege")
-    echo "========================================================================="
-    echo "SECURITY SERVER TEST PRIVILEGE"
-    echo
-    security-server-tests-privilege "${@:2}"
-    ;;
 "security-manager")
     echo "========================================================================="
     echo "SECURITY MANAGER TESTS"