return pid;
}
+cynara_client_creds getClientDefaultMethod() {
+ cynara_client_creds def;
+ int ret = cynara_creds_get_default_client_method(&def);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_creds_get_default_client_method failed with " << ret);
+ return def;
+}
+
+cynara_user_creds getUserDefaultMethod() {
+ cynara_user_creds def;
+ int ret = cynara_creds_get_default_user_method(&def);
+ RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
+ "cynara_creds_get_default_user_method failed with " << ret);
+ return def;
+}
+
+
void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr,
const struct ProcessCredentials &peerCredentials) {
SecurityServer::AccessProvider ap(peerCredentials.label());
RUNNER_TEST_GROUP_INIT(cynara_creds_socket)
-RUNNER_CHILD_TEST_SMACK(tccs01_socket_credentials_client_smack)
-{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, CLIENT_METHOD_SMACK));
+void testSocketClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, method));
RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
"Labels don't match ret = " << label.get()
<< "; expected = " << peerCredentials.label());
}, "tccs01");
}
-RUNNER_CHILD_TEST_SMACK(tccs02_socket_credentials_client_pid)
-{
- socketTestTemplate([] (int sock, pid_t pid, const ProcessCredentials &) {
- CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, CLIENT_METHOD_PID));
+void testSocketClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
+ socketTestTemplate([method] (int sock, pid_t pid, const ProcessCredentials &) {
+ CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, method));
pid_t clientPid = std::stoi(clientPidStr.get());
RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
<< "; expected = " << pid);
}, "tccs02");
}
-RUNNER_CHILD_TEST_SMACK(tccs03_socket_credentials_user_uid)
+RUNNER_MULTIPROCESS_TEST_SMACK(tccs01_socket_credentials_client_smack)
{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, USER_METHOD_UID));
+ testSocketClientSmack();
+}
+
+RUNNER_MULTIPROCESS_TEST(tccs02_socket_credentials_client_pid)
+{
+ testSocketClientPid();
+}
+
+RUNNER_MULTIPROCESS_TEST_SMACK(tccs03_socket_credentials_client_default)
+{
+ auto method = getClientDefaultMethod();
+ switch(method) {
+ case CLIENT_METHOD_SMACK:
+ testSocketClientSmack(CLIENT_METHOD_DEFAULT);
+ break;
+ case CLIENT_METHOD_PID:
+ testSocketClientPid(CLIENT_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
+ << method);
+ }
+}
+
+void testSocketUserUid(cynara_user_creds method = USER_METHOD_UID) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, method));
uid_t uid = std::stoul(uidStr.get());
RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
<< "; expected = "<< peerCredentials.uid());
- }, "tccs03");
+ }, "tccs04");
}
-RUNNER_CHILD_TEST_SMACK(tccs04_socket_credentials_user_gid)
-{
- socketTestTemplate([] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
- CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, USER_METHOD_GID));
+void testSocketUserGid(cynara_user_creds method = USER_METHOD_GID) {
+ socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
+ CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, method));
gid_t gid = std::stoul(gidStr.get());
RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
<< "; expected = "<< peerCredentials.gid());
- }, "tccs04");
+ }, "tccs05");
}
-RUNNER_CHILD_TEST_SMACK(tccs05_cynara_creds_socket_pid)
+RUNNER_MULTIPROCESS_TEST(tccs04_socket_credentials_user_uid)
{
- const auto sockaddr = UDSHelpers::makeAbstractAddress("helper_tccs05.socket");
- const ProcessCredentials peerCredentials;
+ testSocketUserUid();
+}
- SynchronizationPipe pipe;
- pid_t expectedPid = runInChild(std::bind(udsServer, std::ref(pipe), std::cref(sockaddr),
- std::cref(peerCredentials)));
+RUNNER_MULTIPROCESS_TEST(tccs05_socket_credentials_user_gid)
+{
+ testSocketUserGid();
+}
- pipe.claimParentEp();
- pipe.wait();
- int sock = UDSHelpers::createClient(&sockaddr);
- SockUniquePtr sockPtr(&sock);
+RUNNER_MULTIPROCESS_TEST(tccs06_socket_credentials_user_default)
+{
+ auto method = getUserDefaultMethod();
+ switch(method) {
+ case USER_METHOD_UID:
+ testSocketUserUid(USER_METHOD_DEFAULT);
+ break;
+ case USER_METHOD_GID:
+ testSocketUserGid(USER_METHOD_DEFAULT);
+ break;
+ default:
+ RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
+ << method);
+ }
+}
- pid_t helperPid = CynaraHelperCredentials::socketGetPid(sock);
- RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
- << "; expected = " << expectedPid);
+RUNNER_MULTIPROCESS_TEST(tccs07_socket_credentials_pid)
+{
+ socketTestTemplate([] (int sock, pid_t expectedPid, const ProcessCredentials &) {
+ pid_t peerPid(CynaraHelperCredentials::socketGetPid(sock));
+ RUNNER_ASSERT_MSG(peerPid == expectedPid, "Pids don't match ret = " << peerPid
+ << "; expected = "<< expectedPid);
+ }, "tccs05");
}
// TODO: Create utility namespace for DBus, maybe?
testSelfUserGid();
}
-cynara_client_creds getClientDefaultMethod() {
- cynara_client_creds def;
- int ret = cynara_creds_get_default_client_method(&def);
- RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
- "cynara_creds_get_default_client_method failed with " << ret);
- return def;
-}
-
-cynara_user_creds getUserDefaultMethod() {
- cynara_user_creds def;
- int ret = cynara_creds_get_default_user_method(&def);
- RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
- "cynara_creds_get_default_user_method failed with " << ret);
- return def;
-}
-
RUNNER_CHILD_TEST_SMACK(tccsl05_self_credentials_client_default) {
auto method = getClientDefaultMethod();
switch(method) {
projects / platform / core / test / security-tests.git / commitdiff