From: Marcin Niesluchowski Date: Mon, 28 Oct 2013 15:27:36 +0000 (+0100) Subject: Fixing security-server client nosmack tests. X-Git-Tag: security-manager_5.5_testing~337 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=101305f52629fcc58fd46ea46fe02c53d7126deb;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Fixing security-server client nosmack tests. [Issue#] SSDWSSP-603 [Bug/Feature] Security-server client smack tests fail. [Cause] Incorrect and redundant use of smack_set_label_for_self function. [Solution] Separating tests for smack enabled and disabled removing unwanted functions. [Verification] Running tests. All security-server client tests *_get_uid_* and *_get_gid_* tests should pass. Change-Id: Iee48bc2e3bddc7f23cd9392febe385a8021a373a --- diff --git a/tests/security-server-tests/security_server_tests_client_smack.cpp b/tests/security-server-tests/security_server_tests_client_smack.cpp index d231969..d0ac8e0 100644 --- a/tests/security-server-tests/security_server_tests_client_smack.cpp +++ b/tests/security-server-tests/security_server_tests_client_smack.cpp @@ -641,7 +641,7 @@ RUNNER_TEST(tc10_security_server_get_uid_by_cookie) RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_INPUT_PARAM, "Error in checking input parameters by function"); } -RUNNER_CHILD_TEST(tc11_security_server_get_uid_by_cookie) +RUNNER_CHILD_TEST_SMACK(tc11_security_server_get_uid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -662,7 +662,7 @@ RUNNER_CHILD_TEST(tc11_security_server_get_uid_by_cookie) RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "Socket not protected by smack"); } -RUNNER_CHILD_TEST(tc12_security_server_get_uid_by_cookie) +RUNNER_CHILD_TEST_SMACK(tc12_security_server_get_uid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -686,7 +686,28 @@ RUNNER_CHILD_TEST(tc12_security_server_get_uid_by_cookie) RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID"); } -RUNNER_CHILD_TEST(tc13_security_server_get_uid_by_cookie) +RUNNER_CHILD_TEST_NOSMACK(tc12_security_server_get_uid_by_cookie_nosmack) +{ + int cookieSize = security_server_get_cookie_size(); + RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); + + uid_t realUid = getuid(); + + std::vector cookie(cookieSize); + int retval = security_server_request_cookie(&cookie[0], cookieSize); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie"); + + //drop privileges + RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges"); + + //checking function + uid_t cookieUid; + retval = security_server_get_uid_by_cookie(&cookie[0], &cookieUid); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get UID from cookie"); + RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID"); +} + +RUNNER_CHILD_TEST_SMACK(tc13_security_server_get_uid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -709,6 +730,25 @@ RUNNER_CHILD_TEST(tc13_security_server_get_uid_by_cookie) RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID"); } +RUNNER_CHILD_TEST_NOSMACK(tc13_security_server_get_uid_by_cookie_nosmack) +{ + int cookieSize = security_server_get_cookie_size(); + RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); + + //drop privileges + RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges"); + + std::vector cookie(cookieSize); + int retval = security_server_request_cookie(&cookie[0], cookieSize); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie"); + + //checking function + uid_t cookieUid, realUid = getuid(); + retval = security_server_get_uid_by_cookie(&cookie[0], &cookieUid); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get UID from cookie"); + RUNNER_ASSERT_MSG(realUid == cookieUid, "No match in received UID"); +} + RUNNER_TEST(tc14_security_server_get_gid_by_cookie) { int cookieSize = security_server_get_cookie_size(); @@ -733,7 +773,7 @@ RUNNER_TEST(tc14_security_server_get_gid_by_cookie) } -RUNNER_CHILD_TEST(tc15_security_server_get_gid_by_cookie) +RUNNER_CHILD_TEST_SMACK(tc15_security_server_get_gid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -756,7 +796,7 @@ RUNNER_CHILD_TEST(tc15_security_server_get_gid_by_cookie) RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "Socket not protected by smack"); } -RUNNER_CHILD_TEST(tc16_security_server_get_gid_by_cookie) +RUNNER_CHILD_TEST_SMACK(tc16_security_server_get_gid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -781,7 +821,29 @@ RUNNER_CHILD_TEST(tc16_security_server_get_gid_by_cookie) RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID. ReadGid: " << realGid << " CookieGid: " << cookieGid); } -RUNNER_CHILD_TEST(tc17_security_server_get_gid_by_cookie) +RUNNER_CHILD_TEST_NOSMACK(tc16_security_server_get_gid_by_cookie_nosmack) +{ + int cookieSize = security_server_get_cookie_size(); + RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); + + std::vector cookie(cookieSize); + + gid_t realGid = getgid(); + int retval = security_server_request_cookie(&cookie[0], cookieSize); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie"); + + //drop privileges + RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges"); + RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges"); + + //checking function + gid_t cookieGid; + retval = security_server_get_gid_by_cookie(&cookie[0], &cookieGid); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get GID from cookie"); + RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID. ReadGid: " << realGid << " CookieGid: " << cookieGid); +} + +RUNNER_CHILD_TEST_SMACK(tc17_security_server_get_gid_by_cookie_smack) { int cookieSize = security_server_get_cookie_size(); RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); @@ -805,6 +867,25 @@ RUNNER_CHILD_TEST(tc17_security_server_get_gid_by_cookie) RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID. ReadGid: " << realGid << " CookieGid: " << cookieGid); } +RUNNER_CHILD_TEST_NOSMACK(tc17_security_server_get_gid_by_cookie_nosmack) +{ + int cookieSize = security_server_get_cookie_size(); + RUNNER_ASSERT_MSG(cookieSize == 20, "Wrong cookie size"); + + //drop privileges + RUNNER_ASSERT_MSG(setgid(5000) == 0, "Unable to drop privileges"); + RUNNER_ASSERT_MSG(setuid(5000) == 0, "Unable to drop privileges"); + + std::vector cookie(cookieSize); + int retval = security_server_request_cookie(&cookie[0], cookieSize); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get cookie"); + + //checking function + gid_t cookieGid, realGid = getgid(); + retval = security_server_get_gid_by_cookie(&cookie[0], &cookieGid); + RUNNER_ASSERT_MSG(retval == SECURITY_SERVER_API_SUCCESS, "Unable to get GID from cookie"); + RUNNER_ASSERT_MSG(realGid == cookieGid, "No match in received GID. ReadGid: " << realGid << " CookieGid: " << cookieGid); +} RUNNER_TEST_SMACK(tc18_security_server_get_smacklabel_cookie) { int res; @@ -860,7 +941,7 @@ RUNNER_TEST_SMACK(tc18_security_server_get_smacklabel_cookie) { * label - there is no need to re-check it. * - Label acquired from security_server_get_smacklabel_cookie should be an empty string. */ -RUNNER_TEST_NOSMACK(tc_security_server_get_smacklabel_cookie_nosmack) { +RUNNER_TEST_NOSMACK(tc18_security_server_get_smacklabel_cookie_nosmack) { int res; pid_t mypid; @@ -881,10 +962,8 @@ RUNNER_TEST_NOSMACK(tc_security_server_get_smacklabel_cookie_nosmack) { res = security_server_request_cookie(cookie, cookie_size); std::unique_ptr > cookie_ptr(cookie, free); cookie = NULL; - if (res != SECURITY_SERVER_API_SUCCESS) { - RUNNER_ASSERT_MSG(res == SECURITY_SERVER_API_SUCCESS, - "Error in requesting cookie from security-server. Result: " << res); - } + RUNNER_ASSERT_MSG(res == SECURITY_SERVER_API_SUCCESS, + "Error in requesting cookie from security-server. Result: " << res); label_ss = security_server_get_smacklabel_cookie(cookie_ptr.get()); RUNNER_ASSERT_MSG(label_ss != NULL, "Error in getting label by cookie");