From: Bartlomiej Grzelewski Date: Thu, 23 Jan 2014 13:49:20 +0000 (+0100) Subject: Remove tracker. X-Git-Tag: security-manager_5.5_testing~298 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=abe07143be83f6caaa66a9e0516fd3f3d42624e0;p=platform%2Fcore%2Ftest%2Fsecurity-tests.git Remove tracker. Tracker was replaced with macro RUNNER_ASSERT_MSG_BT which is able to print full backtrace. [Issue#] N/A [Bug] N/A [Cause] N/A [Solution] N/A [Verification] Build, run tests. Change-Id: Ic5bdd6584ce11edcfa662c54807b042104284062 --- diff --git a/tests/common/access_provider.cpp b/tests/common/access_provider.cpp index 2c344a03..ee06e026 100644 --- a/tests/common/access_provider.cpp +++ b/tests/common/access_provider.cpp @@ -35,7 +35,7 @@ AccessProvider::AccessProvider(const std::string &mySubject) : m_mySubject(mySubject) {} -void AccessProvider::allowFunction(const std::string &functionName, const Tracker &tracker) { +void AccessProvider::allowFunction(const std::string &functionName) { static const std::map translation = { {"security_server_get_gid", "security-server::api-get-gid"}, {"security_server_request_cookie", "none"}, @@ -66,29 +66,29 @@ void AccessProvider::allowFunction(const std::string &functionName, const Tracke auto it = translation.find(functionName); RUNNER_ASSERT_MSG_BT(it != translation.end(), - tracker.str() << "Error no function " << functionName << " in security server."); + "Error no function " << functionName << " in security server."); - m_smackAccess.add(m_mySubject, it->second, "w", tracker); + m_smackAccess.add(m_mySubject, it->second, "w"); } -void AccessProvider::allowAPI(const std::string &api, const std::string &rule, const Tracker &tracker) { - m_smackAccess.add(m_mySubject, api, rule, tracker); +void AccessProvider::allowAPI(const std::string &api, const std::string &rule) { + m_smackAccess.add(m_mySubject, api, rule); } -void AccessProvider::apply(const Tracker &tracker) { - m_smackAccess.apply(tracker); +void AccessProvider::apply() { + m_smackAccess.apply(); } -void AccessProvider::applyAndSwithToUser(int uid, int gid, const Tracker &tracker) { +void AccessProvider::applyAndSwithToUser(int uid, int gid) { RUNNER_ASSERT_MSG_BT(0 == smack_revoke_subject(m_mySubject.c_str()), - tracker.str() << "Error in smack_revoke_subject(" << m_mySubject << ")"); - apply(tracker); + "Error in smack_revoke_subject(" << m_mySubject << ")"); + apply(); RUNNER_ASSERT_MSG_BT(0 == smack_set_label_for_self(m_mySubject.c_str()), - tracker.str() << "Error in smack_set_label_for_self."); + "Error in smack_set_label_for_self."); RUNNER_ASSERT_MSG_BT(0 == setgid(gid), - tracker.str() << "Error in setgid."); + "Error in setgid."); RUNNER_ASSERT_MSG_BT(0 == setuid(uid), - tracker.str() << "Error in setuid."); + "Error in setuid."); } } // namespace SecurityServer diff --git a/tests/common/access_provider.h b/tests/common/access_provider.h index 0fcabb84..c05ee4d0 100644 --- a/tests/common/access_provider.h +++ b/tests/common/access_provider.h @@ -24,7 +24,6 @@ #include -#include #include namespace SecurityServer { @@ -36,10 +35,10 @@ public: AccessProvider(const AccessProvider &second) = delete; AccessProvider& operator=(const AccessProvider &second) = delete; - void allowAPI(const std::string &api, const std::string &rules, const Tracker &tracker = Tracker()); - void allowFunction(const std::string &functionName, const Tracker &tracker = Tracker()); - void apply(const Tracker &tracker = Tracker()); - void applyAndSwithToUser(int uid, int gid, const Tracker &tracker = Tracker()); + void allowAPI(const std::string &api, const std::string &rules); + void allowFunction(const std::string &functionName); + void apply(); + void applyAndSwithToUser(int uid, int gid); virtual ~AccessProvider(){} private: diff --git a/tests/common/dbus_access.cpp b/tests/common/dbus_access.cpp index aead7617..29ae3563 100644 --- a/tests/common/dbus_access.cpp +++ b/tests/common/dbus_access.cpp @@ -51,7 +51,7 @@ DBusAccess::DBusAccess() void DBusAccess::connect() { m_conn = dbus_bus_get_private(DBUS_BUS_SYSTEM, &m_err); - RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, "Error in dbus_bus_get: " << m_err.message); dbus_connection_set_exit_on_disconnect(m_conn, FALSE); } @@ -59,7 +59,7 @@ void DBusAccess::connect() { void DBusAccess::requestName() { dbus_bus_request_name(m_conn, m_dbus_client_name.c_str(), DBUS_NAME_FLAG_REPLACE_EXISTING , &m_err); - RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, "Error in dbus_bus_request_name: " << m_err.message); } @@ -73,7 +73,7 @@ void DBusAccess::newMethodCall(const std::string& method) { dbus_systemd_object.c_str(), dbus_systemd_interface.c_str(), method.c_str()); - RUNNER_ASSERT_MSG_BT(NULL != m_msg, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(NULL != m_msg, "Error in dbus_message_new_method_call"); } @@ -84,16 +84,16 @@ void DBusAccess::appendToMsg() { dbus_message_iter_init_append(m_msg, &iter); int ret = dbus_message_iter_append_basic(&iter, DBUS_TYPE_STRING, &dbus_systemd_srv_unit_mode); - RUNNER_ASSERT_MSG_BT(ret != 0, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(ret != 0, "Error in dbus_message_iter_append_basic"); } void DBusAccess::sendMsgWithReply() { int ret = dbus_connection_send_with_reply(m_conn, m_msg, &m_pending, -1); - RUNNER_ASSERT_MSG_BT(ret == 1, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(ret == 1, "Error in dbus_connection_send_with_reply"); - RUNNER_ASSERT_MSG_BT(NULL != m_pending, m_tracker.str() << "Pending call null"); + RUNNER_ASSERT_MSG_BT(NULL != m_pending, "Pending call null"); dbus_connection_flush(m_conn); dbus_pending_call_block(m_pending); @@ -103,7 +103,7 @@ void DBusAccess::sendMsgWithReply() { void DBusAccess::getMsgReply() { m_msg = dbus_pending_call_steal_reply(m_pending); - RUNNER_ASSERT_MSG_BT(NULL != m_msg, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(NULL != m_msg, "Error in dbus_pending_call_steal_reply"); } @@ -112,12 +112,12 @@ void DBusAccess::handleMsgRestartReply() { DBusMessageIter iter; RUNNER_ASSERT_MSG_BT(dbus_message_iter_init(m_msg, &iter) != 0, - m_tracker.str() << "Message has no arguments"); + "Message has no arguments"); if (DBUS_TYPE_OBJECT_PATH == dbus_message_iter_get_arg_type(&iter)) { dbus_message_iter_get_basic(&iter, &object_path); m_jobID = std::strrchr(object_path, '/') + 1; } else { - RUNNER_ASSERT_MSG_BT(false, m_tracker.str() << "No job path in msg"); + RUNNER_ASSERT_MSG_BT(false, "No job path in msg"); } dbus_message_unref(m_msg); dbus_pending_call_unref(m_pending); @@ -132,11 +132,11 @@ DBusHandlerResult DBusAccess::signalFilter(DBusConnection *, DBusMessage *messag if (dbus_message_is_signal(message, a->m_signal_interface.c_str(), a->m_signal_member.c_str())) { - RUNNER_ASSERT_MSG_BT(dbus_message_iter_init(message, &iter) != 0, a->m_tracker.str() << + RUNNER_ASSERT_MSG_BT(dbus_message_iter_init(message, &iter) != 0, "No messages in reply"); RUNNER_ASSERT_MSG_BT(dbus_message_iter_get_arg_type(&iter) == DBUS_TYPE_UINT32, - a->m_tracker.str() << "Argument is not integer"); + "Argument is not integer"); dbus_message_iter_get_basic(&iter, &id); @@ -157,7 +157,7 @@ DBusHandlerResult DBusAccess::signalFilter(DBusConnection *, DBusMessage *messag void DBusAccess::handleMsgRestartSignal() { dbus_bus_add_match(m_conn, m_signal_match.c_str(), &m_err); - RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, m_tracker.str() << + RUNNER_ASSERT_MSG_BT(dbus_error_is_set(&m_err) != 1, "Error in dbus_bus_add_match: " << m_err.message); dbus_connection_add_filter(m_conn, signalFilter, reinterpret_cast(this), NULL); @@ -192,9 +192,7 @@ void DBusAccess::sendResetFailedToSS() { getMsgReply(); } -void DBusAccess::restartSS(const Tracker &tracker) { - m_tracker = tracker; - +void DBusAccess::restartSS() { connectToDBus(); sendRestartToSS(); sendResetFailedToSS(); diff --git a/tests/common/dbus_access.h b/tests/common/dbus_access.h index 84164824..0f1b39d6 100644 --- a/tests/common/dbus_access.h +++ b/tests/common/dbus_access.h @@ -28,7 +28,6 @@ #include #include #include -#include #include @@ -36,7 +35,7 @@ class DBusAccess { public: DBusAccess(); - void restartSS(const Tracker &tracker = Tracker()); + void restartSS(); virtual ~DBusAccess(); private: @@ -69,7 +68,6 @@ private: std::string m_dbus_client_name; - Tracker m_tracker; bool m_handled; }; diff --git a/tests/common/smack_access.cpp b/tests/common/smack_access.cpp index 429ba54f..f2c81e97 100644 --- a/tests/common/smack_access.cpp +++ b/tests/common/smack_access.cpp @@ -36,19 +36,18 @@ SmackAccess::SmackAccess() void SmackAccess::add( const std::string &subject, const std::string &object, - const std::string &rights, - const Tracker &tracker) + const std::string &rights) { RUNNER_ASSERT_MSG_BT(0 == smack_accesses_add(m_handle, subject.c_str(), object.c_str(), rights.c_str()), - tracker.str() << "Error in smack_accesses_add."); + "Error in smack_accesses_add."); } -void SmackAccess::apply(const Tracker &tracker) { +void SmackAccess::apply() { RUNNER_ASSERT_MSG_BT(0 == smack_accesses_apply(m_handle), - tracker.str() << "Error in smack_accessses_apply."); + "Error in smack_accessses_apply."); } SmackAccess::~SmackAccess() { diff --git a/tests/common/smack_access.h b/tests/common/smack_access.h index f7f26604..f20842be 100644 --- a/tests/common/smack_access.h +++ b/tests/common/smack_access.h @@ -24,8 +24,6 @@ #include -#include - struct smack_accesses; class SmackAccess { @@ -36,9 +34,8 @@ public: void add(const std::string &subject, const std::string &object, - const std::string &rights, - const Tracker &tracker = Tracker()); - void apply(const Tracker &tracker = Tracker()); + const std::string &rights); + void apply(); virtual ~SmackAccess(); private: struct smack_accesses *m_handle; diff --git a/tests/common/tracker.h b/tests/common/tracker.h deleted file mode 100644 index 7dc1bc22..00000000 --- a/tests/common/tracker.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2013 Samsung Electronics Co., Ltd All Rights Reserved - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -/* - * @file tracker.h - * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 1.0 - * @brief Common functions and macros used in security-tests package. - */ -#ifndef __TRACKER_H__ -#define __TRACKER_H__ - -#include -#include -#include - -#define TRACE_FROM_HERE Tracker((strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : __FILE__), \ - __LINE__, std::string()) -#define TRACE_FROM_HERE_MSG(msg) Tracker((strrchr(__FILE__, '/') ? strrchr(__FILE__, '/') + 1 : \ - __FILE__), __LINE__, msg) - -class Tracker { -public: - Tracker() - : m_line(-1) - {} - - Tracker(const std::string &file, int line, const std::string &message) - : m_file(file) - , m_line(line) - , m_msg(message) - {} - - std::string str() const { - if (m_line == -1) - return std::string(); - - std::ostringstream stream; - stream << "\n[File: " << m_file << ":" << m_line << m_msg << "]\n"; - return stream.str(); - } -private: - std::string m_file; - int m_line; - std::string m_msg; -}; - -#endif // __TRACKER_H__ diff --git a/tests/libsmack-tests/test_cases.cpp b/tests/libsmack-tests/test_cases.cpp index 08cbadc1..15c83364 100644 --- a/tests/libsmack-tests/test_cases.cpp +++ b/tests/libsmack-tests/test_cases.cpp @@ -1494,9 +1494,9 @@ void prepareEnvironment(const std::string &subject, const std::string &object, c const std::string ruleAll = "x"; SecurityServer::AccessProvider provider(subject); - provider.allowAPI("system::homedir", ruleAll, TRACE_FROM_HERE); - provider.allowAPI(object, access, TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowAPI("system::homedir", ruleAll); + provider.allowAPI(object, access); + provider.applyAndSwithToUser(APP_UID, APP_GID); } //- Add "l" rule to system @@ -1509,8 +1509,8 @@ RUNNER_CHILD_TEST_SMACK(smack13_0_checking_laccess_mode_enabled_on_device) //function inside checks if rule exist after add it SecurityServer::AccessProvider provider(selfLabel); - provider.allowAPI(filename, "l", TRACE_FROM_HERE); - provider.apply(TRACE_FROM_HERE); + provider.allowAPI(filename, "l"); + provider.apply(); int ret = smack_have_access(selfLabel.c_str(), filename.c_str(), "l"); RUNNER_ASSERT_MSG_BT(ret == 1, "Error in adding laccess rule - l"); @@ -1532,7 +1532,7 @@ RUNNER_CHILD_TEST_SMACK(smack13_1_checking_laccess_mode) FDUniquePtr fp(&fd, closeFdPtr); SecurityServer::AccessProvider provider(selfLabel); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = flock(fd, LOCK_EX | LOCK_NB); RUNNER_ASSERT_MSG_BT(ret < 0, "Error, able to lock file: " << strerror(errno)); diff --git a/tests/security-server-tests/cookie_api.cpp b/tests/security-server-tests/cookie_api.cpp index 2e2d4fe9..75699730 100644 --- a/tests/security-server-tests/cookie_api.cpp +++ b/tests/security-server-tests/cookie_api.cpp @@ -40,18 +40,17 @@ Protected by "security-server::api-cookie-check" label: #include #include #include -#include typedef std::unique_ptr UniquePtrCstring; const int KNOWN_COOKIE_SIZE = 20; typedef std::vector Cookie; -Cookie getCookieFromSS(const Tracker &tracker = Tracker()) { +Cookie getCookieFromSS() { Cookie cookie(security_server_get_cookie_size()); RUNNER_ASSERT_MSG_BT(SECURITY_SERVER_API_SUCCESS == security_server_request_cookie(cookie.data(), cookie.size()), - tracker.str() << " Error in security_server_request_cookie."); + "Error in security_server_request_cookie."); return cookie; } @@ -105,7 +104,7 @@ RUNNER_CHILD_TEST(tc_arguments_03_01_security_server_check_privilege_by_cookie) //passing NULL as an object pointer RUNNER_CHILD_TEST(tc_arguments_03_02_security_server_check_privilege_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_check_privilege_by_cookie(cookie.data(), NULL, "rwx"); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, @@ -116,7 +115,7 @@ RUNNER_CHILD_TEST(tc_arguments_03_02_security_server_check_privilege_by_cookie) //passing NULL as an access pointer RUNNER_CHILD_TEST(tc_arguments_03_03_security_server_check_privilege_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_check_privilege_by_cookie(cookie.data(), "wiadro", NULL); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, @@ -157,7 +156,7 @@ RUNNER_CHILD_TEST(tc_arguments_06_01_security_server_get_uid_by_cookie) //passing NULL as an uid pointer RUNNER_CHILD_TEST(tc_arguments_06_02_security_server_get_uid_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_get_uid_by_cookie(cookie.data(), NULL); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, @@ -179,7 +178,7 @@ RUNNER_CHILD_TEST(tc_arguments_07_01_security_server_get_gid_by_cookie) //passing NULL as an gid pointer RUNNER_CHILD_TEST(tc_arguments_07_02_security_server_get_gid_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_get_gid_by_cookie(cookie.data(), NULL); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_INPUT_PARAM, @@ -209,7 +208,7 @@ RUNNER_CHILD_TEST(tc_unit_01_01_security_server_get_cookie_size) RUNNER_CHILD_TEST(tc_unit_01_02_security_server_get_cookie_size) { SecurityServer::AccessProvider provider("selflabel_01_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_get_cookie_size(); RUNNER_ASSERT_MSG_BT(ret == KNOWN_COOKIE_SIZE, @@ -234,7 +233,7 @@ RUNNER_CHILD_TEST(tc_unit_02_01_security_server_request_cookie) //root has access to API RUNNER_CHILD_TEST(tc_unit_03_01_security_server_check_privilege) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_check_privilege(cookie.data(), 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, @@ -244,10 +243,10 @@ RUNNER_CHILD_TEST(tc_unit_03_01_security_server_check_privilege) //privileges drop and no smack rule RUNNER_CHILD_TEST_SMACK(tc_unit_03_02_security_server_check_privilege) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); SecurityServer::AccessProvider provider("selflabel_03_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_check_privilege(cookie.data(), 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, @@ -257,11 +256,11 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_03_02_security_server_check_privilege) //privileges drop and added smack rule RUNNER_CHILD_TEST_SMACK(tc_unit_03_03_security_server_check_privilege) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); SecurityServer::AccessProvider provider("selflabel_03_03"); - provider.allowFunction("security_server_check_privilege", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_check_privilege"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_check_privilege(cookie.data(), 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, @@ -272,7 +271,7 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_03_03_security_server_check_privilege) //root has access to API RUNNER_CHILD_TEST(tc_unit_05_01_security_server_get_cookie_pid) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); int ret = security_server_get_cookie_pid(cookie.data()); RUNNER_ASSERT_MSG_BT(ret > -1, "Error in security_server_get_cookie_pid(): " << ret); @@ -284,10 +283,10 @@ RUNNER_CHILD_TEST(tc_unit_05_01_security_server_get_cookie_pid) //privileges drop and no smack rule RUNNER_CHILD_TEST_SMACK(tc_unit_05_02_security_server_get_cookie_pid) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); SecurityServer::AccessProvider provider("selflabel_05_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_get_cookie_pid(cookie.data()); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, @@ -297,11 +296,11 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_05_02_security_server_get_cookie_pid) //privileges drop and added smack rule RUNNER_CHILD_TEST_SMACK(tc_unit_05_03_security_server_get_cookie_pid) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); SecurityServer::AccessProvider provider("selflabel_05_03"); - provider.allowFunction("security_server_get_cookie_pid", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_cookie_pid"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_get_cookie_pid(cookie.data()); RUNNER_ASSERT_MSG_BT(ret > -1, "Error in security_server_get_cookie_pid(): " << ret); @@ -316,7 +315,7 @@ RUNNER_CHILD_TEST(tc_unit_06_01_security_server_get_smacklabel_cookie) { setLabelForSelf(__LINE__, "selflabel_06_01"); - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free); RUNNER_ASSERT_MSG_BT(strcmp(label.get(), "selflabel_06_01") == 0, @@ -327,10 +326,10 @@ RUNNER_CHILD_TEST(tc_unit_06_01_security_server_get_smacklabel_cookie) //privileges drop and no smack rule RUNNER_CHILD_TEST_SMACK(tc_unit_06_02_security_server_get_smacklabel_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); SecurityServer::AccessProvider provider("selflabel_06_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free); RUNNER_ASSERT_MSG_BT(label.get() == NULL, @@ -342,10 +341,10 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_06_02_security_server_get_smacklabel_cookie) RUNNER_CHILD_TEST_SMACK(tc_unit_06_03_security_server_get_smacklabel_cookie) { SecurityServer::AccessProvider provider("selflabel_06_03"); - provider.allowFunction("security_server_get_smacklabel_cookie", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_smacklabel_cookie"); + provider.applyAndSwithToUser(APP_UID, APP_GID); - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); UniquePtrCstring label(security_server_get_smacklabel_cookie(cookie.data()), free); RUNNER_ASSERT_MSG_BT(strcmp(label.get(), "selflabel_06_03") == 0, @@ -357,7 +356,7 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_06_03_security_server_get_smacklabel_cookie) //root has access to API RUNNER_CHILD_TEST(tc_unit_07_01_security_server_get_uid_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); uid_t uid; int ret = security_server_get_uid_by_cookie(cookie.data(), &uid); @@ -371,7 +370,7 @@ RUNNER_CHILD_TEST(tc_unit_07_01_security_server_get_uid_by_cookie) RUNNER_CHILD_TEST_SMACK(tc_unit_07_02_security_server_get_uid_by_cookie) { SecurityServer::AccessProvider provider("selflabel_07_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); Cookie cookie(KNOWN_COOKIE_SIZE); uid_t uid; @@ -385,10 +384,10 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_07_02_security_server_get_uid_by_cookie) RUNNER_CHILD_TEST_SMACK(tc_unit_07_03_security_server_get_uid_by_cookie) { SecurityServer::AccessProvider provider("selflabel_07_02"); - provider.allowFunction("security_server_get_uid_by_cookie", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_uid_by_cookie"); + provider.applyAndSwithToUser(APP_UID, APP_GID); - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); uid_t uid; int ret = security_server_get_uid_by_cookie(cookie.data(), &uid); @@ -402,7 +401,7 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_07_03_security_server_get_uid_by_cookie) //root has access to API RUNNER_CHILD_TEST(tc_unit_08_01_security_server_get_gid_by_cookie) { - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); gid_t gid; @@ -417,7 +416,7 @@ RUNNER_CHILD_TEST(tc_unit_08_01_security_server_get_gid_by_cookie) RUNNER_CHILD_TEST_SMACK(tc_unit_08_02_security_server_get_gid_by_cookie) { SecurityServer::AccessProvider provider("selflabel_08_02"); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); Cookie cookie(KNOWN_COOKIE_SIZE); gid_t gid; @@ -431,10 +430,10 @@ RUNNER_CHILD_TEST_SMACK(tc_unit_08_02_security_server_get_gid_by_cookie) RUNNER_CHILD_TEST_SMACK(tc_unit_08_03_security_server_get_gid_by_cookie) { SecurityServer::AccessProvider provider("selflabel_08_03"); - provider.allowFunction("security_server_get_gid_by_cookie", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_gid_by_cookie"); + provider.applyAndSwithToUser(APP_UID, APP_GID); - Cookie cookie = getCookieFromSS(TRACE_FROM_HERE); + Cookie cookie = getCookieFromSS(); gid_t gid; int ret = security_server_get_gid_by_cookie(cookie.data(), &gid); diff --git a/tests/security-server-tests/security_server_clean_env.cpp b/tests/security-server-tests/security_server_clean_env.cpp index 1b5ab932..84bb9697 100644 --- a/tests/security-server-tests/security_server_clean_env.cpp +++ b/tests/security-server-tests/security_server_clean_env.cpp @@ -13,12 +13,11 @@ #include #include -#include -int restart_security_server(const Tracker &tracker) { +int restart_security_server() { DBusAccess dbusAccess; - dbusAccess.restartSS(tracker); + dbusAccess.restartSS(); return 0; } @@ -38,7 +37,7 @@ static int nftw_rmdir_contents(const char *fpath, const struct stat * /*sb*/, * This function should be called at the begining of every SS test, so all the tests * are independent of each other. */ -int reset_security_server(const Tracker &tracker) +int reset_security_server() { const char* path = "/opt/data/security-server/"; const int max_descriptors = 10; //max number of open file descriptors by nftw function @@ -51,6 +50,6 @@ int reset_security_server(const Tracker &tracker) sync(); } - restart_security_server(tracker); + restart_security_server(); return 0; } diff --git a/tests/security-server-tests/security_server_clean_env.h b/tests/security-server-tests/security_server_clean_env.h index 58335c48..d84740c2 100644 --- a/tests/security-server-tests/security_server_clean_env.h +++ b/tests/security-server-tests/security_server_clean_env.h @@ -11,9 +11,7 @@ #ifndef SECURITY_SERVER_CLEAN_ENV_H #define SECURITY_SERVER_CLEAN_ENV_H -#include - -int reset_security_server(const Tracker &tracker = Tracker()); -int restart_security_server(const Tracker &tracker = Tracker()); +int reset_security_server(); +int restart_security_server(); #endif diff --git a/tests/security-server-tests/security_server_tests_client_smack.cpp b/tests/security-server-tests/security_server_tests_client_smack.cpp index bcffc772..68bedc23 100644 --- a/tests/security-server-tests/security_server_tests_client_smack.cpp +++ b/tests/security-server-tests/security_server_tests_client_smack.cpp @@ -30,7 +30,6 @@ #include #include -#include #include "tests_common.h" #include @@ -138,8 +137,8 @@ RUNNER_CHILD_TEST_SMACK(tc03_security_server_request_cookie_too_small_buffer_siz RUNNER_CHILD_TEST_SMACK(tc04_security_server_get_gid) { SecurityServer::AccessProvider provider("tc04mylabel"); - provider.allowFunction("security_server_get_gid", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_gid"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_get_gid("abc123xyz_pysiaczek"); LogDebug("ret = " << ret); @@ -166,9 +165,9 @@ RUNNER_CHILD_TEST_SMACK(tc05_check_privilege_by_cookie) const char *subject_label = "tc05subjectlabel"; SmackAccess access; - access.add(subject_label, object_label, access_rights, TRACE_FROM_HERE); - access.add(subject_label, "security-server::api-cookie-check", "w", TRACE_FROM_HERE); - access.apply(TRACE_FROM_HERE); + access.add(subject_label, object_label, access_rights); + access.add(subject_label, "security-server::api-cookie-check", "w"); + access.apply(); RUNNER_ASSERT_BT(0 == smack_set_label_for_self(subject_label)); @@ -300,8 +299,8 @@ RUNNER_MULTIPROCESS_TEST_SMACK(tc07_check_privilege_by_sockfd) int result2 = -1; SmackAccess access; - access.add(subject_label, object_label, access_rights, TRACE_FROM_HERE); - access.apply(TRACE_FROM_HERE); + access.add(subject_label, object_label, access_rights); + access.apply(); int pid = fork(); RUNNER_ASSERT_BT(-1 != pid); diff --git a/tests/security-server-tests/security_server_tests_open_for.cpp b/tests/security-server-tests/security_server_tests_open_for.cpp index 2c68d25d..4f06b6af 100644 --- a/tests/security-server-tests/security_server_tests_open_for.cpp +++ b/tests/security-server-tests/security_server_tests_open_for.cpp @@ -21,7 +21,6 @@ #pragma GCC diagnostic warning "-Wdeprecated-declarations" #include #include -#include #define TEST01_SUBJECT "open-for-client" @@ -45,8 +44,8 @@ RUNNER_CHILD_TEST_SMACK(tc13_open_for_new_file) FDUniquePtr fd_ptr(&fd, closefdptr); SecurityServer::AccessProvider provider(TEST01_SUBJECT); - provider.allowFunction("security_server_open_for", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_open_for"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_open_for(file, fd_ptr.get()); RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret); @@ -61,8 +60,8 @@ RUNNER_CHILD_TEST_SMACK(tc14_open_for_read_from_existing_file) FDUniquePtr fd_ptr(&fd, closefdptr); SecurityServer::AccessProvider provider(TEST01_SUBJECT); - provider.allowFunction("security_server_open_for", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_open_for"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_open_for(file, fd_ptr.get()); RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret); @@ -86,8 +85,8 @@ RUNNER_CHILD_TEST_SMACK(tc15_open_for_write_to_existing_file) RUNNER_ASSERT_MSG_BT(ret == (int)strlen(write_buf2), "error in read: " << ret << " err: " << strerror(err)); SecurityServer::AccessProvider provider(TEST01_SUBJECT); - provider.allowFunction("security_server_open_for", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_open_for"); + provider.applyAndSwithToUser(APP_UID, APP_GID); ret = security_server_open_for(file, fd_ptr.get()); RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << ret); @@ -105,8 +104,8 @@ RUNNER_CHILD_TEST_SMACK(tc16_open_for_bad_file_name) FDUniquePtr fd_ptr(&fd, closefdptr); SecurityServer::AccessProvider provider(TEST01_SUBJECT); - provider.allowFunction("security_server_open_for", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_open_for"); + provider.applyAndSwithToUser(APP_UID, APP_GID); std::vector badFile = { "/plik","-plik",".plik","pl..k","..plik", "..","." }; diff --git a/tests/security-server-tests/security_server_tests_password.cpp b/tests/security-server-tests/security_server_tests_password.cpp index c434382d..804dfa4d 100644 --- a/tests/security-server-tests/security_server_tests_password.cpp +++ b/tests/security-server-tests/security_server_tests_password.cpp @@ -32,7 +32,6 @@ #include #include #include "security_server_clean_env.h" -#include #include @@ -60,7 +59,7 @@ RUNNER_TEST(tc01_clear_environment) if (getuid() == 0) { - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_is_pwd_valid(&attempt, &max_attempt, &expire_sec); @@ -86,7 +85,7 @@ RUNNER_TEST(tc02_security_server_set_pwd_validity) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TESTS: // WITHOUT password @@ -115,7 +114,7 @@ RUNNER_TEST(tc03_security_server_set_pwd_max_challenge) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TESTS: // WITHOUT password @@ -179,7 +178,7 @@ RUNNER_TEST(tc06_security_server_chk_pwd_no_password_case) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - there is no password now! - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TEST ret = security_server_chk_pwd("isthisempty", &attempt, &max_attempt, &expire_sec); @@ -197,7 +196,7 @@ RUNNER_TEST(tc07_security_server_set_pwd_null_input_case) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TEST ret = security_server_set_pwd(NULL, NULL, 0, 0); @@ -212,7 +211,7 @@ RUNNER_TEST(tc08_security_server_set_pwd_too_long_input_param) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TEST // 33 char password @@ -228,7 +227,7 @@ RUNNER_TEST(tc09_security_server_set_pwd_current_pwd_empty) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TEST ret = security_server_set_pwd(NULL, TEST_PASSWORD, 0, 0); @@ -242,7 +241,7 @@ RUNNER_TEST(tc10_security_server_set_pwd_current_pwd_max_valid_period_in_days) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -266,7 +265,7 @@ RUNNER_TEST(tc11_security_server_set_pwd_current_pwd_max_max_challenge) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -283,7 +282,7 @@ RUNNER_TEST(tc12_security_server_set_pwd_current_pwd_nonempty2zero) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -300,7 +299,7 @@ RUNNER_TEST(tc14_security_server_set_pwd_current_pwd_too_long_input_param) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -322,7 +321,7 @@ RUNNER_TEST(tc15_security_server_chk_pwd_shortest_password) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -339,7 +338,7 @@ RUNNER_TEST(tc16_security_server_set_pwd_validity) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -367,7 +366,7 @@ RUNNER_TEST(tc17_security_server_is_pwd_valid) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 2); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -385,7 +384,7 @@ RUNNER_TEST(tc18_security_server_set_pwd_max_challenge) { int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // calculate max applicable valid days that will not be rejected by ss // ensure, that after conversion from days to seconds in ss there will be no uint overflow unsigned int valid_days = ((UINT_MAX - time(NULL)) / 86400) - 1; @@ -419,7 +418,7 @@ RUNNER_TEST(tc19_security_server_is_pwd_valid) int ret; unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); sleep(1); @@ -441,7 +440,7 @@ RUNNER_TEST(tc20_security_server_chk_pwd) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -464,7 +463,7 @@ RUNNER_TEST(tc21_security_server_chk_incorrect_pwd) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -482,7 +481,7 @@ RUNNER_TEST(tc22_security_server_set_pwd_incorrect_current) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -500,7 +499,7 @@ RUNNER_TEST(tc23_security_server_set_pwd_correct_current) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -519,7 +518,7 @@ RUNNER_TEST(tc24_security_server_attempt_exceeding) unsigned int i, attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -553,7 +552,7 @@ RUNNER_TEST(tc25_security_server_attempt_exceeding) unsigned int i, attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 10, 1); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -585,7 +584,7 @@ RUNNER_TEST(tc26_security_server_reset_pwd) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -603,7 +602,7 @@ RUNNER_TEST(tc27_security_server_chk_pwd_too_long_password) int ret; unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -624,7 +623,7 @@ RUNNER_TEST(tc28_security_server_check_expiration) unsigned int attempt, max_attempt, expire_sec; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 1); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -643,7 +642,7 @@ RUNNER_TEST(tc29_security_server_set_pwd_history) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 5, 1); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -718,7 +717,7 @@ RUNNER_TEST(tc30_security_server_check_history) char buf1[33], buf2[33]; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); clean_password_dir(); @@ -799,7 +798,7 @@ RUNNER_TEST(tc32_security_server_challenge_on_expired_password) struct timeval cur_time; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd(NULL, TEST_PASSWORD, 4, 1); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -832,7 +831,7 @@ RUNNER_TEST(tc33_security_server_reset_by_null_pwd) int ret; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); // TEST ret = security_server_reset_pwd(NULL, 10, 10); @@ -850,7 +849,7 @@ void verify_chk_pwd_basic( unsigned int expected_current_attempt, unsigned int expected_max_attempt, unsigned int expected_valid_secs, - const Tracker &tracker = Tracker()) + const std::string &info) { /* ensure that initial values differ from expected ones */ unsigned int attempt = expected_current_attempt - 1; @@ -862,27 +861,23 @@ void verify_chk_pwd_basic( // validate returned value RUNNER_ASSERT_MSG_BT(ret == expected_result, - tracker.str() << - "security_server_chk_pwd returned " + info << "security_server_chk_pwd returned " << ret << " (expected: " << expected_result << ")"); // validate current attempts value RUNNER_ASSERT_MSG_BT(attempt == expected_current_attempt, - tracker.str() << - "security_server_chk_pwd returned attempt = " << attempt << + info << "security_server_chk_pwd returned attempt = " << attempt << " (expected: " << expected_current_attempt << ")"); // validate max attempt value RUNNER_ASSERT_MSG_BT(max_attempt == expected_max_attempt, - tracker.str() << - "security_server_chk_pwd returned max_attempt = " << max_attempt << + info << "security_server_chk_pwd returned max_attempt = " << max_attempt << " (expected: " << expected_max_attempt << ")"); // validate expire seconds if (expected_valid_secs == PASSWORD_INFINITE_EXPIRATION_TIME) { RUNNER_ASSERT_MSG_BT(expire_sec == expected_valid_secs, - tracker.str() << - "security_server_chk_pwd returned expire_sec = " << expire_sec << + info << "security_server_chk_pwd returned expire_sec = " << expire_sec << " (expected: " << expected_valid_secs << ")"); } else { // because of sleeps in test code we need to check period of time. @@ -890,8 +885,7 @@ void verify_chk_pwd_basic( unsigned int end = expected_valid_secs + 5; RUNNER_ASSERT_MSG_BT(expire_sec >= begin && expire_sec <= end, - tracker.str() << - "security_server_chk_pwd returned expire_sec = " << expire_sec << + info << "security_server_chk_pwd returned expire_sec = " << expire_sec << " (expected: <" << begin << "," << end << ")"); } } @@ -903,7 +897,7 @@ void verify_chk_pwd( int expected_result, unsigned int expected_current_attempt, unsigned int expected_max_attempt, - const Tracker &tracker = Tracker()) + const std::string &info = std::string()) { verify_chk_pwd_basic( challenge, @@ -911,7 +905,7 @@ void verify_chk_pwd( expected_current_attempt, expected_max_attempt, PASSWORD_INFINITE_EXPIRATION_TIME, - tracker); + info); } @@ -921,7 +915,7 @@ void verify_chk_pwd( RUNNER_TEST(tc34_security_server_max_attempts) { // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); int ret = security_server_set_pwd(NULL, TEST_PASSWORD, 0, 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -942,13 +936,12 @@ RUNNER_TEST(tc34_security_server_max_attempts) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, attempt_nr, max_challenges, - TRACE_FROM_HERE_MSG( - std::string("pass = " + std::to_string(pass) + - ", attempt = " + std::to_string(attempt_nr)))); + std::string("pass = ") + std::to_string(pass) + + ", attempt = " + std::to_string(attempt_nr)); // Check correct password finally verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, - max_challenges, max_challenges, TRACE_FROM_HERE); + max_challenges, max_challenges); } } @@ -961,7 +954,7 @@ RUNNER_TEST(tc35_security_server_decrease_max_attempts) const unsigned int max_challenge_less = 5; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); int ret = security_server_set_pwd(NULL, TEST_PASSWORD, max_challenge_more, 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -972,8 +965,7 @@ RUNNER_TEST(tc35_security_server_decrease_max_attempts) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, attempt, max_challenge_more, - TRACE_FROM_HERE_MSG( - std::string("attempt = " + std::to_string(attempt)))); + std::string("attempt = ") + std::to_string(attempt)); // lower max_challenge usleep(PASSWORD_RETRY_TIMEOUT_US); @@ -981,8 +973,7 @@ RUNNER_TEST(tc35_security_server_decrease_max_attempts) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); // try valid password - should pass (curr attempts is reset) - verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, max_challenge_less, - TRACE_FROM_HERE); + verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, max_challenge_less); // remove max attempts limit usleep(PASSWORD_RETRY_TIMEOUT_US); @@ -990,7 +981,7 @@ RUNNER_TEST(tc35_security_server_decrease_max_attempts) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); // try valid password again - should pass - verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0, TRACE_FROM_HERE); + verify_chk_pwd(TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0); // try to change the password - should pass usleep(PASSWORD_RETRY_TIMEOUT_US); @@ -998,7 +989,7 @@ RUNNER_TEST(tc35_security_server_decrease_max_attempts) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); // validate new password - verify_chk_pwd(SECOND_TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0, TRACE_FROM_HERE); + verify_chk_pwd(SECOND_TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 1, 0); } /** @@ -1012,7 +1003,7 @@ RUNNER_TEST(tc36_security_server_challenge_previous_passwords) std::string prev_pass, new_pass = TEST_PASSWORD; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); int ret = security_server_set_pwd_history(history_depth); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -1037,8 +1028,7 @@ RUNNER_TEST(tc36_security_server_challenge_previous_passwords) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, 1, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("depth = " + std::to_string(depth)))); + std::string("depth = ") + std::to_string(depth)); // challenge previous password verify_chk_pwd( @@ -1046,8 +1036,7 @@ RUNNER_TEST(tc36_security_server_challenge_previous_passwords) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, 2, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("depth = " + std::to_string(depth)).c_str())); + std::string("depth = ") + std::to_string(depth)); } } @@ -1059,7 +1048,7 @@ RUNNER_TEST(tc36_security_server_challenge_previous_passwords) RUNNER_TEST(tc37_security_server_challenge_mixed) { // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); const unsigned int max_challenge = 2; int ret = security_server_set_pwd(NULL, TEST_PASSWORD, max_challenge, 0); @@ -1072,8 +1061,7 @@ RUNNER_TEST(tc37_security_server_challenge_mixed) SECURITY_SERVER_API_SUCCESS, 1, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("i = " + std::to_string(i)))); + std::string("i = ") + std::to_string(i)); // Ensure that challenging valid password resets 'cuurrent attempt' value. // If it didn't, the test would fail in third loop pass. @@ -1084,8 +1072,7 @@ RUNNER_TEST(tc37_security_server_challenge_mixed) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, 1, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("i = " + std::to_string(i)))); + std::string("i = ") + std::to_string(i)); // correct pwd verify_chk_pwd( @@ -1093,8 +1080,7 @@ RUNNER_TEST(tc37_security_server_challenge_mixed) SECURITY_SERVER_API_SUCCESS, 2, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("i = " + std::to_string(i)))); + std::string("i = ") + std::to_string(i)); } // incorrect pwd 2x - 'cuurrent attempt' reaches max_challenge - @@ -1105,8 +1091,7 @@ RUNNER_TEST(tc37_security_server_challenge_mixed) SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, i, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("i = " + std::to_string(i)))); + std::string("i = ") + std::to_string(i)); // correct - refused for (unsigned int i = 1; i <= max_challenge; ++i) @@ -1115,8 +1100,7 @@ RUNNER_TEST(tc37_security_server_challenge_mixed) SECURITY_SERVER_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED, max_challenge + i, max_challenge, - TRACE_FROM_HERE_MSG( - std::string("i = " + std::to_string(i)))); + std::string("i = ") + std::to_string(i)); } /* @@ -1130,7 +1114,7 @@ RUNNER_TEST(tc38_security_server_history_depth_change) const int increased_history_depth = 3; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); ret = security_server_set_pwd_history(initial_history_depth); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -1197,7 +1181,7 @@ RUNNER_TEST(tc39_security_server_attempts_num_check_after_reset) const unsigned int invalid_attempts_num = 3; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); int ret = security_server_set_pwd(NULL, TEST_PASSWORD, max_challenge, 0); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -1208,9 +1192,7 @@ RUNNER_TEST(tc39_security_server_attempts_num_check_after_reset) SECOND_TEST_PASSWORD, SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, attempt, - max_challenge, - TRACE_FROM_HERE_MSG( - std::string("attempt = " + std::to_string(attempt)))); + max_challenge); usleep(PASSWORD_RETRY_TIMEOUT_US); attempt = max_attempt = expire_sec = UINT_MAX; @@ -1229,16 +1211,14 @@ RUNNER_TEST(tc39_security_server_attempts_num_check_after_reset) SECOND_TEST_PASSWORD, SECURITY_SERVER_API_ERROR_PASSWORD_MISMATCH, invalid_attempts_num + 1, - max_challenge, - TRACE_FROM_HERE); + max_challenge); // challenge valid password verify_chk_pwd( TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, invalid_attempts_num + 2, - max_challenge, - TRACE_FROM_HERE); + max_challenge); } /** @@ -1249,7 +1229,7 @@ RUNNER_TEST(tc40_security_server_history_check_after_reset) const unsigned int history_depth = 2; // Prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); int ret = security_server_set_pwd_history(history_depth); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret = " << ret); @@ -1296,7 +1276,7 @@ RUNNER_TEST(tc41_security_server_empty_history_check) const unsigned int empty_history_depth = 0; //prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); //set new history count int ret = security_server_set_pwd_history(history_depth); @@ -1335,8 +1315,7 @@ RUNNER_TEST(tc41_security_server_empty_history_check) THIRD_TEST_PASSWORD, SECURITY_SERVER_API_SUCCESS, 3, - 0, - TRACE_FROM_HERE); + 0); //make sure that it's possible to reuse old password once history limit is set to 0 usleep(PASSWORD_RETRY_TIMEOUT_US); @@ -1356,7 +1335,7 @@ RUNNER_TEST(tc41_security_server_empty_history_check) RUNNER_TEST(tc42_security_server_set_new_pwd_with_current_empty) { //prepare environment - reset_security_server(TRACE_FROM_HERE); + reset_security_server(); //set a password int ret = security_server_set_pwd(NULL, TEST_PASSWORD, 0, 0); diff --git a/tests/security-server-tests/server.cpp b/tests/security-server-tests/server.cpp index a0c5a0bc..e3492346 100644 --- a/tests/security-server-tests/server.cpp +++ b/tests/security-server-tests/server.cpp @@ -239,9 +239,9 @@ RUNNER_CHILD_TEST_SMACK(tc01a_security_server_app_give_access) const char *server_api = "security-server::api-data-share"; SmackAccess smack; - smack.add(subject, object, "-----", TRACE_FROM_HERE); - smack.add(object, server_api, "rw", TRACE_FROM_HERE); - smack.apply(TRACE_FROM_HERE); + smack.add(subject, object, "-----"); + smack.add(object, server_api, "rw"); + smack.apply(); smack_set_label_for_self(object); @@ -279,8 +279,8 @@ RUNNER_CHILD_TEST_SMACK(tc01c_security_server_app_give_access_no_access) const char *object = "yyy78x2lkjz"; SmackAccess smack; - smack.add(subject, object, "-----", TRACE_FROM_HERE); - smack.apply(TRACE_FROM_HERE); + smack.add(subject, object, "-----"); + smack.apply(); RUNNER_ASSERT_MSG_BT(0 == smack_set_label_for_self(object), "Error in smack_label_for_self"); @@ -319,10 +319,10 @@ RUNNER_CHILD_TEST_SMACK(tc03_check_API_passwd_allow) RUNNER_ASSERT_MSG_BT(ret == 0, "ret: " << str); SecurityServer::AccessProvider provider(TEST03_SUBJECT); - provider.allowAPI(API_PASSWD_CHECK, API_RULE_REQUIRED, TRACE_FROM_HERE); - provider.allowAPI(API_PASSWD_SET, API_RULE_REQUIRED, TRACE_FROM_HERE); - provider.allowAPI(API_PASSWD_RESET, API_RULE_REQUIRED, TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowAPI(API_PASSWD_CHECK, API_RULE_REQUIRED); + provider.allowAPI(API_PASSWD_SET, API_RULE_REQUIRED); + provider.allowAPI(API_PASSWD_RESET, API_RULE_REQUIRED); + provider.applyAndSwithToUser(APP_UID, APP_GID); ret = security_server_set_pwd_validity(10); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_NO_PASSWORD, "ret: " << ret); @@ -358,7 +358,7 @@ RUNNER_CHILD_TEST(tc04_check_API_passwd_denied) attempt = max_attempt = expire_sec = 0; SecurityServer::AccessProvider privider(TEST04_SUBJECT); - privider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + privider.applyAndSwithToUser(APP_UID, APP_GID); /* * now SS should return error @@ -413,13 +413,13 @@ RUNNER_CHILD_TEST_SMACK(tc05_check_API_middleware_allow) add_process_group(PROC_AUDIO_GROUP_NAME); SecurityServer::AccessProvider provider(TEST05_SUBJECT); - provider.allowFunction("security_server_get_gid", TRACE_FROM_HERE); - provider.allowFunction("security_server_request_cookie", TRACE_FROM_HERE); - provider.allowFunction("security_server_check_privilege", TRACE_FROM_HERE); - provider.allowFunction("security_server_get_cookie_pid", TRACE_FROM_HERE); - provider.allowFunction("security_server_get_smacklabel_cookie", TRACE_FROM_HERE); - provider.allowFunction("security_server_check_privilege_by_pid", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_get_gid"); + provider.allowFunction("security_server_request_cookie"); + provider.allowFunction("security_server_check_privilege"); + provider.allowFunction("security_server_get_cookie_pid"); + provider.allowFunction("security_server_get_smacklabel_cookie"); + provider.allowFunction("security_server_check_privilege_by_pid"); + provider.applyAndSwithToUser(APP_UID, APP_GID); ret = security_server_request_cookie(cookie, cookie_size); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); @@ -449,7 +449,7 @@ RUNNER_CHILD_TEST(tc06_check_API_middleware_denied) char *ss_label = NULL; SecurityServer::AccessProvider provider(TEST06_SUBJECT); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); ret = security_server_request_cookie(cookie, cookie_size); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); @@ -473,8 +473,8 @@ RUNNER_CHILD_TEST(tc06_check_API_middleware_denied) RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow) { SecurityServer::AccessProvider provider(TEST07_SUBJECT); - provider.allowFunction("security_server_app_give_access", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_app_give_access"); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_app_give_access(TEST07_SUBJECT, getpid()); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); @@ -483,7 +483,7 @@ RUNNER_CHILD_TEST_SMACK(tc07_check_API_data_share_allow) RUNNER_CHILD_TEST_SMACK(tc08_check_API_data_share_denied) { SecurityServer::AccessProvider provider(TEST08_SUBJECT); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.applyAndSwithToUser(APP_UID, APP_GID); int ret = security_server_app_give_access(TEST08_SUBJECT, getpid()); RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_ERROR_ACCESS_DENIED, "ret: " << ret); @@ -510,8 +510,8 @@ RUNNER_CHILD_TEST(tc09_check_API_app_enable_permissions) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); SecurityServer::AccessProvider provider(TEST09_SUBJECT); - provider.allowFunction("security_server_app_has_privilege", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_app_has_privilege"); + provider.applyAndSwithToUser(APP_UID, APP_GID); // Check if permissions are given check_app_has_privilege(WGT_APP_ID, APP_TYPE_WGT, perm_list, true); @@ -537,8 +537,8 @@ RUNNER_CHILD_TEST(tc10_check_API_app_disable_permissions) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); SecurityServer::AccessProvider provider(TEST10_SUBJECT); - provider.allowFunction("security_server_app_has_privilege", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_app_has_privilege"); + provider.applyAndSwithToUser(APP_UID, APP_GID); // Check if permissions are disabled check_app_has_privilege(WGT_APP_ID, APP_TYPE_WGT, perm_list, false); @@ -600,8 +600,8 @@ RUNNER_CHILD_TEST(tc12_security_server_app_caller_has_privilege) RUNNER_ASSERT_MSG_BT(ret == SECURITY_SERVER_API_SUCCESS, "ret: " << ret); SecurityServer::AccessProvider provider(TEST11_SUBJECT); - provider.allowFunction("security_server_app_caller_has_privilege", TRACE_FROM_HERE); - provider.applyAndSwithToUser(APP_UID, APP_GID, TRACE_FROM_HERE); + provider.allowFunction("security_server_app_caller_has_privilege"); + provider.applyAndSwithToUser(APP_UID, APP_GID); // Check if permissions are given using "caller" API check_app_caller_has_privilege(APP_TYPE_WGT, perm_list_pers, true);