From 584531091e8374d0dedf0ebc6ba6d69076714528 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Fri, 9 Jan 2015 02:44:45 +0100 Subject: [PATCH] Add test-agent plugin This is a test plugin, that sends all requests to agent. Security tests can play role of this agent, so they can decide about time and value of a response. Change-Id: I278229810a84cdb4a3ff01ad8ef714019507f0c1 --- packaging/security-tests.spec | 1 + tests/cynara-tests/plugins/CMakeLists.txt | 1 + tests/cynara-tests/plugins/plugins.h | 6 ++ .../cynara-tests/plugins/test-agent/CMakeLists.txt | 53 ++++++++++++ tests/cynara-tests/plugins/test-agent/plugin.cpp | 95 ++++++++++++++++++++++ 5 files changed, 156 insertions(+) create mode 100644 tests/cynara-tests/plugins/test-agent/CMakeLists.txt create mode 100644 tests/cynara-tests/plugins/test-agent/plugin.cpp diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index 8036e38..5ff4ab0 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -107,3 +107,4 @@ echo "security-tests postinst done ..." /etc/security-tests /usr/lib/security-tests/cynara-tests/plugins/single-policy/* /usr/lib/security-tests/cynara-tests/plugins/multiple-policy/* +/usr/lib/security-tests/cynara-tests/plugins/test-agent/* diff --git a/tests/cynara-tests/plugins/CMakeLists.txt b/tests/cynara-tests/plugins/CMakeLists.txt index cae7277..5dbc42e 100644 --- a/tests/cynara-tests/plugins/CMakeLists.txt +++ b/tests/cynara-tests/plugins/CMakeLists.txt @@ -15,3 +15,4 @@ ADD_SUBDIRECTORY(single-policy) ADD_SUBDIRECTORY(multiple-policy) +ADD_SUBDIRECTORY(test-agent) diff --git a/tests/cynara-tests/plugins/plugins.h b/tests/cynara-tests/plugins/plugins.h index edb1f5c..11c99f3 100644 --- a/tests/cynara-tests/plugins/plugins.h +++ b/tests/cynara-tests/plugins/plugins.h @@ -42,6 +42,7 @@ static const std::string TEST_PLUGIN_PATH("/usr/lib/security-tests/cynara-tests/ static const std::string DEFAULT_POLICY(""); static const std::string SINGLE_POLICY("single-policy"); static const std::string MULTIPLE_POLICY("multiple-policy"); +static const std::string TEST_AGENT("test-agent"); static const DescriptionsMap POLICY_DESCRIPTIONS = { DescriptionsPair(DEFAULT_POLICY, { @@ -56,8 +57,13 @@ static const DescriptionsMap POLICY_DESCRIPTIONS = { { 3002, "Multiple Policy Type 2" }, { 3003, "Multiple Policy Type 3" }, }), + DescriptionsPair(TEST_AGENT, { + { 4001, "Test Agent Type 1" } + }), }; +static const std::string TEST_AGENT_TYPE("SecurityCynaraTestsAgentType"); + static const std::string AGENT_DATA_UNIT_SEPARATOR("\31"); static const std::string AGENT_DATA_RECORD_SEPARATOR("\30"); static const std::string AGENT_DATA_ALLOW("Allow"); diff --git a/tests/cynara-tests/plugins/test-agent/CMakeLists.txt b/tests/cynara-tests/plugins/test-agent/CMakeLists.txt new file mode 100644 index 0000000..6c179a0 --- /dev/null +++ b/tests/cynara-tests/plugins/test-agent/CMakeLists.txt @@ -0,0 +1,53 @@ +# Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file CMakeLists.txt +# @author Lukasz Wojciechowski +# + +CMAKE_MINIMUM_REQUIRED(VERSION 2.8.3) + +INCLUDE(FindPkgConfig) + +SET(CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT "cynara-test-plugin-test-agent") + +PKG_CHECK_MODULES(CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_DEP + REQUIRED + cynara-plugin + ) + +INCLUDE_DIRECTORIES( + ${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_DEP_INCLUDE_DIRS} + ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/ + ) + +SET(CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_SOURCES + ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/test-agent/plugin.cpp + ${PROJECT_SOURCE_DIR}/tests/cynara-tests/plugins/plugins.cpp + ) + +ADD_DEFINITIONS("-fvisibility=default") + +ADD_LIBRARY( + ${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT} + SHARED + ${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_SOURCES} + ) + +TARGET_LINK_LIBRARIES(${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT} + ${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT_DEPS} + ) + +INSTALL(TARGETS ${CYNARA_TARGET_TEST_PLUGIN_TEST_AGENT} + DESTINATION /usr/lib/security-tests/cynara-tests/plugins/test-agent/) diff --git a/tests/cynara-tests/plugins/test-agent/plugin.cpp b/tests/cynara-tests/plugins/test-agent/plugin.cpp new file mode 100644 index 0000000..d368940 --- /dev/null +++ b/tests/cynara-tests/plugins/test-agent/plugin.cpp @@ -0,0 +1,95 @@ +/* + * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @file plugin.cpp + * @author Lukasz Wojciechowski + * @brief Implementation of cynara test plugin handling communication with test-agent + */ + +#include + +#include +#include +#include + +class TestAgentPlugin : public BaseCynaraTestPlugin +{ +public: + TestAgentPlugin() : BaseCynaraTestPlugin(CynaraTestPlugins::TEST_AGENT) {} + virtual ~TestAgentPlugin() {} + + virtual Cynara::ServicePluginInterface::PluginStatus check(const std::string &client, + const std::string &user, + const std::string &privilege, + Cynara::PolicyResult &result, + Cynara::AgentType &requiredAgent, + Cynara::PluginData &pluginData) + noexcept + { + (void) result; + + try { + requiredAgent = CynaraTestPlugins::TEST_AGENT_TYPE; + pluginData = CynaraTestPlugins::wrapAgentData({client, user, privilege}); + } catch (...) { + return Cynara::ServicePluginInterface::PluginStatus::ERROR; + } + return Cynara::ServicePluginInterface::PluginStatus::ANSWER_NOTREADY; + } + + virtual Cynara::ServicePluginInterface::PluginStatus update(const std::string &client, + const std::string &user, + const std::string &privilege, + const Cynara::PluginData &agentData, + Cynara::PolicyResult &result) + noexcept + { + (void) client; + (void) user; + (void) privilege; + + try { + CynaraTestPlugins::AgentDataVector data; + if (!CynaraTestPlugins::unwrapAgentData(agentData, data)) + return Cynara::ServicePluginInterface::PluginStatus::ERROR; + + if (data.size() != 1) + return Cynara::ServicePluginInterface::PluginStatus::ERROR; + + if (data[0] == CynaraTestPlugins::AGENT_DATA_ALLOW) { + result = Cynara::PolicyResult(Cynara::PredefinedPolicyType::ALLOW); + return Cynara::ServicePluginInterface::PluginStatus::SUCCESS; + } + else if (data[0] == CynaraTestPlugins::AGENT_DATA_DENY) { + result = Cynara::PolicyResult(Cynara::PredefinedPolicyType::DENY); + return Cynara::ServicePluginInterface::PluginStatus::SUCCESS; + } + } catch (...) { + return Cynara::ServicePluginInterface::PluginStatus::ERROR; + } + return Cynara::ServicePluginInterface::PluginStatus::ERROR; + } +}; + +extern "C" { +Cynara::ExternalPluginInterface *create(void) { + return new TestAgentPlugin(); +} + +void destroy(Cynara::ExternalPluginInterface *ptr) { + delete ptr; +} +} // extern "C" -- 2.7.4