src/cynara-tests/test_cases_helpers.cpp

   1 /*
   2  * Copyright (c) 2015-2020 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 /**
  17  * @file        test_cases_helpers.cpp
  18  * @author      Aleksander Zdyb <a.zdyb@samsung.com>
  19  * @version     1.0
  20  * @brief       Tests for cynara-helper-credentials-socket and cynara-helper-credentials-dbus
  21  */
  22
  23 #include <cstdlib>
  24 #include <functional>
  25 #include <string>
  26 #include <sys/types.h>
  27 #include <sys/un.h>
  28 #include <unistd.h>
  29 #include <utility>
  30
  31 #include <dbus/dbus.h>
  32 #include <glib-object.h>
  33 #include <gio/gio.h>
  34 #include <systemd/sd-bus.h>
  35
  36 #include <tests_common.h>
  37 #include <app_context.h>
  38 #include <dpl/test/test_runner.h>
  39 #include <memory.h>
  40 #include <synchronization_pipe.h>
  41 #include <tests_common.h>
  42 #include <uds.h>
  43 #include <passwd_access.h>
  44 #include <cynara_helpers_creds.h>
  45 #include <cynara_helpers_dbus.h>
  46
  47 #include <cynara-creds-gdbus.h>
  48 #include <cynara-creds-self.h>
  49 #include <scoped_process_label.h>
  50
  51 class ProcessCredentials {
  52 public:
  53     ProcessCredentials() {}
  54
  55     const std::string &label(void) const {
  56         return m_label;
  57     }
  58
  59     uid_t uid(void) const {
  60         return PasswdAccess::uid(APP_USER);
  61     }
  62
  63     gid_t gid(void) const {
  64         return PasswdAccess::gid("users");
  65     }
  66
  67 private:
  68     std::string m_label = "cynara_helpers";
  69 };
  70
  71 cynara_client_creds getClientDefaultMethod() {
  72     cynara_client_creds def;
  73     int ret = cynara_creds_get_default_client_method(&def);
  74     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
  75                       "cynara_creds_get_default_client_method failed with " << ret);
  76     return def;
  77 }
  78
  79 cynara_user_creds getUserDefaultMethod() {
  80     cynara_user_creds def;
  81     int ret = cynara_creds_get_default_user_method(&def);
  82     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
  83                       "cynara_creds_get_default_user_method failed with " << ret);
  84     return def;
  85 }
  86
  87
  88 void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr,
  89                const struct ProcessCredentials &peerCredentials) {
  90     AppContext ctx(peerCredentials.label());
  91     ctx.apply(peerCredentials.uid(), peerCredentials.gid());
  92     pipe.claimChildEp();
  93
  94     int sock = UDSHelpers::createServer(&sockaddr);
  95     SockUniquePtr sockPtr(&sock);
  96     pipe.post();
  97     int clientSock = UDSHelpers::acceptClient(sock);
  98
  99     UDSHelpers::waitForDisconnect(clientSock);
 100 }
 101
 102 typedef std::function<void(int sock, pid_t pid,
 103         const ProcessCredentials &peerCredentials)> SocketAssertionFn;
 104
 105 void socketTestTemplate(SocketAssertionFn assertion, const std::string &scope) {
 106     const auto sockaddr = UDSHelpers::makeAbstractAddress("helper_" + scope + ".socket");
 107     const ProcessCredentials peerCredentials;
 108
 109     SynchronizationPipe pipe;
 110
 111     pid_t pid = runInChild(std::bind(udsServer, std::ref(pipe), std::cref(sockaddr),
 112                            std::cref(peerCredentials)));
 113
 114     pipe.claimParentEp();
 115     pipe.wait();
 116     int sock = UDSHelpers::createClient(&sockaddr);
 117     SockUniquePtr sockPtr(&sock);
 118
 119     assertion(sock, pid, peerCredentials);
 120 }
 121
 122 RUNNER_TEST_GROUP_INIT(cynara_creds_socket)
 123
 124 void testSocketClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 125     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 126         CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, method));
 127         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 128                           "Labels don't match ret = " << label.get()
 129                           << "; expected = " << peerCredentials.label());
 130     }, "tccs01");
 131 }
 132
 133 void testSocketClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 134     socketTestTemplate([method] (int sock, pid_t pid, const ProcessCredentials &) {
 135         CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, method));
 136         pid_t clientPid = std::stoi(clientPidStr.get());
 137         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 138                           << "; expected = " << pid);
 139     }, "tccs02");
 140 }
 141
 142 RUNNER_MULTIPROCESS_TEST_SMACK(tccs01_socket_credentials_client_smack)
 143 {
 144     testSocketClientSmack();
 145 }
 146
 147 RUNNER_MULTIPROCESS_TEST(tccs02_socket_credentials_client_pid)
 148 {
 149     testSocketClientPid();
 150 }
 151
 152 RUNNER_MULTIPROCESS_TEST_SMACK(tccs03_socket_credentials_client_default)
 153 {
 154     auto method = getClientDefaultMethod();
 155     switch(method) {
 156     case CLIENT_METHOD_SMACK:
 157         testSocketClientSmack(CLIENT_METHOD_DEFAULT);
 158         break;
 159     case CLIENT_METHOD_PID:
 160         testSocketClientPid(CLIENT_METHOD_DEFAULT);
 161         break;
 162     default:
 163         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 164                         << method);
 165     }
 166 }
 167
 168 void testSocketUserUid(cynara_user_creds method = USER_METHOD_UID) {
 169     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 170         CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, method));
 171         uid_t uid = std::stoul(uidStr.get());
 172         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 173                           << "; expected = "<< peerCredentials.uid());
 174     }, "tccs04");
 175 }
 176
 177 void testSocketUserGid(cynara_user_creds method = USER_METHOD_GID) {
 178     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 179         CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, method));
 180         gid_t gid = std::stoul(gidStr.get());
 181         RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
 182                           << "; expected = "<< peerCredentials.gid());
 183     }, "tccs05");
 184 }
 185
 186 RUNNER_MULTIPROCESS_TEST(tccs04_socket_credentials_user_uid)
 187 {
 188     testSocketUserUid();
 189 }
 190
 191 RUNNER_MULTIPROCESS_TEST(tccs05_socket_credentials_user_gid)
 192 {
 193     testSocketUserGid();
 194 }
 195
 196 RUNNER_MULTIPROCESS_TEST(tccs06_socket_credentials_user_default)
 197 {
 198     auto method = getUserDefaultMethod();
 199     switch(method) {
 200     case USER_METHOD_UID:
 201         testSocketUserUid(USER_METHOD_DEFAULT);
 202         break;
 203     case USER_METHOD_GID:
 204         testSocketUserGid(USER_METHOD_DEFAULT);
 205         break;
 206     default:
 207         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 208                  << method);
 209     }
 210 }
 211
 212 RUNNER_MULTIPROCESS_TEST(tccs07_socket_credentials_pid)
 213 {
 214     socketTestTemplate([] (int sock, pid_t expectedPid, const ProcessCredentials &) {
 215         pid_t peerPid(CynaraHelperCredentials::socketGetPid(sock));
 216         RUNNER_ASSERT_MSG(peerPid == expectedPid, "Pids don't match ret = " << peerPid
 217                           << "; expected = "<< expectedPid);
 218     }, "tccs05");
 219 }
 220
 221 // TODO: Create utility namespace for DBus, maybe?
 222 DBusConnectionPtr createDBusConnection(const std::string &name) {
 223     DBusError err;
 224
 225     dbus_error_init(&err);
 226     DBusConnection *conn = dbus_bus_get_private(DBUS_BUS_SYSTEM, &err);
 227     RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != 1, "Error in dbus_bus_get: " << err.message);
 228     dbus_connection_set_exit_on_disconnect(conn, FALSE);
 229
 230     DBusConnectionPtr ret(conn, [] (DBusConnection *conn) {
 231         dbus_connection_close(conn);
 232         dbus_connection_unref(conn);
 233     });
 234
 235     if (name.empty() == false) {
 236         dbus_bus_request_name(conn, name.c_str(), DBUS_NAME_FLAG_REPLACE_EXISTING , &err);
 237         RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != TRUE,
 238                           "Error in dbus_bus_request_name: " << err.message);
 239     }
 240
 241     return ret;
 242 }
 243
 244 void dbusServer(SynchronizationPipe &pipe, const std::string &requestedName,
 245                 const ProcessCredentials &peerCredentials) {
 246     AppContext ctx(peerCredentials.label());
 247     ctx.allowAccessFrom("System", "rwx"); // for DBus connection
 248     ctx.allowAccessFrom("System::Privileged", "rwx"); // for piping
 249     ctx.allowAccessTo("System", "w");
 250     ctx.allowAccessTo("System::Privileged", "rwx"); // for GDB and piping
 251     ctx.allowAccessTo("System::Run", "x");
 252     ctx.allowAccessTo("System::Shared", "rwx"); // for GDB
 253     ctx.allowAccessTo("User", "r"); // for /usr/lib/debug access
 254     ctx.apply(peerCredentials.uid(), peerCredentials.gid());
 255     pipe.claimChildEp();
 256
 257     auto conn = createDBusConnection(requestedName);
 258     pipe.post();
 259     pipe.wait();
 260 }
 261
 262 typedef std::function<void(DBusConnectionPtr conn, pid_t pid,
 263                            const std::string &requestedName,
 264                            const ProcessCredentials &peerCredentials)> DBusAssertionFn;
 265
 266 void dbusTestTemplate(DBusAssertionFn assertion, const std::string &/*scope*/) {
 267     std::string requestedName = "tests.dbus.cynara";
 268     const ProcessCredentials peerCredentials;
 269
 270     SynchronizationPipe pipe;
 271     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 272                            std::cref(peerCredentials)));
 273
 274     pipe.claimParentEp();
 275     pipe.wait();
 276
 277     auto conn = createDBusConnection("");
 278     assertion(std::move(conn), pid, requestedName, peerCredentials);
 279     pipe.post();
 280 }
 281
 282 RUNNER_TEST_GROUP_INIT(cynara_creds_dbus)
 283
 284 void testDbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 285     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t pid, const std::string &requestedName,
 286                          const ProcessCredentials &) {
 287         CStringPtr clientPidStr(CynaraHelperCredentials::dbusGetClient(std::move(conn),
 288             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 289         pid_t clientPid = std::stoi(clientPidStr.get());
 290         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 291                           << "; expected = " << pid);
 292     }, "tccd01");
 293 }
 294
 295 void testDbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 296     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 297                          const ProcessCredentials &peerCredentials) {
 298         CStringPtr label(CynaraHelperCredentials::dbusGetClient(std::move(conn),
 299             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 300         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 301                           "Labels don't match ret = " << label.get()
 302                           << "; expected = " << peerCredentials.label());
 303     }, "tccd02");
 304 }
 305
 306 RUNNER_MULTIPROCESS_TEST(tccd01_dbus_credentials_client_pid)
 307 {
 308     testDbusClientPid();
 309 }
 310
 311 RUNNER_MULTIPROCESS_TEST_SMACK(tccd02_dbus_credentials_client_smack)
 312 {
 313     testDbusClientSmack();
 314 }
 315
 316 RUNNER_MULTIPROCESS_TEST_SMACK(tccd03_dbus_credentials_client_default)
 317 {
 318     auto method = getClientDefaultMethod();
 319     switch(method) {
 320     case CLIENT_METHOD_SMACK:
 321         testDbusClientSmack(CLIENT_METHOD_DEFAULT);
 322         break;
 323     case CLIENT_METHOD_PID:
 324         testDbusClientPid(CLIENT_METHOD_DEFAULT);
 325         break;
 326     default:
 327         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 328                         << method);
 329     }
 330 }
 331
 332 void testDbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 333     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 334                          const ProcessCredentials &peerCredentials) {
 335         CStringPtr uidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
 336             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 337         uid_t uid = std::stoul(uidStr.get());
 338         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 339                           << "; expected = "<< peerCredentials.uid());
 340     }, "tccd04");
 341 }
 342
 343 void testDbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 344     // Acquiring gid from dbus connection is not yet implemented for cynara helpers
 345     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 346                          const ProcessCredentials &) {
 347         CStringPtr gidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
 348             requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
 349     }, "tccd04");
 350 }
 351
 352 RUNNER_MULTIPROCESS_TEST(tccd04_dbus_credentials_user_uid)
 353 {
 354     testDbusUserUid();
 355 }
 356
 357 RUNNER_MULTIPROCESS_TEST(tccd05_dbus_credentials_user_gid)
 358 {
 359     testDbusUserGid();
 360 }
 361
 362 RUNNER_MULTIPROCESS_TEST(tccd06_dbus_credentials_user_default) {
 363     auto method = getUserDefaultMethod();
 364     switch(method) {
 365     case USER_METHOD_UID:
 366         testDbusUserUid(USER_METHOD_DEFAULT);
 367         break;
 368     case USER_METHOD_GID:
 369         testDbusUserGid(USER_METHOD_DEFAULT);
 370         break;
 371     default:
 372         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 373                         << method);
 374     }
 375 }
 376
 377 RUNNER_TEST_SMACK(tccd06_dbus_credentials_pid) {
 378     dbusTestTemplate([] (DBusConnectionPtr conn, pid_t expectedPid,
 379                          const std::string &requestedName, const ProcessCredentials &) {
 380         auto helperPid = CynaraHelperCredentials::dbusGetPid(std::move(conn),
 381             requestedName.c_str(), CYNARA_API_SUCCESS);
 382         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 383                           << "; expected = " << expectedPid);
 384     }, "tccd06");
 385 }
 386
 387 GDBusConnectionPtr createGDBusConnection() {
 388     GDBusConnection *conn = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, NULL);
 389
 390     return GDBusConnectionPtr(conn, [] (GDBusConnection *conn) {
 391         g_object_unref(G_OBJECT(conn));
 392     });
 393 }
 394
 395
 396 typedef std::function<void(GDBusConnectionPtr conn, pid_t pid,
 397                            const std::string &requestedName,
 398                            const ProcessCredentials &peerCredentials)> GDBusAssertionFn;
 399
 400 void gdbusTestTemplate(GDBusAssertionFn assertion, const std::string &/*scope*/) {
 401     std::string requestedName = "tests.dbus.cynara";
 402     const ProcessCredentials peerCredentials;
 403
 404     SynchronizationPipe pipe;
 405     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 406                            std::cref(peerCredentials)));
 407
 408     pipe.claimParentEp();
 409     pipe.wait();
 410
 411     auto conn = createGDBusConnection();
 412     assertion(std::move(conn), pid, requestedName, peerCredentials);
 413     pipe.post();
 414 }
 415
 416
 417 RUNNER_TEST_GROUP_INIT(cynara_creds_gdbus)
 418
 419 void testGdbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 420     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t pid,
 421                                 const std::string &requestedName,
 422                                 const ProcessCredentials &) {
 423         GStringPtr clientPidStr(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
 424                                 requestedName.c_str(), method));
 425         pid_t clientPid = std::stoi(clientPidStr.get());
 426         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 427                           << "; expected = " << pid);
 428     }, "tccgd01");
 429 }
 430
 431 void testGdbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 432     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 433                                 const std::string &requestedName,
 434                                 const ProcessCredentials &peerCredentials) {
 435         GStringPtr label(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
 436                          requestedName.c_str(), method));
 437         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 438                           "Labels don't match ret = " << label.get()
 439                           << "; expected = " << peerCredentials.label());
 440     }, "tccgd02");
 441 }
 442
 443 RUNNER_MULTIPROCESS_TEST(tccgd01_gdbus_credentials_client_pid)
 444 {
 445     testGdbusClientPid();
 446 }
 447
 448 RUNNER_MULTIPROCESS_TEST_SMACK(tccgd02_gdbus_credentials_client_smack)
 449 {
 450     testGdbusClientSmack();
 451 }
 452
 453 RUNNER_MULTIPROCESS_TEST_SMACK(tccgd03_gdbus_credentials_client_default)
 454 {
 455     auto method = getClientDefaultMethod();
 456     switch(method) {
 457     case CLIENT_METHOD_SMACK:
 458         testGdbusClientSmack(CLIENT_METHOD_DEFAULT);
 459         break;
 460     case CLIENT_METHOD_PID:
 461         testGdbusClientPid(CLIENT_METHOD_DEFAULT);
 462         break;
 463     default:
 464         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 465                         << method);
 466     }
 467 }
 468
 469 void testGdbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 470     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 471                                 const std::string &requestedName,
 472                                 const ProcessCredentials &peerCredentials) {
 473         GStringPtr uidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
 474                           requestedName.c_str(), method));
 475         uid_t uid = std::stoul(uidStr.get());
 476         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 477                           << "; expected = "<< peerCredentials.uid());
 478     }, "tccgd04");
 479 }
 480
 481 void testGdbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 482     // Getting gid for gdbus connection is not yet implemented in cynara helpers
 483     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 484                                 const std::string &requestedName,
 485                                 const ProcessCredentials &) {
 486         GStringPtr gidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
 487                           requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
 488     }, "tccgd04");
 489 }
 490
 491 RUNNER_MULTIPROCESS_TEST(tccgd04_gdbus_credentials_user_uid)
 492 {
 493     testGdbusUserUid();
 494 }
 495
 496 RUNNER_MULTIPROCESS_TEST(tccgd05_gdbus_credentials_user_gid)
 497 {
 498     testGdbusUserGid();
 499 }
 500
 501 RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_user_default) {
 502     auto method = getUserDefaultMethod();
 503     switch(method) {
 504     case USER_METHOD_UID:
 505         testGdbusUserUid(USER_METHOD_DEFAULT);
 506         break;
 507     case USER_METHOD_GID:
 508         testGdbusUserGid(USER_METHOD_DEFAULT);
 509         break;
 510     default:
 511         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 512                         << method);
 513     }
 514 }
 515
 516 RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_pid) {
 517     gdbusTestTemplate([] (GDBusConnectionPtr conn, pid_t expectedPid,
 518                           const std::string &requestedName, const ProcessCredentials &) {
 519         auto helperPid = CynaraHelperCredentials::gdbusGetPid(std::move(conn),
 520                          requestedName.c_str());
 521         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 522                           << "; expected = " << expectedPid);
 523     }, "tccgd06");
 524 }
 525
 526
 527 SdBusConnectionPtr createSdBusConnection(const std::string &requestedName) {
 528     sd_bus *bus = NULL;
 529
 530     int r = sd_bus_default_system(&bus);
 531     RUNNER_ASSERT_MSG(r >= 0, "Failed to connect do system bus: %s" << strerror(-r));
 532
 533     if (requestedName.empty() == false) {
 534         r = sd_bus_request_name(bus, requestedName.c_str(), SD_BUS_NAME_REPLACE_EXISTING);
 535         RUNNER_ASSERT_MSG(r >= 0, "Error in sd_bus_request_name");
 536     }
 537
 538     SdBusConnectionPtr ret(bus, [] (sd_bus *busConnection) {
 539         sd_bus_unref(busConnection);
 540     });
 541
 542     return ret;
 543 }
 544
 545 typedef std::function<void(SdBusConnectionPtr conn, pid_t pid, const std::string &requestedName,
 546                            const ProcessCredentials &peerCredentials)> SdBusAssertionFn;
 547
 548 void sdBusTestTemplate(SdBusAssertionFn assertion) {
 549     std::string requestedName = "tests.dbus.cynara";
 550     const ProcessCredentials peerCredentials;
 551
 552     SynchronizationPipe pipe;
 553     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 554                            std::cref(peerCredentials)));
 555
 556     pipe.claimParentEp();
 557     pipe.wait();
 558
 559     auto conn = createSdBusConnection("");
 560     assertion(std::move(conn), pid, requestedName, peerCredentials);
 561     pipe.post();
 562 }
 563
 564
 565 RUNNER_TEST_GROUP_INIT(cynara_creds_sd_bus)
 566
 567 void testSdBusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 568     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t pid,
 569                         const std::string &requestedName,
 570                         const ProcessCredentials &) {
 571         CStringPtr clientPidStr(CynaraHelperCredentials::sdBusGetClient(std::move(conn),
 572                                 requestedName.c_str(), method, CYNARA_API_SUCCESS));
 573         pid_t clientPid = std::stoi(clientPidStr.get());
 574         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 575                           << "; expected = " << pid);
 576     });
 577 }
 578
 579 void testSdBusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 580     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 581                         const std::string &requestedName,
 582                         const ProcessCredentials &peerCredentials) {
 583         CStringPtr label(CynaraHelperCredentials::sdBusGetClient(std::move(conn),
 584                          requestedName.c_str(), method, CYNARA_API_SUCCESS));
 585         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 586                           "Labels don't match ret = " << label.get()
 587                           << "; expected = " << peerCredentials.label());
 588     });
 589 }
 590
 591 RUNNER_MULTIPROCESS_TEST(tccsd01_sd_bus_credentials_client_pid)
 592 {
 593     testSdBusClientPid();
 594 }
 595
 596 RUNNER_MULTIPROCESS_TEST_SMACK(tccsd02_sd_bus_credentials_client_smack)
 597 {
 598     testSdBusClientSmack();
 599 }
 600
 601 RUNNER_MULTIPROCESS_TEST_SMACK(tccsd03_sd_bus_credentials_client_default)
 602 {
 603     auto method = getClientDefaultMethod();
 604     switch(method) {
 605     case CLIENT_METHOD_SMACK:
 606         testSdBusClientSmack(CLIENT_METHOD_DEFAULT);
 607         break;
 608     case CLIENT_METHOD_PID:
 609         testSdBusClientPid(CLIENT_METHOD_DEFAULT);
 610         break;
 611     default:
 612         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 613                         << method);
 614     }
 615 }
 616
 617 void testSdBusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 618     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 619                         const std::string &requestedName,
 620                         const ProcessCredentials &peerCredentials) {
 621         CStringPtr uidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn),
 622                           requestedName.c_str(), method, CYNARA_API_SUCCESS));
 623         uid_t uid = std::stoul(uidStr.get());
 624         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 625                           << "; expected = "<< peerCredentials.uid());
 626     });
 627 }
 628
 629 void testSdBusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 630     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 631                         const std::string &requestedName,
 632                         const ProcessCredentials &peerCredentials) {
 633         CStringPtr gidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn),
 634                           requestedName.c_str(), method, CYNARA_API_SUCCESS));
 635         gid_t gid = std::stoul(gidStr.get());
 636         RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
 637                           << "; expected = "<< peerCredentials.gid());
 638     });
 639 }
 640
 641 RUNNER_MULTIPROCESS_TEST(tccsd04_sd_bus_credentials_user_uid)
 642 {
 643     testSdBusUserUid();
 644 }
 645
 646 RUNNER_MULTIPROCESS_TEST(tccsd05_sd_bus_credentials_user_gid)
 647 {
 648     testSdBusUserGid();
 649 }
 650
 651 RUNNER_MULTIPROCESS_TEST(tccsd06_sd_bus_credentials_user_default)
 652 {
 653     auto method = getUserDefaultMethod();
 654     switch(method) {
 655     case USER_METHOD_UID:
 656         testSdBusUserUid(USER_METHOD_DEFAULT);
 657         break;
 658     case USER_METHOD_GID:
 659         testSdBusUserGid(USER_METHOD_DEFAULT);
 660         break;
 661     default:
 662         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 663                         << method);
 664     }
 665 }
 666
 667 RUNNER_TEST_SMACK(tccd07_sd_bus_credentials_pid) {
 668     sdBusTestTemplate([] (SdBusConnectionPtr conn, pid_t expectedPid,
 669                           const std::string &requestedName, const ProcessCredentials &) {
 670         auto helperPid = CynaraHelperCredentials::sdBusGetPid(std::move(conn),
 671                          requestedName.c_str(), CYNARA_API_SUCCESS);
 672         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 673                           << "; expected = " << expectedPid);
 674     });
 675 }
 676
 677
 678 RUNNER_TEST_GROUP_INIT(cynara_creds_self)
 679
 680 void testCredsClientSelf(cynara_client_creds method, const std::string &expected) {
 681     char *client;
 682     int ret = cynara_creds_self_get_client(method, &client);
 683     CStringPtr clientPtr(client);
 684     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_client failed with " << ret);
 685     RUNNER_ASSERT_MSG(expected == client, "expected client doesn't match, expected: " << expected
 686                                           << ", got : " << client);
 687 }
 688
 689 void testCredsUserSelf(cynara_user_creds method, const std::string &expected) {
 690     char *user;
 691     int ret = cynara_creds_self_get_user(method, &user);
 692     CStringPtr clientPtr(user);
 693     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_user failed with " << ret);
 694     RUNNER_ASSERT_MSG(expected == user, "expected user doesn't match, expected: " << expected
 695                                           << ", got : " << user);
 696 }
 697
 698 void testSelfClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 699     std::string label = "test-label";
 700     ScopedProcessLabel spl(label, false);
 701     testCredsClientSelf(method, label);
 702 }
 703
 704 void testSelfClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 705     pid_t pid = getpid();
 706     testCredsClientSelf(method, std::to_string(pid));
 707 }
 708
 709 void testSelfUserUid(cynara_user_creds method = USER_METHOD_UID) {
 710     uid_t uid = getuid();
 711     testCredsUserSelf(method, std::to_string(uid));
 712 }
 713
 714 void testSelfUserGid(cynara_user_creds method = USER_METHOD_GID) {
 715     gid_t gid = getgid();
 716     testCredsUserSelf(method, std::to_string(gid));
 717 }
 718
 719 RUNNER_CHILD_TEST_SMACK(tccsl01_self_credentials_client_smack) {
 720     testSelfClientSmack();
 721 }
 722
 723 RUNNER_CHILD_TEST_SMACK(tccsl02_self_credentials_client_pid) {
 724     testSelfClientPid();
 725 }
 726
 727 RUNNER_CHILD_TEST_SMACK(tccsl03_self_credentials_user_uid) {
 728     testSelfUserUid();
 729 }
 730
 731 RUNNER_CHILD_TEST_SMACK(tccsl04_self_credentials_user_gid) {
 732     testSelfUserGid();
 733 }
 734
 735 RUNNER_CHILD_TEST_SMACK(tccsl05_self_credentials_client_default) {
 736     auto method = getClientDefaultMethod();
 737     switch(method) {
 738     case CLIENT_METHOD_SMACK:
 739         testSelfClientSmack(CLIENT_METHOD_DEFAULT);
 740         break;
 741     case CLIENT_METHOD_PID:
 742         testSelfClientPid(CLIENT_METHOD_DEFAULT);
 743         break;
 744     default:
 745         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value " << method);
 746     }
 747 }
 748
 749 RUNNER_CHILD_TEST_SMACK(tccsl06_self_credentials_user_default) {
 750     auto method = getUserDefaultMethod();
 751     switch(method) {
 752     case USER_METHOD_UID:
 753         testSelfUserUid(USER_METHOD_DEFAULT);
 754         break;
 755     case USER_METHOD_GID:
 756         testSelfUserGid(USER_METHOD_DEFAULT);
 757         break;
 758     default:
 759         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value " << method);
 760     }
 761 }