src/cynara-tests/test_cases_helpers.cpp

   1 /*
   2  * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved
   3  *
   4  *    Licensed under the Apache License, Version 2.0 (the "License");
   5  *    you may not use this file except in compliance with the License.
   6  *    You may obtain a copy of the License at
   7  *
   8  *        http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  *    Unless required by applicable law or agreed to in writing, software
  11  *    distributed under the License is distributed on an "AS IS" BASIS,
  12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  *    See the License for the specific language governing permissions and
  14  *    limitations under the License.
  15  */
  16 /**
  17  * @file        test_cases_helpers.cpp
  18  * @author      Aleksander Zdyb <a.zdyb@samsung.com>
  19  * @version     1.0
  20  * @brief       Tests for cynara-helper-credentials-socket and cynara-helper-credentials-dbus
  21  */
  22
  23 #include <cstdlib>
  24 #include <functional>
  25 #include <string>
  26 #include <sys/types.h>
  27 #include <sys/un.h>
  28 #include <unistd.h>
  29 #include <utility>
  30
  31 #include <dbus/dbus.h>
  32 #include <glib-object.h>
  33 #include <gio/gio.h>
  34 #include <systemd/sd-bus.h>
  35
  36 #include <tests_common.h>
  37 #include <access_provider.h>
  38 #include <dpl/test/test_runner.h>
  39 #include <memory.h>
  40 #include <synchronization_pipe.h>
  41 #include <tests_common.h>
  42 #include <uds.h>
  43 #include <passwd_access.h>
  44 #include <cynara_helpers_creds.h>
  45 #include <cynara_helpers_dbus.h>
  46
  47 #include <cynara-creds-gdbus.h>
  48 #include <cynara-creds-self.h>
  49
  50 class ProcessCredentials {
  51 public:
  52     ProcessCredentials() {}
  53
  54     const std::string &label(void) const {
  55         return m_label;
  56     }
  57
  58     uid_t uid(void) const {
  59         return PasswdAccess::uid(APP_USER);
  60     }
  61
  62     gid_t gid(void) const {
  63         return PasswdAccess::gid("users");
  64     }
  65
  66 private:
  67     std::string m_label = "cynara_helpers";
  68 };
  69
  70 cynara_client_creds getClientDefaultMethod() {
  71     cynara_client_creds def;
  72     int ret = cynara_creds_get_default_client_method(&def);
  73     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
  74                       "cynara_creds_get_default_client_method failed with " << ret);
  75     return def;
  76 }
  77
  78 cynara_user_creds getUserDefaultMethod() {
  79     cynara_user_creds def;
  80     int ret = cynara_creds_get_default_user_method(&def);
  81     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS,
  82                       "cynara_creds_get_default_user_method failed with " << ret);
  83     return def;
  84 }
  85
  86
  87 void udsServer(SynchronizationPipe &pipe, const struct sockaddr_un &sockaddr,
  88                const struct ProcessCredentials &peerCredentials) {
  89     SecurityServer::AccessProvider ap(peerCredentials.label());
  90     ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid());
  91     pipe.claimChildEp();
  92
  93     int sock = UDSHelpers::createServer(&sockaddr);
  94     SockUniquePtr sockPtr(&sock);
  95     pipe.post();
  96     int clientSock = UDSHelpers::acceptClient(sock);
  97
  98     UDSHelpers::waitForDisconnect(clientSock);
  99 }
 100
 101 typedef std::function<void(int sock, pid_t pid,
 102         const ProcessCredentials &peerCredentials)> SocketAssertionFn;
 103
 104 void socketTestTemplate(SocketAssertionFn assertion, const std::string &scope) {
 105     const auto sockaddr = UDSHelpers::makeAbstractAddress("helper_" + scope + ".socket");
 106     const ProcessCredentials peerCredentials;
 107
 108     SynchronizationPipe pipe;
 109
 110     pid_t pid = runInChild(std::bind(udsServer, std::ref(pipe), std::cref(sockaddr),
 111                            std::cref(peerCredentials)));
 112
 113     pipe.claimParentEp();
 114     pipe.wait();
 115     int sock = UDSHelpers::createClient(&sockaddr);
 116     SockUniquePtr sockPtr(&sock);
 117
 118     assertion(sock, pid, peerCredentials);
 119 }
 120
 121 RUNNER_TEST_GROUP_INIT(cynara_creds_socket)
 122
 123 void testSocketClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 124     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 125         CStringPtr label(CynaraHelperCredentials::socketGetClient(sock, method));
 126         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 127                           "Labels don't match ret = " << label.get()
 128                           << "; expected = " << peerCredentials.label());
 129     }, "tccs01");
 130 }
 131
 132 void testSocketClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 133     socketTestTemplate([method] (int sock, pid_t pid, const ProcessCredentials &) {
 134         CStringPtr clientPidStr(CynaraHelperCredentials::socketGetClient(sock, method));
 135         pid_t clientPid = std::stoi(clientPidStr.get());
 136         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 137                           << "; expected = " << pid);
 138     }, "tccs02");
 139 }
 140
 141 RUNNER_MULTIPROCESS_TEST_SMACK(tccs01_socket_credentials_client_smack)
 142 {
 143     testSocketClientSmack();
 144 }
 145
 146 RUNNER_MULTIPROCESS_TEST(tccs02_socket_credentials_client_pid)
 147 {
 148     testSocketClientPid();
 149 }
 150
 151 RUNNER_MULTIPROCESS_TEST_SMACK(tccs03_socket_credentials_client_default)
 152 {
 153     auto method = getClientDefaultMethod();
 154     switch(method) {
 155     case CLIENT_METHOD_SMACK:
 156         testSocketClientSmack(CLIENT_METHOD_DEFAULT);
 157         break;
 158     case CLIENT_METHOD_PID:
 159         testSocketClientPid(CLIENT_METHOD_DEFAULT);
 160         break;
 161     default:
 162         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 163                         << method);
 164     }
 165 }
 166
 167 void testSocketUserUid(cynara_user_creds method = USER_METHOD_UID) {
 168     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 169         CStringPtr uidStr(CynaraHelperCredentials::socketGetUser(sock, method));
 170         uid_t uid = std::stoul(uidStr.get());
 171         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 172                           << "; expected = "<< peerCredentials.uid());
 173     }, "tccs04");
 174 }
 175
 176 void testSocketUserGid(cynara_user_creds method = USER_METHOD_GID) {
 177     socketTestTemplate([method] (int sock, pid_t, const ProcessCredentials &peerCredentials) {
 178         CStringPtr gidStr(CynaraHelperCredentials::socketGetUser(sock, method));
 179         gid_t gid = std::stoul(gidStr.get());
 180         RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
 181                           << "; expected = "<< peerCredentials.gid());
 182     }, "tccs05");
 183 }
 184
 185 RUNNER_MULTIPROCESS_TEST(tccs04_socket_credentials_user_uid)
 186 {
 187     testSocketUserUid();
 188 }
 189
 190 RUNNER_MULTIPROCESS_TEST(tccs05_socket_credentials_user_gid)
 191 {
 192     testSocketUserGid();
 193 }
 194
 195 RUNNER_MULTIPROCESS_TEST(tccs06_socket_credentials_user_default)
 196 {
 197     auto method = getUserDefaultMethod();
 198     switch(method) {
 199     case USER_METHOD_UID:
 200         testSocketUserUid(USER_METHOD_DEFAULT);
 201         break;
 202     case USER_METHOD_GID:
 203         testSocketUserGid(USER_METHOD_DEFAULT);
 204         break;
 205     default:
 206         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 207                  << method);
 208     }
 209 }
 210
 211 RUNNER_MULTIPROCESS_TEST(tccs07_socket_credentials_pid)
 212 {
 213     socketTestTemplate([] (int sock, pid_t expectedPid, const ProcessCredentials &) {
 214         pid_t peerPid(CynaraHelperCredentials::socketGetPid(sock));
 215         RUNNER_ASSERT_MSG(peerPid == expectedPid, "Pids don't match ret = " << peerPid
 216                           << "; expected = "<< expectedPid);
 217     }, "tccs05");
 218 }
 219
 220 // TODO: Create utility namespace for DBus, maybe?
 221 DBusConnectionPtr createDBusConnection(const std::string &name) {
 222     DBusError err;
 223
 224     dbus_error_init(&err);
 225     DBusConnection *conn = dbus_bus_get_private(DBUS_BUS_SYSTEM, &err);
 226     RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != 1, "Error in dbus_bus_get: " << err.message);
 227     dbus_connection_set_exit_on_disconnect(conn, FALSE);
 228
 229     DBusConnectionPtr ret(conn, [] (DBusConnection *conn) {
 230         dbus_connection_close(conn);
 231         dbus_connection_unref(conn);
 232     });
 233
 234     if (name.empty() == false) {
 235         dbus_bus_request_name(conn, name.c_str(), DBUS_NAME_FLAG_REPLACE_EXISTING , &err);
 236         RUNNER_ASSERT_MSG(dbus_error_is_set(&err) != TRUE,
 237                           "Error in dbus_bus_request_name: " << err.message);
 238     }
 239
 240     return ret;
 241 }
 242
 243 void dbusServer(SynchronizationPipe &pipe, const std::string &requestedName,
 244                 const ProcessCredentials &peerCredentials) {
 245     // for DBus connection, System must have access to our peer creds as well.
 246     SecurityServer::AccessProvider systemAp("System");
 247     systemAp.addObjectRule(peerCredentials.label(), "rwx");
 248     systemAp.apply();
 249
 250     SecurityServer::AccessProvider ap(peerCredentials.label());
 251     ap.addObjectRule("System", "w");
 252     ap.addObjectRule("System::Run", "x");
 253     ap.addObjectRule("System::Shared", "rwx"); // for GDB
 254     ap.addSubjectRule("System::Privileged", "rwx"); // for piping
 255     ap.addObjectRule("System::Privileged", "rwx"); // for GDB and piping
 256     ap.addObjectRule("User", "r"); // for /usr/lib/debug access
 257     ap.applyAndSwithToUser(peerCredentials.uid(), peerCredentials.gid());
 258     pipe.claimChildEp();
 259
 260     auto conn = createDBusConnection(requestedName);
 261     pipe.post();
 262     pipe.wait();
 263 }
 264
 265 typedef std::function<void(DBusConnectionPtr conn, pid_t pid,
 266                            const std::string &requestedName,
 267                            const ProcessCredentials &peerCredentials)> DBusAssertionFn;
 268
 269 void dbusTestTemplate(DBusAssertionFn assertion, const std::string &/*scope*/) {
 270     std::string requestedName = "tests.dbus.cynara";
 271     const ProcessCredentials peerCredentials;
 272
 273     SynchronizationPipe pipe;
 274     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 275                            std::cref(peerCredentials)));
 276
 277     pipe.claimParentEp();
 278     pipe.wait();
 279
 280     auto conn = createDBusConnection("");
 281     assertion(std::move(conn), pid, requestedName, peerCredentials);
 282     pipe.post();
 283 }
 284
 285 RUNNER_TEST_GROUP_INIT(cynara_creds_dbus)
 286
 287 void testDbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 288     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t pid, const std::string &requestedName,
 289                          const ProcessCredentials &) {
 290         CStringPtr clientPidStr(CynaraHelperCredentials::dbusGetClient(std::move(conn),
 291             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 292         pid_t clientPid = std::stoi(clientPidStr.get());
 293         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 294                           << "; expected = " << pid);
 295     }, "tccd01");
 296 }
 297
 298 void testDbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 299     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 300                          const ProcessCredentials &peerCredentials) {
 301         CStringPtr label(CynaraHelperCredentials::dbusGetClient(std::move(conn),
 302             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 303         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 304                           "Labels don't match ret = " << label.get()
 305                           << "; expected = " << peerCredentials.label());
 306     }, "tccd02");
 307 }
 308
 309 RUNNER_MULTIPROCESS_TEST(tccd01_dbus_credentials_client_pid)
 310 {
 311     testDbusClientPid();
 312 }
 313
 314 RUNNER_MULTIPROCESS_TEST_SMACK(tccd02_dbus_credentials_client_smack)
 315 {
 316     testDbusClientSmack();
 317 }
 318
 319 RUNNER_MULTIPROCESS_TEST_SMACK(tccd03_dbus_credentials_client_default)
 320 {
 321     auto method = getClientDefaultMethod();
 322     switch(method) {
 323     case CLIENT_METHOD_SMACK:
 324         testDbusClientSmack(CLIENT_METHOD_DEFAULT);
 325         break;
 326     case CLIENT_METHOD_PID:
 327         testDbusClientPid(CLIENT_METHOD_DEFAULT);
 328         break;
 329     default:
 330         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 331                         << method);
 332     }
 333 }
 334
 335 void testDbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 336     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 337                          const ProcessCredentials &peerCredentials) {
 338         CStringPtr uidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
 339             requestedName.c_str(), method, CYNARA_API_SUCCESS));
 340         uid_t uid = std::stoul(uidStr.get());
 341         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 342                           << "; expected = "<< peerCredentials.uid());
 343     }, "tccd04");
 344 }
 345
 346 void testDbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 347     // Acquiring gid from dbus connection is not yet implemented for cynara helpers
 348     dbusTestTemplate([method] (DBusConnectionPtr conn, pid_t, const std::string &requestedName,
 349                          const ProcessCredentials &) {
 350         CStringPtr gidStr(CynaraHelperCredentials::dbusGetUser(std::move(conn),
 351             requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
 352     }, "tccd04");
 353 }
 354
 355 RUNNER_MULTIPROCESS_TEST(tccd04_dbus_credentials_user_uid)
 356 {
 357     testDbusUserUid();
 358 }
 359
 360 RUNNER_MULTIPROCESS_TEST(tccd05_dbus_credentials_user_gid)
 361 {
 362     testDbusUserGid();
 363 }
 364
 365 RUNNER_MULTIPROCESS_TEST(tccd06_dbus_credentials_user_default) {
 366     auto method = getUserDefaultMethod();
 367     switch(method) {
 368     case USER_METHOD_UID:
 369         testDbusUserUid(USER_METHOD_DEFAULT);
 370         break;
 371     case USER_METHOD_GID:
 372         testDbusUserGid(USER_METHOD_DEFAULT);
 373         break;
 374     default:
 375         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 376                         << method);
 377     }
 378 }
 379
 380 RUNNER_TEST_SMACK(tccd06_dbus_credentials_pid) {
 381     dbusTestTemplate([] (DBusConnectionPtr conn, pid_t expectedPid,
 382                          const std::string &requestedName, const ProcessCredentials &) {
 383         auto helperPid = CynaraHelperCredentials::dbusGetPid(std::move(conn),
 384             requestedName.c_str(), CYNARA_API_SUCCESS);
 385         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 386                           << "; expected = " << expectedPid);
 387     }, "tccd06");
 388 }
 389
 390 GDBusConnectionPtr createGDBusConnection() {
 391     GDBusConnection *conn = g_bus_get_sync(G_BUS_TYPE_SYSTEM, NULL, NULL);
 392
 393     return GDBusConnectionPtr(conn, [] (GDBusConnection *conn) {
 394         g_object_unref(G_OBJECT(conn));
 395     });
 396 }
 397
 398
 399 typedef std::function<void(GDBusConnectionPtr conn, pid_t pid,
 400                            const std::string &requestedName,
 401                            const ProcessCredentials &peerCredentials)> GDBusAssertionFn;
 402
 403 void gdbusTestTemplate(GDBusAssertionFn assertion, const std::string &/*scope*/) {
 404     std::string requestedName = "tests.dbus.cynara";
 405     const ProcessCredentials peerCredentials;
 406
 407     SynchronizationPipe pipe;
 408     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 409                            std::cref(peerCredentials)));
 410
 411     pipe.claimParentEp();
 412     pipe.wait();
 413
 414     auto conn = createGDBusConnection();
 415     assertion(std::move(conn), pid, requestedName, peerCredentials);
 416     pipe.post();
 417 }
 418
 419
 420 RUNNER_TEST_GROUP_INIT(cynara_creds_gdbus)
 421
 422 void testGdbusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 423     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t pid,
 424                                 const std::string &requestedName,
 425                                 const ProcessCredentials &) {
 426         GStringPtr clientPidStr(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
 427                                 requestedName.c_str(), method));
 428         pid_t clientPid = std::stoi(clientPidStr.get());
 429         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 430                           << "; expected = " << pid);
 431     }, "tccgd01");
 432 }
 433
 434 void testGdbusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 435     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 436                                 const std::string &requestedName,
 437                                 const ProcessCredentials &peerCredentials) {
 438         GStringPtr label(CynaraHelperCredentials::gdbusGetClient(std::move(conn),
 439                          requestedName.c_str(), method));
 440         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 441                           "Labels don't match ret = " << label.get()
 442                           << "; expected = " << peerCredentials.label());
 443     }, "tccgd02");
 444 }
 445
 446 RUNNER_MULTIPROCESS_TEST(tccgd01_gdbus_credentials_client_pid)
 447 {
 448     testGdbusClientPid();
 449 }
 450
 451 RUNNER_MULTIPROCESS_TEST_SMACK(tccgd02_gdbus_credentials_client_smack)
 452 {
 453     testGdbusClientSmack();
 454 }
 455
 456 RUNNER_MULTIPROCESS_TEST_SMACK(tccgd03_gdbus_credentials_client_default)
 457 {
 458     auto method = getClientDefaultMethod();
 459     switch(method) {
 460     case CLIENT_METHOD_SMACK:
 461         testGdbusClientSmack(CLIENT_METHOD_DEFAULT);
 462         break;
 463     case CLIENT_METHOD_PID:
 464         testGdbusClientPid(CLIENT_METHOD_DEFAULT);
 465         break;
 466     default:
 467         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 468                         << method);
 469     }
 470 }
 471
 472 void testGdbusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 473     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 474                                 const std::string &requestedName,
 475                                 const ProcessCredentials &peerCredentials) {
 476         GStringPtr uidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
 477                           requestedName.c_str(), method));
 478         uid_t uid = std::stoul(uidStr.get());
 479         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 480                           << "; expected = "<< peerCredentials.uid());
 481     }, "tccgd04");
 482 }
 483
 484 void testGdbusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 485     // Getting gid for gdbus connection is not yet implemented in cynara helpers
 486     gdbusTestTemplate([method] (GDBusConnectionPtr conn, pid_t,
 487                                 const std::string &requestedName,
 488                                 const ProcessCredentials &) {
 489         GStringPtr gidStr(CynaraHelperCredentials::gdbusGetUser(std::move(conn),
 490                           requestedName.c_str(), method, CYNARA_API_METHOD_NOT_SUPPORTED));
 491     }, "tccgd04");
 492 }
 493
 494 RUNNER_MULTIPROCESS_TEST(tccgd04_gdbus_credentials_user_uid)
 495 {
 496     testGdbusUserUid();
 497 }
 498
 499 RUNNER_MULTIPROCESS_TEST(tccgd05_gdbus_credentials_user_gid)
 500 {
 501     testGdbusUserGid();
 502 }
 503
 504 RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_user_default) {
 505     auto method = getUserDefaultMethod();
 506     switch(method) {
 507     case USER_METHOD_UID:
 508         testGdbusUserUid(USER_METHOD_DEFAULT);
 509         break;
 510     case USER_METHOD_GID:
 511         testGdbusUserGid(USER_METHOD_DEFAULT);
 512         break;
 513     default:
 514         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 515                         << method);
 516     }
 517 }
 518
 519 RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_pid) {
 520     gdbusTestTemplate([] (GDBusConnectionPtr conn, pid_t expectedPid,
 521                           const std::string &requestedName, const ProcessCredentials &) {
 522         auto helperPid = CynaraHelperCredentials::gdbusGetPid(std::move(conn),
 523                          requestedName.c_str());
 524         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 525                           << "; expected = " << expectedPid);
 526     }, "tccgd06");
 527 }
 528
 529
 530 SdBusConnectionPtr createSdBusConnection(const std::string &requestedName) {
 531     sd_bus *bus = NULL;
 532
 533     int r = sd_bus_default_system(&bus);
 534     RUNNER_ASSERT_MSG(r >= 0, "Failed to connect do system bus: %s" << strerror(-r));
 535
 536     if (requestedName.empty() == false) {
 537         r = sd_bus_request_name(bus, requestedName.c_str(), SD_BUS_NAME_REPLACE_EXISTING);
 538         RUNNER_ASSERT_MSG(r >= 0, "Error in sd_bus_request_name");
 539     }
 540
 541     SdBusConnectionPtr ret(bus, [] (sd_bus *busConnection) {
 542         sd_bus_unref(busConnection);
 543     });
 544
 545     return ret;
 546 }
 547
 548 typedef std::function<void(SdBusConnectionPtr conn, pid_t pid, const std::string &requestedName,
 549                            const ProcessCredentials &peerCredentials)> SdBusAssertionFn;
 550
 551 void sdBusTestTemplate(SdBusAssertionFn assertion) {
 552     std::string requestedName = "tests.dbus.cynara";
 553     const ProcessCredentials peerCredentials;
 554
 555     SynchronizationPipe pipe;
 556     pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName),
 557                            std::cref(peerCredentials)));
 558
 559     pipe.claimParentEp();
 560     pipe.wait();
 561
 562     auto conn = createSdBusConnection("");
 563     assertion(std::move(conn), pid, requestedName, peerCredentials);
 564     pipe.post();
 565 }
 566
 567
 568 RUNNER_TEST_GROUP_INIT(cynara_creds_sd_bus)
 569
 570 void testSdBusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 571     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t pid,
 572                         const std::string &requestedName,
 573                         const ProcessCredentials &) {
 574         CStringPtr clientPidStr(CynaraHelperCredentials::sdBusGetClient(std::move(conn),
 575                                 requestedName.c_str(), method, CYNARA_API_SUCCESS));
 576         pid_t clientPid = std::stoi(clientPidStr.get());
 577         RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid
 578                           << "; expected = " << pid);
 579     });
 580 }
 581
 582 void testSdBusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 583     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 584                         const std::string &requestedName,
 585                         const ProcessCredentials &peerCredentials) {
 586         CStringPtr label(CynaraHelperCredentials::sdBusGetClient(std::move(conn),
 587                          requestedName.c_str(), method, CYNARA_API_SUCCESS));
 588         RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(),
 589                           "Labels don't match ret = " << label.get()
 590                           << "; expected = " << peerCredentials.label());
 591     });
 592 }
 593
 594 RUNNER_MULTIPROCESS_TEST(tccsd01_sd_bus_credentials_client_pid)
 595 {
 596     testSdBusClientPid();
 597 }
 598
 599 RUNNER_MULTIPROCESS_TEST_SMACK(tccsd02_sd_bus_credentials_client_smack)
 600 {
 601     testSdBusClientSmack();
 602 }
 603
 604 RUNNER_MULTIPROCESS_TEST_SMACK(tccsd03_sd_bus_credentials_client_default)
 605 {
 606     auto method = getClientDefaultMethod();
 607     switch(method) {
 608     case CLIENT_METHOD_SMACK:
 609         testSdBusClientSmack(CLIENT_METHOD_DEFAULT);
 610         break;
 611     case CLIENT_METHOD_PID:
 612         testSdBusClientPid(CLIENT_METHOD_DEFAULT);
 613         break;
 614     default:
 615         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value "
 616                         << method);
 617     }
 618 }
 619
 620 void testSdBusUserUid(cynara_user_creds method = USER_METHOD_UID) {
 621     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 622                         const std::string &requestedName,
 623                         const ProcessCredentials &peerCredentials) {
 624         CStringPtr uidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn),
 625                           requestedName.c_str(), method, CYNARA_API_SUCCESS));
 626         uid_t uid = std::stoul(uidStr.get());
 627         RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid
 628                           << "; expected = "<< peerCredentials.uid());
 629     });
 630 }
 631
 632 void testSdBusUserGid(cynara_user_creds method = USER_METHOD_GID) {
 633     sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t,
 634                         const std::string &requestedName,
 635                         const ProcessCredentials &peerCredentials) {
 636         CStringPtr gidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn),
 637                           requestedName.c_str(), method, CYNARA_API_SUCCESS));
 638         gid_t gid = std::stoul(gidStr.get());
 639         RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid
 640                           << "; expected = "<< peerCredentials.gid());
 641     });
 642 }
 643
 644 RUNNER_MULTIPROCESS_TEST(tccsd04_sd_bus_credentials_user_uid)
 645 {
 646     testSdBusUserUid();
 647 }
 648
 649 RUNNER_MULTIPROCESS_TEST(tccsd05_sd_bus_credentials_user_gid)
 650 {
 651     testSdBusUserGid();
 652 }
 653
 654 RUNNER_MULTIPROCESS_TEST(tccsd06_sd_bus_credentials_user_default)
 655 {
 656     auto method = getUserDefaultMethod();
 657     switch(method) {
 658     case USER_METHOD_UID:
 659         testSdBusUserUid(USER_METHOD_DEFAULT);
 660         break;
 661     case USER_METHOD_GID:
 662         testSdBusUserGid(USER_METHOD_DEFAULT);
 663         break;
 664     default:
 665         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value "
 666                         << method);
 667     }
 668 }
 669
 670 RUNNER_TEST_SMACK(tccd07_sd_bus_credentials_pid) {
 671     sdBusTestTemplate([] (SdBusConnectionPtr conn, pid_t expectedPid,
 672                           const std::string &requestedName, const ProcessCredentials &) {
 673         auto helperPid = CynaraHelperCredentials::sdBusGetPid(std::move(conn),
 674                          requestedName.c_str(), CYNARA_API_SUCCESS);
 675         RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid
 676                           << "; expected = " << expectedPid);
 677     });
 678 }
 679
 680
 681 RUNNER_TEST_GROUP_INIT(cynara_creds_self)
 682
 683 void testCredsClientSelf(cynara_client_creds method, const std::string &expected) {
 684     char *client;
 685     int ret = cynara_creds_self_get_client(method, &client);
 686     CStringPtr clientPtr(client);
 687     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_client failed with " << ret);
 688     RUNNER_ASSERT_MSG(expected == client, "expected client doesn't match, expected: " << expected
 689                                           << ", got : " << client);
 690 }
 691
 692 void testCredsUserSelf(cynara_user_creds method, const std::string &expected) {
 693     char *user;
 694     int ret = cynara_creds_self_get_user(method, &user);
 695     CStringPtr clientPtr(user);
 696     RUNNER_ASSERT_MSG(ret == CYNARA_API_SUCCESS, "cynara_creds_self_get_user failed with " << ret);
 697     RUNNER_ASSERT_MSG(expected == user, "expected user doesn't match, expected: " << expected
 698                                           << ", got : " << user);
 699 }
 700
 701 void testSelfClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) {
 702     std::string label = "test-label";
 703     change_label(label.c_str());
 704     testCredsClientSelf(method, label);
 705 }
 706
 707 void testSelfClientPid(cynara_client_creds method = CLIENT_METHOD_PID) {
 708     pid_t pid = getpid();
 709     testCredsClientSelf(method, std::to_string(pid));
 710 }
 711
 712 void testSelfUserUid(cynara_user_creds method = USER_METHOD_UID) {
 713     uid_t uid = getuid();
 714     testCredsUserSelf(method, std::to_string(uid));
 715 }
 716
 717 void testSelfUserGid(cynara_user_creds method = USER_METHOD_GID) {
 718     gid_t gid = getgid();
 719     testCredsUserSelf(method, std::to_string(gid));
 720 }
 721
 722 RUNNER_CHILD_TEST_SMACK(tccsl01_self_credentials_client_smack) {
 723     testSelfClientSmack();
 724 }
 725
 726 RUNNER_CHILD_TEST_SMACK(tccsl02_self_credentials_client_pid) {
 727     testSelfClientPid();
 728 }
 729
 730 RUNNER_CHILD_TEST_SMACK(tccsl03_self_credentials_user_uid) {
 731     testSelfUserUid();
 732 }
 733
 734 RUNNER_CHILD_TEST_SMACK(tccsl04_self_credentials_user_gid) {
 735     testSelfUserGid();
 736 }
 737
 738 RUNNER_CHILD_TEST_SMACK(tccsl05_self_credentials_client_default) {
 739     auto method = getClientDefaultMethod();
 740     switch(method) {
 741     case CLIENT_METHOD_SMACK:
 742         testSelfClientSmack(CLIENT_METHOD_DEFAULT);
 743         break;
 744     case CLIENT_METHOD_PID:
 745         testSelfClientPid(CLIENT_METHOD_DEFAULT);
 746         break;
 747     default:
 748         RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value " << method);
 749     }
 750 }
 751
 752 RUNNER_CHILD_TEST_SMACK(tccsl06_self_credentials_user_default) {
 753     auto method = getUserDefaultMethod();
 754     switch(method) {
 755     case USER_METHOD_UID:
 756         testSelfUserUid(USER_METHOD_DEFAULT);
 757         break;
 758     case USER_METHOD_GID:
 759         testSelfUserGid(USER_METHOD_DEFAULT);
 760         break;
 761     default:
 762         RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value " << method);
 763     }
 764 }