From d73ae48d0c3783f2571522d48a5eaa702d3391f6 Mon Sep 17 00:00:00 2001 From: Monika Zielinska Date: Wed, 31 Oct 2018 09:44:45 +0100 Subject: [PATCH] Add sd-bus cynara API tests Change-Id: Ice5413156be6bd239be0898a5577b7f9ad6efcf7 --- packaging/security-tests.spec | 2 + src/common/CMakeLists.txt | 1 + src/common/cynara_helpers_creds.cpp | 31 ++++++- src/common/cynara_helpers_creds.h | 10 ++- src/common/cynara_helpers_dbus.h | 5 +- src/cynara-tests/CMakeLists.txt | 4 +- src/cynara-tests/test_cases_helpers.cpp | 155 +++++++++++++++++++++++++++++++- 7 files changed, 203 insertions(+), 5 deletions(-) diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec index f96f79b..2dfcfe4 100644 --- a/packaging/security-tests.spec +++ b/packaging/security-tests.spec @@ -25,11 +25,13 @@ BuildRequires: pkgconfig(openssl) BuildRequires: cynara-devel BuildRequires: libcynara-creds-dbus-devel BuildRequires: libcynara-creds-gdbus-devel +BuildRequires: libcynara-creds-sd-bus-devel BuildRequires: pkgconfig(libtzplatform-config) BuildRequires: boost-devel BuildRequires: pkgconfig(vconf) BuildRequires: pkgconfig(libgum) >= 1.0.5 BuildRequires: pkgconfig(security-privilege-manager) +BuildRequires: pkgconfig(libsystemd) Requires: perf Requires: gdb Requires: diffutils diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt index caccd72..b75ce1b 100644 --- a/src/common/CMakeLists.txt +++ b/src/common/CMakeLists.txt @@ -12,6 +12,7 @@ PKG_CHECK_MODULES(COMMON_TARGET_DEP cynara-creds-socket cynara-creds-dbus cynara-creds-gdbus + cynara-creds-sd-bus security-manager REQUIRED ) diff --git a/src/common/cynara_helpers_creds.cpp b/src/common/cynara_helpers_creds.cpp index dc1c904..deaaf93 100644 --- a/src/common/cynara_helpers_creds.cpp +++ b/src/common/cynara_helpers_creds.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,6 +25,7 @@ #include #include #include +#include #include "cynara_helpers_creds.h" @@ -113,4 +114,32 @@ pid_t gdbusGetPid(GDBusConnectionPtr connection, const char *uniqueName) { return pid; } +char *sdBusGetClient(SdBusConnectionPtr connection, const char *uniqueName, + cynara_client_creds method, int expectedResult) { + char *buff = nullptr; + auto ret = cynara_creds_sd_bus_get_client(connection.get(), uniqueName, method, &buff); + RUNNER_ASSERT_MSG(ret == expectedResult, + "cynara_creds_sd_bus_get_client failed, ret = " << ret + << "; expected = " << expectedResult); + return buff; +} + +char *sdBusGetUser(SdBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method, + int expectedResult) { + char *buff = nullptr; + auto ret = cynara_creds_sd_bus_get_user(connection.get(), uniqueName, method, &buff); + RUNNER_ASSERT_MSG(ret == expectedResult, + "cynara_creds_sd_bus_get_user failed, ret = " << ret + << "; expected = " << expectedResult); + return buff; +} + +pid_t sdBusGetPid(SdBusConnectionPtr connection, const char *uniqueName, int expectedResult) { + pid_t pid = -1; + auto ret = cynara_creds_sd_bus_get_pid(connection.get(), uniqueName, &pid); + RUNNER_ASSERT_MSG(ret == expectedResult, "cynara_creds_sd_bus_get_pid failed, ret = " << ret + << "; expected = " << expectedResult); + return pid; +} + } //namespace CynaraHelperCredentials diff --git a/src/common/cynara_helpers_creds.h b/src/common/cynara_helpers_creds.h index cafe423..4214876 100644 --- a/src/common/cynara_helpers_creds.h +++ b/src/common/cynara_helpers_creds.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -61,6 +61,14 @@ char *gdbusGetUser(GDBusConnectionPtr connection, const char *uniqueName, cynara pid_t gdbusGetPid(GDBusConnectionPtr connection, const char *uniqueName); +char *sdBusGetClient(SdBusConnectionPtr connection, const char *uniqueName, + cynara_client_creds method, int expectedResult); + +char *sdBusGetUser(SdBusConnectionPtr connection, const char *uniqueName, cynara_user_creds method, + int expectedResult); + +pid_t sdBusGetPid(SdBusConnectionPtr connection, const char *uniqueName, int expectedResult); + } // namespace CynaraHelperCredentials #endif // CYNARA_TEST_HELPERS_H_ diff --git a/src/common/cynara_helpers_dbus.h b/src/common/cynara_helpers_dbus.h index 19c1b24..ad3a22d 100644 --- a/src/common/cynara_helpers_dbus.h +++ b/src/common/cynara_helpers_dbus.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,11 +25,14 @@ #include #include #include +#include typedef std::function DBusConnectionCloseAndUnref; typedef std::function GDBusConnectionCloseAndUnref; +typedef std::function SdBusConnectionUnref; typedef std::unique_ptr DBusConnectionPtr; typedef std::unique_ptr GDBusConnectionPtr; +typedef std::unique_ptr SdBusConnectionPtr; #endif // CYNARA_TEST_HELPERS_DBUS_H_ diff --git a/src/cynara-tests/CMakeLists.txt b/src/cynara-tests/CMakeLists.txt index 811ddb0..bf592b4 100644 --- a/src/cynara-tests/CMakeLists.txt +++ b/src/cynara-tests/CMakeLists.txt @@ -1,4 +1,4 @@ -# Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved +# Copyright (c) 2014-2018 Samsung Electronics Co., Ltd All Rights Reserved # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -26,12 +26,14 @@ PKG_CHECK_MODULES(CYNARA_TARGET_DEP cynara-client-async cynara-creds-dbus cynara-creds-gdbus + cynara-creds-sd-bus cynara-creds-self cynara-creds-socket cynara-monitor cynara-plugin dbus-1 glib-2.0 + libsystemd ) FIND_PACKAGE (Threads) diff --git a/src/cynara-tests/test_cases_helpers.cpp b/src/cynara-tests/test_cases_helpers.cpp index 33481a6..ec5ce0e 100644 --- a/src/cynara-tests/test_cases_helpers.cpp +++ b/src/cynara-tests/test_cases_helpers.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016 Samsung Electronics Co., Ltd All Rights Reserved + * Copyright (c) 2015-2018 Samsung Electronics Co., Ltd All Rights Reserved * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -31,6 +31,7 @@ #include #include #include +#include #include #include @@ -525,6 +526,158 @@ RUNNER_MULTIPROCESS_TEST(tccgd06_gdbus_credentials_pid) { }, "tccgd06"); } + +SdBusConnectionPtr createSdBusConnection(const std::string &requestedName) { + sd_bus *bus = NULL; + + int r = sd_bus_default_system(&bus); + RUNNER_ASSERT_MSG(r >= 0, "Failed to connect do system bus: %s" << strerror(-r)); + + if (requestedName.empty() == false) { + r = sd_bus_request_name(bus, requestedName.c_str(), SD_BUS_NAME_REPLACE_EXISTING); + RUNNER_ASSERT_MSG(r >= 0, "Error in sd_bus_request_name"); + } + + SdBusConnectionPtr ret(bus, [] (sd_bus *busConnection) { + sd_bus_unref(busConnection); + }); + + return ret; +} + +typedef std::function SdBusAssertionFn; + +void sdBusTestTemplate(SdBusAssertionFn assertion) { + std::string requestedName = "tests.dbus.cynara"; + const ProcessCredentials peerCredentials; + + SynchronizationPipe pipe; + pid_t pid = runInChild(std::bind(dbusServer, std::ref(pipe), std::cref(requestedName), + std::cref(peerCredentials))); + + pipe.claimParentEp(); + pipe.wait(); + + auto conn = createSdBusConnection(""); + assertion(std::move(conn), pid, requestedName, peerCredentials); + pipe.post(); +} + + +RUNNER_TEST_GROUP_INIT(cynara_creds_sd_bus) + +void testSdBusClientPid(cynara_client_creds method = CLIENT_METHOD_PID) { + sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t pid, + const std::string &requestedName, + const ProcessCredentials &) { + CStringPtr clientPidStr(CynaraHelperCredentials::sdBusGetClient(std::move(conn), + requestedName.c_str(), method, CYNARA_API_SUCCESS)); + pid_t clientPid = std::stoi(clientPidStr.get()); + RUNNER_ASSERT_MSG(pid == clientPid, "PIDs don't match ret = " << clientPid + << "; expected = " << pid); + }); +} + +void testSdBusClientSmack(cynara_client_creds method = CLIENT_METHOD_SMACK) { + sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t, + const std::string &requestedName, + const ProcessCredentials &peerCredentials) { + CStringPtr label(CynaraHelperCredentials::sdBusGetClient(std::move(conn), + requestedName.c_str(), method, CYNARA_API_SUCCESS)); + RUNNER_ASSERT_MSG(peerCredentials.label() == label.get(), + "Labels don't match ret = " << label.get() + << "; expected = " << peerCredentials.label()); + }); +} + +RUNNER_MULTIPROCESS_TEST(tccsd01_sd_bus_credentials_client_pid) +{ + testSdBusClientPid(); +} + +RUNNER_MULTIPROCESS_TEST_SMACK(tccsd02_sd_bus_credentials_client_smack) +{ + testSdBusClientSmack(); +} + +RUNNER_MULTIPROCESS_TEST_SMACK(tccsd03_sd_bus_credentials_client_default) +{ + auto method = getClientDefaultMethod(); + switch(method) { + case CLIENT_METHOD_SMACK: + testSdBusClientSmack(CLIENT_METHOD_DEFAULT); + break; + case CLIENT_METHOD_PID: + testSdBusClientPid(CLIENT_METHOD_DEFAULT); + break; + default: + RUNNER_FAIL_MSG("cynara_creds_get_default_client_method returned unexpected value " + << method); + } +} + +void testSdBusUserUid(cynara_user_creds method = USER_METHOD_UID) { + sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t, + const std::string &requestedName, + const ProcessCredentials &peerCredentials) { + CStringPtr uidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn), + requestedName.c_str(), method, CYNARA_API_SUCCESS)); + uid_t uid = std::stoul(uidStr.get()); + RUNNER_ASSERT_MSG(peerCredentials.uid() == uid, "UIDs don't match ret = " << uid + << "; expected = "<< peerCredentials.uid()); + }); +} + +void testSdBusUserGid(cynara_user_creds method = USER_METHOD_GID) { + sdBusTestTemplate([method] (SdBusConnectionPtr conn, pid_t, + const std::string &requestedName, + const ProcessCredentials &peerCredentials) { + CStringPtr gidStr(CynaraHelperCredentials::sdBusGetUser(std::move(conn), + requestedName.c_str(), method, CYNARA_API_SUCCESS)); + gid_t gid = std::stoul(gidStr.get()); + RUNNER_ASSERT_MSG(peerCredentials.gid() == gid, "GIDs don't match ret = " << gid + << "; expected = "<< peerCredentials.gid()); + }); +} + +RUNNER_MULTIPROCESS_TEST(tccsd04_sd_bus_credentials_user_uid) +{ + testSdBusUserUid(); +} + +RUNNER_MULTIPROCESS_TEST(tccsd05_sd_bus_credentials_user_gid) +{ + testSdBusUserGid(); +} + +RUNNER_MULTIPROCESS_TEST(tccsd06_sd_bus_credentials_user_default) +{ + auto method = getUserDefaultMethod(); + switch(method) { + case USER_METHOD_UID: + testSdBusUserUid(USER_METHOD_DEFAULT); + break; + case USER_METHOD_GID: + testSdBusUserGid(USER_METHOD_DEFAULT); + break; + default: + RUNNER_FAIL_MSG("cynara_creds_get_default_user_method returned unexpected value " + << method); + } +} + +RUNNER_TEST_SMACK(tccd07_sd_bus_credentials_pid) { + sdBusTestTemplate([] (SdBusConnectionPtr conn, pid_t expectedPid, + const std::string &requestedName, const ProcessCredentials &) { + auto helperPid = CynaraHelperCredentials::sdBusGetPid(std::move(conn), + requestedName.c_str(), CYNARA_API_SUCCESS); + RUNNER_ASSERT_MSG(helperPid == expectedPid, "PIDs don't match ret = " << helperPid + << "; expected = " << expectedPid); + }); +} + + RUNNER_TEST_GROUP_INIT(cynara_creds_self) void testCredsClientSelf(cynara_client_creds method, const std::string &expected) { -- 2.7.4