Page MenuHomeFreeBSD
Differential D15869 Diff 44008 head/tests/sys/audit/network.c

Changeset View

Standalone View

View Options

head/tests/sys/audit/network.c

Show All 26 Lines
#include <sys/types.h> #include <sys/types.h>
#include <sys/socket.h> #include <sys/socket.h>
#include <sys/un.h> #include <sys/un.h>
#include <atf-c.h> #include <atf-c.h>
#include <fcntl.h> #include <fcntl.h>
#include <stdarg.h> #include <stdarg.h>
#include <unistd.h>
#include "utils.h" #include "utils.h"
#define MAX_DATA 1024
#define SERVER_PATH "server" #define SERVER_PATH "server"
static int sockfd, sockfd2; static int sockfd, sockfd2, connectfd;
static socklen_t len; static ssize_t data_bytes;
static struct pollfd fds[1]; static struct pollfd fds[1];
static struct sockaddr_un server;
static char extregex[80]; static char extregex[80];
static char data[MAX_DATA];
static socklen_t len = sizeof(struct sockaddr_un);
static char msgbuff[MAX_DATA] = "This message does not exist";
static const char *auclass = "nt"; static const char *auclass = "nt";
static const char *nosupregex = "return,failure : Address family " static const char *nosupregex = "return,failure : Address family "
"not supported by protocol family"; "not supported by protocol family";
static const char *invalregex = "return,failure : Bad file descriptor"; static const char *invalregex = "return,failure : Bad file descriptor";
/* /*
* Variadic function to close socket descriptors * Variadic function to close socket descriptors
*/ */
static void static void
close_sockets(int count, ...) close_sockets(int count, ...)
{ {
int sockd; int sockd;
va_list socklist; va_list socklist;
va_start(socklist, count); va_start(socklist, count);
for (sockd = 0; sockd < count; sockd++) { for (sockd = 0; sockd < count; sockd++) {
close(va_arg(socklist, int)); close(va_arg(socklist, int));
} }
va_end(socklist); va_end(socklist);
} }
/* /*
* Assign local filesystem address to a Unix domain socket * Assign local filesystem address to a Unix domain socket
*/ */
static void static void
assign_address(struct sockaddr_un *server) assign_address(struct sockaddr_un *serveraddr)
{ {
memset(server, 0, sizeof(*server)); memset(serveraddr, 0, sizeof(*serveraddr));
server->sun_family = AF_UNIX; serveraddr->sun_family = AF_UNIX;
strcpy(server->sun_path, SERVER_PATH); strcpy(serveraddr->sun_path, SERVER_PATH);
} }
ATF_TC_WITH_CLEANUP(socket_success); ATF_TC_WITH_CLEANUP(socket_success);
ATF_TC_HEAD(socket_success, tc) ATF_TC_HEAD(socket_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"socket(2) call"); "socket(2) call");
▲ Show 20 LinesShow All 116 Lines▼ Show 20 Lines
ATF_TC_HEAD(setsockopt_failure, tc) ATF_TC_HEAD(setsockopt_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"setsockopt(2) call"); "setsockopt(2) call");
} }
ATF_TC_BODY(setsockopt_failure, tc) ATF_TC_BODY(setsockopt_failure, tc)
{ {
int tr = 1;
snprintf(extregex, sizeof(extregex), "setsockopt.*%s", invalregex); snprintf(extregex, sizeof(extregex), "setsockopt.*%s", invalregex);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, setsockopt(-1, SOL_SOCKET, ATF_REQUIRE_EQ(-1, setsockopt(-1, SOL_SOCKET, 0, NULL, 0));
SO_REUSEADDR, &tr, sizeof(int)));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
} }
ATF_TC_CLEANUP(setsockopt_failure, tc) ATF_TC_CLEANUP(setsockopt_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(bind_success); ATF_TC_WITH_CLEANUP(bind_success);
ATF_TC_HEAD(bind_success, tc) ATF_TC_HEAD(bind_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"bind(2) call"); "bind(2) call");
} }
ATF_TC_BODY(bind_success, tc) ATF_TC_BODY(bind_success, tc)
{ {
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
/* Preliminary socket setup */ /* Preliminary socket setup */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Check the presence of AF_UNIX address path in audit record */ /* Check the presence of AF_UNIX address path in audit record */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"bind.*unix.*%s.*return,success", SERVER_PATH); "bind.*unix.*%s.*return,success", SERVER_PATH);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
Show All 11 Lines
ATF_TC_HEAD(bind_failure, tc) ATF_TC_HEAD(bind_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"bind(2) call"); "bind(2) call");
} }
ATF_TC_BODY(bind_failure, tc) ATF_TC_BODY(bind_failure, tc)
{ {
/* Preliminary socket setup */
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
/* Check the presence of AF_UNIX path in audit record */ /* Check the presence of AF_UNIX path in audit record */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"bind.*%s.*return,failure", SERVER_PATH); "bind.*%s.*return,failure", SERVER_PATH);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, bind(0, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(-1, bind(0, (struct sockaddr *)&server, len));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
Show All 9 Lines
ATF_TC_HEAD(bindat_success, tc) ATF_TC_HEAD(bindat_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"bindat(2) call"); "bindat(2) call");
} }
ATF_TC_BODY(bindat_success, tc) ATF_TC_BODY(bindat_success, tc)
{ {
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
/* Preliminary socket setup */ /* Preliminary socket setup */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Check the presence of socket descriptor in audit record */ /* Check the presence of socket descriptor in audit record */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"bindat.*0x%x.*return,success", sockfd); "bindat.*0x%x.*return,success", sockfd);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE_EQ(0, bindat(AT_FDCWD, sockfd, ATF_REQUIRE_EQ(0, bindat(AT_FDCWD, sockfd,
Show All 12 Lines
ATF_TC_HEAD(bindat_failure, tc) ATF_TC_HEAD(bindat_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"bindat(2) call"); "bindat(2) call");
} }
ATF_TC_BODY(bindat_failure, tc) ATF_TC_BODY(bindat_failure, tc)
{ {
/* Preliminary socket setup */
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
snprintf(extregex, sizeof(extregex), "bindat.*%s", invalregex); snprintf(extregex, sizeof(extregex), "bindat.*%s", invalregex);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, -1, ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, -1,
(struct sockaddr *)&server, len)); (struct sockaddr *)&server, len));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
} }
ATF_TC_CLEANUP(bindat_failure, tc) ATF_TC_CLEANUP(bindat_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(listen_success); ATF_TC_WITH_CLEANUP(listen_success);
ATF_TC_HEAD(listen_success, tc) ATF_TC_HEAD(listen_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"listen(2) call"); "listen(2) call");
} }
ATF_TC_BODY(listen_success, tc) ATF_TC_BODY(listen_success, tc)
{ {
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
/* Preliminary socket setup */ /* Preliminary socket setup */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
/* Check the presence of socket descriptor in the audit record */ /* Check the presence of socket descriptor in the audit record */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"listen.*0x%x.*return,success", sockfd); "listen.*0x%x.*return,success", sockfd);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
Show All 34 Lines
ATF_TC_HEAD(connect_success, tc) ATF_TC_HEAD(connect_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"connect(2) call"); "connect(2) call");
} }
ATF_TC_BODY(connect_success, tc) ATF_TC_BODY(connect_success, tc)
{ {
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un); /* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Setup a non-blocking server socket */
ATF_REQUIRE((sockfd = socket(PF_UNIX,
SOCK_STREAM | SOCK_NONBLOCK, 0)) != -1);
/* Bind to the specified address and wait for connection */
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
ATF_REQUIRE_EQ(0, listen(sockfd, 1)); ATF_REQUIRE_EQ(0, listen(sockfd, 1));
/* Set up "blocking" client socket */ /* Set up "blocking" client socket */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Audit record must contain AF_UNIX address path & sockfd2 */ /* Audit record must contain AF_UNIX address path & sockfd2 */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
Show All 17 Lines
ATF_TC_HEAD(connect_failure, tc) ATF_TC_HEAD(connect_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"connect(2) call"); "connect(2) call");
} }
ATF_TC_BODY(connect_failure, tc) ATF_TC_BODY(connect_failure, tc)
{ {
/* Preliminary socket setup */
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
/* Audit record must contain AF_UNIX address path */ /* Audit record must contain AF_UNIX address path */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"connect.*%s.*return,failure", SERVER_PATH); "connect.*%s.*return,failure", SERVER_PATH);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, connect(-1, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(-1, connect(-1, (struct sockaddr *)&server, len));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
Show All 9 Lines
ATF_TC_HEAD(connectat_success, tc) ATF_TC_HEAD(connectat_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"connectat(2) call"); "connectat(2) call");
} }
ATF_TC_BODY(connectat_success, tc) ATF_TC_BODY(connectat_success, tc)
{ {
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un); /* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Setup a non-blocking server socket */
ATF_REQUIRE((sockfd = socket(PF_UNIX,
SOCK_STREAM | SOCK_NONBLOCK, 0)) != -1);
/* Bind to the specified address and wait for connection */
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
ATF_REQUIRE_EQ(0, listen(sockfd, 1)); ATF_REQUIRE_EQ(0, listen(sockfd, 1));
/* Set up "blocking" client socket */ /* Set up "blocking" client socket */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Audit record must contain sockfd2 */ /* Audit record must contain sockfd2 */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
Show All 18 Lines
ATF_TC_HEAD(connectat_failure, tc) ATF_TC_HEAD(connectat_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"connectat(2) call"); "connectat(2) call");
} }
ATF_TC_BODY(connectat_failure, tc) ATF_TC_BODY(connectat_failure, tc)
{ {
/* Preliminary socket setup */
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un);
snprintf(extregex, sizeof(extregex), "connectat.*%s", invalregex); snprintf(extregex, sizeof(extregex), "connectat.*%s", invalregex);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, connectat(AT_FDCWD, -1, ATF_REQUIRE_EQ(-1, connectat(AT_FDCWD, -1,
(struct sockaddr *)&server, len)); (struct sockaddr *)&server, len));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
} }
ATF_TC_CLEANUP(connectat_failure, tc) ATF_TC_CLEANUP(connectat_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(accept_success); ATF_TC_WITH_CLEANUP(accept_success);
ATF_TC_HEAD(accept_success, tc) ATF_TC_HEAD(accept_success, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful " atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"accept(2) call"); "accept(2) call");
} }
ATF_TC_BODY(accept_success, tc) ATF_TC_BODY(accept_success, tc)
{ {
int clientfd;
struct sockaddr_un server;
assign_address(&server); assign_address(&server);
len = sizeof(struct sockaddr_un); /* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
/* Setup a non-blocking server socket */
ATF_REQUIRE((sockfd = socket(PF_UNIX,
SOCK_STREAM | SOCK_NONBLOCK, 0)) != -1);
/* Bind to the specified address and wait for connection */
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
ATF_REQUIRE_EQ(0, listen(sockfd, 1)); ATF_REQUIRE_EQ(0, listen(sockfd, 1));
/* Set up "blocking" client socket */ /* Set up "blocking" client socket */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1); ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len)); ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE((clientfd = accept(sockfd, NULL, &len)) != -1); ATF_REQUIRE((connectfd = accept(sockfd, NULL, &len)) != -1);
/* Audit record must contain clientfd & sockfd */ /* Audit record must contain connectfd & sockfd */
snprintf(extregex, sizeof(extregex), snprintf(extregex, sizeof(extregex),
"accept.*0x%x.*return,success,%d", sockfd, clientfd); "accept.*0x%x.*return,success,%d", sockfd, connectfd);
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
/* Close all socket descriptors */ /* Close all socket descriptors */
close_sockets(3, sockfd, sockfd2, clientfd); close_sockets(3, sockfd, sockfd2, connectfd);
} }
ATF_TC_CLEANUP(accept_success, tc) ATF_TC_CLEANUP(accept_success, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(accept_failure); ATF_TC_WITH_CLEANUP(accept_failure);
ATF_TC_HEAD(accept_failure, tc) ATF_TC_HEAD(accept_failure, tc)
{ {
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful " atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"accept(2) call"); "accept(2) call");
} }
ATF_TC_BODY(accept_failure, tc) ATF_TC_BODY(accept_failure, tc)
{ {
/* Preliminary socket setup */
struct sockaddr_un client;
len = sizeof(struct sockaddr_un);
snprintf(extregex, sizeof(extregex), "accept.*%s", invalregex); snprintf(extregex, sizeof(extregex), "accept.*%s", invalregex);
FILE *pipefd = setup(fds, auclass); FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */ /* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, accept(-1, (struct sockaddr *)&client, &len)); ATF_REQUIRE_EQ(-1, accept(-1, NULL, NULL));
check_audit(fds, extregex, pipefd); check_audit(fds, extregex, pipefd);
} }
ATF_TC_CLEANUP(accept_failure, tc) ATF_TC_CLEANUP(accept_failure, tc)
{ {
cleanup(); cleanup();
} }
ATF_TC_WITH_CLEANUP(send_success);
ATF_TC_HEAD(send_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"send(2) call");
}
ATF_TC_BODY(send_success, tc)
{
assign_address(&server);
/* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
ATF_REQUIRE_EQ(0, listen(sockfd, 1));
/* Set up "blocking" client and connect with non-blocking server */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
ATF_REQUIRE((connectfd = accept(sockfd, NULL, &len)) != -1);
/* Send a sample message to the connected socket */
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE((data_bytes =
send(sockfd2, msgbuff, strlen(msgbuff), 0)) != -1);
/* Audit record must contain sockfd2 and data_bytes */
snprintf(extregex, sizeof(extregex),
"send.*0x%x.*return,success,%zd", sockfd2, data_bytes);
check_audit(fds, extregex, pipefd);
/* Close all socket descriptors */
close_sockets(3, sockfd, sockfd2, connectfd);
}
ATF_TC_CLEANUP(send_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(send_failure);
ATF_TC_HEAD(send_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"send(2) call");
}
ATF_TC_BODY(send_failure, tc)
{
snprintf(extregex, sizeof(extregex), "send.*%s", invalregex);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, send(-1, NULL, 0, 0));
check_audit(fds, extregex, pipefd);
}
ATF_TC_CLEANUP(send_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(recv_success);
ATF_TC_HEAD(recv_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"recv(2) call");
}
ATF_TC_BODY(recv_success, tc)
{
assign_address(&server);
/* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
ATF_REQUIRE_EQ(0, listen(sockfd, 1));
/* Set up "blocking" client and connect with non-blocking server */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
ATF_REQUIRE((connectfd = accept(sockfd, NULL, &len)) != -1);
/* Send a sample message to the connected socket */
ATF_REQUIRE(send(sockfd2, msgbuff, strlen(msgbuff), 0) != -1);
/* Receive data once connectfd is ready for reading */
FILE *pipefd = setup(fds, auclass);
//ATF_REQUIRE(check_readfs(connectfd) != 0);
ATF_REQUIRE((data_bytes = recv(connectfd, data, MAX_DATA, 0)) != 0);
/* Audit record must contain connectfd and data_bytes */
snprintf(extregex, sizeof(extregex),
"recv.*0x%x.*return,success,%zd", connectfd, data_bytes);
check_audit(fds, extregex, pipefd);
/* Close all socket descriptors */
close_sockets(3, sockfd, sockfd2, connectfd);
}
ATF_TC_CLEANUP(recv_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(recv_failure);
ATF_TC_HEAD(recv_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"recv(2) call");
}
ATF_TC_BODY(recv_failure, tc)
{
snprintf(extregex, sizeof(extregex), "recv.*%s", invalregex);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, recv(-1, NULL, 0, 0));
check_audit(fds, extregex, pipefd);
}
ATF_TC_CLEANUP(recv_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(sendto_success);
ATF_TC_HEAD(sendto_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"sendto(2) call");
}
ATF_TC_BODY(sendto_success, tc)
{
assign_address(&server);
/* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_DGRAM, 0)) != -1);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
/* Set up client socket to be used for sending the data */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_DGRAM, 0)) != -1);
/* Send a sample message to server's address */
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE((data_bytes = sendto(sockfd2, msgbuff,
strlen(msgbuff), 0, (struct sockaddr *)&server, len)) != -1);
/* Audit record must contain sockfd2 and data_bytes */
snprintf(extregex, sizeof(extregex),
"sendto.*0x%x.*return,success,%zd", sockfd2, data_bytes);
check_audit(fds, extregex, pipefd);
/* Close all socket descriptors */
close_sockets(2, sockfd, sockfd2);
}
ATF_TC_CLEANUP(sendto_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(sendto_failure);
ATF_TC_HEAD(sendto_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"sendto(2) call");
}
ATF_TC_BODY(sendto_failure, tc)
{
snprintf(extregex, sizeof(extregex), "sendto.*%s", invalregex);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, sendto(-1, NULL, 0, 0, NULL, 0));
check_audit(fds, extregex, pipefd);
}
ATF_TC_CLEANUP(sendto_failure, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(recvfrom_success);
ATF_TC_HEAD(recvfrom_success, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
"recvfrom(2) call");
}
ATF_TC_BODY(recvfrom_success, tc)
{
assign_address(&server);
/* Setup a server socket and bind to the specified address */
ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_DGRAM, 0)) != -1);
ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
/* Set up client socket to be used for sending the data */
ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_DGRAM, 0)) != -1);
ATF_REQUIRE(sendto(sockfd2, msgbuff, strlen(msgbuff), 0,
(struct sockaddr *)&server, len) != -1);
/* Receive data once sockfd is ready for reading */
FILE *pipefd = setup(fds, auclass);
ATF_REQUIRE((data_bytes = recvfrom(sockfd, data,
MAX_DATA, 0, NULL, &len)) != 0);
/* Audit record must contain sockfd and data_bytes */
snprintf(extregex, sizeof(extregex),
"recvfrom.*0x%x.*return,success,%zd", sockfd, data_bytes);
check_audit(fds, extregex, pipefd);
/* Close all socket descriptors */
close_sockets(2, sockfd, sockfd2);
}
ATF_TC_CLEANUP(recvfrom_success, tc)
{
cleanup();
}
ATF_TC_WITH_CLEANUP(recvfrom_failure);
ATF_TC_HEAD(recvfrom_failure, tc)
{
atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
"recvfrom(2) call");
}
ATF_TC_BODY(recvfrom_failure, tc)
{
snprintf(extregex, sizeof(extregex), "recvfrom.*%s", invalregex);
FILE *pipefd = setup(fds, auclass);
/* Failure reason: Invalid socket descriptor */
ATF_REQUIRE_EQ(-1, recvfrom(-1, NULL, 0, 0, NULL, NULL));
check_audit(fds, extregex, pipefd);
}
ATF_TC_CLEANUP(recvfrom_failure, tc)
{
cleanup();
}
ATF_TP_ADD_TCS(tp) ATF_TP_ADD_TCS(tp)
{ {
ATF_TP_ADD_TC(tp, socket_success); ATF_TP_ADD_TC(tp, socket_success);
ATF_TP_ADD_TC(tp, socket_failure); ATF_TP_ADD_TC(tp, socket_failure);
ATF_TP_ADD_TC(tp, socketpair_success); ATF_TP_ADD_TC(tp, socketpair_success);
ATF_TP_ADD_TC(tp, socketpair_failure); ATF_TP_ADD_TC(tp, socketpair_failure);
ATF_TP_ADD_TC(tp, setsockopt_success); ATF_TP_ADD_TC(tp, setsockopt_success);
ATF_TP_ADD_TC(tp, setsockopt_failure); ATF_TP_ADD_TC(tp, setsockopt_failure);
ATF_TP_ADD_TC(tp, bind_success); ATF_TP_ADD_TC(tp, bind_success);
ATF_TP_ADD_TC(tp, bind_failure); ATF_TP_ADD_TC(tp, bind_failure);
ATF_TP_ADD_TC(tp, bindat_success); ATF_TP_ADD_TC(tp, bindat_success);
ATF_TP_ADD_TC(tp, bindat_failure); ATF_TP_ADD_TC(tp, bindat_failure);
ATF_TP_ADD_TC(tp, listen_success); ATF_TP_ADD_TC(tp, listen_success);
ATF_TP_ADD_TC(tp, listen_failure); ATF_TP_ADD_TC(tp, listen_failure);
ATF_TP_ADD_TC(tp, connect_success); ATF_TP_ADD_TC(tp, connect_success);
ATF_TP_ADD_TC(tp, connect_failure); ATF_TP_ADD_TC(tp, connect_failure);
ATF_TP_ADD_TC(tp, connectat_success); ATF_TP_ADD_TC(tp, connectat_success);
ATF_TP_ADD_TC(tp, connectat_failure); ATF_TP_ADD_TC(tp, connectat_failure);
ATF_TP_ADD_TC(tp, accept_success); ATF_TP_ADD_TC(tp, accept_success);
ATF_TP_ADD_TC(tp, accept_failure); ATF_TP_ADD_TC(tp, accept_failure);
ATF_TP_ADD_TC(tp, send_success);
ATF_TP_ADD_TC(tp, send_failure);
ATF_TP_ADD_TC(tp, recv_success);
ATF_TP_ADD_TC(tp, recv_failure);
ATF_TP_ADD_TC(tp, sendto_success);
ATF_TP_ADD_TC(tp, sendto_failure);
ATF_TP_ADD_TC(tp, recvfrom_success);
ATF_TP_ADD_TC(tp, recvfrom_failure);
return (atf_no_error()); return (atf_no_error());
} }