23
23
* Contact the authors at <mandos@recompile.se>.
27
#include <inttypes.h> /* uintmax_t, PRIuMAX, PRIdMAX,
28
intmax_t, uint32_t, SCNx32,
30
#include <stddef.h> /* size_t */
26
#define _GNU_SOURCE /* pipe2(), O_CLOEXEC, setresgid(),
27
setresuid(), asprintf(), getline(),
29
#include <inttypes.h> /* uintmax_t, strtoumax(), PRIuMAX,
30
PRIdMAX, intmax_t, uint32_t,
31
SCNx32, SCNuMAX, SCNxMAX */
32
#include <stddef.h> /* size_t, NULL */
31
33
#include <sys/types.h> /* pid_t, uid_t, gid_t, getuid(),
33
35
#include <stdbool.h> /* bool, true, false */
40
42
NSIG, sigismember(), SA_ONSTACK,
41
43
SIG_DFL, SIG_IGN, SIGINT, SIGQUIT,
42
44
SIGHUP, SIGSTOP, SIG_UNBLOCK */
45
#include <unistd.h> /* uid_t, gid_t, close(), pipe2(),
46
fork(), _exit(), dup2(),
47
STDOUT_FILENO, setresgid(),
48
setresuid(), execv(), ssize_t,
49
read(), dup3(), getuid(), dup(),
50
STDERR_FILENO, pause(), write(),
51
rmdir(), unlink(), getpid() */
43
52
#include <stdlib.h> /* EXIT_SUCCESS, EXIT_FAILURE,
44
malloc(), free(), strtoumax(),
45
realloc(), setenv(), calloc(),
46
mkdtemp(), mkostemp() */
53
malloc(), free(), realloc(),
54
setenv(), calloc(), mkdtemp(),
47
56
#include <iso646.h> /* not, or, and, xor */
48
57
#include <error.h> /* error() */
49
58
#include <sysexits.h> /* EX_USAGE, EX_OSERR, EX_OSFILE */
50
59
#include <errno.h> /* errno, error_t, EACCES,
51
ENAMETOOLONG, ENOENT, EEXIST,
52
ECHILD, EPERM, ENOMEM, EAGAIN,
53
EINTR, ENOBUFS, EADDRINUSE,
60
ENAMETOOLONG, ENOENT, ENOTDIR,
61
ENOMEM, EEXIST, ECHILD, EPERM,
62
EAGAIN, EINTR, ENOBUFS, EADDRINUSE,
54
63
ECONNREFUSED, ECONNRESET,
55
64
ETOOMANYREFS, EMSGSIZE, EBADF,
57
66
#include <string.h> /* strdup(), memcpy(),
58
67
explicit_bzero(), memset(),
59
68
strcmp(), strlen(), strncpy(),
60
memcmp(), basename() */
69
memcmp(), basename(), strerror() */
61
70
#include <argz.h> /* argz_create(), argz_count(),
62
71
argz_extract(), argz_next(),
73
82
ARGP_ERR_UNKNOWN, ARGP_KEY_ARGS,
74
83
struct argp, argp_parse(),
76
#include <unistd.h> /* uid_t, gid_t, close(), pipe2(),
77
fork(), _exit(), dup2(),
78
STDOUT_FILENO, setresgid(),
79
setresuid(), execv(), ssize_t,
80
read(), dup3(), getuid(), dup(),
81
STDERR_FILENO, pause(), write(),
82
rmdir(), unlink(), getpid() */
85
#include <stdint.h> /* SIZE_MAX, uint32_t */
83
86
#include <sys/mman.h> /* munlock(), mlock() */
84
87
#include <fcntl.h> /* O_CLOEXEC, O_NONBLOCK, fcntl(),
85
88
F_GETFD, F_GETFL, FD_CLOEXEC,
86
open(), O_WRONLY, O_RDONLY */
89
open(), O_WRONLY, O_NOCTTY,
90
O_RDONLY, O_NOFOLLOW */
87
91
#include <sys/wait.h> /* waitpid(), WNOHANG, WIFEXITED(),
89
93
#include <limits.h> /* PIPE_BUF, NAME_MAX, INT_MAX */
90
94
#include <sys/inotify.h> /* inotify_init1(), IN_NONBLOCK,
91
95
IN_CLOEXEC, inotify_add_watch(),
92
96
IN_CLOSE_WRITE, IN_MOVED_TO,
93
IN_DELETE, struct inotify_event */
97
IN_MOVED_FROM, IN_DELETE,
98
IN_EXCL_UNLINK, IN_ONLYDIR,
99
struct inotify_event */
94
100
#include <fnmatch.h> /* fnmatch(), FNM_FILE_NAME */
95
#include <stdio.h> /* asprintf(), FILE, fopen(),
96
getline(), sscanf(), feof(),
97
ferror(), fclose(), stderr,
98
rename(), fdopen(), fprintf(),
101
#include <stdio.h> /* asprintf(), FILE, stderr, fopen(),
102
fclose(), getline(), sscanf(),
103
feof(), ferror(), rename(),
104
fdopen(), fprintf(), fscanf() */
100
105
#include <glib.h> /* GKeyFile, g_key_file_free(), g_key_file_new(),
101
106
GError, g_key_file_load_from_file(),
102
107
G_KEY_FILE_NONE, TRUE, G_FILE_ERROR_NOENT,
107
112
g_assert_null(), g_assert_false(),
108
113
g_assert_cmpint(), g_assert_cmpuint(),
109
114
g_test_skip(), g_assert_cmpstr(),
110
g_test_init(), g_test_add(), g_test_run(),
111
GOptionContext, g_option_context_new(),
115
g_test_message(), g_test_init(), g_test_add(),
116
g_test_run(), GOptionContext,
117
g_option_context_new(),
112
118
g_option_context_set_help_enabled(), FALSE,
113
119
g_option_context_set_ignore_unknown_options(),
114
120
gboolean, GOptionEntry, G_OPTION_ARG_NONE,
648
655
__attribute__((nonnull, warn_unused_result))
649
656
bool add_to_queue(task_queue *const queue, const task_context task){
657
if((queue->length + 1) > (SIZE_MAX / sizeof(task_context))){
659
error(0, ENOMEM, "Failed to allocate %" PRIuMAX
660
" tasks for queue->tasks", (uintmax_t)(queue->length + 1));
650
664
const size_t needed_size = sizeof(task_context)*(queue->length + 1);
651
665
if(needed_size > (queue->allocated)){
652
666
task_context *const new_tasks = realloc(queue->tasks,
1879
1902
g_assert_true(queue->tasks[0].func == dummy_func);
1905
static void test_add_to_queue_overflow(__attribute__((unused))
1906
test_fixture *fixture,
1907
__attribute__((unused))
1908
gconstpointer user_data){
1909
__attribute__((cleanup(cleanup_queue)))
1910
task_queue *queue = create_queue();
1911
g_assert_nonnull(queue);
1912
g_assert_true(queue->length == 0);
1913
queue->length = SIZE_MAX / sizeof(task_context); /* fake max size */
1915
FILE *real_stderr = stderr;
1916
FILE *devnull = fopen("/dev/null", "we");
1917
g_assert_nonnull(devnull);
1919
const bool ret = add_to_queue(queue,
1920
(task_context){ .func=dummy_func });
1921
g_assert_true(errno == ENOMEM);
1922
g_assert_false(ret);
1923
stderr = real_stderr;
1924
g_assert_cmpint(fclose(devnull), ==, 0);
1925
queue->length = 0; /* Restore real size */
1882
1928
static void dummy_func(__attribute__((unused))
1883
1929
const task_context task,
1884
1930
__attribute__((unused))
3452
3504
g_assert_cmpuint((unsigned int)queue->length, ==, 0);
3507
static void test_add_inotify_dir_watch_nondir(__attribute__((unused))
3508
test_fixture *fixture,
3509
__attribute__((unused))
3512
__attribute__((cleanup(cleanup_close)))
3513
const int epoll_fd = epoll_create1(EPOLL_CLOEXEC);
3514
g_assert_cmpint(epoll_fd, >=, 0);
3515
__attribute__((cleanup(cleanup_queue)))
3516
task_queue *queue = create_queue();
3517
g_assert_nonnull(queue);
3518
__attribute__((cleanup(string_set_clear)))
3519
string_set cancelled_filenames = {};
3520
const mono_microsecs current_time = 0;
3522
bool quit_now = false;
3523
buffer password = {};
3524
bool mandos_client_exited = false;
3525
bool password_is_read = false;
3527
const char not_a_directory[] = "/dev/tty";
3529
FILE *real_stderr = stderr;
3530
FILE *devnull = fopen("/dev/null", "we");
3531
g_assert_nonnull(devnull);
3533
g_assert_false(add_inotify_dir_watch(queue, epoll_fd, &quit_now,
3534
&password, not_a_directory,
3535
&cancelled_filenames,
3537
&mandos_client_exited,
3538
&password_is_read));
3539
stderr = real_stderr;
3540
g_assert_cmpint(fclose(devnull), ==, 0);
3542
g_assert_cmpuint((unsigned int)queue->length, ==, 0);
3455
3545
static void test_add_inotify_dir_watch_EAGAIN(__attribute__((unused))
3456
3546
test_fixture *fixture,
3457
3547
__attribute__((unused))
3807
3897
g_assert_cmpint(rmdir(tempdir), ==, 0);
3901
void test_add_inotify_dir_watch_IN_EXCL_UNLINK(__attribute__((unused))
3902
test_fixture *fixture,
3903
__attribute__((unused))
3906
__attribute__((cleanup(cleanup_close)))
3907
const int epoll_fd = epoll_create1(EPOLL_CLOEXEC);
3908
g_assert_cmpint(epoll_fd, >=, 0);
3909
__attribute__((cleanup(cleanup_queue)))
3910
task_queue *queue = create_queue();
3911
g_assert_nonnull(queue);
3912
__attribute__((cleanup(string_set_clear)))
3913
string_set cancelled_filenames = {};
3914
const mono_microsecs current_time = 0;
3916
bool quit_now = false;
3917
buffer password = {};
3918
bool mandos_client_exited = false;
3919
bool password_is_read = false;
3921
__attribute__((cleanup(cleanup_string)))
3922
char *tempdir = make_temporary_directory();
3923
g_assert_nonnull(tempdir);
3925
__attribute__((cleanup(cleanup_string)))
3926
char *tempfile = make_temporary_file_in_directory(tempdir);
3927
g_assert_nonnull(tempfile);
3928
int tempfile_fd = open(tempfile, O_WRONLY | O_CLOEXEC | O_NOCTTY
3930
g_assert_cmpint(tempfile_fd, >, 2);
3932
g_assert_true(add_inotify_dir_watch(queue, epoll_fd, &quit_now,
3934
&cancelled_filenames,
3936
&mandos_client_exited,
3937
&password_is_read));
3938
g_assert_cmpint(unlink(tempfile), ==, 0);
3940
g_assert_cmpuint((unsigned int)queue->length, >, 0);
3942
const task_context *const added_read_task
3943
= find_matching_task(queue,
3944
(task_context){ .func=read_inotify_event });
3945
g_assert_nonnull(added_read_task);
3947
g_assert_cmpint(added_read_task->fd, >, 2);
3948
g_assert_true(fd_has_cloexec_and_nonblock(added_read_task->fd));
3950
/* "sufficient to read at least one event." - inotify(7) */
3951
const size_t ievent_size = (sizeof(struct inotify_event)
3953
struct inotify_event *ievent = malloc(ievent_size);
3954
g_assert_nonnull(ievent);
3956
ssize_t read_size = 0;
3957
read_size = read(added_read_task->fd, ievent, ievent_size);
3959
g_assert_cmpint((int)read_size, >, 0);
3960
g_assert_true(ievent->mask & IN_DELETE);
3961
g_assert_cmpstr(ievent->name, ==, basename(tempfile));
3963
g_assert_cmpint(close(tempfile_fd), ==, 0);
3965
/* IN_EXCL_UNLINK should make the closing of the previously unlinked
3966
file not appear as an ievent, so we should not see it now. */
3967
read_size = read(added_read_task->fd, ievent, ievent_size);
3968
g_assert_cmpint((int)read_size, ==, -1);
3969
g_assert_true(errno == EAGAIN);
3973
g_assert_cmpint(rmdir(tempdir), ==, 0);
3810
3976
static void test_read_inotify_event_readerror(__attribute__((unused))
3811
3977
test_fixture *fixture,
3812
3978
__attribute__((unused))
5802
5970
char *const filename = strdup("/nonexistent/socket");
5803
5971
__attribute__((cleanup(string_set_clear)))
5804
5972
string_set cancelled_filenames = {};
5805
const size_t oversized = 1024*1024; /* Limit seems to be 212960 */
5806
__attribute__((cleanup(cleanup_buffer)))
5808
.data=malloc(oversized),
5810
.allocated=oversized,
5975
/* Find a message size which triggers EMSGSIZE */
5976
__attribute__((cleanup(cleanup_string)))
5977
char *message_buffer = NULL;
5978
size_t message_size = PIPE_BUF + 1;
5979
for(ssize_t ssret = 0; ssret >= 0; message_size += 1024){
5980
if(message_size >= 1024*1024*1024){ /* 1 GiB */
5981
g_test_skip("Skipping EMSGSIZE test: Will not try 1GiB");
5984
message_buffer = realloc(message_buffer, message_size);
5985
if(message_buffer == NULL){
5986
g_test_skip("Skipping EMSGSIZE test");
5987
g_test_message("Failed to malloc() %" PRIuMAX " bytes",
5988
(uintmax_t)message_size);
5991
/* Fill buffer with 'x' */
5992
memset(message_buffer, 'x', message_size);
5993
/* Create a new socketpair for each message size to avoid having
5994
to empty the pipe by reading the message to a separate buffer
5996
g_assert_cmpint(socketpair(PF_LOCAL, SOCK_DGRAM
5997
| SOCK_NONBLOCK | SOCK_CLOEXEC, 0,
5999
ssret = send(socketfds[1], message_buffer, message_size,
6001
error_t saved_errno = errno;
6002
g_assert_cmpint(close(socketfds[0]), ==, 0);
6003
g_assert_cmpint(close(socketfds[1]), ==, 0);
6006
if(saved_errno != EMSGSIZE) {
6007
g_test_skip("Skipping EMSGSIZE test");
6008
g_test_message("Error on send(%" PRIuMAX " bytes): %s",
6009
(uintmax_t)message_size,
6010
strerror(saved_errno));
6014
} else if(ssret != (ssize_t)message_size){
6015
g_test_skip("Skipping EMSGSIZE test");
6016
g_test_message("Partial send(): %" PRIuMAX " of %" PRIdMAX
6017
" bytes", (uintmax_t)ssret,
6018
(intmax_t)message_size);
6022
g_test_message("EMSGSIZE triggered by %" PRIdMAX " bytes",
6023
(intmax_t)message_size);
6026
.data=message_buffer,
6027
.length=message_size - 2, /* Compensate for added '+' and NUL */
6028
.allocated=message_size,
5812
g_assert_nonnull(password.data);
5813
6030
if(mlock(password.data, password.allocated) != 0){
5814
6031
g_assert_true(errno == EPERM or errno == ENOMEM);
5816
/* Construct test password buffer */
5817
/* Start with + since that is what the real procotol uses */
5818
password.data[0] = '+';
5819
/* Set a special character at string end just to mark the end */
5820
password.data[oversized-3] = 'y';
5821
/* Set NUL at buffer end, as suggested by the protocol */
5822
password.data[oversized-2] = '\0';
5823
/* Fill rest of password with 'x' */
5824
memset(password.data+1, 'x', oversized-3);
5826
6034
__attribute__((cleanup(cleanup_queue)))
5827
6035
task_queue *queue = create_queue();
5828
6036
g_assert_nonnull(queue);
5830
6037
g_assert_cmpint(socketpair(PF_LOCAL, SOCK_DGRAM
5831
6038
| SOCK_NONBLOCK | SOCK_CLOEXEC, 0,
5832
6039
socketfds), ==, 0);
7963
8177
g_option_context_set_help_enabled(context, FALSE);
7964
8178
g_option_context_set_ignore_unknown_options(context, TRUE);
7966
gboolean run_tests = FALSE;
8180
gboolean should_run_tests = FALSE;
7967
8181
GOptionEntry entries[] = {
7968
8182
{ "test", 0, 0, G_OPTION_ARG_NONE,
7969
&run_tests, "Run tests", NULL },
8183
&should_run_tests, "Run tests", NULL },
7972
8186
g_option_context_add_main_entries(context, entries, NULL);