socsvn commit: r337252 - soc2018/aniketp/head/tests/sys/audit
aniketp at FreeBSD.org
aniketp at FreeBSD.org
Fri May 25 19:54:04 UTC 2018
Author: aniketp
Date: Fri May 25 19:53:58 2018
New Revision: 337252
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337252
Log:
Add tests for all preliminary socket syscalls
Modified:
soc2018/aniketp/head/tests/sys/audit/network.c
soc2018/aniketp/head/tests/sys/audit/utils.c
Modified: soc2018/aniketp/head/tests/sys/audit/network.c
==============================================================================
--- soc2018/aniketp/head/tests/sys/audit/network.c Thu May 24 23:53:18 2018 (r337251)
+++ soc2018/aniketp/head/tests/sys/audit/network.c Fri May 25 19:53:58 2018 (r337252)
@@ -26,19 +26,39 @@
* $FreeBSD$
*/
+#include <sys/types.h>
#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+
#include <atf-c.h>
+#include <fcntl.h>
#include <unistd.h>
#include "utils.h"
#define ERROR (-1)
-static int sockfd;
+static int sockfd, sockfd2;
static int tr = 1;
+static socklen_t len;
static struct pollfd fds[1];
static char regex[40];
+/*
+ * Assign local address to a server's socket
+ */
+static void
+assign_address(struct sockaddr_in *server)
+{
+ /* Assigning addresses */
+ server->sin_family = AF_INET; /* IPv4 */
+ server->sin_port = htons(9000); /* Port in network bytes */
+ server->sin_addr.s_addr = inet_addr("127.0.0.1");
+ bzero(&(server)->sin_zero, 8); /* Zero padding */
+}
+
+
ATF_TC_WITH_CLEANUP(socket_success);
ATF_TC_HEAD(socket_success, tc)
{
@@ -49,7 +69,7 @@
ATF_TC_BODY(socket_success, tc)
{
FILE *pipefd = setup(fds, "nt");
- ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, 0)) != -1);
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
/* Check the presence of sockfd in audit record */
snprintf(regex, 30, "socket.*return,success,%d", sockfd);
check_audit(fds, regex, pipefd);
@@ -72,7 +92,7 @@
ATF_TC_BODY(socket_failure, tc)
{
FILE *pipefd = setup(fds, "nt");
- ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, 0));
+ ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, IPPROTO_TCP));
/* Check the presence of hex(-1) in audit record */
snprintf(regex, 40, "socket.*0x%x.*return,failure", ERROR);
check_audit(fds, regex, pipefd);
@@ -84,6 +104,54 @@
}
+ATF_TC_WITH_CLEANUP(socketpair_success);
+ATF_TC_HEAD(socketpair_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+ "socketpair(2) call");
+}
+
+ATF_TC_BODY(socketpair_success, tc)
+{
+ int sv[2];
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(0, socketpair(PF_UNIX, SOCK_STREAM, 0, sv));
+ /* Check the presence of hex(-1) in audit record */
+ snprintf(regex, 40, "socketpair.*0x0.*return,success");
+ check_audit(fds, regex, pipefd);
+ close(sv[0]);
+ close(sv[1]);
+}
+
+ATF_TC_CLEANUP(socketpair_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(socketpair_failure);
+ATF_TC_HEAD(socketpair_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+ "socketpair(2) call");
+}
+
+ATF_TC_BODY(socketpair_failure, tc)
+{
+ int sv;
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(-1, socketpair(ERROR, SOCK_STREAM, IPPROTO_TCP, &sv));
+ /* Check the presence of hex(-1) in audit record */
+ snprintf(regex, 40, "socketpair.*0x%x.*return,failure", ERROR);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(socketpair_failure, tc)
+{
+ cleanup();
+}
+
+
ATF_TC_WITH_CLEANUP(setsockopt_success);
ATF_TC_HEAD(setsockopt_success, tc)
{
@@ -93,7 +161,7 @@
ATF_TC_BODY(setsockopt_success, tc)
{
- ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, 0)) != -1);
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
/* Check the presence of sockfd in audit record */
snprintf(regex, 30, "setsockopt.*0x%x.*return,success", sockfd);
@@ -133,13 +201,233 @@
}
+ATF_TC_WITH_CLEANUP(bind_success);
+ATF_TC_HEAD(bind_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+ "bind(2) call");
+}
+
+ATF_TC_BODY(bind_success, tc)
+{
+ /* Preliminary socket setup */
+ struct sockaddr_in server;
+ len = sizeof(struct sockaddr_in);
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+ ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
+ sizeof(int)));
+ assign_address(&server);
+
+ /* Check the presence of localhost address and port in audit record */
+ snprintf(regex, 30, "bind.*9000,127.0.0.1.*return,success");
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+ check_audit(fds, regex, pipefd);
+ close(sockfd);
+}
+
+ATF_TC_CLEANUP(bind_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(bind_failure);
+ATF_TC_HEAD(bind_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+ "bind(2) call");
+}
+
+ATF_TC_BODY(bind_failure, tc)
+{
+ /* Preliminary socket setup */
+ struct sockaddr_in server;
+ len = sizeof(struct sockaddr_in);
+ assign_address(&server);
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(-1, bind(-1, (struct sockaddr *)&server, len));
+ /* Check the presence of hex(-1) in audit record */
+ snprintf(regex, 40, "bind.*0x%x.*9000,127.0.0.1.*return,failure", ERROR);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(bind_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(bindat_success);
+ATF_TC_HEAD(bindat_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+ "bindat(2) call");
+}
+
+ATF_TC_BODY(bindat_success, tc)
+{
+ /* Preliminary socket setup */
+ struct sockaddr_in server;
+ len = sizeof(struct sockaddr_in);
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+ ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
+ sizeof(int)));
+ assign_address(&server);
+
+ /* Check the presence of localhost address and port in audit record */
+ snprintf(regex, 30, "bindat.*0x%x.*return,success", sockfd);
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(0, bindat(AT_FDCWD, sockfd, \
+ (struct sockaddr *)&server, len));
+ check_audit(fds, regex, pipefd);
+ close(sockfd);
+}
+
+ATF_TC_CLEANUP(bindat_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(bindat_failure);
+ATF_TC_HEAD(bindat_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+ "bindat(2) call");
+}
+
+ATF_TC_BODY(bindat_failure, tc)
+{
+ /* Preliminary socket setup */
+ struct sockaddr_in server;
+ len = sizeof(struct sockaddr_in);
+ assign_address(&server);
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, -1, (struct sockaddr *)&server, len));
+ /* Check the presence of hex(-1) in audit record */
+ snprintf(regex, 40, "bindat.*0x%x.*return,failure", ERROR);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(bindat_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(listen_success);
+ATF_TC_HEAD(listen_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+ "listen(2) call");
+}
+
+ATF_TC_BODY(listen_success, tc)
+{
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+ /* Check the presence of sockfd in audit record */
+ snprintf(regex, 30, "listen.*0x%x.*return,success", sockfd);
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(0, listen(sockfd, 1));
+ check_audit(fds, regex, pipefd);
+ close(sockfd);
+}
+
+ATF_TC_CLEANUP(listen_success, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(listen_failure);
+ATF_TC_HEAD(listen_failure, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+ "listen(2) call");
+}
+
+ATF_TC_BODY(listen_failure, tc)
+{
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(-1, listen(ERROR, 1));
+ /* Check the presence of hex(-1) in audit record */
+ snprintf(regex, 40, "listen.*0x%x.*return,failure", ERROR);
+ check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(listen_failure, tc)
+{
+ cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(connect_success);
+ATF_TC_HEAD(connect_success, tc)
+{
+ atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+ "connect(2) call");
+}
+
+ATF_TC_BODY(connect_success, tc)
+{
+ struct sockaddr_in server;
+ len = sizeof(struct sockaddr_in);
+
+ /* Server Socket: Assign address and listen for connection */
+ ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+ /* Non-blocking server socket */
+ ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1);
+ ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
+ sizeof(int)));
+ assign_address(&server);
+ ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+ ATF_REQUIRE_EQ(0, listen(sockfd, 1));
+
+ /* Set up "blocking" client socket */
+ ATF_REQUIRE((sockfd2 = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+
+ /* Audit record must contain, address, port & sockfd2 */
+ snprintf(regex, 30, "connect.*0x%x.*9000,127.0.0.1.*success", sockfd2);
+
+ FILE *pipefd = setup(fds, "nt");
+ ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
+ check_audit(fds, regex, pipefd);
+
+ /* Close all socket descriptors */
+ close(sockfd);
+ close(sockfd2);
+}
+
+ATF_TC_CLEANUP(connect_success, tc)
+{
+ cleanup();
+}
+
+
ATF_TP_ADD_TCS(tp)
{
ATF_TP_ADD_TC(tp, socket_success);
ATF_TP_ADD_TC(tp, socket_failure);
+ ATF_TP_ADD_TC(tp, socketpair_success);
+ ATF_TP_ADD_TC(tp, socketpair_failure);
ATF_TP_ADD_TC(tp, setsockopt_success);
ATF_TP_ADD_TC(tp, setsockopt_failure);
+ ATF_TP_ADD_TC(tp, bind_success);
+ ATF_TP_ADD_TC(tp, bind_failure);
+ ATF_TP_ADD_TC(tp, bindat_success);
+ ATF_TP_ADD_TC(tp, bindat_failure);
+ ATF_TP_ADD_TC(tp, listen_success);
+ ATF_TP_ADD_TC(tp, listen_failure);
+
+ ATF_TP_ADD_TC(tp, connect_success);
+
return (atf_no_error());
}
Modified: soc2018/aniketp/head/tests/sys/audit/utils.c
==============================================================================
--- soc2018/aniketp/head/tests/sys/audit/utils.c Thu May 24 23:53:18 2018 (r337251)
+++ soc2018/aniketp/head/tests/sys/audit/utils.c Fri May 25 19:53:58 2018 (r337252)
@@ -157,7 +157,7 @@
/* poll(2) timed out */
case 0:
atf_tc_fail("%s not found in auditpipe within the "
- "time limit", auditregex);
+ "time limit", auditregex);
break;
/* poll(2) standard error */
More information about the svn-soc-all
mailing list