socsvn commit: r337253 - soc2018/aniketp/head/tests/sys/audit

aniketp at FreeBSD.org aniketp at FreeBSD.org
Sat May 26 01:31:54 UTC 2018


Author: aniketp
Date: Sat May 26 01:31:51 2018
New Revision: 337253
URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=337253

Log:
  Add tests for connect(2), accept(2) and shutdown(2)
  

Modified:
  soc2018/aniketp/head/tests/sys/audit/network.c

Modified: soc2018/aniketp/head/tests/sys/audit/network.c
==============================================================================
--- soc2018/aniketp/head/tests/sys/audit/network.c	Fri May 25 19:53:58 2018	(r337252)
+++ soc2018/aniketp/head/tests/sys/audit/network.c	Sat May 26 01:31:51 2018	(r337253)
@@ -28,6 +28,7 @@
 
 #include <sys/types.h>
 #include <sys/socket.h>
+#include <sys/un.h>
 
 #include <netinet/in.h>
 #include <arpa/inet.h>
@@ -38,6 +39,7 @@
 
 #include "utils.h"
 #define ERROR (-1)
+#define SERVER_PATH "server"
 
 static int sockfd, sockfd2;
 static int tr = 1;
@@ -49,13 +51,11 @@
  * Assign local address to a server's socket
  */
 static void
-assign_address(struct sockaddr_in *server)
+assign_address(struct sockaddr_un *server)
 {
-	/* Assigning addresses */
-	server->sin_family = AF_INET;		/* IPv4 */
-	server->sin_port = htons(9000);		/* Port in network bytes */
-	server->sin_addr.s_addr = inet_addr("127.0.0.1");
-	bzero(&(server)->sin_zero, 8);		/* Zero padding */
+	memset(server, 0, sizeof(*server));
+	server->sun_family = AF_UNIX;
+	strcpy(server->sun_path, SERVER_PATH);
 }
 
 
@@ -69,7 +69,7 @@
 ATF_TC_BODY(socket_success, tc)
 {
 	FILE *pipefd = setup(fds, "nt");
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
 	/* Check the presence of sockfd in audit record */
 	snprintf(regex, 30, "socket.*return,success,%d", sockfd);
 	check_audit(fds, regex, pipefd);
@@ -92,7 +92,7 @@
 ATF_TC_BODY(socket_failure, tc)
 {
 	FILE *pipefd = setup(fds, "nt");
-	ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, IPPROTO_TCP));
+	ATF_REQUIRE_EQ(-1, socket(ERROR, SOCK_STREAM, 0));
 	/* Check the presence of hex(-1) in audit record */
 	snprintf(regex, 40, "socket.*0x%x.*return,failure", ERROR);
 	check_audit(fds, regex, pipefd);
@@ -116,9 +116,11 @@
 	int sv[2];
 	FILE *pipefd = setup(fds, "nt");
 	ATF_REQUIRE_EQ(0, socketpair(PF_UNIX, SOCK_STREAM, 0, sv));
-	/* Check the presence of hex(-1) in audit record */
+	/* Check the presence of 0x0 in audit record */
 	snprintf(regex, 40, "socketpair.*0x0.*return,success");
 	check_audit(fds, regex, pipefd);
+
+	/* Close all socket descriptors */
 	close(sv[0]);
 	close(sv[1]);
 }
@@ -140,7 +142,7 @@
 {
 	int sv;
 	FILE *pipefd = setup(fds, "nt");
-	ATF_REQUIRE_EQ(-1, socketpair(ERROR, SOCK_STREAM, IPPROTO_TCP, &sv));
+	ATF_REQUIRE_EQ(-1, socketpair(ERROR, SOCK_STREAM, 0, &sv));
 	/* Check the presence of hex(-1) in audit record */
 	snprintf(regex, 40, "socketpair.*0x%x.*return,failure", ERROR);
 	check_audit(fds, regex, pipefd);
@@ -161,7 +163,7 @@
 
 ATF_TC_BODY(setsockopt_success, tc)
 {
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
 	/* Check the presence of sockfd in audit record */
 	snprintf(regex, 30, "setsockopt.*0x%x.*return,success", sockfd);
 
@@ -210,16 +212,14 @@
 
 ATF_TC_BODY(bind_success, tc)
 {
-	/* Preliminary socket setup */
-	struct sockaddr_in server;
-	len = sizeof(struct sockaddr_in);
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
-	ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
-		sizeof(int)));
+	struct sockaddr_un server;
 	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
 
-	/* Check the presence of localhost address and port in audit record */
-	snprintf(regex, 30, "bind.*9000,127.0.0.1.*return,success");
+	/* Preliminary socket setup */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	/* Check the presence of AF_UNIX address path in audit record */
+	snprintf(regex, 30, "bind.*unix.*%s.*return,success", SERVER_PATH);
 
 	FILE *pipefd = setup(fds, "nt");
 	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
@@ -243,14 +243,14 @@
 ATF_TC_BODY(bind_failure, tc)
 {
 	/* Preliminary socket setup */
-	struct sockaddr_in server;
-	len = sizeof(struct sockaddr_in);
+	struct sockaddr_un server;
 	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
 
 	FILE *pipefd = setup(fds, "nt");
 	ATF_REQUIRE_EQ(-1, bind(-1, (struct sockaddr *)&server, len));
-	/* Check the presence of hex(-1) in audit record */
-	snprintf(regex, 40, "bind.*0x%x.*9000,127.0.0.1.*return,failure", ERROR);
+	/* Check the presence of hex(-1) and AF_UNIX path in audit record */
+	snprintf(regex, 40, "bind.*0x%x.*%s.*return,failure", ERROR, SERVER_PATH);
 	check_audit(fds, regex, pipefd);
 }
 
@@ -269,15 +269,13 @@
 
 ATF_TC_BODY(bindat_success, tc)
 {
-	/* Preliminary socket setup */
-	struct sockaddr_in server;
-	len = sizeof(struct sockaddr_in);
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
-	ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
-		sizeof(int)));
+	struct sockaddr_un server;
 	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
 
-	/* Check the presence of localhost address and port in audit record */
+	/* Preliminary socket setup */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	/* Check the presence of socket descriptor in audit record */
 	snprintf(regex, 30, "bindat.*0x%x.*return,success", sockfd);
 
 	FILE *pipefd = setup(fds, "nt");
@@ -303,9 +301,9 @@
 ATF_TC_BODY(bindat_failure, tc)
 {
 	/* Preliminary socket setup */
-	struct sockaddr_in server;
-	len = sizeof(struct sockaddr_in);
+	struct sockaddr_un server;
 	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
 
 	FILE *pipefd = setup(fds, "nt");
 	ATF_REQUIRE_EQ(-1, bindat(AT_FDCWD, -1, (struct sockaddr *)&server, len));
@@ -329,8 +327,14 @@
 
 ATF_TC_BODY(listen_success, tc)
 {
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
-	/* Check the presence of sockfd in audit record */
+	struct sockaddr_un server;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Preliminary socket setup */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+	/* Check the presence of socket descriptor in the audit record */
 	snprintf(regex, 30, "listen.*0x%x.*return,success", sockfd);
 
 	FILE *pipefd = setup(fds, "nt");
@@ -376,24 +380,23 @@
 
 ATF_TC_BODY(connect_success, tc)
 {
-	struct sockaddr_in server;
-	len = sizeof(struct sockaddr_in);
+	struct sockaddr_un server;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
 
 	/* Server Socket: Assign address and listen for connection */
-	ATF_REQUIRE((sockfd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
 	/* Non-blocking server socket */
 	ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1);
-	ATF_REQUIRE_EQ(0, setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &tr, \
-		sizeof(int)));
-	assign_address(&server);
+	/* Bind to the specified address and wait for connection */
 	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
 	ATF_REQUIRE_EQ(0, listen(sockfd, 1));
 
 	/* Set up "blocking" client socket */
-	ATF_REQUIRE((sockfd2 = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1);
+	ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
 
-	/* Audit record must contain, address, port & sockfd2 */
-	snprintf(regex, 30, "connect.*0x%x.*9000,127.0.0.1.*success", sockfd2);
+	/* Audit record must contain AF_UNIX address path & sockfd2 */
+	snprintf(regex, 40, "connect.*0x%x.*%s.*success", sockfd2, SERVER_PATH);
 
 	FILE *pipefd = setup(fds, "nt");
 	ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
@@ -410,6 +413,249 @@
 }
 
 
+ATF_TC_WITH_CLEANUP(connect_failure);
+ATF_TC_HEAD(connect_failure, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+					"connect(2) call");
+}
+
+ATF_TC_BODY(connect_failure, tc)
+{
+	/* Preliminary socket setup */
+	struct sockaddr_un server;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Audit record must contain AF_UNIX address path & Hex(-1) */
+	snprintf(regex, 40, "connect.*0x%x.*%s.*failure", ERROR, SERVER_PATH);
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(-1, connect(ERROR, (struct sockaddr *)&server, len));
+	check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(connect_failure, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(connectat_success);
+ATF_TC_HEAD(connectat_success, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+					"connectat(2) call");
+}
+
+ATF_TC_BODY(connectat_success, tc)
+{
+	struct sockaddr_un server;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Server Socket: Assign address and listen for connection */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	/* Non-blocking server socket */
+	ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1);
+	/* Bind to the specified address and wait for connection */
+	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+	ATF_REQUIRE_EQ(0, listen(sockfd, 1));
+
+	/* Set up "blocking" client socket */
+	ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+
+	/* Audit record must contain sockfd2 */
+	snprintf(regex, 30, "connectat.*0x%x.*return,success", sockfd2);
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(0, connectat(AT_FDCWD, sockfd2, \
+		(struct sockaddr *)&server, len));
+	check_audit(fds, regex, pipefd);
+
+	/* Close all socket descriptors */
+	close(sockfd);
+	close(sockfd2);
+}
+
+ATF_TC_CLEANUP(connectat_success, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(connectat_failure);
+ATF_TC_HEAD(connectat_failure, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+					"connectat(2) call");
+}
+
+ATF_TC_BODY(connectat_failure, tc)
+{
+	/* Preliminary socket setup */
+	struct sockaddr_un server;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Audit record must contain Hex(-1) */
+	snprintf(regex, 30, "connectat.*0x%x.*return,failure", ERROR);
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(-1, connectat(AT_FDCWD, ERROR, \
+		(struct sockaddr *)&server, len));
+	check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(connectat_failure, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(accept_success);
+ATF_TC_HEAD(accept_success, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+					"accept(2) call");
+}
+
+ATF_TC_BODY(accept_success, tc)
+{
+	int clientfd;
+	struct sockaddr_un server, client;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Server Socket: Assign address and listen for connection */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	/* Non-blocking server socket */
+	ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1);
+	/* Bind to the specified address and wait for connection */
+	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+	ATF_REQUIRE_EQ(0, listen(sockfd, 1));
+
+	/* Set up "blocking" client socket */
+	ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE((clientfd = accept(sockfd, \
+		(struct sockaddr *)&client, &len)) != -1);
+
+	/* Audit record must contain clientfd & sockfd2 */
+	snprintf(regex, 40, \
+		"accept.*0x%x.*return,success,%d", sockfd, clientfd);
+	check_audit(fds, regex, pipefd);
+
+	/* Close all socket descriptors */
+	close(sockfd);
+	close(sockfd2);
+	close(clientfd);
+}
+
+ATF_TC_CLEANUP(accept_success, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(accept_failure);
+ATF_TC_HEAD(accept_failure, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+					"accept(2) call");
+}
+
+ATF_TC_BODY(accept_failure, tc)
+{
+	/* Preliminary socket setup */
+	struct sockaddr_un client;
+	len = sizeof(struct sockaddr_un);
+
+	/* Audit record must contain Hex(-1) */
+	snprintf(regex, 30, "accept.*0x%x.*return,failure", ERROR);
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(-1, accept(ERROR, (struct sockaddr *)&client, &len));
+	check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(accept_failure, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(shutdown_success);
+ATF_TC_HEAD(shutdown_success, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of a successful "
+					"shutdown(2) call");
+}
+
+ATF_TC_BODY(shutdown_success, tc)
+{
+	int clientfd;
+	struct sockaddr_un server, client;
+	assign_address(&server);
+	len = sizeof(struct sockaddr_un);
+
+	/* Server Socket: Assign address and listen for connection */
+	ATF_REQUIRE((sockfd = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	/* Non-blocking server socket */
+	ATF_REQUIRE(fcntl(sockfd, F_SETFL, O_NONBLOCK) != -1);
+	/* Bind to the specified address and wait for connection */
+	ATF_REQUIRE_EQ(0, bind(sockfd, (struct sockaddr *)&server, len));
+	ATF_REQUIRE_EQ(0, listen(sockfd, 1));
+
+	/* Set up "blocking" client and connect with non-blocking server*/
+	ATF_REQUIRE((sockfd2 = socket(PF_UNIX, SOCK_STREAM, 0)) != -1);
+	ATF_REQUIRE_EQ(0, connect(sockfd2, (struct sockaddr *)&server, len));
+	ATF_REQUIRE((clientfd = accept(sockfd, \
+		(struct sockaddr *)&client, &len)) != -1);
+
+	/* Audit record must contain clientfd & sockfd2 */
+	snprintf(regex, 40, "shutdown.*0x%x.*return,success", clientfd);
+
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(0, shutdown(clientfd, SHUT_RDWR));
+	check_audit(fds, regex, pipefd);
+
+	/* Close all socket descriptors */
+	close(sockfd);
+	close(sockfd2);
+	close(clientfd);
+}
+
+ATF_TC_CLEANUP(shutdown_success, tc)
+{
+	cleanup();
+}
+
+
+ATF_TC_WITH_CLEANUP(shutdown_failure);
+ATF_TC_HEAD(shutdown_failure, tc)
+{
+	atf_tc_set_md_var(tc, "descr", "Tests the audit of an unsuccessful "
+					"shutdown(2) call");
+}
+
+ATF_TC_BODY(shutdown_failure, tc)
+{
+	/* Audit record must contain Hex(-1) */
+	snprintf(regex, 30, "shutdown.*0x%x.*return,failure", ERROR);
+	FILE *pipefd = setup(fds, "nt");
+	ATF_REQUIRE_EQ(-1, shutdown(ERROR, SHUT_RDWR));
+	check_audit(fds, regex, pipefd);
+}
+
+ATF_TC_CLEANUP(shutdown_failure, tc)
+{
+	cleanup();
+}
+
+
 ATF_TP_ADD_TCS(tp)
 {
 	ATF_TP_ADD_TC(tp, socket_success);
@@ -427,6 +673,14 @@
 	ATF_TP_ADD_TC(tp, listen_failure);
 
 	ATF_TP_ADD_TC(tp, connect_success);
+	ATF_TP_ADD_TC(tp, connect_failure);
+	ATF_TP_ADD_TC(tp, connectat_success);
+	ATF_TP_ADD_TC(tp, connectat_failure);
+	ATF_TP_ADD_TC(tp, accept_success);
+	ATF_TP_ADD_TC(tp, accept_failure);
+
+	ATF_TP_ADD_TC(tp, shutdown_success);
+	ATF_TP_ADD_TC(tp, shutdown_failure);
 
 	return (atf_no_error());
 }


More information about the svn-soc-all mailing list