1 /*-
2 * Copyright (c) 2020 Mariusz Zaborski <oshogbo@FreeBSD.org>
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
14 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
15 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
23 * POSSIBILITY OF SUCH DAMAGE.
24 */
25
26 #include <sys/param.h>
27 #include <sys/socket.h>
28 #include <netinet/in.h>
29 #include <arpa/inet.h>
30
31 #include <errno.h>
32 #include <netdb.h>
33
34 #include <atf-c.h>
35
36 #include <libcasper.h>
37 #include <casper/cap_net.h>
38
39 #define TEST_DOMAIN_0 "example.com"
40 #define TEST_DOMAIN_1 "freebsd.org"
41 #define TEST_IPV4 "1.1.1.1"
42 #define TEST_IPV6 "2001:4860:4860::8888"
43 #define TEST_BIND_IPV4 "127.0.0.1"
44 #define TEST_PORT 80
45 #define TEST_PORT_STR "80"
46
47 static cap_channel_t *
create_network_service(void)48 create_network_service(void)
49 {
50 cap_channel_t *capcas, *capnet;
51
52 capcas = cap_init();
53 ATF_REQUIRE(capcas != NULL);
54
55 capnet = cap_service_open(capcas, "system.net");
56 ATF_REQUIRE(capnet != NULL);
57
58 cap_close(capcas);
59 return (capnet);
60 }
61
62 static int
test_getnameinfo_v4(cap_channel_t * chan,int family,const char * ip)63 test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip)
64 {
65 struct sockaddr_in ipaddr;
66 char capfn[MAXHOSTNAMELEN];
67 char origfn[MAXHOSTNAMELEN];
68 int capret, sysret;
69
70 memset(&ipaddr, 0, sizeof(ipaddr));
71 ipaddr.sin_family = family;
72 inet_pton(family, ip, &ipaddr.sin_addr);
73
74 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr),
75 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD);
76 if (capret != 0 && capret == ENOTCAPABLE)
77 return (ENOTCAPABLE);
78
79 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn,
80 sizeof(origfn), NULL, 0, NI_NAMEREQD);
81 if (sysret != 0) {
82 atf_tc_skip("getnameinfo(%s) failed: %s",
83 ip, gai_strerror(sysret));
84 }
85 ATF_REQUIRE(capret == 0);
86 ATF_REQUIRE(strcmp(origfn, capfn) == 0);
87
88 return (0);
89 }
90
91 static int
test_getnameinfo_v6(cap_channel_t * chan,const char * ip)92 test_getnameinfo_v6(cap_channel_t *chan, const char *ip)
93 {
94 struct sockaddr_in6 ipaddr;
95 char capfn[MAXHOSTNAMELEN];
96 char origfn[MAXHOSTNAMELEN];
97 int capret, sysret;
98
99 memset(&ipaddr, 0, sizeof(ipaddr));
100 ipaddr.sin6_family = AF_INET6;
101 inet_pton(AF_INET6, ip, &ipaddr.sin6_addr);
102
103 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr),
104 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD);
105 if (capret != 0 && capret == ENOTCAPABLE)
106 return (ENOTCAPABLE);
107
108 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn,
109 sizeof(origfn), NULL, 0, NI_NAMEREQD);
110 if (sysret != 0) {
111 atf_tc_skip("getnameinfo(%s) failed: %s",
112 ip, gai_strerror(sysret));
113 }
114 ATF_REQUIRE(capret == 0);
115 ATF_REQUIRE(strcmp(origfn, capfn) == 0);
116
117 return (0);
118 }
119
120 static int
test_getnameinfo(cap_channel_t * chan,int family,const char * ip)121 test_getnameinfo(cap_channel_t *chan, int family, const char *ip)
122 {
123
124 if (family == AF_INET6) {
125 return (test_getnameinfo_v6(chan, ip));
126 }
127
128 return (test_getnameinfo_v4(chan, family, ip));
129 }
130
131 static int
test_gethostbyaddr_v4(cap_channel_t * chan,int family,const char * ip)132 test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip)
133 {
134 struct in_addr ipaddr;
135 struct hostent *caphp, *orighp;
136
137 memset(&ipaddr, 0, sizeof(ipaddr));
138 inet_pton(AF_INET, ip, &ipaddr);
139
140 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family);
141 if (caphp == NULL && h_errno == ENOTCAPABLE)
142 return (ENOTCAPABLE);
143
144 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family);
145 if (orighp == NULL)
146 atf_tc_skip("gethostbyaddr(%s) failed", ip);
147 ATF_REQUIRE(caphp != NULL);
148 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0);
149
150 return (0);
151 }
152
153 static int
test_gethostbyaddr_v6(cap_channel_t * chan,const char * ip)154 test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip)
155 {
156 struct in6_addr ipaddr;
157 struct hostent *caphp, *orighp;
158
159 memset(&ipaddr, 0, sizeof(ipaddr));
160 inet_pton(AF_INET6, ip, &ipaddr);
161
162 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6);
163 if (caphp == NULL && h_errno == ENOTCAPABLE)
164 return (ENOTCAPABLE);
165
166 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6);
167 if (orighp == NULL)
168 atf_tc_skip("gethostbyaddr(%s) failed", ip);
169 ATF_REQUIRE(caphp != NULL);
170 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0);
171
172 return (0);
173 }
174
175 static int
test_gethostbyaddr(cap_channel_t * chan,int family,const char * ip)176 test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip)
177 {
178
179 if (family == AF_INET6) {
180 return (test_gethostbyaddr_v6(chan, ip));
181 } else {
182 return (test_gethostbyaddr_v4(chan, family, ip));
183 }
184 }
185
186 static int
test_getaddrinfo(cap_channel_t * chan,int family,const char * domain,const char * servname)187 test_getaddrinfo(cap_channel_t *chan, int family, const char *domain,
188 const char *servname)
189 {
190 struct addrinfo hints, *capres, *origres, *res0, *res1;
191 bool found;
192 int capret, sysret;
193
194 memset(&hints, 0, sizeof(hints));
195 hints.ai_family = family;
196 hints.ai_socktype = SOCK_STREAM;
197
198 capret = cap_getaddrinfo(chan, domain, servname, &hints, &capres);
199 if (capret != 0 && capret == ENOTCAPABLE)
200 return (capret);
201
202 sysret = getaddrinfo(domain, servname, &hints, &origres);
203 if (sysret != 0)
204 atf_tc_skip("getaddrinfo(%s) failed: %s",
205 domain, gai_strerror(sysret));
206 ATF_REQUIRE(capret == 0);
207
208 for (res0 = capres; res0 != NULL; res0 = res0->ai_next) {
209 found = false;
210 for (res1 = origres; res1 != NULL; res1 = res1->ai_next) {
211 if (res1->ai_addrlen == res0->ai_addrlen &&
212 memcmp(res1->ai_addr, res0->ai_addr,
213 res0->ai_addrlen) == 0) {
214 found = true;
215 break;
216 }
217 }
218 ATF_REQUIRE(found);
219 }
220
221 freeaddrinfo(capres);
222 freeaddrinfo(origres);
223 return (0);
224 }
225
226 static int
test_gethostbyname(cap_channel_t * chan,int family,const char * domain)227 test_gethostbyname(cap_channel_t *chan, int family, const char *domain)
228 {
229 struct hostent *caphp, *orighp;
230
231 caphp = cap_gethostbyname2(chan, domain, family);
232 if (caphp == NULL && h_errno == ENOTCAPABLE)
233 return (h_errno);
234
235 orighp = gethostbyname2(domain, family);
236 if (orighp == NULL)
237 atf_tc_skip("gethostbyname2(%s) failed", domain);
238
239 ATF_REQUIRE(caphp != NULL);
240 ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0);
241 return (0);
242 }
243
244 static int
test_bind(cap_channel_t * chan,const char * ip)245 test_bind(cap_channel_t *chan, const char *ip)
246 {
247 struct sockaddr_in ipv4;
248 int capfd, ret, serrno;
249
250 capfd = socket(AF_INET, SOCK_STREAM, 0);
251 ATF_REQUIRE(capfd > 0);
252
253 memset(&ipv4, 0, sizeof(ipv4));
254 ipv4.sin_family = AF_INET;
255 inet_pton(AF_INET, ip, &ipv4.sin_addr);
256
257 ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4));
258 serrno = errno;
259 close(capfd);
260
261 return (ret < 0 ? serrno : 0);
262 }
263
264 static int
test_connect(cap_channel_t * chan,const char * ip,unsigned short port)265 test_connect(cap_channel_t *chan, const char *ip, unsigned short port)
266 {
267 struct sockaddr_in ipv4;
268 int capfd, ret, serrno;
269
270 capfd = socket(AF_INET, SOCK_STREAM, 0);
271 ATF_REQUIRE(capfd >= 0);
272
273 memset(&ipv4, 0, sizeof(ipv4));
274 ipv4.sin_family = AF_INET;
275 ipv4.sin_port = htons(port);
276 inet_pton(AF_INET, ip, &ipv4.sin_addr);
277
278 ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4));
279 serrno = errno;
280 ATF_REQUIRE(close(capfd) == 0);
281
282 if (ret < 0 && serrno != ENOTCAPABLE) {
283 int sd;
284
285 /*
286 * If the connection failed, it might be because we can't reach
287 * the destination host. To check, try a plain connect() and
288 * see if it fails with the same error.
289 */
290 sd = socket(AF_INET, SOCK_STREAM, 0);
291 ATF_REQUIRE(sd >= 0);
292
293 memset(&ipv4, 0, sizeof(ipv4));
294 ipv4.sin_family = AF_INET;
295 ipv4.sin_port = htons(port);
296 inet_pton(AF_INET, ip, &ipv4.sin_addr);
297 ret = connect(sd, (struct sockaddr *)&ipv4, sizeof(ipv4));
298 ATF_REQUIRE(ret < 0);
299 ATF_REQUIRE_MSG(errno == serrno, "errno %d != serrno %d",
300 errno, serrno);
301 ATF_REQUIRE(close(sd) == 0);
302 atf_tc_skip("connect(%s:%d) failed: %s",
303 ip, port, strerror(serrno));
304 }
305
306 return (ret < 0 ? serrno : 0);
307 }
308
309 static void
test_extend_mode(cap_channel_t * capnet,int current)310 test_extend_mode(cap_channel_t *capnet, int current)
311 {
312 cap_net_limit_t *limit;
313 const int rights[] = {
314 CAPNET_ADDR2NAME,
315 CAPNET_NAME2ADDR,
316 CAPNET_DEPRECATED_ADDR2NAME,
317 CAPNET_DEPRECATED_NAME2ADDR,
318 CAPNET_CONNECT,
319 CAPNET_BIND,
320 CAPNET_CONNECTDNS
321 };
322 size_t i;
323
324 for (i = 0; i < nitems(rights); i++) {
325 if (current == rights[i])
326 continue;
327
328 limit = cap_net_limit_init(capnet, current | rights[i]);
329 ATF_REQUIRE(limit != NULL);
330 ATF_REQUIRE(cap_net_limit(limit) != 0);
331 }
332 }
333
334 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo);
ATF_TC_BODY(capnet__getnameinfo,tc)335 ATF_TC_BODY(capnet__getnameinfo, tc)
336 {
337 cap_channel_t *capnet;
338
339 capnet = create_network_service();
340
341 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
342 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);
343
344 cap_close(capnet);
345 }
346
347 ATF_TC_WITHOUT_HEAD(capnet__connect);
ATF_TC_BODY(capnet__connect,tc)348 ATF_TC_BODY(capnet__connect, tc)
349 {
350 cap_channel_t *capnet;
351
352 capnet = create_network_service();
353
354 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);
355
356 cap_close(capnet);
357 }
358
359 ATF_TC_WITHOUT_HEAD(capnet__bind);
ATF_TC_BODY(capnet__bind,tc)360 ATF_TC_BODY(capnet__bind, tc)
361 {
362 cap_channel_t *capnet;
363
364 capnet = create_network_service();
365
366 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);
367
368 cap_close(capnet);
369 }
370
371 ATF_TC_WITHOUT_HEAD(capnet__getaddrinfo);
ATF_TC_BODY(capnet__getaddrinfo,tc)372 ATF_TC_BODY(capnet__getaddrinfo, tc)
373 {
374 cap_channel_t *capnet;
375 struct addrinfo hints, *capres;
376
377 capnet = create_network_service();
378
379 memset(&hints, 0, sizeof(hints));
380 hints.ai_family = AF_INET;
381 hints.ai_socktype = SOCK_STREAM;
382
383 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) ==
384 0);
385
386 cap_close(capnet);
387 }
388
389 ATF_TC_WITHOUT_HEAD(capnet__gethostbyname);
ATF_TC_BODY(capnet__gethostbyname,tc)390 ATF_TC_BODY(capnet__gethostbyname, tc)
391 {
392 cap_channel_t *capnet;
393
394 capnet = create_network_service();
395
396 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
397
398 cap_close(capnet);
399 }
400
401 ATF_TC_WITHOUT_HEAD(capnet__gethostbyaddr);
ATF_TC_BODY(capnet__gethostbyaddr,tc)402 ATF_TC_BODY(capnet__gethostbyaddr, tc)
403 {
404 cap_channel_t *capnet;
405
406 capnet = create_network_service();
407
408 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
409 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);
410
411 cap_close(capnet);
412 }
413
414 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo_buffer);
ATF_TC_BODY(capnet__getnameinfo_buffer,tc)415 ATF_TC_BODY(capnet__getnameinfo_buffer, tc)
416 {
417 cap_channel_t *chan;
418 struct sockaddr_in sin;
419 int ret;
420 struct {
421 char host[sizeof(TEST_IPV4)];
422 char host_canary;
423 char serv[sizeof(TEST_PORT_STR)];
424 char serv_canary;
425 } buffers;
426
427 memset(&sin, 0, sizeof(sin));
428 sin.sin_family = AF_INET;
429 sin.sin_port = htons(TEST_PORT);
430 ret = inet_pton(AF_INET, TEST_IPV4, &sin.sin_addr);
431 ATF_REQUIRE_EQ(1, ret);
432
433 memset(&buffers, '!', sizeof(buffers));
434
435 chan = create_network_service();
436 ret = cap_getnameinfo(chan, (struct sockaddr *)&sin, sizeof(sin),
437 buffers.host, sizeof(buffers.host),
438 buffers.serv, sizeof(buffers.serv),
439 NI_NUMERICHOST | NI_NUMERICSERV);
440 ATF_REQUIRE_EQ_MSG(0, ret, "%d", ret);
441
442 // Verify that cap_getnameinfo worked with minimally sized buffers.
443 ATF_CHECK_EQ(0, strcmp(TEST_IPV4, buffers.host));
444 ATF_CHECK_EQ(0, strcmp(TEST_PORT_STR, buffers.serv));
445
446 // Verify that cap_getnameinfo did not overflow the buffers.
447 ATF_CHECK_EQ('!', buffers.host_canary);
448 ATF_CHECK_EQ('!', buffers.serv_canary);
449
450 cap_close(chan);
451 }
452
453 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_mode);
ATF_TC_BODY(capnet__limits_addr2name_mode,tc)454 ATF_TC_BODY(capnet__limits_addr2name_mode, tc)
455 {
456 cap_channel_t *capnet;
457 cap_net_limit_t *limit;
458
459 capnet = create_network_service();
460
461 /* LIMIT */
462 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
463 ATF_REQUIRE(limit != NULL);
464 ATF_REQUIRE(cap_net_limit(limit) == 0);
465
466 /* ALLOWED */
467 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
468
469 /* DISALLOWED */
470 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) ==
471 ENOTCAPABLE);
472 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
473 ENOTCAPABLE);
474 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
475 ENOTCAPABLE);
476 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
477 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);
478
479 test_extend_mode(capnet, CAPNET_ADDR2NAME);
480
481 cap_close(capnet);
482 }
483
484 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_family);
ATF_TC_BODY(capnet__limits_addr2name_family,tc)485 ATF_TC_BODY(capnet__limits_addr2name_family, tc)
486 {
487 cap_channel_t *capnet;
488 cap_net_limit_t *limit;
489 int family[] = { AF_INET6, AF_INET };
490
491 capnet = create_network_service();
492
493 /* Limit to AF_INET6 and AF_INET. */
494 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
495 ATF_REQUIRE(limit != NULL);
496 cap_net_limit_addr2name_family(limit, family, nitems(family));
497 ATF_REQUIRE(cap_net_limit(limit) == 0);
498
499 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
500 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);
501
502 /* Limit to AF_INET6 and AF_INET. */
503 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
504 ATF_REQUIRE(limit != NULL);
505 cap_net_limit_addr2name_family(limit, &family[0], 1);
506 cap_net_limit_addr2name_family(limit, &family[1], 1);
507 ATF_REQUIRE(cap_net_limit(limit) == 0);
508
509 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
510 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);
511
512 /* Limit to AF_INET6. */
513 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
514 ATF_REQUIRE(limit != NULL);
515 cap_net_limit_addr2name_family(limit, family, 1);
516 ATF_REQUIRE(cap_net_limit(limit) == 0);
517
518 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
519 ENOTCAPABLE);
520 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);
521
522 /* Unable to set empty limits. Empty limits means full access. */
523 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
524 ATF_REQUIRE(cap_net_limit(limit) != 0);
525
526 cap_close(capnet);
527 }
528
529 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name);
ATF_TC_BODY(capnet__limits_addr2name,tc)530 ATF_TC_BODY(capnet__limits_addr2name, tc)
531 {
532 cap_channel_t *capnet;
533 cap_net_limit_t *limit;
534 struct sockaddr_in ipaddrv4;
535 struct sockaddr_in6 ipaddrv6;
536
537 capnet = create_network_service();
538
539 /* Limit to TEST_IPV4 and TEST_IPV6. */
540 memset(&ipaddrv4, 0, sizeof(ipaddrv4));
541 memset(&ipaddrv6, 0, sizeof(ipaddrv6));
542
543 ipaddrv4.sin_family = AF_INET;
544 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr);
545
546 ipaddrv6.sin6_family = AF_INET6;
547 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr);
548
549 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
550 ATF_REQUIRE(limit != NULL);
551
552 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,
553 sizeof(ipaddrv4));
554 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6,
555 sizeof(ipaddrv6));
556 ATF_REQUIRE(cap_net_limit(limit) == 0);
557
558 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
559 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);
560 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") ==
561 ENOTCAPABLE);
562
563 /* Limit to AF_INET. */
564 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
565 ATF_REQUIRE(limit != NULL);
566 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,
567 sizeof(ipaddrv4));
568 ATF_REQUIRE(cap_net_limit(limit) == 0);
569
570 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);
571 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) ==
572 ENOTCAPABLE);
573 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") ==
574 ENOTCAPABLE);
575
576 /* Unable to set empty limits. Empty limits means full access. */
577 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);
578 ATF_REQUIRE(cap_net_limit(limit) != 0);
579
580 cap_close(capnet);
581 }
582
583 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_mode);
ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode,tc)584 ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc)
585 {
586 cap_channel_t *capnet;
587 cap_net_limit_t *limit;
588
589 capnet = create_network_service();
590
591 /* LIMIT */
592 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
593 ATF_REQUIRE(limit != NULL);
594 ATF_REQUIRE(cap_net_limit(limit) == 0);
595
596 /* ALLOWED */
597 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
598
599 /* DISALLOWED */
600 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) ==
601 ENOTCAPABLE);
602 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
603 ENOTCAPABLE);
604 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
605 ENOTCAPABLE);
606 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
607 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);
608
609 cap_close(capnet);
610 }
611
612 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_family);
ATF_TC_BODY(capnet__limits_deprecated_addr2name_family,tc)613 ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc)
614 {
615 cap_channel_t *capnet;
616 cap_net_limit_t *limit;
617 int family[] = { AF_INET6, AF_INET };
618
619 capnet = create_network_service();
620
621 /* Limit to AF_INET6 and AF_INET. */
622 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
623 ATF_REQUIRE(limit != NULL);
624 cap_net_limit_addr2name_family(limit, family, nitems(family));
625 ATF_REQUIRE(cap_net_limit(limit) == 0);
626
627 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
628 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);
629 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==
630 ENOTCAPABLE);
631
632 /* Limit to AF_INET6 and AF_INET. */
633 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
634 ATF_REQUIRE(limit != NULL);
635 cap_net_limit_addr2name_family(limit, &family[0], 1);
636 cap_net_limit_addr2name_family(limit, &family[1], 1);
637 ATF_REQUIRE(cap_net_limit(limit) == 0);
638
639 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
640 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);
641 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==
642 ENOTCAPABLE);
643
644 /* Limit to AF_INET6. */
645 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
646 ATF_REQUIRE(limit != NULL);
647 cap_net_limit_addr2name_family(limit, family, 1);
648 ATF_REQUIRE(cap_net_limit(limit) == 0);
649
650 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
651 ENOTCAPABLE);
652 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);
653 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==
654 ENOTCAPABLE);
655
656 /* Unable to set empty limits. Empty limits means full access. */
657 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
658 ATF_REQUIRE(cap_net_limit(limit) != 0);
659
660 cap_close(capnet);
661 }
662
663 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name);
ATF_TC_BODY(capnet__limits_deprecated_addr2name,tc)664 ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc)
665 {
666 cap_channel_t *capnet;
667 cap_net_limit_t *limit;
668 struct in_addr ipaddrv4;
669 struct in6_addr ipaddrv6;
670
671 capnet = create_network_service();
672
673 /* Limit to TEST_IPV4 and TEST_IPV6. */
674 memset(&ipaddrv4, 0, sizeof(ipaddrv4));
675 memset(&ipaddrv6, 0, sizeof(ipaddrv6));
676
677 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4);
678 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6);
679
680 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
681 ATF_REQUIRE(limit != NULL);
682
683 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,
684 sizeof(ipaddrv4));
685 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6,
686 sizeof(ipaddrv6));
687 ATF_REQUIRE(cap_net_limit(limit) == 0);
688
689 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
690 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);
691 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") ==
692 ENOTCAPABLE);
693
694 /* Limit to AF_INET. */
695 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
696 ATF_REQUIRE(limit != NULL);
697 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,
698 sizeof(ipaddrv4));
699 ATF_REQUIRE(cap_net_limit(limit) == 0);
700
701 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);
702 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) ==
703 ENOTCAPABLE);
704 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") ==
705 ENOTCAPABLE);
706
707 /* Unable to set empty limits. Empty limits means full access. */
708 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);
709 ATF_REQUIRE(cap_net_limit(limit) != 0);
710
711 cap_close(capnet);
712 }
713
714
715 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_mode);
ATF_TC_BODY(capnet__limits_name2addr_mode,tc)716 ATF_TC_BODY(capnet__limits_name2addr_mode, tc)
717 {
718 cap_channel_t *capnet;
719 cap_net_limit_t *limit;
720
721 capnet = create_network_service();
722
723 /* LIMIT */
724 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
725 ATF_REQUIRE(limit != NULL);
726 ATF_REQUIRE(cap_net_limit(limit) == 0);
727
728 /* ALLOWED */
729 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
730 0);
731
732 /* DISALLOWED */
733 ATF_REQUIRE(
734 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);
735 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
736 ENOTCAPABLE);
737 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
738 ENOTCAPABLE);
739 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
740 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);
741
742 test_extend_mode(capnet, CAPNET_ADDR2NAME);
743
744 cap_close(capnet);
745 }
746
747 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts);
ATF_TC_BODY(capnet__limits_name2addr_hosts,tc)748 ATF_TC_BODY(capnet__limits_name2addr_hosts, tc)
749 {
750 cap_channel_t *capnet;
751 cap_net_limit_t *limit;
752
753 capnet = create_network_service();
754
755 /* Limit to TEST_DOMAIN_0 and localhost only. */
756 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
757 ATF_REQUIRE(limit != NULL);
758 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
759 cap_net_limit_name2addr(limit, "localhost", NULL);
760 ATF_REQUIRE(cap_net_limit(limit) == 0);
761
762 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
763 0);
764 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0);
765 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) ==
766 ENOTCAPABLE);
767
768 /* Limit to TEST_DOMAIN_0 only. */
769 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
770 ATF_REQUIRE(limit != NULL);
771 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
772 ATF_REQUIRE(cap_net_limit(limit) == 0);
773
774 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) ==
775 ENOTCAPABLE);
776 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) ==
777 ENOTCAPABLE);
778 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
779 0);
780
781 /* Unable to set empty limits. Empty limits means full access. */
782 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
783 ATF_REQUIRE(cap_net_limit(limit) != 0);
784
785 /* Try to extend the limit. */
786 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
787 ATF_REQUIRE(limit != NULL);
788 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);
789 ATF_REQUIRE(cap_net_limit(limit) != 0);
790
791 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
792 ATF_REQUIRE(limit != NULL);
793 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
794 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);
795 ATF_REQUIRE(cap_net_limit(limit) != 0);
796
797 cap_close(capnet);
798 }
799
800 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_strict);
ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict,tc)801 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc)
802 {
803 cap_channel_t *capnet;
804 cap_net_limit_t *limit;
805
806 capnet = create_network_service();
807
808 /*
809 * Limit to TEST_DOMAIN_0 and HTTP service.
810 */
811 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
812 ATF_REQUIRE(limit != NULL);
813 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http");
814 ATF_REQUIRE(cap_net_limit(limit) == 0);
815
816 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==
817 0);
818 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
819 ENOTCAPABLE);
820 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") ==
821 ENOTCAPABLE);
822 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==
823 ENOTCAPABLE);
824
825 /* Unable to set empty limits. Empty limits means full access. */
826 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
827 ATF_REQUIRE(cap_net_limit(limit) != 0);
828
829 cap_close(capnet);
830 }
831
832 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_mix);
ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix,tc)833 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc)
834 {
835 cap_channel_t *capnet;
836 cap_net_limit_t *limit;
837
838 capnet = create_network_service();
839
840 /*
841 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with
842 * servname HTTP.
843 */
844 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
845 ATF_REQUIRE(limit != NULL);
846 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
847 cap_net_limit_name2addr(limit, NULL, "http");
848 ATF_REQUIRE(cap_net_limit(limit) == 0);
849
850 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==
851 0);
852 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
853 0);
854 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==
855 0);
856 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
857 0);
858 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") ==
859 ENOTCAPABLE);
860
861 /* Limit to HTTP servname only. */
862 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
863 ATF_REQUIRE(limit != NULL);
864 cap_net_limit_name2addr(limit, NULL, "http");
865 ATF_REQUIRE(cap_net_limit(limit) == 0);
866
867 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==
868 0);
869 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
870 ENOTCAPABLE);
871 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==
872 0);
873 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
874 ENOTCAPABLE);
875 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") ==
876 ENOTCAPABLE);
877
878 /* Unable to set empty limits. Empty limits means full access. */
879 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
880 ATF_REQUIRE(cap_net_limit(limit) != 0);
881
882 cap_close(capnet);
883 }
884
885 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_family);
ATF_TC_BODY(capnet__limits_name2addr_family,tc)886 ATF_TC_BODY(capnet__limits_name2addr_family, tc)
887 {
888 cap_channel_t *capnet;
889 cap_net_limit_t *limit;
890 int family[] = { AF_INET6, AF_INET };
891
892 capnet = create_network_service();
893
894 /* Limit to AF_INET and AF_INET6. */
895 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
896 ATF_REQUIRE(limit != NULL);
897 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
898 cap_net_limit_name2addr_family(limit, family, nitems(family));
899 ATF_REQUIRE(cap_net_limit(limit) == 0);
900
901 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
902 0);
903 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==
904 0);
905 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==
906 ENOTCAPABLE);
907
908 /* Limit to AF_INET and AF_INET6. */
909 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
910 ATF_REQUIRE(limit != NULL);
911 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
912 cap_net_limit_name2addr_family(limit, &family[0], 1);
913 cap_net_limit_name2addr_family(limit, &family[1], 1);
914 ATF_REQUIRE(cap_net_limit(limit) == 0);
915
916 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
917 0);
918 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==
919 0);
920 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==
921 ENOTCAPABLE);
922
923 /* Limit to AF_INET6 only. */
924 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
925 ATF_REQUIRE(limit != NULL);
926 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
927 cap_net_limit_name2addr_family(limit, family, 1);
928 ATF_REQUIRE(cap_net_limit(limit) == 0);
929
930 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
931 ENOTCAPABLE);
932 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==
933 0);
934 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==
935 ENOTCAPABLE);
936
937 /* Unable to set empty limits. Empty limits means full access. */
938 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);
939 ATF_REQUIRE(cap_net_limit(limit) != 0);
940
941 cap_close(capnet);
942 }
943
944 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_mode);
ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode,tc)945 ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc)
946 {
947 cap_channel_t *capnet;
948 cap_net_limit_t *limit;
949
950 capnet = create_network_service();
951
952 /* LIMIT */
953 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
954 ATF_REQUIRE(limit != NULL);
955 ATF_REQUIRE(cap_net_limit(limit) == 0);
956
957 /* ALLOWED */
958 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
959
960 /* DISALLOWED */
961 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
962 ENOTCAPABLE);
963 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
964 ENOTCAPABLE);
965 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
966 ENOTCAPABLE);
967 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
968 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);
969
970 test_extend_mode(capnet, CAPNET_ADDR2NAME);
971
972 cap_close(capnet);
973 }
974
975 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_hosts);
ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts,tc)976 ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc)
977 {
978 cap_channel_t *capnet;
979 cap_net_limit_t *limit;
980
981 capnet = create_network_service();
982
983 /* Limit to TEST_DOMAIN_0 and localhost only. */
984 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
985 ATF_REQUIRE(limit != NULL);
986 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
987 cap_net_limit_name2addr(limit, "localhost", NULL);
988 ATF_REQUIRE(cap_net_limit(limit) == 0);
989
990 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
991 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0);
992 ATF_REQUIRE(
993 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE);
994
995 /* Limit to TEST_DOMAIN_0 only. */
996 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
997 ATF_REQUIRE(limit != NULL);
998 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
999 ATF_REQUIRE(cap_net_limit(limit) == 0);
1000
1001 ATF_REQUIRE(
1002 test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE);
1003 ATF_REQUIRE(
1004 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE);
1005 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
1006
1007 /* Unable to set empty limits. Empty limits means full access. */
1008 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
1009 ATF_REQUIRE(cap_net_limit(limit) != 0);
1010
1011 cap_close(capnet);
1012 }
1013
1014 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_family);
ATF_TC_BODY(capnet__limits_deprecated_name2addr_family,tc)1015 ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc)
1016 {
1017 cap_channel_t *capnet;
1018 cap_net_limit_t *limit;
1019 int family[] = { AF_INET6, AF_INET };
1020
1021 capnet = create_network_service();
1022
1023 /* Limit to AF_INET and AF_INET6. */
1024 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
1025 ATF_REQUIRE(limit != NULL);
1026 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
1027 cap_net_limit_name2addr_family(limit, family, nitems(family));
1028 ATF_REQUIRE(cap_net_limit(limit) == 0);
1029
1030 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
1031 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);
1032 ATF_REQUIRE(
1033 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);
1034
1035 /* Limit to AF_INET and AF_INET6. */
1036 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
1037 ATF_REQUIRE(limit != NULL);
1038 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
1039 cap_net_limit_name2addr_family(limit, &family[0], 1);
1040 cap_net_limit_name2addr_family(limit, &family[1], 1);
1041 ATF_REQUIRE(cap_net_limit(limit) == 0);
1042
1043 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);
1044 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);
1045 ATF_REQUIRE(
1046 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);
1047
1048 /* Limit to AF_INET6 only. */
1049 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
1050 ATF_REQUIRE(limit != NULL);
1051 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);
1052 cap_net_limit_name2addr_family(limit, family, 1);
1053 ATF_REQUIRE(cap_net_limit(limit) == 0);
1054
1055 ATF_REQUIRE(
1056 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);
1057 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);
1058 ATF_REQUIRE(
1059 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);
1060
1061 /* Unable to set empty limits. Empty limits means full access. */
1062 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);
1063 ATF_REQUIRE(cap_net_limit(limit) != 0);
1064
1065 cap_close(capnet);
1066 }
1067
1068 ATF_TC_WITHOUT_HEAD(capnet__limits_bind_mode);
ATF_TC_BODY(capnet__limits_bind_mode,tc)1069 ATF_TC_BODY(capnet__limits_bind_mode, tc)
1070 {
1071 cap_channel_t *capnet;
1072 cap_net_limit_t *limit;
1073
1074 capnet = create_network_service();
1075
1076 /* LIMIT */
1077 limit = cap_net_limit_init(capnet, CAPNET_BIND);
1078 ATF_REQUIRE(limit != NULL);
1079 ATF_REQUIRE(cap_net_limit(limit) == 0);
1080
1081 /* ALLOWED */
1082 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);
1083
1084 /* DISALLOWED */
1085 ATF_REQUIRE(
1086 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);
1087 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
1088 ENOTCAPABLE);
1089 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
1090 ENOTCAPABLE);
1091 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
1092 ENOTCAPABLE);
1093 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);
1094
1095 test_extend_mode(capnet, CAPNET_ADDR2NAME);
1096
1097 cap_close(capnet);
1098 }
1099
1100 ATF_TC_WITHOUT_HEAD(capnet__limits_bind);
ATF_TC_BODY(capnet__limits_bind,tc)1101 ATF_TC_BODY(capnet__limits_bind, tc)
1102 {
1103 cap_channel_t *capnet;
1104 cap_net_limit_t *limit;
1105 struct sockaddr_in ipv4;
1106
1107 capnet = create_network_service();
1108
1109 limit = cap_net_limit_init(capnet, CAPNET_BIND);
1110 ATF_REQUIRE(limit != NULL);
1111
1112 memset(&ipv4, 0, sizeof(ipv4));
1113 ipv4.sin_family = AF_INET;
1114 inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr);
1115
1116 cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));
1117 ATF_REQUIRE(cap_net_limit(limit) == 0);
1118
1119 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);
1120 ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE);
1121
1122 cap_close(capnet);
1123 }
1124
1125 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_mode);
ATF_TC_BODY(capnet__limits_connect_mode,tc)1126 ATF_TC_BODY(capnet__limits_connect_mode, tc)
1127 {
1128 cap_channel_t *capnet;
1129 cap_net_limit_t *limit;
1130
1131 capnet = create_network_service();
1132
1133 /* LIMIT */
1134 limit = cap_net_limit_init(capnet, CAPNET_CONNECT);
1135 ATF_REQUIRE(limit != NULL);
1136 ATF_REQUIRE(cap_net_limit(limit) == 0);
1137
1138 /* ALLOWED */
1139 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);
1140
1141 /* DISALLOWED */
1142 ATF_REQUIRE(
1143 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);
1144 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
1145 ENOTCAPABLE);
1146 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
1147 ENOTCAPABLE);
1148 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
1149 ENOTCAPABLE);
1150 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
1151
1152 test_extend_mode(capnet, CAPNET_ADDR2NAME);
1153
1154 cap_close(capnet);
1155 }
1156
1157 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_dns_mode);
ATF_TC_BODY(capnet__limits_connect_dns_mode,tc)1158 ATF_TC_BODY(capnet__limits_connect_dns_mode, tc)
1159 {
1160 cap_channel_t *capnet;
1161 cap_net_limit_t *limit;
1162
1163 capnet = create_network_service();
1164
1165 /* LIMIT */
1166 limit = cap_net_limit_init(capnet, CAPNET_CONNECT | CAPNET_CONNECTDNS);
1167 ATF_REQUIRE(limit != NULL);
1168 ATF_REQUIRE(cap_net_limit(limit) == 0);
1169
1170 /* ALLOWED */
1171 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);
1172
1173 /* DISALLOWED */
1174 ATF_REQUIRE(
1175 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);
1176 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==
1177 ENOTCAPABLE);
1178 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==
1179 ENOTCAPABLE);
1180 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==
1181 ENOTCAPABLE);
1182 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);
1183
1184 test_extend_mode(capnet, CAPNET_ADDR2NAME);
1185
1186 cap_close(capnet);
1187 }
1188
1189 ATF_TC_WITHOUT_HEAD(capnet__limits_connect);
ATF_TC_BODY(capnet__limits_connect,tc)1190 ATF_TC_BODY(capnet__limits_connect, tc)
1191 {
1192 cap_channel_t *capnet;
1193 cap_net_limit_t *limit;
1194 struct sockaddr_in ipv4;
1195
1196 capnet = create_network_service();
1197
1198 /* Limit only to TEST_IPV4 on port 80 and 443. */
1199 limit = cap_net_limit_init(capnet, CAPNET_CONNECT);
1200 ATF_REQUIRE(limit != NULL);
1201 memset(&ipv4, 0, sizeof(ipv4));
1202 ipv4.sin_family = AF_INET;
1203 ipv4.sin_port = htons(80);
1204 inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr);
1205 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));
1206
1207 ipv4.sin_port = htons(443);
1208 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));
1209 ATF_REQUIRE(cap_net_limit(limit) == 0);
1210
1211 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);
1212 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE);
1213 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1214 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0);
1215
1216 /* Limit only to TEST_IPV4 on port 443. */
1217 limit = cap_net_limit_init(capnet, CAPNET_CONNECT);
1218 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));
1219 ATF_REQUIRE(cap_net_limit(limit) == 0);
1220
1221 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE);
1222 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE);
1223 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1224 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0);
1225
1226 /* Unable to set empty limits. Empty limits means full access. */
1227 limit = cap_net_limit_init(capnet, CAPNET_CONNECT);
1228 ATF_REQUIRE(cap_net_limit(limit) != 0);
1229
1230 cap_close(capnet);
1231 }
1232
1233 ATF_TC_WITHOUT_HEAD(capnet__limits_connecttodns);
ATF_TC_BODY(capnet__limits_connecttodns,tc)1234 ATF_TC_BODY(capnet__limits_connecttodns, tc)
1235 {
1236 cap_channel_t *capnet;
1237 cap_net_limit_t *limit;
1238 struct addrinfo hints, *capres, *res;
1239 int family[] = { AF_INET };
1240 int error;
1241
1242 capnet = create_network_service();
1243
1244 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS |
1245 CAPNET_NAME2ADDR);
1246 ATF_REQUIRE(limit != NULL);
1247 cap_net_limit_name2addr(limit, TEST_IPV4, "80");
1248 cap_net_limit_name2addr_family(limit, family, 1);
1249 ATF_REQUIRE(cap_net_limit(limit) == 0);
1250
1251 memset(&hints, 0, sizeof(hints));
1252 hints.ai_family = AF_INET;
1253 hints.ai_socktype = SOCK_STREAM;
1254
1255 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1256 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) ==
1257 0);
1258 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1259
1260 for (res = capres; res != NULL; res = res->ai_next) {
1261 int s;
1262
1263 ATF_REQUIRE(res->ai_family == AF_INET);
1264 ATF_REQUIRE(res->ai_socktype == SOCK_STREAM);
1265
1266 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
1267 ATF_REQUIRE(s >= 0);
1268
1269 error = cap_connect(capnet, s, res->ai_addr,
1270 res->ai_addrlen);
1271 if (error != 0 && errno != ENOTCAPABLE)
1272 atf_tc_skip("unable to connect: %s", strerror(errno));
1273 ATF_REQUIRE(error == 0);
1274 ATF_REQUIRE(close(s) == 0);
1275 }
1276
1277 freeaddrinfo(capres);
1278 cap_close(capnet);
1279 }
1280
1281
1282 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_connecttodns);
ATF_TC_BODY(capnet__limits_deprecated_connecttodns,tc)1283 ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc)
1284 {
1285 cap_channel_t *capnet;
1286 cap_net_limit_t *limit;
1287 struct hostent *caphp;
1288 struct in_addr ipaddr;
1289 struct sockaddr_in connaddr;
1290 int family[] = { AF_INET };
1291 int error, i;
1292
1293 capnet = create_network_service();
1294
1295 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS |
1296 CAPNET_DEPRECATED_NAME2ADDR);
1297 ATF_REQUIRE(limit != NULL);
1298 cap_net_limit_name2addr(limit, TEST_IPV4, NULL);
1299 cap_net_limit_name2addr_family(limit, family, 1);
1300 ATF_REQUIRE(cap_net_limit(limit) == 0);
1301
1302 memset(&ipaddr, 0, sizeof(ipaddr));
1303 inet_pton(AF_INET, TEST_IPV4, &ipaddr);
1304
1305 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1306 caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET);
1307 ATF_REQUIRE(caphp != NULL);
1308 ATF_REQUIRE(caphp->h_addrtype == AF_INET);
1309 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);
1310
1311 for (i = 0; caphp->h_addr_list[i] != NULL; i++) {
1312 int s;
1313
1314 s = socket(AF_INET, SOCK_STREAM, 0);
1315 ATF_REQUIRE(s >= 0);
1316
1317 memset(&connaddr, 0, sizeof(connaddr));
1318 connaddr.sin_family = AF_INET;
1319 memcpy((char *)&connaddr.sin_addr.s_addr,
1320 (char *)caphp->h_addr_list[i], caphp->h_length);
1321 connaddr.sin_port = htons(80);
1322
1323 error = cap_connect(capnet, s, (struct sockaddr *)&connaddr,
1324 sizeof(connaddr));
1325 if (error != 0 && errno != ENOTCAPABLE)
1326 atf_tc_skip("unable to connect: %s", strerror(errno));
1327 ATF_REQUIRE(error == 0);
1328 ATF_REQUIRE(close(s) == 0);
1329 }
1330
1331 cap_close(capnet);
1332 }
1333
ATF_TP_ADD_TCS(tp)1334 ATF_TP_ADD_TCS(tp)
1335 {
1336
1337 ATF_TP_ADD_TC(tp, capnet__connect);
1338 ATF_TP_ADD_TC(tp, capnet__bind);
1339 ATF_TP_ADD_TC(tp, capnet__getnameinfo);
1340 ATF_TP_ADD_TC(tp, capnet__getaddrinfo);
1341 ATF_TP_ADD_TC(tp, capnet__gethostbyname);
1342 ATF_TP_ADD_TC(tp, capnet__gethostbyaddr);
1343
1344 ATF_TP_ADD_TC(tp, capnet__getnameinfo_buffer);
1345
1346 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode);
1347 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family);
1348 ATF_TP_ADD_TC(tp, capnet__limits_addr2name);
1349
1350 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode);
1351 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family);
1352 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name);
1353
1354 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode);
1355 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts);
1356 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict);
1357 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix);
1358 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family);
1359
1360 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode);
1361 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts);
1362 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family);
1363
1364 ATF_TP_ADD_TC(tp, capnet__limits_bind_mode);
1365 ATF_TP_ADD_TC(tp, capnet__limits_bind);
1366
1367 ATF_TP_ADD_TC(tp, capnet__limits_connect_mode);
1368 ATF_TP_ADD_TC(tp, capnet__limits_connect_dns_mode);
1369 ATF_TP_ADD_TC(tp, capnet__limits_connect);
1370
1371 ATF_TP_ADD_TC(tp, capnet__limits_connecttodns);
1372 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns);
1373
1374 return (atf_no_error());
1375 }
1376