1 /*- 2 * Copyright (c) 2020 Mariusz Zaborski <oshogbo@FreeBSD.org> 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 14 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 15 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 23 * POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include <sys/param.h> 27 #include <sys/socket.h> 28 #include <netinet/in.h> 29 #include <arpa/inet.h> 30 31 #include <errno.h> 32 #include <netdb.h> 33 34 #include <atf-c.h> 35 36 #include <libcasper.h> 37 #include <casper/cap_net.h> 38 39 #define TEST_DOMAIN_0 "example.com" 40 #define TEST_DOMAIN_1 "freebsd.org" 41 #define TEST_IPV4 "1.1.1.1" 42 #define TEST_IPV6 "2001:4860:4860::8888" 43 #define TEST_BIND_IPV4 "127.0.0.1" 44 #define TEST_PORT 80 45 #define TEST_PORT_STR "80" 46 47 static cap_channel_t * 48 create_network_service(void) 49 { 50 cap_channel_t *capcas, *capnet; 51 52 capcas = cap_init(); 53 ATF_REQUIRE(capcas != NULL); 54 55 capnet = cap_service_open(capcas, "system.net"); 56 ATF_REQUIRE(capnet != NULL); 57 58 cap_close(capcas); 59 return (capnet); 60 } 61 62 static int 63 test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip) 64 { 65 struct sockaddr_in ipaddr; 66 char capfn[MAXHOSTNAMELEN]; 67 char origfn[MAXHOSTNAMELEN]; 68 int capret, sysret; 69 70 memset(&ipaddr, 0, sizeof(ipaddr)); 71 ipaddr.sin_family = family; 72 inet_pton(family, ip, &ipaddr.sin_addr); 73 74 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 75 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 76 if (capret != 0 && capret == ENOTCAPABLE) 77 return (ENOTCAPABLE); 78 79 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 80 sizeof(origfn), NULL, 0, NI_NAMEREQD); 81 if (sysret != 0) { 82 atf_tc_skip("getnameinfo(%s) failed: %s", 83 ip, gai_strerror(sysret)); 84 } 85 ATF_REQUIRE(capret == 0); 86 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 87 88 return (0); 89 } 90 91 static int 92 test_getnameinfo_v6(cap_channel_t *chan, const char *ip) 93 { 94 struct sockaddr_in6 ipaddr; 95 char capfn[MAXHOSTNAMELEN]; 96 char origfn[MAXHOSTNAMELEN]; 97 int capret, sysret; 98 99 memset(&ipaddr, 0, sizeof(ipaddr)); 100 ipaddr.sin6_family = AF_INET6; 101 inet_pton(AF_INET6, ip, &ipaddr.sin6_addr); 102 103 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 104 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 105 if (capret != 0 && capret == ENOTCAPABLE) 106 return (ENOTCAPABLE); 107 108 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 109 sizeof(origfn), NULL, 0, NI_NAMEREQD); 110 if (sysret != 0) { 111 atf_tc_skip("getnameinfo(%s) failed: %s", 112 ip, gai_strerror(sysret)); 113 } 114 ATF_REQUIRE(capret == 0); 115 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 116 117 return (0); 118 } 119 120 static int 121 test_getnameinfo(cap_channel_t *chan, int family, const char *ip) 122 { 123 124 if (family == AF_INET6) { 125 return (test_getnameinfo_v6(chan, ip)); 126 } 127 128 return (test_getnameinfo_v4(chan, family, ip)); 129 } 130 131 static int 132 test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip) 133 { 134 struct in_addr ipaddr; 135 struct hostent *caphp, *orighp; 136 137 memset(&ipaddr, 0, sizeof(ipaddr)); 138 inet_pton(AF_INET, ip, &ipaddr); 139 140 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family); 141 if (caphp == NULL && h_errno == ENOTCAPABLE) 142 return (ENOTCAPABLE); 143 144 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family); 145 if (orighp == NULL) 146 atf_tc_skip("gethostbyaddr(%s) failed", ip); 147 ATF_REQUIRE(caphp != NULL); 148 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 149 150 return (0); 151 } 152 153 static int 154 test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip) 155 { 156 struct in6_addr ipaddr; 157 struct hostent *caphp, *orighp; 158 159 memset(&ipaddr, 0, sizeof(ipaddr)); 160 inet_pton(AF_INET6, ip, &ipaddr); 161 162 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6); 163 if (caphp == NULL && h_errno == ENOTCAPABLE) 164 return (ENOTCAPABLE); 165 166 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6); 167 if (orighp == NULL) 168 atf_tc_skip("gethostbyaddr(%s) failed", ip); 169 ATF_REQUIRE(caphp != NULL); 170 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 171 172 return (0); 173 } 174 175 static int 176 test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip) 177 { 178 179 if (family == AF_INET6) { 180 return (test_gethostbyaddr_v6(chan, ip)); 181 } else { 182 return (test_gethostbyaddr_v4(chan, family, ip)); 183 } 184 } 185 186 static int 187 test_getaddrinfo(cap_channel_t *chan, int family, const char *domain, 188 const char *servname) 189 { 190 struct addrinfo hints, *capres, *origres, *res0, *res1; 191 bool found; 192 int capret, sysret; 193 194 memset(&hints, 0, sizeof(hints)); 195 hints.ai_family = family; 196 hints.ai_socktype = SOCK_STREAM; 197 198 capret = cap_getaddrinfo(chan, domain, servname, &hints, &capres); 199 if (capret != 0 && capret == ENOTCAPABLE) 200 return (capret); 201 202 sysret = getaddrinfo(domain, servname, &hints, &origres); 203 if (sysret != 0) 204 atf_tc_skip("getaddrinfo(%s) failed: %s", 205 domain, gai_strerror(sysret)); 206 ATF_REQUIRE(capret == 0); 207 208 for (res0 = capres; res0 != NULL; res0 = res0->ai_next) { 209 found = false; 210 for (res1 = origres; res1 != NULL; res1 = res1->ai_next) { 211 if (res1->ai_addrlen == res0->ai_addrlen && 212 memcmp(res1->ai_addr, res0->ai_addr, 213 res0->ai_addrlen) == 0) { 214 found = true; 215 break; 216 } 217 } 218 ATF_REQUIRE(found); 219 } 220 221 freeaddrinfo(capres); 222 freeaddrinfo(origres); 223 return (0); 224 } 225 226 static int 227 test_gethostbyname(cap_channel_t *chan, int family, const char *domain) 228 { 229 struct hostent *caphp, *orighp; 230 231 caphp = cap_gethostbyname2(chan, domain, family); 232 if (caphp == NULL && h_errno == ENOTCAPABLE) 233 return (h_errno); 234 235 orighp = gethostbyname2(domain, family); 236 if (orighp == NULL) 237 atf_tc_skip("gethostbyname2(%s) failed", domain); 238 239 ATF_REQUIRE(caphp != NULL); 240 ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0); 241 return (0); 242 } 243 244 static int 245 test_bind(cap_channel_t *chan, const char *ip) 246 { 247 struct sockaddr_in ipv4; 248 int capfd, ret, serrno; 249 250 capfd = socket(AF_INET, SOCK_STREAM, 0); 251 ATF_REQUIRE(capfd > 0); 252 253 memset(&ipv4, 0, sizeof(ipv4)); 254 ipv4.sin_family = AF_INET; 255 inet_pton(AF_INET, ip, &ipv4.sin_addr); 256 257 ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 258 serrno = errno; 259 close(capfd); 260 261 return (ret < 0 ? serrno : 0); 262 } 263 264 static int 265 test_connect(cap_channel_t *chan, const char *ip, unsigned short port) 266 { 267 struct sockaddr_in ipv4; 268 int capfd, ret, serrno; 269 270 capfd = socket(AF_INET, SOCK_STREAM, 0); 271 ATF_REQUIRE(capfd >= 0); 272 273 memset(&ipv4, 0, sizeof(ipv4)); 274 ipv4.sin_family = AF_INET; 275 ipv4.sin_port = htons(port); 276 inet_pton(AF_INET, ip, &ipv4.sin_addr); 277 278 ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 279 serrno = errno; 280 ATF_REQUIRE(close(capfd) == 0); 281 282 if (ret < 0 && serrno != ENOTCAPABLE) { 283 int sd; 284 285 /* 286 * If the connection failed, it might be because we can't reach 287 * the destination host. To check, try a plain connect() and 288 * see if it fails with the same error. 289 */ 290 sd = socket(AF_INET, SOCK_STREAM, 0); 291 ATF_REQUIRE(sd >= 0); 292 293 memset(&ipv4, 0, sizeof(ipv4)); 294 ipv4.sin_family = AF_INET; 295 ipv4.sin_port = htons(port); 296 inet_pton(AF_INET, ip, &ipv4.sin_addr); 297 ret = connect(sd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 298 ATF_REQUIRE(ret < 0); 299 ATF_REQUIRE_MSG(errno == serrno, "errno %d != serrno %d", 300 errno, serrno); 301 ATF_REQUIRE(close(sd) == 0); 302 atf_tc_skip("connect(%s:%d) failed: %s", 303 ip, port, strerror(serrno)); 304 } 305 306 return (ret < 0 ? serrno : 0); 307 } 308 309 static void 310 test_extend_mode(cap_channel_t *capnet, int current) 311 { 312 cap_net_limit_t *limit; 313 const int rights[] = { 314 CAPNET_ADDR2NAME, 315 CAPNET_NAME2ADDR, 316 CAPNET_DEPRECATED_ADDR2NAME, 317 CAPNET_DEPRECATED_NAME2ADDR, 318 CAPNET_CONNECT, 319 CAPNET_BIND, 320 CAPNET_CONNECTDNS 321 }; 322 size_t i; 323 324 for (i = 0; i < nitems(rights); i++) { 325 if (current == rights[i]) 326 continue; 327 328 limit = cap_net_limit_init(capnet, current | rights[i]); 329 ATF_REQUIRE(limit != NULL); 330 ATF_REQUIRE(cap_net_limit(limit) != 0); 331 } 332 } 333 334 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo); 335 ATF_TC_BODY(capnet__getnameinfo, tc) 336 { 337 cap_channel_t *capnet; 338 339 capnet = create_network_service(); 340 341 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 342 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 343 344 cap_close(capnet); 345 } 346 347 ATF_TC_WITHOUT_HEAD(capnet__connect); 348 ATF_TC_BODY(capnet__connect, tc) 349 { 350 cap_channel_t *capnet; 351 352 capnet = create_network_service(); 353 354 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 355 356 cap_close(capnet); 357 } 358 359 ATF_TC_WITHOUT_HEAD(capnet__bind); 360 ATF_TC_BODY(capnet__bind, tc) 361 { 362 cap_channel_t *capnet; 363 364 capnet = create_network_service(); 365 366 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 367 368 cap_close(capnet); 369 } 370 371 ATF_TC_WITHOUT_HEAD(capnet__getaddrinfo); 372 ATF_TC_BODY(capnet__getaddrinfo, tc) 373 { 374 cap_channel_t *capnet; 375 struct addrinfo hints, *capres; 376 377 capnet = create_network_service(); 378 379 memset(&hints, 0, sizeof(hints)); 380 hints.ai_family = AF_INET; 381 hints.ai_socktype = SOCK_STREAM; 382 383 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 384 0); 385 386 cap_close(capnet); 387 } 388 389 ATF_TC_WITHOUT_HEAD(capnet__gethostbyname); 390 ATF_TC_BODY(capnet__gethostbyname, tc) 391 { 392 cap_channel_t *capnet; 393 394 capnet = create_network_service(); 395 396 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 397 398 cap_close(capnet); 399 } 400 401 ATF_TC_WITHOUT_HEAD(capnet__gethostbyaddr); 402 ATF_TC_BODY(capnet__gethostbyaddr, tc) 403 { 404 cap_channel_t *capnet; 405 406 capnet = create_network_service(); 407 408 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 409 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 410 411 cap_close(capnet); 412 } 413 414 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo_buffer); 415 ATF_TC_BODY(capnet__getnameinfo_buffer, tc) 416 { 417 cap_channel_t *chan; 418 struct sockaddr_in sin; 419 int ret; 420 struct { 421 char host[sizeof(TEST_IPV4)]; 422 char host_canary; 423 char serv[sizeof(TEST_PORT_STR)]; 424 char serv_canary; 425 } buffers; 426 427 memset(&sin, 0, sizeof(sin)); 428 sin.sin_family = AF_INET; 429 sin.sin_port = htons(TEST_PORT); 430 ret = inet_pton(AF_INET, TEST_IPV4, &sin.sin_addr); 431 ATF_REQUIRE_EQ(1, ret); 432 433 memset(&buffers, '!', sizeof(buffers)); 434 435 chan = create_network_service(); 436 ret = cap_getnameinfo(chan, (struct sockaddr *)&sin, sizeof(sin), 437 buffers.host, sizeof(buffers.host), 438 buffers.serv, sizeof(buffers.serv), 439 NI_NUMERICHOST | NI_NUMERICSERV); 440 ATF_REQUIRE_EQ_MSG(0, ret, "%d", ret); 441 442 // Verify that cap_getnameinfo worked with minimally sized buffers. 443 ATF_CHECK_EQ(0, strcmp(TEST_IPV4, buffers.host)); 444 ATF_CHECK_EQ(0, strcmp(TEST_PORT_STR, buffers.serv)); 445 446 // Verify that cap_getnameinfo did not overflow the buffers. 447 ATF_CHECK_EQ('!', buffers.host_canary); 448 ATF_CHECK_EQ('!', buffers.serv_canary); 449 450 cap_close(chan); 451 } 452 453 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_mode); 454 ATF_TC_BODY(capnet__limits_addr2name_mode, tc) 455 { 456 cap_channel_t *capnet; 457 cap_net_limit_t *limit; 458 459 capnet = create_network_service(); 460 461 /* LIMIT */ 462 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 463 ATF_REQUIRE(limit != NULL); 464 ATF_REQUIRE(cap_net_limit(limit) == 0); 465 466 /* ALLOWED */ 467 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 468 469 /* DISALLOWED */ 470 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 471 ENOTCAPABLE); 472 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 473 ENOTCAPABLE); 474 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 475 ENOTCAPABLE); 476 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 477 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 478 479 test_extend_mode(capnet, CAPNET_ADDR2NAME); 480 481 cap_close(capnet); 482 } 483 484 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_family); 485 ATF_TC_BODY(capnet__limits_addr2name_family, tc) 486 { 487 cap_channel_t *capnet; 488 cap_net_limit_t *limit; 489 int family[] = { AF_INET6, AF_INET }; 490 491 capnet = create_network_service(); 492 493 /* Limit to AF_INET6 and AF_INET. */ 494 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 495 ATF_REQUIRE(limit != NULL); 496 cap_net_limit_addr2name_family(limit, family, nitems(family)); 497 ATF_REQUIRE(cap_net_limit(limit) == 0); 498 499 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 500 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 501 502 /* Limit to AF_INET6 and AF_INET. */ 503 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 504 ATF_REQUIRE(limit != NULL); 505 cap_net_limit_addr2name_family(limit, &family[0], 1); 506 cap_net_limit_addr2name_family(limit, &family[1], 1); 507 ATF_REQUIRE(cap_net_limit(limit) == 0); 508 509 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 510 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 511 512 /* Limit to AF_INET6. */ 513 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 514 ATF_REQUIRE(limit != NULL); 515 cap_net_limit_addr2name_family(limit, family, 1); 516 ATF_REQUIRE(cap_net_limit(limit) == 0); 517 518 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 519 ENOTCAPABLE); 520 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 521 522 /* Unable to set empty limits. Empty limits means full access. */ 523 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 524 ATF_REQUIRE(cap_net_limit(limit) != 0); 525 526 cap_close(capnet); 527 } 528 529 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name); 530 ATF_TC_BODY(capnet__limits_addr2name, tc) 531 { 532 cap_channel_t *capnet; 533 cap_net_limit_t *limit; 534 struct sockaddr_in ipaddrv4; 535 struct sockaddr_in6 ipaddrv6; 536 537 capnet = create_network_service(); 538 539 /* Limit to TEST_IPV4 and TEST_IPV6. */ 540 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 541 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 542 543 ipaddrv4.sin_family = AF_INET; 544 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr); 545 546 ipaddrv6.sin6_family = AF_INET6; 547 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr); 548 549 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 550 ATF_REQUIRE(limit != NULL); 551 552 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 553 sizeof(ipaddrv4)); 554 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 555 sizeof(ipaddrv6)); 556 ATF_REQUIRE(cap_net_limit(limit) == 0); 557 558 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 559 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 560 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 561 ENOTCAPABLE); 562 563 /* Limit to AF_INET. */ 564 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 565 ATF_REQUIRE(limit != NULL); 566 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 567 sizeof(ipaddrv4)); 568 ATF_REQUIRE(cap_net_limit(limit) == 0); 569 570 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 571 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 572 ENOTCAPABLE); 573 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 574 ENOTCAPABLE); 575 576 /* Unable to set empty limits. Empty limits means full access. */ 577 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 578 ATF_REQUIRE(cap_net_limit(limit) != 0); 579 580 cap_close(capnet); 581 } 582 583 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_mode); 584 ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc) 585 { 586 cap_channel_t *capnet; 587 cap_net_limit_t *limit; 588 589 capnet = create_network_service(); 590 591 /* LIMIT */ 592 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 593 ATF_REQUIRE(limit != NULL); 594 ATF_REQUIRE(cap_net_limit(limit) == 0); 595 596 /* ALLOWED */ 597 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 598 599 /* DISALLOWED */ 600 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 601 ENOTCAPABLE); 602 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 603 ENOTCAPABLE); 604 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 605 ENOTCAPABLE); 606 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 607 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 608 609 cap_close(capnet); 610 } 611 612 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_family); 613 ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc) 614 { 615 cap_channel_t *capnet; 616 cap_net_limit_t *limit; 617 int family[] = { AF_INET6, AF_INET }; 618 619 capnet = create_network_service(); 620 621 /* Limit to AF_INET6 and AF_INET. */ 622 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 623 ATF_REQUIRE(limit != NULL); 624 cap_net_limit_addr2name_family(limit, family, nitems(family)); 625 ATF_REQUIRE(cap_net_limit(limit) == 0); 626 627 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 628 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 629 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 630 ENOTCAPABLE); 631 632 /* Limit to AF_INET6 and AF_INET. */ 633 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 634 ATF_REQUIRE(limit != NULL); 635 cap_net_limit_addr2name_family(limit, &family[0], 1); 636 cap_net_limit_addr2name_family(limit, &family[1], 1); 637 ATF_REQUIRE(cap_net_limit(limit) == 0); 638 639 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 640 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 641 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 642 ENOTCAPABLE); 643 644 /* Limit to AF_INET6. */ 645 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 646 ATF_REQUIRE(limit != NULL); 647 cap_net_limit_addr2name_family(limit, family, 1); 648 ATF_REQUIRE(cap_net_limit(limit) == 0); 649 650 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 651 ENOTCAPABLE); 652 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 653 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 654 ENOTCAPABLE); 655 656 /* Unable to set empty limits. Empty limits means full access. */ 657 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 658 ATF_REQUIRE(cap_net_limit(limit) != 0); 659 660 cap_close(capnet); 661 } 662 663 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name); 664 ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc) 665 { 666 cap_channel_t *capnet; 667 cap_net_limit_t *limit; 668 struct in_addr ipaddrv4; 669 struct in6_addr ipaddrv6; 670 671 capnet = create_network_service(); 672 673 /* Limit to TEST_IPV4 and TEST_IPV6. */ 674 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 675 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 676 677 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4); 678 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6); 679 680 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 681 ATF_REQUIRE(limit != NULL); 682 683 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 684 sizeof(ipaddrv4)); 685 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 686 sizeof(ipaddrv6)); 687 ATF_REQUIRE(cap_net_limit(limit) == 0); 688 689 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 690 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 691 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 692 ENOTCAPABLE); 693 694 /* Limit to AF_INET. */ 695 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 696 ATF_REQUIRE(limit != NULL); 697 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 698 sizeof(ipaddrv4)); 699 ATF_REQUIRE(cap_net_limit(limit) == 0); 700 701 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 702 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 703 ENOTCAPABLE); 704 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 705 ENOTCAPABLE); 706 707 /* Unable to set empty limits. Empty limits means full access. */ 708 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 709 ATF_REQUIRE(cap_net_limit(limit) != 0); 710 711 cap_close(capnet); 712 } 713 714 715 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_mode); 716 ATF_TC_BODY(capnet__limits_name2addr_mode, tc) 717 { 718 cap_channel_t *capnet; 719 cap_net_limit_t *limit; 720 721 capnet = create_network_service(); 722 723 /* LIMIT */ 724 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 725 ATF_REQUIRE(limit != NULL); 726 ATF_REQUIRE(cap_net_limit(limit) == 0); 727 728 /* ALLOWED */ 729 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 730 0); 731 732 /* DISALLOWED */ 733 ATF_REQUIRE( 734 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 735 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 736 ENOTCAPABLE); 737 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 738 ENOTCAPABLE); 739 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 740 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 741 742 test_extend_mode(capnet, CAPNET_ADDR2NAME); 743 744 cap_close(capnet); 745 } 746 747 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts); 748 ATF_TC_BODY(capnet__limits_name2addr_hosts, tc) 749 { 750 cap_channel_t *capnet; 751 cap_net_limit_t *limit; 752 753 capnet = create_network_service(); 754 755 /* Limit to TEST_DOMAIN_0 and localhost only. */ 756 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 757 ATF_REQUIRE(limit != NULL); 758 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 759 cap_net_limit_name2addr(limit, "localhost", NULL); 760 ATF_REQUIRE(cap_net_limit(limit) == 0); 761 762 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 763 0); 764 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0); 765 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 766 ENOTCAPABLE); 767 768 /* Limit to TEST_DOMAIN_0 only. */ 769 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 770 ATF_REQUIRE(limit != NULL); 771 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 772 ATF_REQUIRE(cap_net_limit(limit) == 0); 773 774 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 775 ENOTCAPABLE); 776 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 777 ENOTCAPABLE); 778 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 779 0); 780 781 /* Unable to set empty limits. Empty limits means full access. */ 782 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 783 ATF_REQUIRE(cap_net_limit(limit) != 0); 784 785 /* Try to extend the limit. */ 786 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 787 ATF_REQUIRE(limit != NULL); 788 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 789 ATF_REQUIRE(cap_net_limit(limit) != 0); 790 791 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 792 ATF_REQUIRE(limit != NULL); 793 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 794 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 795 ATF_REQUIRE(cap_net_limit(limit) != 0); 796 797 cap_close(capnet); 798 } 799 800 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_strict); 801 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc) 802 { 803 cap_channel_t *capnet; 804 cap_net_limit_t *limit; 805 806 capnet = create_network_service(); 807 808 /* 809 * Limit to TEST_DOMAIN_0 and HTTP service. 810 */ 811 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 812 ATF_REQUIRE(limit != NULL); 813 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http"); 814 ATF_REQUIRE(cap_net_limit(limit) == 0); 815 816 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 817 0); 818 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 819 ENOTCAPABLE); 820 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") == 821 ENOTCAPABLE); 822 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 823 ENOTCAPABLE); 824 825 /* Unable to set empty limits. Empty limits means full access. */ 826 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 827 ATF_REQUIRE(cap_net_limit(limit) != 0); 828 829 cap_close(capnet); 830 } 831 832 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_mix); 833 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc) 834 { 835 cap_channel_t *capnet; 836 cap_net_limit_t *limit; 837 838 capnet = create_network_service(); 839 840 /* 841 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with 842 * servname HTTP. 843 */ 844 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 845 ATF_REQUIRE(limit != NULL); 846 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 847 cap_net_limit_name2addr(limit, NULL, "http"); 848 ATF_REQUIRE(cap_net_limit(limit) == 0); 849 850 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 851 0); 852 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 853 0); 854 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 855 0); 856 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 857 0); 858 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 859 ENOTCAPABLE); 860 861 /* Limit to HTTTP servname only. */ 862 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 863 ATF_REQUIRE(limit != NULL); 864 cap_net_limit_name2addr(limit, NULL, "http"); 865 ATF_REQUIRE(cap_net_limit(limit) == 0); 866 867 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 868 0); 869 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 870 ENOTCAPABLE); 871 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 872 0); 873 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 874 ENOTCAPABLE); 875 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 876 ENOTCAPABLE); 877 878 /* Unable to set empty limits. Empty limits means full access. */ 879 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 880 ATF_REQUIRE(cap_net_limit(limit) != 0); 881 882 cap_close(capnet); 883 } 884 885 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_family); 886 ATF_TC_BODY(capnet__limits_name2addr_family, tc) 887 { 888 cap_channel_t *capnet; 889 cap_net_limit_t *limit; 890 int family[] = { AF_INET6, AF_INET }; 891 892 capnet = create_network_service(); 893 894 /* Limit to AF_INET and AF_INET6. */ 895 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 896 ATF_REQUIRE(limit != NULL); 897 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 898 cap_net_limit_name2addr_family(limit, family, nitems(family)); 899 ATF_REQUIRE(cap_net_limit(limit) == 0); 900 901 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 902 0); 903 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 904 0); 905 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 906 ENOTCAPABLE); 907 908 /* Limit to AF_INET and AF_INET6. */ 909 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 910 ATF_REQUIRE(limit != NULL); 911 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 912 cap_net_limit_name2addr_family(limit, &family[0], 1); 913 cap_net_limit_name2addr_family(limit, &family[1], 1); 914 ATF_REQUIRE(cap_net_limit(limit) == 0); 915 916 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 917 0); 918 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 919 0); 920 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 921 ENOTCAPABLE); 922 923 /* Limit to AF_INET6 only. */ 924 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 925 ATF_REQUIRE(limit != NULL); 926 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 927 cap_net_limit_name2addr_family(limit, family, 1); 928 ATF_REQUIRE(cap_net_limit(limit) == 0); 929 930 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 931 ENOTCAPABLE); 932 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 933 0); 934 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 935 ENOTCAPABLE); 936 937 /* Unable to set empty limits. Empty limits means full access. */ 938 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 939 ATF_REQUIRE(cap_net_limit(limit) != 0); 940 941 cap_close(capnet); 942 } 943 944 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_mode); 945 ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc) 946 { 947 cap_channel_t *capnet; 948 cap_net_limit_t *limit; 949 950 capnet = create_network_service(); 951 952 /* LIMIT */ 953 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 954 ATF_REQUIRE(limit != NULL); 955 ATF_REQUIRE(cap_net_limit(limit) == 0); 956 957 /* ALLOWED */ 958 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 959 960 /* DISALLOWED */ 961 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 962 ENOTCAPABLE); 963 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 964 ENOTCAPABLE); 965 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 966 ENOTCAPABLE); 967 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 968 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 969 970 test_extend_mode(capnet, CAPNET_ADDR2NAME); 971 972 cap_close(capnet); 973 } 974 975 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_hosts); 976 ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc) 977 { 978 cap_channel_t *capnet; 979 cap_net_limit_t *limit; 980 981 capnet = create_network_service(); 982 983 /* Limit to TEST_DOMAIN_0 and localhost only. */ 984 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 985 ATF_REQUIRE(limit != NULL); 986 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 987 cap_net_limit_name2addr(limit, "localhost", NULL); 988 ATF_REQUIRE(cap_net_limit(limit) == 0); 989 990 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 991 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0); 992 ATF_REQUIRE( 993 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 994 995 /* Limit to TEST_DOMAIN_0 only. */ 996 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 997 ATF_REQUIRE(limit != NULL); 998 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 999 ATF_REQUIRE(cap_net_limit(limit) == 0); 1000 1001 ATF_REQUIRE( 1002 test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE); 1003 ATF_REQUIRE( 1004 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 1005 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1006 1007 /* Unable to set empty limits. Empty limits means full access. */ 1008 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1009 ATF_REQUIRE(cap_net_limit(limit) != 0); 1010 1011 cap_close(capnet); 1012 } 1013 1014 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_family); 1015 ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc) 1016 { 1017 cap_channel_t *capnet; 1018 cap_net_limit_t *limit; 1019 int family[] = { AF_INET6, AF_INET }; 1020 1021 capnet = create_network_service(); 1022 1023 /* Limit to AF_INET and AF_INET6. */ 1024 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1025 ATF_REQUIRE(limit != NULL); 1026 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1027 cap_net_limit_name2addr_family(limit, family, nitems(family)); 1028 ATF_REQUIRE(cap_net_limit(limit) == 0); 1029 1030 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1031 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1032 ATF_REQUIRE( 1033 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1034 1035 /* Limit to AF_INET and AF_INET6. */ 1036 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1037 ATF_REQUIRE(limit != NULL); 1038 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1039 cap_net_limit_name2addr_family(limit, &family[0], 1); 1040 cap_net_limit_name2addr_family(limit, &family[1], 1); 1041 ATF_REQUIRE(cap_net_limit(limit) == 0); 1042 1043 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1044 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1045 ATF_REQUIRE( 1046 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1047 1048 /* Limit to AF_INET6 only. */ 1049 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1050 ATF_REQUIRE(limit != NULL); 1051 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1052 cap_net_limit_name2addr_family(limit, family, 1); 1053 ATF_REQUIRE(cap_net_limit(limit) == 0); 1054 1055 ATF_REQUIRE( 1056 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1057 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1058 ATF_REQUIRE( 1059 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1060 1061 /* Unable to set empty limits. Empty limits means full access. */ 1062 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1063 ATF_REQUIRE(cap_net_limit(limit) != 0); 1064 1065 cap_close(capnet); 1066 } 1067 1068 ATF_TC_WITHOUT_HEAD(capnet__limits_bind_mode); 1069 ATF_TC_BODY(capnet__limits_bind_mode, tc) 1070 { 1071 cap_channel_t *capnet; 1072 cap_net_limit_t *limit; 1073 1074 capnet = create_network_service(); 1075 1076 /* LIMIT */ 1077 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1078 ATF_REQUIRE(limit != NULL); 1079 ATF_REQUIRE(cap_net_limit(limit) == 0); 1080 1081 /* ALLOWED */ 1082 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1083 1084 /* DISALLOWED */ 1085 ATF_REQUIRE( 1086 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1087 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1088 ENOTCAPABLE); 1089 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1090 ENOTCAPABLE); 1091 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1092 ENOTCAPABLE); 1093 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 1094 1095 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1096 1097 cap_close(capnet); 1098 } 1099 1100 ATF_TC_WITHOUT_HEAD(capnet__limits_bind); 1101 ATF_TC_BODY(capnet__limits_bind, tc) 1102 { 1103 cap_channel_t *capnet; 1104 cap_net_limit_t *limit; 1105 struct sockaddr_in ipv4; 1106 1107 capnet = create_network_service(); 1108 1109 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1110 ATF_REQUIRE(limit != NULL); 1111 1112 memset(&ipv4, 0, sizeof(ipv4)); 1113 ipv4.sin_family = AF_INET; 1114 inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr); 1115 1116 cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1117 ATF_REQUIRE(cap_net_limit(limit) == 0); 1118 1119 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1120 ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); 1121 1122 cap_close(capnet); 1123 } 1124 1125 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_mode); 1126 ATF_TC_BODY(capnet__limits_connect_mode, tc) 1127 { 1128 cap_channel_t *capnet; 1129 cap_net_limit_t *limit; 1130 1131 capnet = create_network_service(); 1132 1133 /* LIMIT */ 1134 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1135 ATF_REQUIRE(limit != NULL); 1136 ATF_REQUIRE(cap_net_limit(limit) == 0); 1137 1138 /* ALLOWED */ 1139 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1140 1141 /* DISALLOWED */ 1142 ATF_REQUIRE( 1143 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1144 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1145 ENOTCAPABLE); 1146 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1147 ENOTCAPABLE); 1148 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1149 ENOTCAPABLE); 1150 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1151 1152 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1153 1154 cap_close(capnet); 1155 } 1156 1157 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_dns_mode); 1158 ATF_TC_BODY(capnet__limits_connect_dns_mode, tc) 1159 { 1160 cap_channel_t *capnet; 1161 cap_net_limit_t *limit; 1162 1163 capnet = create_network_service(); 1164 1165 /* LIMIT */ 1166 limit = cap_net_limit_init(capnet, CAPNET_CONNECT | CAPNET_CONNECTDNS); 1167 ATF_REQUIRE(limit != NULL); 1168 ATF_REQUIRE(cap_net_limit(limit) == 0); 1169 1170 /* ALLOWED */ 1171 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1172 1173 /* DISALLOWED */ 1174 ATF_REQUIRE( 1175 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1176 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1177 ENOTCAPABLE); 1178 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1179 ENOTCAPABLE); 1180 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1181 ENOTCAPABLE); 1182 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1183 1184 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1185 1186 cap_close(capnet); 1187 } 1188 1189 ATF_TC_WITHOUT_HEAD(capnet__limits_connect); 1190 ATF_TC_BODY(capnet__limits_connect, tc) 1191 { 1192 cap_channel_t *capnet; 1193 cap_net_limit_t *limit; 1194 struct sockaddr_in ipv4; 1195 1196 capnet = create_network_service(); 1197 1198 /* Limit only to TEST_IPV4 on port 80 and 443. */ 1199 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1200 ATF_REQUIRE(limit != NULL); 1201 memset(&ipv4, 0, sizeof(ipv4)); 1202 ipv4.sin_family = AF_INET; 1203 ipv4.sin_port = htons(80); 1204 inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr); 1205 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1206 1207 ipv4.sin_port = htons(443); 1208 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1209 ATF_REQUIRE(cap_net_limit(limit) == 0); 1210 1211 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1212 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1213 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1214 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1215 1216 /* Limit only to TEST_IPV4 on port 443. */ 1217 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1218 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1219 ATF_REQUIRE(cap_net_limit(limit) == 0); 1220 1221 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE); 1222 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1223 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1224 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1225 1226 /* Unable to set empty limits. Empty limits means full access. */ 1227 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1228 ATF_REQUIRE(cap_net_limit(limit) != 0); 1229 1230 cap_close(capnet); 1231 } 1232 1233 ATF_TC_WITHOUT_HEAD(capnet__limits_connecttodns); 1234 ATF_TC_BODY(capnet__limits_connecttodns, tc) 1235 { 1236 cap_channel_t *capnet; 1237 cap_net_limit_t *limit; 1238 struct addrinfo hints, *capres, *res; 1239 int family[] = { AF_INET }; 1240 int error; 1241 1242 capnet = create_network_service(); 1243 1244 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1245 CAPNET_NAME2ADDR); 1246 ATF_REQUIRE(limit != NULL); 1247 cap_net_limit_name2addr(limit, TEST_IPV4, "80"); 1248 cap_net_limit_name2addr_family(limit, family, 1); 1249 ATF_REQUIRE(cap_net_limit(limit) == 0); 1250 1251 memset(&hints, 0, sizeof(hints)); 1252 hints.ai_family = AF_INET; 1253 hints.ai_socktype = SOCK_STREAM; 1254 1255 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1256 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 1257 0); 1258 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1259 1260 for (res = capres; res != NULL; res = res->ai_next) { 1261 int s; 1262 1263 ATF_REQUIRE(res->ai_family == AF_INET); 1264 ATF_REQUIRE(res->ai_socktype == SOCK_STREAM); 1265 1266 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 1267 ATF_REQUIRE(s >= 0); 1268 1269 error = cap_connect(capnet, s, res->ai_addr, 1270 res->ai_addrlen); 1271 if (error != 0 && errno != ENOTCAPABLE) 1272 atf_tc_skip("unable to connect: %s", strerror(errno)); 1273 ATF_REQUIRE(error == 0); 1274 ATF_REQUIRE(close(s) == 0); 1275 } 1276 1277 freeaddrinfo(capres); 1278 cap_close(capnet); 1279 } 1280 1281 1282 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_connecttodns); 1283 ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc) 1284 { 1285 cap_channel_t *capnet; 1286 cap_net_limit_t *limit; 1287 struct hostent *caphp; 1288 struct in_addr ipaddr; 1289 struct sockaddr_in connaddr; 1290 int family[] = { AF_INET }; 1291 int error, i; 1292 1293 capnet = create_network_service(); 1294 1295 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1296 CAPNET_DEPRECATED_NAME2ADDR); 1297 ATF_REQUIRE(limit != NULL); 1298 cap_net_limit_name2addr(limit, TEST_IPV4, NULL); 1299 cap_net_limit_name2addr_family(limit, family, 1); 1300 ATF_REQUIRE(cap_net_limit(limit) == 0); 1301 1302 memset(&ipaddr, 0, sizeof(ipaddr)); 1303 inet_pton(AF_INET, TEST_IPV4, &ipaddr); 1304 1305 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1306 caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET); 1307 ATF_REQUIRE(caphp != NULL); 1308 ATF_REQUIRE(caphp->h_addrtype == AF_INET); 1309 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1310 1311 for (i = 0; caphp->h_addr_list[i] != NULL; i++) { 1312 int s; 1313 1314 s = socket(AF_INET, SOCK_STREAM, 0); 1315 ATF_REQUIRE(s >= 0); 1316 1317 memset(&connaddr, 0, sizeof(connaddr)); 1318 connaddr.sin_family = AF_INET; 1319 memcpy((char *)&connaddr.sin_addr.s_addr, 1320 (char *)caphp->h_addr_list[i], caphp->h_length); 1321 connaddr.sin_port = htons(80); 1322 1323 error = cap_connect(capnet, s, (struct sockaddr *)&connaddr, 1324 sizeof(connaddr)); 1325 if (error != 0 && errno != ENOTCAPABLE) 1326 atf_tc_skip("unable to connect: %s", strerror(errno)); 1327 ATF_REQUIRE(error == 0); 1328 ATF_REQUIRE(close(s) == 0); 1329 } 1330 1331 cap_close(capnet); 1332 } 1333 1334 ATF_TP_ADD_TCS(tp) 1335 { 1336 1337 ATF_TP_ADD_TC(tp, capnet__connect); 1338 ATF_TP_ADD_TC(tp, capnet__bind); 1339 ATF_TP_ADD_TC(tp, capnet__getnameinfo); 1340 ATF_TP_ADD_TC(tp, capnet__getaddrinfo); 1341 ATF_TP_ADD_TC(tp, capnet__gethostbyname); 1342 ATF_TP_ADD_TC(tp, capnet__gethostbyaddr); 1343 1344 ATF_TP_ADD_TC(tp, capnet__getnameinfo_buffer); 1345 1346 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode); 1347 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family); 1348 ATF_TP_ADD_TC(tp, capnet__limits_addr2name); 1349 1350 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode); 1351 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family); 1352 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name); 1353 1354 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode); 1355 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts); 1356 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict); 1357 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix); 1358 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family); 1359 1360 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode); 1361 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts); 1362 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family); 1363 1364 ATF_TP_ADD_TC(tp, capnet__limits_bind_mode); 1365 ATF_TP_ADD_TC(tp, capnet__limits_bind); 1366 1367 ATF_TP_ADD_TC(tp, capnet__limits_connect_mode); 1368 ATF_TP_ADD_TC(tp, capnet__limits_connect_dns_mode); 1369 ATF_TP_ADD_TC(tp, capnet__limits_connect); 1370 1371 ATF_TP_ADD_TC(tp, capnet__limits_connecttodns); 1372 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns); 1373 1374 return (atf_no_error()); 1375 } 1376