1 /*- 2 * Copyright (c) 2020 Mariusz Zaborski <oshogbo@FreeBSD.org> 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 14 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 15 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 23 * POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include <sys/cdefs.h> 27 #include <sys/param.h> 28 #include <sys/socket.h> 29 #include <netinet/in.h> 30 #include <arpa/inet.h> 31 32 #include <errno.h> 33 #include <netdb.h> 34 35 #include <atf-c.h> 36 37 #include <libcasper.h> 38 #include <casper/cap_net.h> 39 40 #define TEST_DOMAIN_0 "example.com" 41 #define TEST_DOMAIN_1 "freebsd.org" 42 #define TEST_IPV4 "1.1.1.1" 43 #define TEST_IPV6 "2001:4860:4860::8888" 44 #define TEST_BIND_IPV4 "127.0.0.1" 45 #define TEST_PORT 80 46 #define TEST_PORT_STR "80" 47 48 static cap_channel_t * 49 create_network_service(void) 50 { 51 cap_channel_t *capcas, *capnet; 52 53 capcas = cap_init(); 54 ATF_REQUIRE(capcas != NULL); 55 56 capnet = cap_service_open(capcas, "system.net"); 57 ATF_REQUIRE(capnet != NULL); 58 59 cap_close(capcas); 60 return (capnet); 61 } 62 63 static int 64 test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip) 65 { 66 struct sockaddr_in ipaddr; 67 char capfn[MAXHOSTNAMELEN]; 68 char origfn[MAXHOSTNAMELEN]; 69 int capret, sysret; 70 71 memset(&ipaddr, 0, sizeof(ipaddr)); 72 ipaddr.sin_family = family; 73 inet_pton(family, ip, &ipaddr.sin_addr); 74 75 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 76 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 77 if (capret != 0 && capret == ENOTCAPABLE) 78 return (ENOTCAPABLE); 79 80 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 81 sizeof(origfn), NULL, 0, NI_NAMEREQD); 82 if (sysret != 0) { 83 atf_tc_skip("getnameinfo(%s) failed: %s", 84 ip, gai_strerror(sysret)); 85 } 86 ATF_REQUIRE(capret == 0); 87 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 88 89 return (0); 90 } 91 92 static int 93 test_getnameinfo_v6(cap_channel_t *chan, const char *ip) 94 { 95 struct sockaddr_in6 ipaddr; 96 char capfn[MAXHOSTNAMELEN]; 97 char origfn[MAXHOSTNAMELEN]; 98 int capret, sysret; 99 100 memset(&ipaddr, 0, sizeof(ipaddr)); 101 ipaddr.sin6_family = AF_INET6; 102 inet_pton(AF_INET6, ip, &ipaddr.sin6_addr); 103 104 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 105 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 106 if (capret != 0 && capret == ENOTCAPABLE) 107 return (ENOTCAPABLE); 108 109 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 110 sizeof(origfn), NULL, 0, NI_NAMEREQD); 111 if (sysret != 0) { 112 atf_tc_skip("getnameinfo(%s) failed: %s", 113 ip, gai_strerror(sysret)); 114 } 115 ATF_REQUIRE(capret == 0); 116 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 117 118 return (0); 119 } 120 121 static int 122 test_getnameinfo(cap_channel_t *chan, int family, const char *ip) 123 { 124 125 if (family == AF_INET6) { 126 return (test_getnameinfo_v6(chan, ip)); 127 } 128 129 return (test_getnameinfo_v4(chan, family, ip)); 130 } 131 132 static int 133 test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip) 134 { 135 struct in_addr ipaddr; 136 struct hostent *caphp, *orighp; 137 138 memset(&ipaddr, 0, sizeof(ipaddr)); 139 inet_pton(AF_INET, ip, &ipaddr); 140 141 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family); 142 if (caphp == NULL && h_errno == ENOTCAPABLE) 143 return (ENOTCAPABLE); 144 145 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family); 146 if (orighp == NULL) 147 atf_tc_skip("gethostbyaddr(%s) failed", ip); 148 ATF_REQUIRE(caphp != NULL); 149 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 150 151 return (0); 152 } 153 154 static int 155 test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip) 156 { 157 struct in6_addr ipaddr; 158 struct hostent *caphp, *orighp; 159 160 memset(&ipaddr, 0, sizeof(ipaddr)); 161 inet_pton(AF_INET6, ip, &ipaddr); 162 163 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6); 164 if (caphp == NULL && h_errno == ENOTCAPABLE) 165 return (ENOTCAPABLE); 166 167 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6); 168 if (orighp == NULL) 169 atf_tc_skip("gethostbyaddr(%s) failed", ip); 170 ATF_REQUIRE(caphp != NULL); 171 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 172 173 return (0); 174 } 175 176 static int 177 test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip) 178 { 179 180 if (family == AF_INET6) { 181 return (test_gethostbyaddr_v6(chan, ip)); 182 } else { 183 return (test_gethostbyaddr_v4(chan, family, ip)); 184 } 185 } 186 187 static int 188 test_getaddrinfo(cap_channel_t *chan, int family, const char *domain, 189 const char *servname) 190 { 191 struct addrinfo hints, *capres, *origres, *res0, *res1; 192 bool found; 193 int capret, sysret; 194 195 memset(&hints, 0, sizeof(hints)); 196 hints.ai_family = family; 197 hints.ai_socktype = SOCK_STREAM; 198 199 capret = cap_getaddrinfo(chan, domain, servname, &hints, &capres); 200 if (capret != 0 && capret == ENOTCAPABLE) 201 return (capret); 202 203 sysret = getaddrinfo(domain, servname, &hints, &origres); 204 if (sysret != 0) 205 atf_tc_skip("getaddrinfo(%s) failed: %s", 206 domain, gai_strerror(sysret)); 207 ATF_REQUIRE(capret == 0); 208 209 for (res0 = capres; res0 != NULL; res0 = res0->ai_next) { 210 found = false; 211 for (res1 = origres; res1 != NULL; res1 = res1->ai_next) { 212 if (res1->ai_addrlen == res0->ai_addrlen && 213 memcmp(res1->ai_addr, res0->ai_addr, 214 res0->ai_addrlen) == 0) { 215 found = true; 216 break; 217 } 218 } 219 ATF_REQUIRE(found); 220 } 221 222 freeaddrinfo(capres); 223 freeaddrinfo(origres); 224 return (0); 225 } 226 227 static int 228 test_gethostbyname(cap_channel_t *chan, int family, const char *domain) 229 { 230 struct hostent *caphp, *orighp; 231 232 caphp = cap_gethostbyname2(chan, domain, family); 233 if (caphp == NULL && h_errno == ENOTCAPABLE) 234 return (h_errno); 235 236 orighp = gethostbyname2(domain, family); 237 if (orighp == NULL) 238 atf_tc_skip("gethostbyname2(%s) failed", domain); 239 240 ATF_REQUIRE(caphp != NULL); 241 ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0); 242 return (0); 243 } 244 245 static int 246 test_bind(cap_channel_t *chan, const char *ip) 247 { 248 struct sockaddr_in ipv4; 249 int capfd, ret, serrno; 250 251 capfd = socket(AF_INET, SOCK_STREAM, 0); 252 ATF_REQUIRE(capfd > 0); 253 254 memset(&ipv4, 0, sizeof(ipv4)); 255 ipv4.sin_family = AF_INET; 256 inet_pton(AF_INET, ip, &ipv4.sin_addr); 257 258 ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 259 serrno = errno; 260 close(capfd); 261 262 return (ret < 0 ? serrno : 0); 263 } 264 265 static int 266 test_connect(cap_channel_t *chan, const char *ip, unsigned short port) 267 { 268 struct sockaddr_in ipv4; 269 int capfd, ret, serrno; 270 271 capfd = socket(AF_INET, SOCK_STREAM, 0); 272 ATF_REQUIRE(capfd >= 0); 273 274 memset(&ipv4, 0, sizeof(ipv4)); 275 ipv4.sin_family = AF_INET; 276 ipv4.sin_port = htons(port); 277 inet_pton(AF_INET, ip, &ipv4.sin_addr); 278 279 ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 280 serrno = errno; 281 ATF_REQUIRE(close(capfd) == 0); 282 283 if (ret < 0 && serrno != ENOTCAPABLE) { 284 int sd; 285 286 /* 287 * If the connection failed, it might be because we can't reach 288 * the destination host. To check, try a plain connect() and 289 * see if it fails with the same error. 290 */ 291 sd = socket(AF_INET, SOCK_STREAM, 0); 292 ATF_REQUIRE(sd >= 0); 293 294 memset(&ipv4, 0, sizeof(ipv4)); 295 ipv4.sin_family = AF_INET; 296 ipv4.sin_port = htons(port); 297 inet_pton(AF_INET, ip, &ipv4.sin_addr); 298 ret = connect(sd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 299 ATF_REQUIRE(ret < 0); 300 ATF_REQUIRE_MSG(errno == serrno, "errno %d != serrno %d", 301 errno, serrno); 302 ATF_REQUIRE(close(sd) == 0); 303 atf_tc_skip("connect(%s:%d) failed: %s", 304 ip, port, strerror(serrno)); 305 } 306 307 return (ret < 0 ? serrno : 0); 308 } 309 310 static void 311 test_extend_mode(cap_channel_t *capnet, int current) 312 { 313 cap_net_limit_t *limit; 314 const int rights[] = { 315 CAPNET_ADDR2NAME, 316 CAPNET_NAME2ADDR, 317 CAPNET_DEPRECATED_ADDR2NAME, 318 CAPNET_DEPRECATED_NAME2ADDR, 319 CAPNET_CONNECT, 320 CAPNET_BIND, 321 CAPNET_CONNECTDNS 322 }; 323 size_t i; 324 325 for (i = 0; i < nitems(rights); i++) { 326 if (current == rights[i]) 327 continue; 328 329 limit = cap_net_limit_init(capnet, current | rights[i]); 330 ATF_REQUIRE(limit != NULL); 331 ATF_REQUIRE(cap_net_limit(limit) != 0); 332 } 333 } 334 335 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo); 336 ATF_TC_BODY(capnet__getnameinfo, tc) 337 { 338 cap_channel_t *capnet; 339 340 capnet = create_network_service(); 341 342 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 343 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 344 345 cap_close(capnet); 346 } 347 348 ATF_TC_WITHOUT_HEAD(capnet__connect); 349 ATF_TC_BODY(capnet__connect, tc) 350 { 351 cap_channel_t *capnet; 352 353 capnet = create_network_service(); 354 355 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 356 357 cap_close(capnet); 358 } 359 360 ATF_TC_WITHOUT_HEAD(capnet__bind); 361 ATF_TC_BODY(capnet__bind, tc) 362 { 363 cap_channel_t *capnet; 364 365 capnet = create_network_service(); 366 367 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 368 369 cap_close(capnet); 370 } 371 372 ATF_TC_WITHOUT_HEAD(capnet__getaddrinfo); 373 ATF_TC_BODY(capnet__getaddrinfo, tc) 374 { 375 cap_channel_t *capnet; 376 struct addrinfo hints, *capres; 377 378 capnet = create_network_service(); 379 380 memset(&hints, 0, sizeof(hints)); 381 hints.ai_family = AF_INET; 382 hints.ai_socktype = SOCK_STREAM; 383 384 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 385 0); 386 387 cap_close(capnet); 388 } 389 390 ATF_TC_WITHOUT_HEAD(capnet__gethostbyname); 391 ATF_TC_BODY(capnet__gethostbyname, tc) 392 { 393 cap_channel_t *capnet; 394 395 capnet = create_network_service(); 396 397 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 398 399 cap_close(capnet); 400 } 401 402 ATF_TC_WITHOUT_HEAD(capnet__gethostbyaddr); 403 ATF_TC_BODY(capnet__gethostbyaddr, tc) 404 { 405 cap_channel_t *capnet; 406 407 capnet = create_network_service(); 408 409 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 410 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 411 412 cap_close(capnet); 413 } 414 415 ATF_TC_WITHOUT_HEAD(capnet__getnameinfo_buffer); 416 ATF_TC_BODY(capnet__getnameinfo_buffer, tc) 417 { 418 cap_channel_t *chan; 419 struct sockaddr_in sin; 420 int ret; 421 struct { 422 char host[sizeof(TEST_IPV4)]; 423 char host_canary; 424 char serv[sizeof(TEST_PORT_STR)]; 425 char serv_canary; 426 } buffers; 427 428 memset(&sin, 0, sizeof(sin)); 429 sin.sin_family = AF_INET; 430 sin.sin_port = htons(TEST_PORT); 431 ret = inet_pton(AF_INET, TEST_IPV4, &sin.sin_addr); 432 ATF_REQUIRE_EQ(1, ret); 433 434 memset(&buffers, '!', sizeof(buffers)); 435 436 chan = create_network_service(); 437 ret = cap_getnameinfo(chan, (struct sockaddr *)&sin, sizeof(sin), 438 buffers.host, sizeof(buffers.host), 439 buffers.serv, sizeof(buffers.serv), 440 NI_NUMERICHOST | NI_NUMERICSERV); 441 ATF_REQUIRE_EQ_MSG(0, ret, "%d", ret); 442 443 // Verify that cap_getnameinfo worked with minimally sized buffers. 444 ATF_CHECK_EQ(0, strcmp(TEST_IPV4, buffers.host)); 445 ATF_CHECK_EQ(0, strcmp(TEST_PORT_STR, buffers.serv)); 446 447 // Verify that cap_getnameinfo did not overflow the buffers. 448 ATF_CHECK_EQ('!', buffers.host_canary); 449 ATF_CHECK_EQ('!', buffers.serv_canary); 450 451 cap_close(chan); 452 } 453 454 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_mode); 455 ATF_TC_BODY(capnet__limits_addr2name_mode, tc) 456 { 457 cap_channel_t *capnet; 458 cap_net_limit_t *limit; 459 460 capnet = create_network_service(); 461 462 /* LIMIT */ 463 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 464 ATF_REQUIRE(limit != NULL); 465 ATF_REQUIRE(cap_net_limit(limit) == 0); 466 467 /* ALLOWED */ 468 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 469 470 /* DISALLOWED */ 471 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 472 ENOTCAPABLE); 473 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 474 ENOTCAPABLE); 475 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 476 ENOTCAPABLE); 477 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 478 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 479 480 test_extend_mode(capnet, CAPNET_ADDR2NAME); 481 482 cap_close(capnet); 483 } 484 485 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_family); 486 ATF_TC_BODY(capnet__limits_addr2name_family, tc) 487 { 488 cap_channel_t *capnet; 489 cap_net_limit_t *limit; 490 int family[] = { AF_INET6, AF_INET }; 491 492 capnet = create_network_service(); 493 494 /* Limit to AF_INET6 and AF_INET. */ 495 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 496 ATF_REQUIRE(limit != NULL); 497 cap_net_limit_addr2name_family(limit, family, nitems(family)); 498 ATF_REQUIRE(cap_net_limit(limit) == 0); 499 500 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 501 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 502 503 /* Limit to AF_INET6 and AF_INET. */ 504 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 505 ATF_REQUIRE(limit != NULL); 506 cap_net_limit_addr2name_family(limit, &family[0], 1); 507 cap_net_limit_addr2name_family(limit, &family[1], 1); 508 ATF_REQUIRE(cap_net_limit(limit) == 0); 509 510 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 511 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 512 513 /* Limit to AF_INET6. */ 514 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 515 ATF_REQUIRE(limit != NULL); 516 cap_net_limit_addr2name_family(limit, family, 1); 517 ATF_REQUIRE(cap_net_limit(limit) == 0); 518 519 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 520 ENOTCAPABLE); 521 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 522 523 /* Unable to set empty limits. Empty limits means full access. */ 524 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 525 ATF_REQUIRE(cap_net_limit(limit) != 0); 526 527 cap_close(capnet); 528 } 529 530 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name); 531 ATF_TC_BODY(capnet__limits_addr2name, tc) 532 { 533 cap_channel_t *capnet; 534 cap_net_limit_t *limit; 535 struct sockaddr_in ipaddrv4; 536 struct sockaddr_in6 ipaddrv6; 537 538 capnet = create_network_service(); 539 540 /* Limit to TEST_IPV4 and TEST_IPV6. */ 541 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 542 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 543 544 ipaddrv4.sin_family = AF_INET; 545 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr); 546 547 ipaddrv6.sin6_family = AF_INET6; 548 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr); 549 550 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 551 ATF_REQUIRE(limit != NULL); 552 553 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 554 sizeof(ipaddrv4)); 555 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 556 sizeof(ipaddrv6)); 557 ATF_REQUIRE(cap_net_limit(limit) == 0); 558 559 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 560 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 561 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 562 ENOTCAPABLE); 563 564 /* Limit to AF_INET. */ 565 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 566 ATF_REQUIRE(limit != NULL); 567 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 568 sizeof(ipaddrv4)); 569 ATF_REQUIRE(cap_net_limit(limit) == 0); 570 571 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 572 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 573 ENOTCAPABLE); 574 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 575 ENOTCAPABLE); 576 577 /* Unable to set empty limits. Empty limits means full access. */ 578 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 579 ATF_REQUIRE(cap_net_limit(limit) != 0); 580 581 cap_close(capnet); 582 } 583 584 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_mode); 585 ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc) 586 { 587 cap_channel_t *capnet; 588 cap_net_limit_t *limit; 589 590 capnet = create_network_service(); 591 592 /* LIMIT */ 593 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 594 ATF_REQUIRE(limit != NULL); 595 ATF_REQUIRE(cap_net_limit(limit) == 0); 596 597 /* ALLOWED */ 598 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 599 600 /* DISALLOWED */ 601 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 602 ENOTCAPABLE); 603 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 604 ENOTCAPABLE); 605 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 606 ENOTCAPABLE); 607 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 608 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 609 610 cap_close(capnet); 611 } 612 613 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_family); 614 ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc) 615 { 616 cap_channel_t *capnet; 617 cap_net_limit_t *limit; 618 int family[] = { AF_INET6, AF_INET }; 619 620 capnet = create_network_service(); 621 622 /* Limit to AF_INET6 and AF_INET. */ 623 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 624 ATF_REQUIRE(limit != NULL); 625 cap_net_limit_addr2name_family(limit, family, nitems(family)); 626 ATF_REQUIRE(cap_net_limit(limit) == 0); 627 628 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 629 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 630 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 631 ENOTCAPABLE); 632 633 /* Limit to AF_INET6 and AF_INET. */ 634 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 635 ATF_REQUIRE(limit != NULL); 636 cap_net_limit_addr2name_family(limit, &family[0], 1); 637 cap_net_limit_addr2name_family(limit, &family[1], 1); 638 ATF_REQUIRE(cap_net_limit(limit) == 0); 639 640 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 641 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 642 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 643 ENOTCAPABLE); 644 645 /* Limit to AF_INET6. */ 646 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 647 ATF_REQUIRE(limit != NULL); 648 cap_net_limit_addr2name_family(limit, family, 1); 649 ATF_REQUIRE(cap_net_limit(limit) == 0); 650 651 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 652 ENOTCAPABLE); 653 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 654 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 655 ENOTCAPABLE); 656 657 /* Unable to set empty limits. Empty limits means full access. */ 658 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 659 ATF_REQUIRE(cap_net_limit(limit) != 0); 660 661 cap_close(capnet); 662 } 663 664 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name); 665 ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc) 666 { 667 cap_channel_t *capnet; 668 cap_net_limit_t *limit; 669 struct in_addr ipaddrv4; 670 struct in6_addr ipaddrv6; 671 672 capnet = create_network_service(); 673 674 /* Limit to TEST_IPV4 and TEST_IPV6. */ 675 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 676 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 677 678 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4); 679 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6); 680 681 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 682 ATF_REQUIRE(limit != NULL); 683 684 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 685 sizeof(ipaddrv4)); 686 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 687 sizeof(ipaddrv6)); 688 ATF_REQUIRE(cap_net_limit(limit) == 0); 689 690 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 691 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 692 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 693 ENOTCAPABLE); 694 695 /* Limit to AF_INET. */ 696 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 697 ATF_REQUIRE(limit != NULL); 698 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 699 sizeof(ipaddrv4)); 700 ATF_REQUIRE(cap_net_limit(limit) == 0); 701 702 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 703 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 704 ENOTCAPABLE); 705 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 706 ENOTCAPABLE); 707 708 /* Unable to set empty limits. Empty limits means full access. */ 709 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 710 ATF_REQUIRE(cap_net_limit(limit) != 0); 711 712 cap_close(capnet); 713 } 714 715 716 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_mode); 717 ATF_TC_BODY(capnet__limits_name2addr_mode, tc) 718 { 719 cap_channel_t *capnet; 720 cap_net_limit_t *limit; 721 722 capnet = create_network_service(); 723 724 /* LIMIT */ 725 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 726 ATF_REQUIRE(limit != NULL); 727 ATF_REQUIRE(cap_net_limit(limit) == 0); 728 729 /* ALLOWED */ 730 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 731 0); 732 733 /* DISALLOWED */ 734 ATF_REQUIRE( 735 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 736 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 737 ENOTCAPABLE); 738 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 739 ENOTCAPABLE); 740 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 741 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 742 743 test_extend_mode(capnet, CAPNET_ADDR2NAME); 744 745 cap_close(capnet); 746 } 747 748 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts); 749 ATF_TC_BODY(capnet__limits_name2addr_hosts, tc) 750 { 751 cap_channel_t *capnet; 752 cap_net_limit_t *limit; 753 754 capnet = create_network_service(); 755 756 /* Limit to TEST_DOMAIN_0 and localhost only. */ 757 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 758 ATF_REQUIRE(limit != NULL); 759 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 760 cap_net_limit_name2addr(limit, "localhost", NULL); 761 ATF_REQUIRE(cap_net_limit(limit) == 0); 762 763 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 764 0); 765 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0); 766 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 767 ENOTCAPABLE); 768 769 /* Limit to TEST_DOMAIN_0 only. */ 770 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 771 ATF_REQUIRE(limit != NULL); 772 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 773 ATF_REQUIRE(cap_net_limit(limit) == 0); 774 775 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 776 ENOTCAPABLE); 777 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 778 ENOTCAPABLE); 779 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 780 0); 781 782 /* Unable to set empty limits. Empty limits means full access. */ 783 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 784 ATF_REQUIRE(cap_net_limit(limit) != 0); 785 786 /* Try to extend the limit. */ 787 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 788 ATF_REQUIRE(limit != NULL); 789 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 790 ATF_REQUIRE(cap_net_limit(limit) != 0); 791 792 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 793 ATF_REQUIRE(limit != NULL); 794 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 795 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 796 ATF_REQUIRE(cap_net_limit(limit) != 0); 797 798 cap_close(capnet); 799 } 800 801 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_strict); 802 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc) 803 { 804 cap_channel_t *capnet; 805 cap_net_limit_t *limit; 806 807 capnet = create_network_service(); 808 809 /* 810 * Limit to TEST_DOMAIN_0 and HTTP service. 811 */ 812 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 813 ATF_REQUIRE(limit != NULL); 814 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http"); 815 ATF_REQUIRE(cap_net_limit(limit) == 0); 816 817 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 818 0); 819 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 820 ENOTCAPABLE); 821 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") == 822 ENOTCAPABLE); 823 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 824 ENOTCAPABLE); 825 826 /* Unable to set empty limits. Empty limits means full access. */ 827 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 828 ATF_REQUIRE(cap_net_limit(limit) != 0); 829 830 cap_close(capnet); 831 } 832 833 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_mix); 834 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc) 835 { 836 cap_channel_t *capnet; 837 cap_net_limit_t *limit; 838 839 capnet = create_network_service(); 840 841 /* 842 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with 843 * servname HTTP. 844 */ 845 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 846 ATF_REQUIRE(limit != NULL); 847 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 848 cap_net_limit_name2addr(limit, NULL, "http"); 849 ATF_REQUIRE(cap_net_limit(limit) == 0); 850 851 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 852 0); 853 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 854 0); 855 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 856 0); 857 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 858 0); 859 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 860 ENOTCAPABLE); 861 862 /* Limit to HTTTP servname only. */ 863 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 864 ATF_REQUIRE(limit != NULL); 865 cap_net_limit_name2addr(limit, NULL, "http"); 866 ATF_REQUIRE(cap_net_limit(limit) == 0); 867 868 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 869 0); 870 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 871 ENOTCAPABLE); 872 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 873 0); 874 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 875 ENOTCAPABLE); 876 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 877 ENOTCAPABLE); 878 879 /* Unable to set empty limits. Empty limits means full access. */ 880 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 881 ATF_REQUIRE(cap_net_limit(limit) != 0); 882 883 cap_close(capnet); 884 } 885 886 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_family); 887 ATF_TC_BODY(capnet__limits_name2addr_family, tc) 888 { 889 cap_channel_t *capnet; 890 cap_net_limit_t *limit; 891 int family[] = { AF_INET6, AF_INET }; 892 893 capnet = create_network_service(); 894 895 /* Limit to AF_INET and AF_INET6. */ 896 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 897 ATF_REQUIRE(limit != NULL); 898 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 899 cap_net_limit_name2addr_family(limit, family, nitems(family)); 900 ATF_REQUIRE(cap_net_limit(limit) == 0); 901 902 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 903 0); 904 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 905 0); 906 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 907 ENOTCAPABLE); 908 909 /* Limit to AF_INET and AF_INET6. */ 910 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 911 ATF_REQUIRE(limit != NULL); 912 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 913 cap_net_limit_name2addr_family(limit, &family[0], 1); 914 cap_net_limit_name2addr_family(limit, &family[1], 1); 915 ATF_REQUIRE(cap_net_limit(limit) == 0); 916 917 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 918 0); 919 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 920 0); 921 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 922 ENOTCAPABLE); 923 924 /* Limit to AF_INET6 only. */ 925 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 926 ATF_REQUIRE(limit != NULL); 927 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 928 cap_net_limit_name2addr_family(limit, family, 1); 929 ATF_REQUIRE(cap_net_limit(limit) == 0); 930 931 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 932 ENOTCAPABLE); 933 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 934 0); 935 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 936 ENOTCAPABLE); 937 938 /* Unable to set empty limits. Empty limits means full access. */ 939 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 940 ATF_REQUIRE(cap_net_limit(limit) != 0); 941 942 cap_close(capnet); 943 } 944 945 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_mode); 946 ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc) 947 { 948 cap_channel_t *capnet; 949 cap_net_limit_t *limit; 950 951 capnet = create_network_service(); 952 953 /* LIMIT */ 954 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 955 ATF_REQUIRE(limit != NULL); 956 ATF_REQUIRE(cap_net_limit(limit) == 0); 957 958 /* ALLOWED */ 959 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 960 961 /* DISALLOWED */ 962 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 963 ENOTCAPABLE); 964 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 965 ENOTCAPABLE); 966 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 967 ENOTCAPABLE); 968 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 969 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 970 971 test_extend_mode(capnet, CAPNET_ADDR2NAME); 972 973 cap_close(capnet); 974 } 975 976 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_hosts); 977 ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc) 978 { 979 cap_channel_t *capnet; 980 cap_net_limit_t *limit; 981 982 capnet = create_network_service(); 983 984 /* Limit to TEST_DOMAIN_0 and localhost only. */ 985 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 986 ATF_REQUIRE(limit != NULL); 987 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 988 cap_net_limit_name2addr(limit, "localhost", NULL); 989 ATF_REQUIRE(cap_net_limit(limit) == 0); 990 991 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 992 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0); 993 ATF_REQUIRE( 994 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 995 996 /* Limit to TEST_DOMAIN_0 only. */ 997 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 998 ATF_REQUIRE(limit != NULL); 999 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1000 ATF_REQUIRE(cap_net_limit(limit) == 0); 1001 1002 ATF_REQUIRE( 1003 test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE); 1004 ATF_REQUIRE( 1005 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 1006 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1007 1008 /* Unable to set empty limits. Empty limits means full access. */ 1009 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1010 ATF_REQUIRE(cap_net_limit(limit) != 0); 1011 1012 cap_close(capnet); 1013 } 1014 1015 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_family); 1016 ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc) 1017 { 1018 cap_channel_t *capnet; 1019 cap_net_limit_t *limit; 1020 int family[] = { AF_INET6, AF_INET }; 1021 1022 capnet = create_network_service(); 1023 1024 /* Limit to AF_INET and AF_INET6. */ 1025 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1026 ATF_REQUIRE(limit != NULL); 1027 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1028 cap_net_limit_name2addr_family(limit, family, nitems(family)); 1029 ATF_REQUIRE(cap_net_limit(limit) == 0); 1030 1031 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1032 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1033 ATF_REQUIRE( 1034 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1035 1036 /* Limit to AF_INET and AF_INET6. */ 1037 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1038 ATF_REQUIRE(limit != NULL); 1039 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1040 cap_net_limit_name2addr_family(limit, &family[0], 1); 1041 cap_net_limit_name2addr_family(limit, &family[1], 1); 1042 ATF_REQUIRE(cap_net_limit(limit) == 0); 1043 1044 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1045 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1046 ATF_REQUIRE( 1047 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1048 1049 /* Limit to AF_INET6 only. */ 1050 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1051 ATF_REQUIRE(limit != NULL); 1052 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1053 cap_net_limit_name2addr_family(limit, family, 1); 1054 ATF_REQUIRE(cap_net_limit(limit) == 0); 1055 1056 ATF_REQUIRE( 1057 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1058 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1059 ATF_REQUIRE( 1060 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1061 1062 /* Unable to set empty limits. Empty limits means full access. */ 1063 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1064 ATF_REQUIRE(cap_net_limit(limit) != 0); 1065 1066 cap_close(capnet); 1067 } 1068 1069 ATF_TC_WITHOUT_HEAD(capnet__limits_bind_mode); 1070 ATF_TC_BODY(capnet__limits_bind_mode, tc) 1071 { 1072 cap_channel_t *capnet; 1073 cap_net_limit_t *limit; 1074 1075 capnet = create_network_service(); 1076 1077 /* LIMIT */ 1078 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1079 ATF_REQUIRE(limit != NULL); 1080 ATF_REQUIRE(cap_net_limit(limit) == 0); 1081 1082 /* ALLOWED */ 1083 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1084 1085 /* DISALLOWED */ 1086 ATF_REQUIRE( 1087 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1088 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1089 ENOTCAPABLE); 1090 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1091 ENOTCAPABLE); 1092 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1093 ENOTCAPABLE); 1094 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 1095 1096 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1097 1098 cap_close(capnet); 1099 } 1100 1101 ATF_TC_WITHOUT_HEAD(capnet__limits_bind); 1102 ATF_TC_BODY(capnet__limits_bind, tc) 1103 { 1104 cap_channel_t *capnet; 1105 cap_net_limit_t *limit; 1106 struct sockaddr_in ipv4; 1107 1108 capnet = create_network_service(); 1109 1110 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1111 ATF_REQUIRE(limit != NULL); 1112 1113 memset(&ipv4, 0, sizeof(ipv4)); 1114 ipv4.sin_family = AF_INET; 1115 inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr); 1116 1117 cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1118 ATF_REQUIRE(cap_net_limit(limit) == 0); 1119 1120 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1121 ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); 1122 1123 cap_close(capnet); 1124 } 1125 1126 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_mode); 1127 ATF_TC_BODY(capnet__limits_connect_mode, tc) 1128 { 1129 cap_channel_t *capnet; 1130 cap_net_limit_t *limit; 1131 1132 capnet = create_network_service(); 1133 1134 /* LIMIT */ 1135 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1136 ATF_REQUIRE(limit != NULL); 1137 ATF_REQUIRE(cap_net_limit(limit) == 0); 1138 1139 /* ALLOWED */ 1140 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1141 1142 /* DISALLOWED */ 1143 ATF_REQUIRE( 1144 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1145 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1146 ENOTCAPABLE); 1147 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1148 ENOTCAPABLE); 1149 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1150 ENOTCAPABLE); 1151 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1152 1153 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1154 1155 cap_close(capnet); 1156 } 1157 1158 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_dns_mode); 1159 ATF_TC_BODY(capnet__limits_connect_dns_mode, tc) 1160 { 1161 cap_channel_t *capnet; 1162 cap_net_limit_t *limit; 1163 1164 capnet = create_network_service(); 1165 1166 /* LIMIT */ 1167 limit = cap_net_limit_init(capnet, CAPNET_CONNECT | CAPNET_CONNECTDNS); 1168 ATF_REQUIRE(limit != NULL); 1169 ATF_REQUIRE(cap_net_limit(limit) == 0); 1170 1171 /* ALLOWED */ 1172 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1173 1174 /* DISALLOWED */ 1175 ATF_REQUIRE( 1176 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1177 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1178 ENOTCAPABLE); 1179 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1180 ENOTCAPABLE); 1181 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1182 ENOTCAPABLE); 1183 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1184 1185 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1186 1187 cap_close(capnet); 1188 } 1189 1190 ATF_TC_WITHOUT_HEAD(capnet__limits_connect); 1191 ATF_TC_BODY(capnet__limits_connect, tc) 1192 { 1193 cap_channel_t *capnet; 1194 cap_net_limit_t *limit; 1195 struct sockaddr_in ipv4; 1196 1197 capnet = create_network_service(); 1198 1199 /* Limit only to TEST_IPV4 on port 80 and 443. */ 1200 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1201 ATF_REQUIRE(limit != NULL); 1202 memset(&ipv4, 0, sizeof(ipv4)); 1203 ipv4.sin_family = AF_INET; 1204 ipv4.sin_port = htons(80); 1205 inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr); 1206 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1207 1208 ipv4.sin_port = htons(443); 1209 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1210 ATF_REQUIRE(cap_net_limit(limit) == 0); 1211 1212 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1213 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1214 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1215 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1216 1217 /* Limit only to TEST_IPV4 on port 443. */ 1218 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1219 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1220 ATF_REQUIRE(cap_net_limit(limit) == 0); 1221 1222 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE); 1223 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1224 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1225 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1226 1227 /* Unable to set empty limits. Empty limits means full access. */ 1228 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1229 ATF_REQUIRE(cap_net_limit(limit) != 0); 1230 1231 cap_close(capnet); 1232 } 1233 1234 ATF_TC_WITHOUT_HEAD(capnet__limits_connecttodns); 1235 ATF_TC_BODY(capnet__limits_connecttodns, tc) 1236 { 1237 cap_channel_t *capnet; 1238 cap_net_limit_t *limit; 1239 struct addrinfo hints, *capres, *res; 1240 int family[] = { AF_INET }; 1241 int error; 1242 1243 capnet = create_network_service(); 1244 1245 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1246 CAPNET_NAME2ADDR); 1247 ATF_REQUIRE(limit != NULL); 1248 cap_net_limit_name2addr(limit, TEST_IPV4, "80"); 1249 cap_net_limit_name2addr_family(limit, family, 1); 1250 ATF_REQUIRE(cap_net_limit(limit) == 0); 1251 1252 memset(&hints, 0, sizeof(hints)); 1253 hints.ai_family = AF_INET; 1254 hints.ai_socktype = SOCK_STREAM; 1255 1256 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1257 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 1258 0); 1259 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1260 1261 for (res = capres; res != NULL; res = res->ai_next) { 1262 int s; 1263 1264 ATF_REQUIRE(res->ai_family == AF_INET); 1265 ATF_REQUIRE(res->ai_socktype == SOCK_STREAM); 1266 1267 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 1268 ATF_REQUIRE(s >= 0); 1269 1270 error = cap_connect(capnet, s, res->ai_addr, 1271 res->ai_addrlen); 1272 if (error != 0 && errno != ENOTCAPABLE) 1273 atf_tc_skip("unable to connect: %s", strerror(errno)); 1274 ATF_REQUIRE(error == 0); 1275 ATF_REQUIRE(close(s) == 0); 1276 } 1277 1278 freeaddrinfo(capres); 1279 cap_close(capnet); 1280 } 1281 1282 1283 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_connecttodns); 1284 ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc) 1285 { 1286 cap_channel_t *capnet; 1287 cap_net_limit_t *limit; 1288 struct hostent *caphp; 1289 struct in_addr ipaddr; 1290 struct sockaddr_in connaddr; 1291 int family[] = { AF_INET }; 1292 int error, i; 1293 1294 capnet = create_network_service(); 1295 1296 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1297 CAPNET_DEPRECATED_NAME2ADDR); 1298 ATF_REQUIRE(limit != NULL); 1299 cap_net_limit_name2addr(limit, TEST_IPV4, NULL); 1300 cap_net_limit_name2addr_family(limit, family, 1); 1301 ATF_REQUIRE(cap_net_limit(limit) == 0); 1302 1303 memset(&ipaddr, 0, sizeof(ipaddr)); 1304 inet_pton(AF_INET, TEST_IPV4, &ipaddr); 1305 1306 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1307 caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET); 1308 ATF_REQUIRE(caphp != NULL); 1309 ATF_REQUIRE(caphp->h_addrtype == AF_INET); 1310 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1311 1312 for (i = 0; caphp->h_addr_list[i] != NULL; i++) { 1313 int s; 1314 1315 s = socket(AF_INET, SOCK_STREAM, 0); 1316 ATF_REQUIRE(s >= 0); 1317 1318 memset(&connaddr, 0, sizeof(connaddr)); 1319 connaddr.sin_family = AF_INET; 1320 memcpy((char *)&connaddr.sin_addr.s_addr, 1321 (char *)caphp->h_addr_list[i], caphp->h_length); 1322 connaddr.sin_port = htons(80); 1323 1324 error = cap_connect(capnet, s, (struct sockaddr *)&connaddr, 1325 sizeof(connaddr)); 1326 if (error != 0 && errno != ENOTCAPABLE) 1327 atf_tc_skip("unable to connect: %s", strerror(errno)); 1328 ATF_REQUIRE(error == 0); 1329 ATF_REQUIRE(close(s) == 0); 1330 } 1331 1332 cap_close(capnet); 1333 } 1334 1335 ATF_TP_ADD_TCS(tp) 1336 { 1337 1338 ATF_TP_ADD_TC(tp, capnet__connect); 1339 ATF_TP_ADD_TC(tp, capnet__bind); 1340 ATF_TP_ADD_TC(tp, capnet__getnameinfo); 1341 ATF_TP_ADD_TC(tp, capnet__getaddrinfo); 1342 ATF_TP_ADD_TC(tp, capnet__gethostbyname); 1343 ATF_TP_ADD_TC(tp, capnet__gethostbyaddr); 1344 1345 ATF_TP_ADD_TC(tp, capnet__getnameinfo_buffer); 1346 1347 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode); 1348 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family); 1349 ATF_TP_ADD_TC(tp, capnet__limits_addr2name); 1350 1351 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode); 1352 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family); 1353 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name); 1354 1355 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode); 1356 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts); 1357 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict); 1358 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix); 1359 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family); 1360 1361 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode); 1362 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts); 1363 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family); 1364 1365 ATF_TP_ADD_TC(tp, capnet__limits_bind_mode); 1366 ATF_TP_ADD_TC(tp, capnet__limits_bind); 1367 1368 ATF_TP_ADD_TC(tp, capnet__limits_connect_mode); 1369 ATF_TP_ADD_TC(tp, capnet__limits_connect_dns_mode); 1370 ATF_TP_ADD_TC(tp, capnet__limits_connect); 1371 1372 ATF_TP_ADD_TC(tp, capnet__limits_connecttodns); 1373 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns); 1374 1375 return (atf_no_error()); 1376 } 1377