1 /*- 2 * Copyright (c) 2020 Mariusz Zaborski <oshogbo@FreeBSD.org> 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 14 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 15 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 23 * POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include <sys/param.h> 27 #include <sys/socket.h> 28 #include <netinet/in.h> 29 #include <arpa/inet.h> 30 31 #include <errno.h> 32 #include <netdb.h> 33 34 #include <atf-c.h> 35 36 #include <libcasper.h> 37 #include <casper/cap_net.h> 38 39 #define TEST_DOMAIN_0 "example.com" 40 #define TEST_DOMAIN_1 "freebsd.org" 41 #define TEST_IPV4 "1.1.1.1" 42 #define TEST_IPV6 "2001:4860:4860::8888" 43 #define TEST_BIND_IPV4 "127.0.0.1" 44 #define TEST_PORT 80 45 #define TEST_PORT_STR "80" 46 47 static cap_channel_t * 48 create_network_service(void) 49 { 50 cap_channel_t *capcas, *capnet; 51 52 capcas = cap_init(); 53 ATF_REQUIRE(capcas != NULL); 54 55 capnet = cap_service_open(capcas, "system.net"); 56 ATF_REQUIRE(capnet != NULL); 57 58 cap_close(capcas); 59 return (capnet); 60 } 61 62 static int 63 test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip) 64 { 65 struct sockaddr_in ipaddr; 66 char capfn[MAXHOSTNAMELEN]; 67 char origfn[MAXHOSTNAMELEN]; 68 int capret, sysret; 69 70 memset(&ipaddr, 0, sizeof(ipaddr)); 71 ipaddr.sin_family = family; 72 inet_pton(family, ip, &ipaddr.sin_addr); 73 74 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 75 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 76 if (capret != 0 && capret == ENOTCAPABLE) 77 return (ENOTCAPABLE); 78 79 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 80 sizeof(origfn), NULL, 0, NI_NAMEREQD); 81 if (sysret != 0) { 82 atf_tc_skip("getnameinfo(%s) failed: %s", 83 ip, gai_strerror(sysret)); 84 } 85 ATF_REQUIRE(capret == 0); 86 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 87 88 return (0); 89 } 90 91 static int 92 test_getnameinfo_v6(cap_channel_t *chan, const char *ip) 93 { 94 struct sockaddr_in6 ipaddr; 95 char capfn[MAXHOSTNAMELEN]; 96 char origfn[MAXHOSTNAMELEN]; 97 int capret, sysret; 98 99 memset(&ipaddr, 0, sizeof(ipaddr)); 100 ipaddr.sin6_family = AF_INET6; 101 inet_pton(AF_INET6, ip, &ipaddr.sin6_addr); 102 103 capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 104 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 105 if (capret != 0 && capret == ENOTCAPABLE) 106 return (ENOTCAPABLE); 107 108 sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 109 sizeof(origfn), NULL, 0, NI_NAMEREQD); 110 if (sysret != 0) { 111 atf_tc_skip("getnameinfo(%s) failed: %s", 112 ip, gai_strerror(sysret)); 113 } 114 ATF_REQUIRE(capret == 0); 115 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 116 117 return (0); 118 } 119 120 static int 121 test_getnameinfo(cap_channel_t *chan, int family, const char *ip) 122 { 123 124 if (family == AF_INET6) { 125 return (test_getnameinfo_v6(chan, ip)); 126 } 127 128 return (test_getnameinfo_v4(chan, family, ip)); 129 } 130 131 static int 132 test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip) 133 { 134 struct in_addr ipaddr; 135 struct hostent *caphp, *orighp; 136 137 memset(&ipaddr, 0, sizeof(ipaddr)); 138 inet_pton(AF_INET, ip, &ipaddr); 139 140 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family); 141 if (caphp == NULL && h_errno == ENOTCAPABLE) 142 return (ENOTCAPABLE); 143 144 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family); 145 if (orighp == NULL) 146 atf_tc_skip("gethostbyaddr(%s) failed", ip); 147 ATF_REQUIRE(caphp != NULL); 148 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 149 150 return (0); 151 } 152 153 static int 154 test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip) 155 { 156 struct in6_addr ipaddr; 157 struct hostent *caphp, *orighp; 158 159 memset(&ipaddr, 0, sizeof(ipaddr)); 160 inet_pton(AF_INET6, ip, &ipaddr); 161 162 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6); 163 if (caphp == NULL && h_errno == ENOTCAPABLE) 164 return (ENOTCAPABLE); 165 166 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6); 167 if (orighp == NULL) 168 atf_tc_skip("gethostbyaddr(%s) failed", ip); 169 ATF_REQUIRE(caphp != NULL); 170 ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0); 171 172 return (0); 173 } 174 175 static int 176 test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip) 177 { 178 179 if (family == AF_INET6) { 180 return (test_gethostbyaddr_v6(chan, ip)); 181 } else { 182 return (test_gethostbyaddr_v4(chan, family, ip)); 183 } 184 } 185 186 static int 187 test_getaddrinfo(cap_channel_t *chan, int family, const char *domain, 188 const char *servname) 189 { 190 struct addrinfo hints, *capres, *origres, *res0, *res1; 191 bool found; 192 int capret, sysret; 193 194 memset(&hints, 0, sizeof(hints)); 195 hints.ai_family = family; 196 hints.ai_socktype = SOCK_STREAM; 197 198 capret = cap_getaddrinfo(chan, domain, servname, &hints, &capres); 199 if (capret != 0 && capret == ENOTCAPABLE) 200 return (capret); 201 202 sysret = getaddrinfo(domain, servname, &hints, &origres); 203 if (sysret != 0) 204 atf_tc_skip("getaddrinfo(%s) failed: %s", 205 domain, gai_strerror(sysret)); 206 ATF_REQUIRE(capret == 0); 207 208 for (res0 = capres; res0 != NULL; res0 = res0->ai_next) { 209 found = false; 210 for (res1 = origres; res1 != NULL; res1 = res1->ai_next) { 211 if (res1->ai_addrlen == res0->ai_addrlen && 212 memcmp(res1->ai_addr, res0->ai_addr, 213 res0->ai_addrlen) == 0) { 214 found = true; 215 break; 216 } 217 } 218 ATF_REQUIRE(found); 219 } 220 221 freeaddrinfo(capres); 222 freeaddrinfo(origres); 223 return (0); 224 } 225 226 static int 227 test_gethostbyname(cap_channel_t *chan, int family, const char *domain) 228 { 229 struct hostent *caphp, *orighp; 230 231 caphp = cap_gethostbyname2(chan, domain, family); 232 if (caphp == NULL && h_errno == ENOTCAPABLE) 233 return (h_errno); 234 235 orighp = gethostbyname2(domain, family); 236 if (orighp == NULL) 237 atf_tc_skip("gethostbyname2(%s) failed", domain); 238 239 ATF_REQUIRE(caphp != NULL); 240 ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0); 241 return (0); 242 } 243 244 static int 245 test_bind(cap_channel_t *chan, const char *ip) 246 { 247 struct sockaddr_in ipv4; 248 int capfd, ret, serrno; 249 250 capfd = socket(AF_INET, SOCK_STREAM, 0); 251 ATF_REQUIRE(capfd > 0); 252 253 memset(&ipv4, 0, sizeof(ipv4)); 254 ipv4.sin_family = AF_INET; 255 inet_pton(AF_INET, ip, &ipv4.sin_addr); 256 257 ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 258 serrno = errno; 259 close(capfd); 260 261 return (ret < 0 ? serrno : 0); 262 } 263 264 static int 265 test_connect(cap_channel_t *chan, const char *ip, unsigned short port) 266 { 267 struct sockaddr_in ipv4; 268 int capfd, ret, serrno; 269 270 capfd = socket(AF_INET, SOCK_STREAM, 0); 271 ATF_REQUIRE(capfd >= 0); 272 273 memset(&ipv4, 0, sizeof(ipv4)); 274 ipv4.sin_family = AF_INET; 275 ipv4.sin_port = htons(port); 276 inet_pton(AF_INET, ip, &ipv4.sin_addr); 277 278 ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 279 serrno = errno; 280 ATF_REQUIRE(close(capfd) == 0); 281 282 if (ret < 0 && serrno != ENOTCAPABLE) { 283 int sd; 284 285 /* 286 * If the connection failed, it might be because we can't reach 287 * the destination host. To check, try a plain connect() and 288 * see if it fails with the same error. 289 */ 290 sd = socket(AF_INET, SOCK_STREAM, 0); 291 ATF_REQUIRE(sd >= 0); 292 293 memset(&ipv4, 0, sizeof(ipv4)); 294 ipv4.sin_family = AF_INET; 295 ipv4.sin_port = htons(port); 296 inet_pton(AF_INET, ip, &ipv4.sin_addr); 297 ret = connect(sd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 298 ATF_REQUIRE(ret < 0); 299 ATF_REQUIRE_MSG(errno == serrno, "errno %d != serrno %d", 300 errno, serrno); 301 ATF_REQUIRE(close(sd) == 0); 302 atf_tc_skip("connect(%s:%d) failed: %s", 303 ip, port, strerror(serrno)); 304 } 305 306 return (ret < 0 ? serrno : 0); 307 } 308 309 static void 310 test_extend_mode(cap_channel_t *capnet, int current) 311 { 312 cap_net_limit_t *limit; 313 const int rights[] = { 314 CAPNET_ADDR2NAME, 315 CAPNET_NAME2ADDR, 316 CAPNET_DEPRECATED_ADDR2NAME, 317 CAPNET_DEPRECATED_NAME2ADDR, 318 CAPNET_CONNECT, 319 CAPNET_BIND, 320 CAPNET_CONNECTDNS 321 }; 322 size_t i; 323 324 for (i = 0; i < nitems(rights); i++) { 325 if (current == rights[i]) 326 continue; 327 328 limit = cap_net_limit_init(capnet, current | rights[i]); 329 ATF_REQUIRE(limit != NULL); 330 ATF_REQUIRE(cap_net_limit(limit) != 0); 331 } 332 } 333 334 ATF_TC(capnet__getnameinfo); 335 ATF_TC_HEAD(capnet__getnameinfo, tc) 336 { 337 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 338 } 339 ATF_TC_BODY(capnet__getnameinfo, tc) 340 { 341 cap_channel_t *capnet; 342 343 capnet = create_network_service(); 344 345 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 346 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 347 348 cap_close(capnet); 349 } 350 351 ATF_TC(capnet__connect); 352 ATF_TC_HEAD(capnet__connect, tc) 353 { 354 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 355 } 356 ATF_TC_BODY(capnet__connect, tc) 357 { 358 cap_channel_t *capnet; 359 360 capnet = create_network_service(); 361 362 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 363 364 cap_close(capnet); 365 } 366 367 ATF_TC(capnet__bind); 368 ATF_TC_HEAD(capnet__bind, tc) 369 { 370 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 371 } 372 ATF_TC_BODY(capnet__bind, tc) 373 { 374 cap_channel_t *capnet; 375 376 capnet = create_network_service(); 377 378 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 379 380 cap_close(capnet); 381 } 382 383 ATF_TC(capnet__getaddrinfo); 384 ATF_TC_HEAD(capnet__getaddrinfo, tc) 385 { 386 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 387 } 388 ATF_TC_BODY(capnet__getaddrinfo, tc) 389 { 390 cap_channel_t *capnet; 391 struct addrinfo hints, *capres; 392 393 capnet = create_network_service(); 394 395 memset(&hints, 0, sizeof(hints)); 396 hints.ai_family = AF_INET; 397 hints.ai_socktype = SOCK_STREAM; 398 399 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 400 0); 401 402 cap_close(capnet); 403 } 404 405 ATF_TC(capnet__gethostbyname); 406 ATF_TC_HEAD(capnet__gethostbyname, tc) 407 { 408 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 409 } 410 ATF_TC_BODY(capnet__gethostbyname, tc) 411 { 412 cap_channel_t *capnet; 413 414 capnet = create_network_service(); 415 416 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 417 418 cap_close(capnet); 419 } 420 421 ATF_TC(capnet__gethostbyaddr); 422 ATF_TC_HEAD(capnet__gethostbyaddr, tc) 423 { 424 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 425 } 426 ATF_TC_BODY(capnet__gethostbyaddr, tc) 427 { 428 cap_channel_t *capnet; 429 430 capnet = create_network_service(); 431 432 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 433 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 434 435 cap_close(capnet); 436 } 437 438 ATF_TC(capnet__getnameinfo_buffer); 439 ATF_TC_HEAD(capnet__getnameinfo_buffer, tc) 440 { 441 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 442 } 443 ATF_TC_BODY(capnet__getnameinfo_buffer, tc) 444 { 445 cap_channel_t *chan; 446 struct sockaddr_in sin; 447 int ret; 448 struct { 449 char host[sizeof(TEST_IPV4)]; 450 char host_canary; 451 char serv[sizeof(TEST_PORT_STR)]; 452 char serv_canary; 453 } buffers; 454 455 memset(&sin, 0, sizeof(sin)); 456 sin.sin_family = AF_INET; 457 sin.sin_port = htons(TEST_PORT); 458 ret = inet_pton(AF_INET, TEST_IPV4, &sin.sin_addr); 459 ATF_REQUIRE_EQ(1, ret); 460 461 memset(&buffers, '!', sizeof(buffers)); 462 463 chan = create_network_service(); 464 ret = cap_getnameinfo(chan, (struct sockaddr *)&sin, sizeof(sin), 465 buffers.host, sizeof(buffers.host), 466 buffers.serv, sizeof(buffers.serv), 467 NI_NUMERICHOST | NI_NUMERICSERV); 468 ATF_REQUIRE_EQ_MSG(0, ret, "%d", ret); 469 470 // Verify that cap_getnameinfo worked with minimally sized buffers. 471 ATF_CHECK_EQ(0, strcmp(TEST_IPV4, buffers.host)); 472 ATF_CHECK_EQ(0, strcmp(TEST_PORT_STR, buffers.serv)); 473 474 // Verify that cap_getnameinfo did not overflow the buffers. 475 ATF_CHECK_EQ('!', buffers.host_canary); 476 ATF_CHECK_EQ('!', buffers.serv_canary); 477 478 cap_close(chan); 479 } 480 481 ATF_TC(capnet__limits_addr2name_mode); 482 ATF_TC_HEAD(capnet__limits_addr2name_mode, tc) 483 { 484 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 485 } 486 ATF_TC_BODY(capnet__limits_addr2name_mode, tc) 487 { 488 cap_channel_t *capnet; 489 cap_net_limit_t *limit; 490 491 capnet = create_network_service(); 492 493 /* LIMIT */ 494 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 495 ATF_REQUIRE(limit != NULL); 496 ATF_REQUIRE(cap_net_limit(limit) == 0); 497 498 /* ALLOWED */ 499 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 500 501 /* DISALLOWED */ 502 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 503 ENOTCAPABLE); 504 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 505 ENOTCAPABLE); 506 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 507 ENOTCAPABLE); 508 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 509 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 510 511 test_extend_mode(capnet, CAPNET_ADDR2NAME); 512 513 cap_close(capnet); 514 } 515 516 ATF_TC(capnet__limits_addr2name_family); 517 ATF_TC_HEAD(capnet__limits_addr2name_family, tc) 518 { 519 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 520 } 521 ATF_TC_BODY(capnet__limits_addr2name_family, tc) 522 { 523 cap_channel_t *capnet; 524 cap_net_limit_t *limit; 525 int family[] = { AF_INET6, AF_INET }; 526 527 capnet = create_network_service(); 528 529 /* Limit to AF_INET6 and AF_INET. */ 530 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 531 ATF_REQUIRE(limit != NULL); 532 cap_net_limit_addr2name_family(limit, family, nitems(family)); 533 ATF_REQUIRE(cap_net_limit(limit) == 0); 534 535 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 536 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 537 538 /* Limit to AF_INET6 and AF_INET. */ 539 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 540 ATF_REQUIRE(limit != NULL); 541 cap_net_limit_addr2name_family(limit, &family[0], 1); 542 cap_net_limit_addr2name_family(limit, &family[1], 1); 543 ATF_REQUIRE(cap_net_limit(limit) == 0); 544 545 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 546 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 547 548 /* Limit to AF_INET6. */ 549 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 550 ATF_REQUIRE(limit != NULL); 551 cap_net_limit_addr2name_family(limit, family, 1); 552 ATF_REQUIRE(cap_net_limit(limit) == 0); 553 554 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 555 ENOTCAPABLE); 556 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 557 558 /* Unable to set empty limits. Empty limits means full access. */ 559 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 560 ATF_REQUIRE(cap_net_limit(limit) != 0); 561 562 cap_close(capnet); 563 } 564 565 ATF_TC(capnet__limits_addr2name); 566 ATF_TC_HEAD(capnet__limits_addr2name, tc) 567 { 568 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 569 } 570 ATF_TC_BODY(capnet__limits_addr2name, tc) 571 { 572 cap_channel_t *capnet; 573 cap_net_limit_t *limit; 574 struct sockaddr_in ipaddrv4; 575 struct sockaddr_in6 ipaddrv6; 576 577 capnet = create_network_service(); 578 579 /* Limit to TEST_IPV4 and TEST_IPV6. */ 580 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 581 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 582 583 ipaddrv4.sin_family = AF_INET; 584 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr); 585 586 ipaddrv6.sin6_family = AF_INET6; 587 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr); 588 589 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 590 ATF_REQUIRE(limit != NULL); 591 592 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 593 sizeof(ipaddrv4)); 594 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 595 sizeof(ipaddrv6)); 596 ATF_REQUIRE(cap_net_limit(limit) == 0); 597 598 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 599 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 600 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 601 ENOTCAPABLE); 602 603 /* Limit to AF_INET. */ 604 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 605 ATF_REQUIRE(limit != NULL); 606 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 607 sizeof(ipaddrv4)); 608 ATF_REQUIRE(cap_net_limit(limit) == 0); 609 610 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 611 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 612 ENOTCAPABLE); 613 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 614 ENOTCAPABLE); 615 616 /* Unable to set empty limits. Empty limits means full access. */ 617 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 618 ATF_REQUIRE(cap_net_limit(limit) != 0); 619 620 cap_close(capnet); 621 } 622 623 ATF_TC(capnet__limits_deprecated_addr2name_mode); 624 ATF_TC_HEAD(capnet__limits_deprecated_addr2name_mode, tc) 625 { 626 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 627 } 628 ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc) 629 { 630 cap_channel_t *capnet; 631 cap_net_limit_t *limit; 632 633 capnet = create_network_service(); 634 635 /* LIMIT */ 636 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 637 ATF_REQUIRE(limit != NULL); 638 ATF_REQUIRE(cap_net_limit(limit) == 0); 639 640 /* ALLOWED */ 641 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 642 643 /* DISALLOWED */ 644 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 645 ENOTCAPABLE); 646 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 647 ENOTCAPABLE); 648 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 649 ENOTCAPABLE); 650 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 651 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 652 653 cap_close(capnet); 654 } 655 656 ATF_TC(capnet__limits_deprecated_addr2name_family); 657 ATF_TC_HEAD(capnet__limits_deprecated_addr2name_family, tc) 658 { 659 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 660 } 661 ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc) 662 { 663 cap_channel_t *capnet; 664 cap_net_limit_t *limit; 665 int family[] = { AF_INET6, AF_INET }; 666 667 capnet = create_network_service(); 668 669 /* Limit to AF_INET6 and AF_INET. */ 670 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 671 ATF_REQUIRE(limit != NULL); 672 cap_net_limit_addr2name_family(limit, family, nitems(family)); 673 ATF_REQUIRE(cap_net_limit(limit) == 0); 674 675 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 676 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 677 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 678 ENOTCAPABLE); 679 680 /* Limit to AF_INET6 and AF_INET. */ 681 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 682 ATF_REQUIRE(limit != NULL); 683 cap_net_limit_addr2name_family(limit, &family[0], 1); 684 cap_net_limit_addr2name_family(limit, &family[1], 1); 685 ATF_REQUIRE(cap_net_limit(limit) == 0); 686 687 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 688 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 689 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 690 ENOTCAPABLE); 691 692 /* Limit to AF_INET6. */ 693 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 694 ATF_REQUIRE(limit != NULL); 695 cap_net_limit_addr2name_family(limit, family, 1); 696 ATF_REQUIRE(cap_net_limit(limit) == 0); 697 698 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 699 ENOTCAPABLE); 700 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 701 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 702 ENOTCAPABLE); 703 704 /* Unable to set empty limits. Empty limits means full access. */ 705 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 706 ATF_REQUIRE(cap_net_limit(limit) != 0); 707 708 cap_close(capnet); 709 } 710 711 ATF_TC(capnet__limits_deprecated_addr2name); 712 ATF_TC_HEAD(capnet__limits_deprecated_addr2name, tc) 713 { 714 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 715 } 716 ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc) 717 { 718 cap_channel_t *capnet; 719 cap_net_limit_t *limit; 720 struct in_addr ipaddrv4; 721 struct in6_addr ipaddrv6; 722 723 capnet = create_network_service(); 724 725 /* Limit to TEST_IPV4 and TEST_IPV6. */ 726 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 727 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 728 729 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4); 730 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6); 731 732 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 733 ATF_REQUIRE(limit != NULL); 734 735 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 736 sizeof(ipaddrv4)); 737 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 738 sizeof(ipaddrv6)); 739 ATF_REQUIRE(cap_net_limit(limit) == 0); 740 741 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 742 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 743 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 744 ENOTCAPABLE); 745 746 /* Limit to AF_INET. */ 747 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 748 ATF_REQUIRE(limit != NULL); 749 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 750 sizeof(ipaddrv4)); 751 ATF_REQUIRE(cap_net_limit(limit) == 0); 752 753 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 754 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 755 ENOTCAPABLE); 756 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 757 ENOTCAPABLE); 758 759 /* Unable to set empty limits. Empty limits means full access. */ 760 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 761 ATF_REQUIRE(cap_net_limit(limit) != 0); 762 763 cap_close(capnet); 764 } 765 766 767 ATF_TC(capnet__limits_name2addr_mode); 768 ATF_TC_HEAD(capnet__limits_name2addr_mode, tc) 769 { 770 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 771 } 772 ATF_TC_BODY(capnet__limits_name2addr_mode, tc) 773 { 774 cap_channel_t *capnet; 775 cap_net_limit_t *limit; 776 777 capnet = create_network_service(); 778 779 /* LIMIT */ 780 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 781 ATF_REQUIRE(limit != NULL); 782 ATF_REQUIRE(cap_net_limit(limit) == 0); 783 784 /* ALLOWED */ 785 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 786 0); 787 788 /* DISALLOWED */ 789 ATF_REQUIRE( 790 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 791 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 792 ENOTCAPABLE); 793 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 794 ENOTCAPABLE); 795 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 796 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 797 798 test_extend_mode(capnet, CAPNET_ADDR2NAME); 799 800 cap_close(capnet); 801 } 802 803 ATF_TC(capnet__limits_name2addr_hosts); 804 ATF_TC_HEAD(capnet__limits_name2addr_hosts, tc) 805 { 806 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 807 } 808 ATF_TC_BODY(capnet__limits_name2addr_hosts, tc) 809 { 810 cap_channel_t *capnet; 811 cap_net_limit_t *limit; 812 813 capnet = create_network_service(); 814 815 /* Limit to TEST_DOMAIN_0 and localhost only. */ 816 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 817 ATF_REQUIRE(limit != NULL); 818 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 819 cap_net_limit_name2addr(limit, "localhost", NULL); 820 ATF_REQUIRE(cap_net_limit(limit) == 0); 821 822 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 823 0); 824 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0); 825 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 826 ENOTCAPABLE); 827 828 /* Limit to TEST_DOMAIN_0 only. */ 829 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 830 ATF_REQUIRE(limit != NULL); 831 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 832 ATF_REQUIRE(cap_net_limit(limit) == 0); 833 834 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 835 ENOTCAPABLE); 836 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 837 ENOTCAPABLE); 838 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 839 0); 840 841 /* Unable to set empty limits. Empty limits means full access. */ 842 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 843 ATF_REQUIRE(cap_net_limit(limit) != 0); 844 845 /* Try to extend the limit. */ 846 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 847 ATF_REQUIRE(limit != NULL); 848 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 849 ATF_REQUIRE(cap_net_limit(limit) != 0); 850 851 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 852 ATF_REQUIRE(limit != NULL); 853 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 854 cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL); 855 ATF_REQUIRE(cap_net_limit(limit) != 0); 856 857 cap_close(capnet); 858 } 859 860 ATF_TC(capnet__limits_name2addr_hosts_servnames_strict); 861 ATF_TC_HEAD(capnet__limits_name2addr_hosts_servnames_strict, tc) 862 { 863 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 864 } 865 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc) 866 { 867 cap_channel_t *capnet; 868 cap_net_limit_t *limit; 869 870 capnet = create_network_service(); 871 872 /* 873 * Limit to TEST_DOMAIN_0 and HTTP service. 874 */ 875 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 876 ATF_REQUIRE(limit != NULL); 877 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http"); 878 ATF_REQUIRE(cap_net_limit(limit) == 0); 879 880 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 881 0); 882 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 883 ENOTCAPABLE); 884 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") == 885 ENOTCAPABLE); 886 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 887 ENOTCAPABLE); 888 889 /* Unable to set empty limits. Empty limits means full access. */ 890 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 891 ATF_REQUIRE(cap_net_limit(limit) != 0); 892 893 cap_close(capnet); 894 } 895 896 ATF_TC(capnet__limits_name2addr_hosts_servnames_mix); 897 ATF_TC_HEAD(capnet__limits_name2addr_hosts_servnames_mix, tc) 898 { 899 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 900 } 901 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc) 902 { 903 cap_channel_t *capnet; 904 cap_net_limit_t *limit; 905 906 capnet = create_network_service(); 907 908 /* 909 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with 910 * servname HTTP. 911 */ 912 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 913 ATF_REQUIRE(limit != NULL); 914 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 915 cap_net_limit_name2addr(limit, NULL, "http"); 916 ATF_REQUIRE(cap_net_limit(limit) == 0); 917 918 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 919 0); 920 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 921 0); 922 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 923 0); 924 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 925 0); 926 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 927 ENOTCAPABLE); 928 929 /* Limit to HTTP servname only. */ 930 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 931 ATF_REQUIRE(limit != NULL); 932 cap_net_limit_name2addr(limit, NULL, "http"); 933 ATF_REQUIRE(cap_net_limit(limit) == 0); 934 935 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 936 0); 937 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 938 ENOTCAPABLE); 939 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 940 0); 941 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 942 ENOTCAPABLE); 943 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 944 ENOTCAPABLE); 945 946 /* Unable to set empty limits. Empty limits means full access. */ 947 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 948 ATF_REQUIRE(cap_net_limit(limit) != 0); 949 950 cap_close(capnet); 951 } 952 953 ATF_TC(capnet__limits_name2addr_family); 954 ATF_TC_HEAD(capnet__limits_name2addr_family, tc) 955 { 956 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 957 } 958 ATF_TC_BODY(capnet__limits_name2addr_family, tc) 959 { 960 cap_channel_t *capnet; 961 cap_net_limit_t *limit; 962 int family[] = { AF_INET6, AF_INET }; 963 964 capnet = create_network_service(); 965 966 /* Limit to AF_INET and AF_INET6. */ 967 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 968 ATF_REQUIRE(limit != NULL); 969 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 970 cap_net_limit_name2addr_family(limit, family, nitems(family)); 971 ATF_REQUIRE(cap_net_limit(limit) == 0); 972 973 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 974 0); 975 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 976 0); 977 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 978 ENOTCAPABLE); 979 980 /* Limit to AF_INET and AF_INET6. */ 981 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 982 ATF_REQUIRE(limit != NULL); 983 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 984 cap_net_limit_name2addr_family(limit, &family[0], 1); 985 cap_net_limit_name2addr_family(limit, &family[1], 1); 986 ATF_REQUIRE(cap_net_limit(limit) == 0); 987 988 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 989 0); 990 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 991 0); 992 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 993 ENOTCAPABLE); 994 995 /* Limit to AF_INET6 only. */ 996 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 997 ATF_REQUIRE(limit != NULL); 998 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 999 cap_net_limit_name2addr_family(limit, family, 1); 1000 ATF_REQUIRE(cap_net_limit(limit) == 0); 1001 1002 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1003 ENOTCAPABLE); 1004 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 1005 0); 1006 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 1007 ENOTCAPABLE); 1008 1009 /* Unable to set empty limits. Empty limits means full access. */ 1010 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 1011 ATF_REQUIRE(cap_net_limit(limit) != 0); 1012 1013 cap_close(capnet); 1014 } 1015 1016 ATF_TC(capnet__limits_deprecated_name2addr_mode); 1017 ATF_TC_HEAD(capnet__limits_deprecated_name2addr_mode, tc) 1018 { 1019 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1020 } 1021 ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc) 1022 { 1023 cap_channel_t *capnet; 1024 cap_net_limit_t *limit; 1025 1026 capnet = create_network_service(); 1027 1028 /* LIMIT */ 1029 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1030 ATF_REQUIRE(limit != NULL); 1031 ATF_REQUIRE(cap_net_limit(limit) == 0); 1032 1033 /* ALLOWED */ 1034 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1035 1036 /* DISALLOWED */ 1037 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1038 ENOTCAPABLE); 1039 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1040 ENOTCAPABLE); 1041 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1042 ENOTCAPABLE); 1043 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1044 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 1045 1046 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1047 1048 cap_close(capnet); 1049 } 1050 1051 ATF_TC(capnet__limits_deprecated_name2addr_hosts); 1052 ATF_TC_HEAD(capnet__limits_deprecated_name2addr_hosts, tc) 1053 { 1054 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1055 } 1056 ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc) 1057 { 1058 cap_channel_t *capnet; 1059 cap_net_limit_t *limit; 1060 1061 capnet = create_network_service(); 1062 1063 /* Limit to TEST_DOMAIN_0 and localhost only. */ 1064 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1065 ATF_REQUIRE(limit != NULL); 1066 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1067 cap_net_limit_name2addr(limit, "localhost", NULL); 1068 ATF_REQUIRE(cap_net_limit(limit) == 0); 1069 1070 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1071 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0); 1072 ATF_REQUIRE( 1073 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 1074 1075 /* Limit to TEST_DOMAIN_0 only. */ 1076 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1077 ATF_REQUIRE(limit != NULL); 1078 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1079 ATF_REQUIRE(cap_net_limit(limit) == 0); 1080 1081 ATF_REQUIRE( 1082 test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE); 1083 ATF_REQUIRE( 1084 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 1085 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1086 1087 /* Unable to set empty limits. Empty limits means full access. */ 1088 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1089 ATF_REQUIRE(cap_net_limit(limit) != 0); 1090 1091 cap_close(capnet); 1092 } 1093 1094 ATF_TC(capnet__limits_deprecated_name2addr_family); 1095 ATF_TC_HEAD(capnet__limits_deprecated_name2addr_family, tc) 1096 { 1097 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1098 } 1099 ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc) 1100 { 1101 cap_channel_t *capnet; 1102 cap_net_limit_t *limit; 1103 int family[] = { AF_INET6, AF_INET }; 1104 1105 capnet = create_network_service(); 1106 1107 /* Limit to AF_INET and AF_INET6. */ 1108 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1109 ATF_REQUIRE(limit != NULL); 1110 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1111 cap_net_limit_name2addr_family(limit, family, nitems(family)); 1112 ATF_REQUIRE(cap_net_limit(limit) == 0); 1113 1114 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1115 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1116 ATF_REQUIRE( 1117 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1118 1119 /* Limit to AF_INET and AF_INET6. */ 1120 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1121 ATF_REQUIRE(limit != NULL); 1122 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1123 cap_net_limit_name2addr_family(limit, &family[0], 1); 1124 cap_net_limit_name2addr_family(limit, &family[1], 1); 1125 ATF_REQUIRE(cap_net_limit(limit) == 0); 1126 1127 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 1128 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1129 ATF_REQUIRE( 1130 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1131 1132 /* Limit to AF_INET6 only. */ 1133 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1134 ATF_REQUIRE(limit != NULL); 1135 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 1136 cap_net_limit_name2addr_family(limit, family, 1); 1137 ATF_REQUIRE(cap_net_limit(limit) == 0); 1138 1139 ATF_REQUIRE( 1140 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1141 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 1142 ATF_REQUIRE( 1143 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 1144 1145 /* Unable to set empty limits. Empty limits means full access. */ 1146 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 1147 ATF_REQUIRE(cap_net_limit(limit) != 0); 1148 1149 cap_close(capnet); 1150 } 1151 1152 ATF_TC(capnet__limits_bind_mode); 1153 ATF_TC_HEAD(capnet__limits_bind_mode, tc) 1154 { 1155 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1156 } 1157 ATF_TC_BODY(capnet__limits_bind_mode, tc) 1158 { 1159 cap_channel_t *capnet; 1160 cap_net_limit_t *limit; 1161 1162 capnet = create_network_service(); 1163 1164 /* LIMIT */ 1165 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1166 ATF_REQUIRE(limit != NULL); 1167 ATF_REQUIRE(cap_net_limit(limit) == 0); 1168 1169 /* ALLOWED */ 1170 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1171 1172 /* DISALLOWED */ 1173 ATF_REQUIRE( 1174 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1175 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1176 ENOTCAPABLE); 1177 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1178 ENOTCAPABLE); 1179 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1180 ENOTCAPABLE); 1181 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 1182 1183 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1184 1185 cap_close(capnet); 1186 } 1187 1188 ATF_TC(capnet__limits_bind); 1189 ATF_TC_HEAD(capnet__limits_bind, tc) 1190 { 1191 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1192 } 1193 ATF_TC_BODY(capnet__limits_bind, tc) 1194 { 1195 cap_channel_t *capnet; 1196 cap_net_limit_t *limit; 1197 struct sockaddr_in ipv4; 1198 1199 capnet = create_network_service(); 1200 1201 limit = cap_net_limit_init(capnet, CAPNET_BIND); 1202 ATF_REQUIRE(limit != NULL); 1203 1204 memset(&ipv4, 0, sizeof(ipv4)); 1205 ipv4.sin_family = AF_INET; 1206 inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr); 1207 1208 cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1209 ATF_REQUIRE(cap_net_limit(limit) == 0); 1210 1211 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 1212 ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); 1213 1214 cap_close(capnet); 1215 } 1216 1217 ATF_TC(capnet__limits_connect_mode); 1218 ATF_TC_HEAD(capnet__limits_connect_mode, tc) 1219 { 1220 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1221 } 1222 ATF_TC_BODY(capnet__limits_connect_mode, tc) 1223 { 1224 cap_channel_t *capnet; 1225 cap_net_limit_t *limit; 1226 1227 capnet = create_network_service(); 1228 1229 /* LIMIT */ 1230 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1231 ATF_REQUIRE(limit != NULL); 1232 ATF_REQUIRE(cap_net_limit(limit) == 0); 1233 1234 /* ALLOWED */ 1235 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1236 1237 /* DISALLOWED */ 1238 ATF_REQUIRE( 1239 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1240 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1241 ENOTCAPABLE); 1242 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1243 ENOTCAPABLE); 1244 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1245 ENOTCAPABLE); 1246 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1247 1248 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1249 1250 cap_close(capnet); 1251 } 1252 1253 ATF_TC(capnet__limits_connect_dns_mode); 1254 ATF_TC_HEAD(capnet__limits_connect_dns_mode, tc) 1255 { 1256 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1257 } 1258 ATF_TC_BODY(capnet__limits_connect_dns_mode, tc) 1259 { 1260 cap_channel_t *capnet; 1261 cap_net_limit_t *limit; 1262 1263 capnet = create_network_service(); 1264 1265 /* LIMIT */ 1266 limit = cap_net_limit_init(capnet, CAPNET_CONNECT | CAPNET_CONNECTDNS); 1267 ATF_REQUIRE(limit != NULL); 1268 ATF_REQUIRE(cap_net_limit(limit) == 0); 1269 1270 /* ALLOWED */ 1271 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1272 1273 /* DISALLOWED */ 1274 ATF_REQUIRE( 1275 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 1276 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 1277 ENOTCAPABLE); 1278 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 1279 ENOTCAPABLE); 1280 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 1281 ENOTCAPABLE); 1282 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 1283 1284 test_extend_mode(capnet, CAPNET_ADDR2NAME); 1285 1286 cap_close(capnet); 1287 } 1288 1289 ATF_TC(capnet__limits_connect); 1290 ATF_TC_HEAD(capnet__limits_connect, tc) 1291 { 1292 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1293 } 1294 ATF_TC_BODY(capnet__limits_connect, tc) 1295 { 1296 cap_channel_t *capnet; 1297 cap_net_limit_t *limit; 1298 struct sockaddr_in ipv4; 1299 1300 capnet = create_network_service(); 1301 1302 /* Limit only to TEST_IPV4 on port 80 and 443. */ 1303 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1304 ATF_REQUIRE(limit != NULL); 1305 memset(&ipv4, 0, sizeof(ipv4)); 1306 ipv4.sin_family = AF_INET; 1307 ipv4.sin_port = htons(80); 1308 inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr); 1309 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1310 1311 ipv4.sin_port = htons(443); 1312 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1313 ATF_REQUIRE(cap_net_limit(limit) == 0); 1314 1315 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1316 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1317 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1318 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1319 1320 /* Limit only to TEST_IPV4 on port 443. */ 1321 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1322 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1323 ATF_REQUIRE(cap_net_limit(limit) == 0); 1324 1325 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE); 1326 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1327 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1328 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1329 1330 /* Unable to set empty limits. Empty limits means full access. */ 1331 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1332 ATF_REQUIRE(cap_net_limit(limit) != 0); 1333 1334 cap_close(capnet); 1335 } 1336 1337 ATF_TC(capnet__limits_connecttodns); 1338 ATF_TC_HEAD(capnet__limits_connecttodns, tc) 1339 { 1340 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1341 } 1342 ATF_TC_BODY(capnet__limits_connecttodns, tc) 1343 { 1344 cap_channel_t *capnet; 1345 cap_net_limit_t *limit; 1346 struct addrinfo hints, *capres, *res; 1347 int family[] = { AF_INET }; 1348 int error; 1349 1350 capnet = create_network_service(); 1351 1352 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1353 CAPNET_NAME2ADDR); 1354 ATF_REQUIRE(limit != NULL); 1355 cap_net_limit_name2addr(limit, TEST_IPV4, "80"); 1356 cap_net_limit_name2addr_family(limit, family, 1); 1357 ATF_REQUIRE(cap_net_limit(limit) == 0); 1358 1359 memset(&hints, 0, sizeof(hints)); 1360 hints.ai_family = AF_INET; 1361 hints.ai_socktype = SOCK_STREAM; 1362 1363 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1364 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 1365 0); 1366 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1367 1368 for (res = capres; res != NULL; res = res->ai_next) { 1369 int s; 1370 1371 ATF_REQUIRE(res->ai_family == AF_INET); 1372 ATF_REQUIRE(res->ai_socktype == SOCK_STREAM); 1373 1374 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 1375 ATF_REQUIRE(s >= 0); 1376 1377 error = cap_connect(capnet, s, res->ai_addr, 1378 res->ai_addrlen); 1379 if (error != 0 && errno != ENOTCAPABLE) 1380 atf_tc_skip("unable to connect: %s", strerror(errno)); 1381 ATF_REQUIRE(error == 0); 1382 ATF_REQUIRE(close(s) == 0); 1383 } 1384 1385 freeaddrinfo(capres); 1386 cap_close(capnet); 1387 } 1388 1389 1390 ATF_TC(capnet__limits_deprecated_connecttodns); 1391 ATF_TC_HEAD(capnet__limits_deprecated_connecttodns, tc) 1392 { 1393 atf_tc_set_md_var(tc, "require.config", "allow_network_access"); 1394 } 1395 ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc) 1396 { 1397 cap_channel_t *capnet; 1398 cap_net_limit_t *limit; 1399 struct hostent *caphp; 1400 struct in_addr ipaddr; 1401 struct sockaddr_in connaddr; 1402 int family[] = { AF_INET }; 1403 int error, i; 1404 1405 capnet = create_network_service(); 1406 1407 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1408 CAPNET_DEPRECATED_NAME2ADDR); 1409 ATF_REQUIRE(limit != NULL); 1410 cap_net_limit_name2addr(limit, TEST_IPV4, NULL); 1411 cap_net_limit_name2addr_family(limit, family, 1); 1412 ATF_REQUIRE(cap_net_limit(limit) == 0); 1413 1414 memset(&ipaddr, 0, sizeof(ipaddr)); 1415 inet_pton(AF_INET, TEST_IPV4, &ipaddr); 1416 1417 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1418 caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET); 1419 ATF_REQUIRE(caphp != NULL); 1420 ATF_REQUIRE(caphp->h_addrtype == AF_INET); 1421 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1422 1423 for (i = 0; caphp->h_addr_list[i] != NULL; i++) { 1424 int s; 1425 1426 s = socket(AF_INET, SOCK_STREAM, 0); 1427 ATF_REQUIRE(s >= 0); 1428 1429 memset(&connaddr, 0, sizeof(connaddr)); 1430 connaddr.sin_family = AF_INET; 1431 memcpy((char *)&connaddr.sin_addr.s_addr, 1432 (char *)caphp->h_addr_list[i], caphp->h_length); 1433 connaddr.sin_port = htons(80); 1434 1435 error = cap_connect(capnet, s, (struct sockaddr *)&connaddr, 1436 sizeof(connaddr)); 1437 if (error != 0 && errno != ENOTCAPABLE) 1438 atf_tc_skip("unable to connect: %s", strerror(errno)); 1439 ATF_REQUIRE(error == 0); 1440 ATF_REQUIRE(close(s) == 0); 1441 } 1442 1443 cap_close(capnet); 1444 } 1445 1446 ATF_TP_ADD_TCS(tp) 1447 { 1448 1449 ATF_TP_ADD_TC(tp, capnet__connect); 1450 ATF_TP_ADD_TC(tp, capnet__bind); 1451 ATF_TP_ADD_TC(tp, capnet__getnameinfo); 1452 ATF_TP_ADD_TC(tp, capnet__getaddrinfo); 1453 ATF_TP_ADD_TC(tp, capnet__gethostbyname); 1454 ATF_TP_ADD_TC(tp, capnet__gethostbyaddr); 1455 1456 ATF_TP_ADD_TC(tp, capnet__getnameinfo_buffer); 1457 1458 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode); 1459 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family); 1460 ATF_TP_ADD_TC(tp, capnet__limits_addr2name); 1461 1462 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode); 1463 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family); 1464 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name); 1465 1466 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode); 1467 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts); 1468 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict); 1469 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix); 1470 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family); 1471 1472 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode); 1473 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts); 1474 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family); 1475 1476 ATF_TP_ADD_TC(tp, capnet__limits_bind_mode); 1477 ATF_TP_ADD_TC(tp, capnet__limits_bind); 1478 1479 ATF_TP_ADD_TC(tp, capnet__limits_connect_mode); 1480 ATF_TP_ADD_TC(tp, capnet__limits_connect_dns_mode); 1481 ATF_TP_ADD_TC(tp, capnet__limits_connect); 1482 1483 ATF_TP_ADD_TC(tp, capnet__limits_connecttodns); 1484 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns); 1485 1486 return (atf_no_error()); 1487 } 1488