1*d445a01eSafresh1#	$OpenBSD: OpenBSD-Pledge.t,v 1.4 2021/06/09 23:21:34 afresh1 Exp $	#
20f22ff6aSafresh1## no critic 'version'
30f22ff6aSafresh1## no critic 'package'
40f22ff6aSafresh1# Before 'make install' is performed this script should be runnable with
50f22ff6aSafresh1# 'make test'. After 'make install' it should work as 'perl OpenBSD-Pledge.t'
60f22ff6aSafresh1
70f22ff6aSafresh1#########################
80f22ff6aSafresh1
90f22ff6aSafresh1use strict;
100f22ff6aSafresh1use warnings;
110f22ff6aSafresh1
120f22ff6aSafresh1use Fcntl qw( O_RDONLY O_WRONLY );
137ef7a498Safresh1use File::Temp;
140f22ff6aSafresh1
150f22ff6aSafresh1use Config;
160f22ff6aSafresh1my %sig_num;
170f22ff6aSafresh1@sig_num{ split q{ }, $Config{sig_name} } = split q{ }, $Config{sig_num};
180f22ff6aSafresh1
190f22ff6aSafresh1use Test::More;
200f22ff6aSafresh1BEGIN { use_ok('OpenBSD::Pledge') }
210f22ff6aSafresh1
220f22ff6aSafresh1## no critic 'private'
230f22ff6aSafresh1## no critic 'punctuation'
240f22ff6aSafresh1#########################
250f22ff6aSafresh1# _PLEDGE
260f22ff6aSafresh1#########################
270f22ff6aSafresh1
280f22ff6aSafresh1sub xspledge_ok ($$)    ## no critic 'prototypes'
290f22ff6aSafresh1{
300f22ff6aSafresh1	my ( $name, $code ) = @_;
310f22ff6aSafresh1	local $Test::Builder::Level =
320f22ff6aSafresh1	    $Test::Builder::Level + 1;    ## no critic 'package variable'
330f22ff6aSafresh1
340f22ff6aSafresh1	my $ok = 0;
350f22ff6aSafresh1	foreach my $pledge ( q{}, $name ) {
367ef7a498Safresh1		my $dir = File::Temp->newdir('OpenBSD-Pledge-XXXXXXXXX');
370f22ff6aSafresh1		my $pid = fork // die "Unable to fork for $name: $!\n";
380f22ff6aSafresh1
390f22ff6aSafresh1		if ( !$pid ) {
407ef7a498Safresh1			chdir($dir);
417ef7a498Safresh1			OpenBSD::Pledge::_pledge( "abort" );  # non fatal
427ef7a498Safresh1			OpenBSD::Pledge::_pledge( "stdio $pledge" )
430f22ff6aSafresh1			    || die "[$name] $!\n";
440f22ff6aSafresh1			$code->();
450f22ff6aSafresh1			exit;
460f22ff6aSafresh1		}
470f22ff6aSafresh1
480f22ff6aSafresh1		waitpid $pid, 0;
490f22ff6aSafresh1
500f22ff6aSafresh1		if ($pledge) {
510f22ff6aSafresh1			$ok += is $?, 0, "[$name] OK with pledge";
520f22ff6aSafresh1		} else {
530f22ff6aSafresh1			## no critic 'numbers'
540f22ff6aSafresh1			$ok += is $? & 127, $sig_num{ABRT},
550f22ff6aSafresh1			    "[$name] ABRT without pledge";
560f22ff6aSafresh1		}
570f22ff6aSafresh1	}
580f22ff6aSafresh1	return $ok == 2;
590f22ff6aSafresh1}
600f22ff6aSafresh1xspledge_ok rpath => sub { sysopen my $fh, '/dev/random', O_RDONLY };
610f22ff6aSafresh1xspledge_ok wpath => sub { sysopen my $fh, 'FOO',         O_WRONLY };
620f22ff6aSafresh1xspledge_ok cpath => sub { mkdir q{/} };
630f22ff6aSafresh1
640f22ff6aSafresh1#########################
650f22ff6aSafresh1# PLEDGE
660f22ff6aSafresh1#########################
670f22ff6aSafresh1{
680f22ff6aSafresh1	my @calls;
690f22ff6aSafresh1	no warnings 'redefine';    ## no critic 'warnings';
700f22ff6aSafresh1	local *OpenBSD::Pledge::_pledge = sub { push @calls, \@_; return 1 };
710f22ff6aSafresh1	use warnings 'redefine';
720f22ff6aSafresh1
730f22ff6aSafresh1	OpenBSD::Pledge::pledge(qw( foo bar foo baz ));
747ef7a498Safresh1	OpenBSD::Pledge::pledge( qw( foo qux baz quux ));
750f22ff6aSafresh1
760f22ff6aSafresh1	is_deeply \@calls,
770f22ff6aSafresh1	    [
787ef7a498Safresh1		[ "bar baz foo stdio" ],
797ef7a498Safresh1		[ "baz foo quux qux stdio" ],
800f22ff6aSafresh1	    ],
810f22ff6aSafresh1	    "Sorted and unique promises, plus stdio";
820f22ff6aSafresh1}
830f22ff6aSafresh1
840f22ff6aSafresh1#########################
850f22ff6aSafresh1done_testing;
860f22ff6aSafresh1
870f22ff6aSafresh11;    # to shut up critic
88