1 /*- 2 * Copyright (c) 2020 Mariusz Zaborski <oshogbo@FreeBSD.org> 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 1. Redistributions of source code must retain the above copyright 8 * notice, this list of conditions and the following disclaimer. 9 * 2. Redistributions in binary form must reproduce the above copyright 10 * notice, this list of conditions and the following disclaimer in the 11 * documentation and/or other materials provided with the distribution. 12 * 13 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 14 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 15 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 17 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 18 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 19 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 20 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 21 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 22 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 23 * POSSIBILITY OF SUCH DAMAGE. 24 */ 25 26 #include <sys/cdefs.h> 27 __FBSDID("$FreeBSD$"); 28 29 #include <sys/param.h> 30 #include <sys/socket.h> 31 #include <netinet/in.h> 32 #include <arpa/inet.h> 33 34 #include <errno.h> 35 #include <netdb.h> 36 37 #include <atf-c.h> 38 39 #include <libcasper.h> 40 #include <casper/cap_net.h> 41 42 #define TEST_DOMAIN_0 "example.com" 43 #define TEST_DOMAIN_1 "freebsd.org" 44 #define TEST_IPV4 "1.1.1.1" 45 #define TEST_IPV6 "2001:4860:4860::8888" 46 #define TEST_BIND_IPV4 "127.0.0.1" 47 48 static cap_channel_t * 49 create_network_service(void) 50 { 51 cap_channel_t *capcas, *capnet; 52 53 capcas = cap_init(); 54 ATF_REQUIRE(capcas != NULL); 55 56 capnet = cap_service_open(capcas, "system.net"); 57 ATF_REQUIRE(capnet != NULL); 58 59 cap_close(capcas); 60 return (capnet); 61 } 62 63 static int 64 test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip) 65 { 66 struct sockaddr_in ipaddr; 67 char capfn[MAXHOSTNAMELEN]; 68 char origfn[MAXHOSTNAMELEN]; 69 int ret; 70 71 memset(&ipaddr, 0, sizeof(ipaddr)); 72 ipaddr.sin_family = family; 73 inet_pton(family, ip, &ipaddr.sin_addr); 74 75 ret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 76 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 77 if (ret != 0) { 78 return (ret); 79 } 80 81 ret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 82 sizeof(origfn), NULL, 0, NI_NAMEREQD); 83 ATF_REQUIRE(ret == 0); 84 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 85 86 return (0); 87 } 88 89 static int 90 test_getnameinfo_v6(cap_channel_t *chan, const char *ip) 91 { 92 struct sockaddr_in6 ipaddr; 93 char capfn[MAXHOSTNAMELEN]; 94 char origfn[MAXHOSTNAMELEN]; 95 int ret; 96 97 memset(&ipaddr, 0, sizeof(ipaddr)); 98 ipaddr.sin6_family = AF_INET6; 99 inet_pton(AF_INET6, ip, &ipaddr.sin6_addr); 100 101 ret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr), 102 capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD); 103 if (ret != 0) { 104 return (ret); 105 } 106 107 ret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn, 108 sizeof(origfn), NULL, 0, NI_NAMEREQD); 109 ATF_REQUIRE(ret == 0); 110 ATF_REQUIRE(strcmp(origfn, capfn) == 0); 111 112 return (0); 113 } 114 115 static int 116 test_getnameinfo(cap_channel_t *chan, int family, const char *ip) 117 { 118 119 if (family == AF_INET6) { 120 return (test_getnameinfo_v6(chan, ip)); 121 } 122 123 return (test_getnameinfo_v4(chan, family, ip)); 124 } 125 126 static int 127 test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip) 128 { 129 struct in_addr ipaddr; 130 struct hostent *caphp, *orighp; 131 132 memset(&ipaddr, 0, sizeof(ipaddr)); 133 inet_pton(AF_INET, ip, &ipaddr); 134 135 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family); 136 if (caphp == NULL) { 137 return (h_errno); 138 } 139 140 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family); 141 ATF_REQUIRE(orighp != NULL); 142 ATF_REQUIRE(strcmp(caphp->h_name, caphp->h_name) == 0); 143 144 return (0); 145 } 146 147 static int 148 test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip) 149 { 150 struct in6_addr ipaddr; 151 struct hostent *caphp, *orighp; 152 153 memset(&ipaddr, 0, sizeof(ipaddr)); 154 inet_pton(AF_INET6, ip, &ipaddr); 155 156 caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6); 157 if (caphp == NULL) 158 return (h_errno); 159 160 orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6); 161 ATF_REQUIRE(orighp != NULL); 162 ATF_REQUIRE(strcmp(caphp->h_name, caphp->h_name) == 0); 163 164 return (0); 165 } 166 167 static int 168 test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip) 169 { 170 171 if (family == AF_INET6) { 172 return (test_gethostbyaddr_v6(chan, ip)); 173 } else { 174 return (test_gethostbyaddr_v4(chan, family, ip)); 175 } 176 } 177 178 static int 179 test_getaddrinfo(cap_channel_t *chan, int family, const char *domain, 180 const char *servname) 181 { 182 struct addrinfo hints, *capres, *origres, *res0, *res1; 183 bool found; 184 int ret; 185 186 memset(&hints, 0, sizeof(hints)); 187 hints.ai_family = family; 188 hints.ai_socktype = SOCK_STREAM; 189 190 ret = cap_getaddrinfo(chan, domain, servname, &hints, &capres); 191 if (ret != 0) { 192 return (ret); 193 } 194 195 ret = getaddrinfo(domain, servname, &hints, &origres); 196 ATF_REQUIRE(ret == 0); 197 198 for (res0 = capres; res0 != NULL; res0 = res0->ai_next) { 199 found = false; 200 for (res1 = origres; res1 != NULL; res1 = res1->ai_next) { 201 if (res1->ai_addrlen == res0->ai_addrlen && 202 memcmp(res1->ai_addr, res0->ai_addr, 203 res0->ai_addrlen) == 0) { 204 found = true; 205 break; 206 } 207 } 208 ATF_REQUIRE(found); 209 } 210 211 freeaddrinfo(capres); 212 freeaddrinfo(origres); 213 return (0); 214 } 215 216 static int 217 test_gethostbyname(cap_channel_t *chan, int family, const char *domain) 218 { 219 struct hostent *caphp, *orighp; 220 221 caphp = cap_gethostbyname2(chan, domain, family); 222 if (caphp == NULL) { 223 return (h_errno); 224 } 225 226 orighp = gethostbyname2(domain, family); 227 ATF_REQUIRE(orighp != NULL); 228 ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0); 229 230 return (0); 231 } 232 233 static int 234 test_bind(cap_channel_t *chan, const char *ip) 235 { 236 struct sockaddr_in ipv4; 237 int capfd, ret, serrno; 238 239 capfd = socket(AF_INET, SOCK_STREAM, 0); 240 ATF_REQUIRE(capfd > 0); 241 242 memset(&ipv4, 0, sizeof(ipv4)); 243 ipv4.sin_family = AF_INET; 244 inet_pton(AF_INET, ip, &ipv4.sin_addr); 245 246 ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 247 serrno = errno; 248 close(capfd); 249 250 return (ret < 0 ? serrno : 0); 251 } 252 253 static int 254 test_connect(cap_channel_t *chan, const char *ip, unsigned short port) 255 { 256 struct sockaddr_in ipv4; 257 int capfd, ret, serrno; 258 259 capfd = socket(AF_INET, SOCK_STREAM, 0); 260 ATF_REQUIRE(capfd > 0); 261 262 memset(&ipv4, 0, sizeof(ipv4)); 263 ipv4.sin_family = AF_INET; 264 ipv4.sin_port = htons(port); 265 inet_pton(AF_INET, ip, &ipv4.sin_addr); 266 267 ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4)); 268 serrno = errno; 269 close(capfd); 270 271 return (ret < 0 ? serrno : 0); 272 } 273 274 static void 275 test_extend_mode(cap_channel_t *capnet, int current) 276 { 277 cap_net_limit_t *limit; 278 const int rights[] = { 279 CAPNET_ADDR2NAME, 280 CAPNET_NAME2ADDR, 281 CAPNET_DEPRECATED_ADDR2NAME, 282 CAPNET_DEPRECATED_NAME2ADDR, 283 CAPNET_CONNECT, 284 CAPNET_BIND, 285 CAPNET_CONNECTDNS 286 }; 287 size_t i; 288 289 for (i = 0; i < nitems(rights); i++) { 290 if (current == rights[i]) 291 continue; 292 293 limit = cap_net_limit_init(capnet, current | rights[i]); 294 ATF_REQUIRE(limit != NULL); 295 ATF_REQUIRE(cap_net_limit(limit) != 0); 296 } 297 } 298 299 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_mode); 300 ATF_TC_BODY(capnet__limits_addr2name_mode, tc) 301 { 302 cap_channel_t *capnet; 303 cap_net_limit_t *limit; 304 305 capnet = create_network_service(); 306 307 /* LIMIT */ 308 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 309 ATF_REQUIRE(limit != NULL); 310 ATF_REQUIRE(cap_net_limit(limit) == 0); 311 312 /* ALLOWED */ 313 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 314 315 /* DISALLOWED */ 316 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 317 ENOTCAPABLE); 318 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 319 ENOTCAPABLE); 320 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 321 ENOTCAPABLE); 322 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 323 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 324 325 test_extend_mode(capnet, CAPNET_ADDR2NAME); 326 327 cap_close(capnet); 328 } 329 330 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name_family); 331 ATF_TC_BODY(capnet__limits_addr2name_family, tc) 332 { 333 cap_channel_t *capnet; 334 cap_net_limit_t *limit; 335 int family[] = { AF_INET6, AF_INET }; 336 337 capnet = create_network_service(); 338 339 /* Limit to AF_INET6 and AF_INET. */ 340 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 341 ATF_REQUIRE(limit != NULL); 342 cap_net_limit_addr2name_family(limit, family, nitems(family)); 343 ATF_REQUIRE(cap_net_limit(limit) == 0); 344 345 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 346 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 347 348 /* Limit to AF_INET6 and AF_INET. */ 349 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 350 ATF_REQUIRE(limit != NULL); 351 cap_net_limit_addr2name_family(limit, &family[0], 1); 352 cap_net_limit_addr2name_family(limit, &family[1], 1); 353 ATF_REQUIRE(cap_net_limit(limit) == 0); 354 355 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 356 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 357 358 /* Limit to AF_INET6. */ 359 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 360 ATF_REQUIRE(limit != NULL); 361 cap_net_limit_addr2name_family(limit, family, 1); 362 ATF_REQUIRE(cap_net_limit(limit) == 0); 363 364 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 365 ENOTCAPABLE); 366 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 367 368 /* Unable to set empty limits. Empty limits means full access. */ 369 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 370 ATF_REQUIRE(cap_net_limit(limit) != 0); 371 372 cap_close(capnet); 373 } 374 375 ATF_TC_WITHOUT_HEAD(capnet__limits_addr2name); 376 ATF_TC_BODY(capnet__limits_addr2name, tc) 377 { 378 cap_channel_t *capnet; 379 cap_net_limit_t *limit; 380 struct sockaddr_in ipaddrv4; 381 struct sockaddr_in6 ipaddrv6; 382 383 capnet = create_network_service(); 384 385 /* Limit to TEST_IPV4 and TEST_IPV6. */ 386 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 387 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 388 389 ipaddrv4.sin_family = AF_INET; 390 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr); 391 392 ipaddrv6.sin6_family = AF_INET6; 393 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr); 394 395 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 396 ATF_REQUIRE(limit != NULL); 397 398 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 399 sizeof(ipaddrv4)); 400 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 401 sizeof(ipaddrv6)); 402 ATF_REQUIRE(cap_net_limit(limit) == 0); 403 404 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 405 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0); 406 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 407 ENOTCAPABLE); 408 409 /* Limit to AF_INET. */ 410 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 411 ATF_REQUIRE(limit != NULL); 412 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 413 sizeof(ipaddrv4)); 414 ATF_REQUIRE(cap_net_limit(limit) == 0); 415 416 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0); 417 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 418 ENOTCAPABLE); 419 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") == 420 ENOTCAPABLE); 421 422 /* Unable to set empty limits. Empty limits means full access. */ 423 limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME); 424 ATF_REQUIRE(cap_net_limit(limit) != 0); 425 426 cap_close(capnet); 427 } 428 429 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_mode); 430 ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc) 431 { 432 cap_channel_t *capnet; 433 cap_net_limit_t *limit; 434 435 capnet = create_network_service(); 436 437 /* LIMIT */ 438 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 439 ATF_REQUIRE(limit != NULL); 440 ATF_REQUIRE(cap_net_limit(limit) == 0); 441 442 /* ALLOWED */ 443 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 444 445 /* DISALLOWED */ 446 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 447 ENOTCAPABLE); 448 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 449 ENOTCAPABLE); 450 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 451 ENOTCAPABLE); 452 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 453 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 454 455 cap_close(capnet); 456 } 457 458 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name_family); 459 ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc) 460 { 461 cap_channel_t *capnet; 462 cap_net_limit_t *limit; 463 int family[] = { AF_INET6, AF_INET }; 464 465 capnet = create_network_service(); 466 467 /* Limit to AF_INET6 and AF_INET. */ 468 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 469 ATF_REQUIRE(limit != NULL); 470 cap_net_limit_addr2name_family(limit, family, nitems(family)); 471 ATF_REQUIRE(cap_net_limit(limit) == 0); 472 473 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 474 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 475 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 476 ENOTCAPABLE); 477 478 /* Limit to AF_INET6 and AF_INET. */ 479 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 480 ATF_REQUIRE(limit != NULL); 481 cap_net_limit_addr2name_family(limit, &family[0], 1); 482 cap_net_limit_addr2name_family(limit, &family[1], 1); 483 ATF_REQUIRE(cap_net_limit(limit) == 0); 484 485 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 486 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 487 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 488 ENOTCAPABLE); 489 490 /* Limit to AF_INET6. */ 491 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 492 ATF_REQUIRE(limit != NULL); 493 cap_net_limit_addr2name_family(limit, family, 1); 494 ATF_REQUIRE(cap_net_limit(limit) == 0); 495 496 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 497 ENOTCAPABLE); 498 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 499 ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) == 500 ENOTCAPABLE); 501 502 /* Unable to set empty limits. Empty limits means full access. */ 503 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 504 ATF_REQUIRE(cap_net_limit(limit) != 0); 505 506 cap_close(capnet); 507 } 508 509 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_addr2name); 510 ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc) 511 { 512 cap_channel_t *capnet; 513 cap_net_limit_t *limit; 514 struct in_addr ipaddrv4; 515 struct in6_addr ipaddrv6; 516 517 capnet = create_network_service(); 518 519 /* Limit to TEST_IPV4 and TEST_IPV6. */ 520 memset(&ipaddrv4, 0, sizeof(ipaddrv4)); 521 memset(&ipaddrv6, 0, sizeof(ipaddrv6)); 522 523 inet_pton(AF_INET, TEST_IPV4, &ipaddrv4); 524 inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6); 525 526 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 527 ATF_REQUIRE(limit != NULL); 528 529 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 530 sizeof(ipaddrv4)); 531 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6, 532 sizeof(ipaddrv6)); 533 ATF_REQUIRE(cap_net_limit(limit) == 0); 534 535 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 536 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0); 537 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 538 ENOTCAPABLE); 539 540 /* Limit to AF_INET. */ 541 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 542 ATF_REQUIRE(limit != NULL); 543 cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4, 544 sizeof(ipaddrv4)); 545 ATF_REQUIRE(cap_net_limit(limit) == 0); 546 547 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0); 548 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 549 ENOTCAPABLE); 550 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") == 551 ENOTCAPABLE); 552 553 /* Unable to set empty limits. Empty limits means full access. */ 554 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME); 555 ATF_REQUIRE(cap_net_limit(limit) != 0); 556 557 cap_close(capnet); 558 } 559 560 561 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_mode); 562 ATF_TC_BODY(capnet__limits_name2addr_mode, tc) 563 { 564 cap_channel_t *capnet; 565 cap_net_limit_t *limit; 566 567 capnet = create_network_service(); 568 569 /* LIMIT */ 570 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 571 ATF_REQUIRE(limit != NULL); 572 ATF_REQUIRE(cap_net_limit(limit) == 0); 573 574 /* ALLOWED */ 575 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 576 0); 577 578 /* DISALLOWED */ 579 ATF_REQUIRE( 580 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 581 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 582 ENOTCAPABLE); 583 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 584 ENOTCAPABLE); 585 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 586 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 587 588 test_extend_mode(capnet, CAPNET_ADDR2NAME); 589 590 cap_close(capnet); 591 } 592 593 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts); 594 ATF_TC_BODY(capnet__limits_name2addr_hosts, tc) 595 { 596 cap_channel_t *capnet; 597 cap_net_limit_t *limit; 598 599 capnet = create_network_service(); 600 601 /* Limit to TEST_DOMAIN_0 and localhost only. */ 602 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 603 ATF_REQUIRE(limit != NULL); 604 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 605 cap_net_limit_name2addr(limit, "localhost", NULL); 606 ATF_REQUIRE(cap_net_limit(limit) == 0); 607 608 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 609 0); 610 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0); 611 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 612 ENOTCAPABLE); 613 614 /* Limit to TEST_DOMAIN_0 only. */ 615 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 616 ATF_REQUIRE(limit != NULL); 617 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 618 ATF_REQUIRE(cap_net_limit(limit) == 0); 619 620 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 621 ENOTCAPABLE); 622 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) == 623 ENOTCAPABLE); 624 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 625 0); 626 627 /* Unable to set empty limits. Empty limits means full access. */ 628 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 629 ATF_REQUIRE(cap_net_limit(limit) != 0); 630 631 cap_close(capnet); 632 } 633 634 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_strict); 635 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc) 636 { 637 cap_channel_t *capnet; 638 cap_net_limit_t *limit; 639 640 capnet = create_network_service(); 641 642 /* 643 * Limit to TEST_DOMAIN_0 and HTTP service. 644 */ 645 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 646 ATF_REQUIRE(limit != NULL); 647 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http"); 648 ATF_REQUIRE(cap_net_limit(limit) == 0); 649 650 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 651 0); 652 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 653 ENOTCAPABLE); 654 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") == 655 ENOTCAPABLE); 656 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 657 ENOTCAPABLE); 658 659 /* Unable to set empty limits. Empty limits means full access. */ 660 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 661 ATF_REQUIRE(cap_net_limit(limit) != 0); 662 663 cap_close(capnet); 664 } 665 666 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_hosts_servnames_mix); 667 ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc) 668 { 669 cap_channel_t *capnet; 670 cap_net_limit_t *limit; 671 672 capnet = create_network_service(); 673 674 /* 675 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with 676 * servname HTTP. 677 */ 678 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 679 ATF_REQUIRE(limit != NULL); 680 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 681 cap_net_limit_name2addr(limit, NULL, "http"); 682 ATF_REQUIRE(cap_net_limit(limit) == 0); 683 684 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 685 0); 686 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 687 0); 688 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 689 0); 690 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 691 0); 692 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 693 ENOTCAPABLE); 694 695 /* Limit to HTTTP servname only. */ 696 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 697 ATF_REQUIRE(limit != NULL); 698 cap_net_limit_name2addr(limit, NULL, "http"); 699 ATF_REQUIRE(cap_net_limit(limit) == 0); 700 701 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") == 702 0); 703 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 704 ENOTCAPABLE); 705 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") == 706 0); 707 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 708 ENOTCAPABLE); 709 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") == 710 ENOTCAPABLE); 711 712 /* Unable to set empty limits. Empty limits means full access. */ 713 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 714 ATF_REQUIRE(cap_net_limit(limit) != 0); 715 716 cap_close(capnet); 717 } 718 719 ATF_TC_WITHOUT_HEAD(capnet__limits_name2addr_family); 720 ATF_TC_BODY(capnet__limits_name2addr_family, tc) 721 { 722 cap_channel_t *capnet; 723 cap_net_limit_t *limit; 724 int family[] = { AF_INET6, AF_INET }; 725 726 capnet = create_network_service(); 727 728 /* Limit to AF_INET and AF_INET6. */ 729 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 730 ATF_REQUIRE(limit != NULL); 731 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 732 cap_net_limit_name2addr_family(limit, family, nitems(family)); 733 ATF_REQUIRE(cap_net_limit(limit) == 0); 734 735 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 736 0); 737 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 738 0); 739 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 740 ENOTCAPABLE); 741 742 /* Limit to AF_INET and AF_INET6. */ 743 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 744 ATF_REQUIRE(limit != NULL); 745 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 746 cap_net_limit_name2addr_family(limit, &family[0], 1); 747 cap_net_limit_name2addr_family(limit, &family[1], 1); 748 ATF_REQUIRE(cap_net_limit(limit) == 0); 749 750 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 751 0); 752 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 753 0); 754 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 755 ENOTCAPABLE); 756 757 /* Limit to AF_INET6 only. */ 758 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 759 ATF_REQUIRE(limit != NULL); 760 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 761 cap_net_limit_name2addr_family(limit, family, 1); 762 ATF_REQUIRE(cap_net_limit(limit) == 0); 763 764 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 765 ENOTCAPABLE); 766 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) == 767 0); 768 ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) == 769 ENOTCAPABLE); 770 771 /* Unable to set empty limits. Empty limits means full access. */ 772 limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR); 773 ATF_REQUIRE(cap_net_limit(limit) != 0); 774 775 cap_close(capnet); 776 } 777 778 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_mode); 779 ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc) 780 { 781 cap_channel_t *capnet; 782 cap_net_limit_t *limit; 783 784 capnet = create_network_service(); 785 786 /* LIMIT */ 787 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 788 ATF_REQUIRE(limit != NULL); 789 ATF_REQUIRE(cap_net_limit(limit) == 0); 790 791 /* ALLOWED */ 792 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 793 794 /* DISALLOWED */ 795 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 796 ENOTCAPABLE); 797 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 798 ENOTCAPABLE); 799 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 800 ENOTCAPABLE); 801 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 802 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 803 804 test_extend_mode(capnet, CAPNET_ADDR2NAME); 805 806 cap_close(capnet); 807 } 808 809 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_hosts); 810 ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc) 811 { 812 cap_channel_t *capnet; 813 cap_net_limit_t *limit; 814 815 capnet = create_network_service(); 816 817 /* Limit to TEST_DOMAIN_0 and localhost only. */ 818 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 819 ATF_REQUIRE(limit != NULL); 820 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 821 cap_net_limit_name2addr(limit, "localhost", NULL); 822 ATF_REQUIRE(cap_net_limit(limit) == 0); 823 824 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 825 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0); 826 ATF_REQUIRE( 827 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 828 829 /* Limit to TEST_DOMAIN_0 only. */ 830 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 831 ATF_REQUIRE(limit != NULL); 832 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 833 ATF_REQUIRE(cap_net_limit(limit) == 0); 834 835 ATF_REQUIRE( 836 test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE); 837 ATF_REQUIRE( 838 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE); 839 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 840 841 /* Unable to set empty limits. Empty limits means full access. */ 842 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 843 ATF_REQUIRE(cap_net_limit(limit) != 0); 844 845 cap_close(capnet); 846 } 847 848 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_name2addr_family); 849 ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc) 850 { 851 cap_channel_t *capnet; 852 cap_net_limit_t *limit; 853 int family[] = { AF_INET6, AF_INET }; 854 855 capnet = create_network_service(); 856 857 /* Limit to AF_INET and AF_INET6. */ 858 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 859 ATF_REQUIRE(limit != NULL); 860 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 861 cap_net_limit_name2addr_family(limit, family, nitems(family)); 862 ATF_REQUIRE(cap_net_limit(limit) == 0); 863 864 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 865 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 866 ATF_REQUIRE( 867 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 868 869 /* Limit to AF_INET and AF_INET6. */ 870 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 871 ATF_REQUIRE(limit != NULL); 872 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 873 cap_net_limit_name2addr_family(limit, &family[0], 1); 874 cap_net_limit_name2addr_family(limit, &family[1], 1); 875 ATF_REQUIRE(cap_net_limit(limit) == 0); 876 877 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0); 878 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 879 ATF_REQUIRE( 880 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 881 882 /* Limit to AF_INET6 only. */ 883 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 884 ATF_REQUIRE(limit != NULL); 885 cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL); 886 cap_net_limit_name2addr_family(limit, family, 1); 887 ATF_REQUIRE(cap_net_limit(limit) == 0); 888 889 ATF_REQUIRE( 890 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 891 ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0); 892 ATF_REQUIRE( 893 test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE); 894 895 /* Unable to set empty limits. Empty limits means full access. */ 896 limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR); 897 ATF_REQUIRE(cap_net_limit(limit) != 0); 898 899 cap_close(capnet); 900 } 901 902 ATF_TC_WITHOUT_HEAD(capnet__limits_bind_mode); 903 ATF_TC_BODY(capnet__limits_bind_mode, tc) 904 { 905 cap_channel_t *capnet; 906 cap_net_limit_t *limit; 907 908 capnet = create_network_service(); 909 910 /* LIMIT */ 911 limit = cap_net_limit_init(capnet, CAPNET_BIND); 912 ATF_REQUIRE(limit != NULL); 913 ATF_REQUIRE(cap_net_limit(limit) == 0); 914 915 /* ALLOWED */ 916 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 917 918 /* DISALLOWED */ 919 ATF_REQUIRE( 920 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 921 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 922 ENOTCAPABLE); 923 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 924 ENOTCAPABLE); 925 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 926 ENOTCAPABLE); 927 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE); 928 929 test_extend_mode(capnet, CAPNET_ADDR2NAME); 930 931 cap_close(capnet); 932 } 933 934 ATF_TC_WITHOUT_HEAD(capnet__limits_bind); 935 ATF_TC_BODY(capnet__limits_bind, tc) 936 { 937 cap_channel_t *capnet; 938 cap_net_limit_t *limit; 939 struct sockaddr_in ipv4; 940 941 capnet = create_network_service(); 942 943 limit = cap_net_limit_init(capnet, CAPNET_BIND); 944 ATF_REQUIRE(limit != NULL); 945 946 memset(&ipv4, 0, sizeof(ipv4)); 947 ipv4.sin_family = AF_INET; 948 inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr); 949 950 cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 951 ATF_REQUIRE(cap_net_limit(limit) == 0); 952 953 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0); 954 ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE); 955 956 cap_close(capnet); 957 } 958 959 ATF_TC_WITHOUT_HEAD(capnet__limits_connect_mode); 960 ATF_TC_BODY(capnet__limits_connect_mode, tc) 961 { 962 cap_channel_t *capnet; 963 cap_net_limit_t *limit; 964 965 capnet = create_network_service(); 966 967 /* LIMIT */ 968 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 969 ATF_REQUIRE(limit != NULL); 970 ATF_REQUIRE(cap_net_limit(limit) == 0); 971 972 /* ALLOWED */ 973 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 974 975 /* DISALLOWED */ 976 ATF_REQUIRE( 977 test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE); 978 ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 979 ENOTCAPABLE); 980 ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 981 ENOTCAPABLE); 982 ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) == 983 ENOTCAPABLE); 984 ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE); 985 986 test_extend_mode(capnet, CAPNET_ADDR2NAME); 987 988 cap_close(capnet); 989 } 990 991 ATF_TC_WITHOUT_HEAD(capnet__limits_connect); 992 ATF_TC_BODY(capnet__limits_connect, tc) 993 { 994 cap_channel_t *capnet; 995 cap_net_limit_t *limit; 996 struct sockaddr_in ipv4; 997 998 capnet = create_network_service(); 999 1000 /* Limit only to TEST_IPV4 on port 80 and 443. */ 1001 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1002 ATF_REQUIRE(limit != NULL); 1003 memset(&ipv4, 0, sizeof(ipv4)); 1004 ipv4.sin_family = AF_INET; 1005 ipv4.sin_port = htons(80); 1006 inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr); 1007 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1008 1009 ipv4.sin_port = htons(443); 1010 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1011 ATF_REQUIRE(cap_net_limit(limit) == 0); 1012 1013 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0); 1014 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1015 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1016 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1017 1018 /* Limit only to TEST_IPV4 on port 443. */ 1019 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1020 cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4)); 1021 ATF_REQUIRE(cap_net_limit(limit) == 0); 1022 1023 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE); 1024 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE); 1025 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1026 ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0); 1027 1028 /* Unable to set empty limits. Empty limits means full access. */ 1029 limit = cap_net_limit_init(capnet, CAPNET_CONNECT); 1030 ATF_REQUIRE(cap_net_limit(limit) != 0); 1031 1032 cap_close(capnet); 1033 } 1034 1035 ATF_TC_WITHOUT_HEAD(capnet__limits_connecttodns); 1036 ATF_TC_BODY(capnet__limits_connecttodns, tc) 1037 { 1038 cap_channel_t *capnet; 1039 cap_net_limit_t *limit; 1040 struct addrinfo hints, *capres, *res; 1041 int family[] = { AF_INET }; 1042 1043 capnet = create_network_service(); 1044 1045 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1046 CAPNET_NAME2ADDR); 1047 ATF_REQUIRE(limit != NULL); 1048 cap_net_limit_name2addr(limit, TEST_IPV4, "80"); 1049 cap_net_limit_name2addr_family(limit, family, 1); 1050 ATF_REQUIRE(cap_net_limit(limit) == 0); 1051 1052 memset(&hints, 0, sizeof(hints)); 1053 hints.ai_family = AF_INET; 1054 hints.ai_socktype = SOCK_STREAM; 1055 1056 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1057 ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) == 1058 0); 1059 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1060 1061 for (res = capres; res != NULL; res = res->ai_next) { 1062 int s; 1063 1064 ATF_REQUIRE(res->ai_family == AF_INET); 1065 ATF_REQUIRE(res->ai_socktype == SOCK_STREAM); 1066 1067 s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); 1068 ATF_REQUIRE(s >= 0); 1069 1070 ATF_REQUIRE(cap_connect(capnet, s, res->ai_addr, 1071 res->ai_addrlen) == 0); 1072 close(s); 1073 } 1074 1075 freeaddrinfo(capres); 1076 cap_close(capnet); 1077 } 1078 1079 1080 ATF_TC_WITHOUT_HEAD(capnet__limits_deprecated_connecttodns); 1081 ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc) 1082 { 1083 cap_channel_t *capnet; 1084 cap_net_limit_t *limit; 1085 struct hostent *caphp; 1086 struct in_addr ipaddr; 1087 struct sockaddr_in connaddr; 1088 int family[] = { AF_INET }; 1089 int i; 1090 1091 capnet = create_network_service(); 1092 1093 limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS | 1094 CAPNET_DEPRECATED_NAME2ADDR); 1095 ATF_REQUIRE(limit != NULL); 1096 cap_net_limit_name2addr(limit, TEST_IPV4, NULL); 1097 cap_net_limit_name2addr_family(limit, family, 1); 1098 ATF_REQUIRE(cap_net_limit(limit) == 0); 1099 1100 memset(&ipaddr, 0, sizeof(ipaddr)); 1101 inet_pton(AF_INET, TEST_IPV4, &ipaddr); 1102 1103 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1104 caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET); 1105 ATF_REQUIRE(caphp != NULL); 1106 ATF_REQUIRE(caphp->h_addrtype == AF_INET); 1107 ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE); 1108 1109 for (i = 0; caphp->h_addr_list[i] != NULL; i++) { 1110 int s; 1111 1112 s = socket(AF_INET, SOCK_STREAM, 0); 1113 ATF_REQUIRE(s >= 0); 1114 1115 memset(&connaddr, 0, sizeof(connaddr)); 1116 connaddr.sin_family = AF_INET; 1117 memcpy((char *)&connaddr.sin_addr.s_addr, 1118 (char *)caphp->h_addr_list[i], caphp->h_length); 1119 connaddr.sin_port = htons(80); 1120 1121 ATF_REQUIRE(cap_connect(capnet, s, (struct sockaddr *)&connaddr, 1122 sizeof(connaddr)) == 0); 1123 close(s); 1124 } 1125 1126 cap_close(capnet); 1127 } 1128 1129 ATF_TP_ADD_TCS(tp) 1130 { 1131 1132 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode); 1133 ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family); 1134 ATF_TP_ADD_TC(tp, capnet__limits_addr2name); 1135 1136 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode); 1137 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family); 1138 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name); 1139 1140 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode); 1141 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts); 1142 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict); 1143 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix); 1144 ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family); 1145 1146 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode); 1147 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts); 1148 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family); 1149 1150 ATF_TP_ADD_TC(tp, capnet__limits_bind_mode); 1151 ATF_TP_ADD_TC(tp, capnet__limits_bind); 1152 1153 ATF_TP_ADD_TC(tp, capnet__limits_connect_mode); 1154 ATF_TP_ADD_TC(tp, capnet__limits_connect); 1155 1156 ATF_TP_ADD_TC(tp, capnet__limits_connecttodns); 1157 ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns); 1158 1159 return (atf_no_error()); 1160 } 1161