123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151 |
- /* Copyright (c) 2014-2019, The Tor Project, Inc. */
- /* See LICENSE for licensing information */
- #include "orconfig.h"
- #include "core/or/or.h"
- #ifdef _WIN32
- #include <direct.h>
- #else
- #include <dirent.h>
- #endif
- #include "app/config/config.h"
- #include "test/test.h"
- #ifdef HAVE_SYS_STAT_H
- #include <sys/stat.h>
- #endif
- #ifdef _WIN32
- #define mkdir(a,b) mkdir(a)
- #define tt_int_op_nowin(a,op,b) do { (void)(a); (void)(b); } while (0)
- #define umask(mask) ((void)0)
- #else
- #define tt_int_op_nowin(a,op,b) tt_int_op((a),op,(b))
- #endif /* defined(_WIN32) */
- /** Run unit tests for private dir permission enforcement logic. */
- static void
- test_checkdir_perms(void *testdata)
- {
- (void)testdata;
- or_options_t *options = get_options_mutable();
- const char *subdir = "test_checkdir";
- char *testdir = NULL;
- cpd_check_t cpd_chkopts;
- cpd_check_t unix_create_opts;
- cpd_check_t unix_verify_optsmask;
- struct stat st;
- umask(022);
- /* setup data directory before tests. */
- tor_free(options->DataDirectory);
- options->DataDirectory = tor_strdup(get_fname(subdir));
- tt_int_op(mkdir(options->DataDirectory, 0750), OP_EQ, 0);
- /* test: create new dir, no flags. */
- testdir = get_datadir_fname("checkdir_new_none");
- cpd_chkopts = CPD_CREATE;
- unix_verify_optsmask = 0077;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: create new dir, CPD_GROUP_OK option set. */
- testdir = get_datadir_fname("checkdir_new_groupok");
- cpd_chkopts = CPD_CREATE|CPD_GROUP_OK;
- unix_verify_optsmask = 0077;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: should get an error on existing dir with
- wrong perms */
- testdir = get_datadir_fname("checkdir_new_groupok_err");
- tt_int_op(0, OP_EQ, mkdir(testdir, 027));
- cpd_chkopts = CPD_CHECK_MODE_ONLY|CPD_CREATE|CPD_GROUP_OK;
- tt_int_op_nowin(-1, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tor_free(testdir);
- /* test: create new dir, CPD_GROUP_READ option set. */
- testdir = get_datadir_fname("checkdir_new_groupread");
- cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
- unix_verify_optsmask = 0027;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: check existing dir created with defaults,
- and verify with CPD_CREATE only. */
- testdir = get_datadir_fname("checkdir_exists_none");
- cpd_chkopts = CPD_CREATE;
- unix_create_opts = 0700;
- (void)unix_create_opts;
- unix_verify_optsmask = 0077;
- tt_int_op(0, OP_EQ, mkdir(testdir, unix_create_opts));
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: check existing dir created with defaults,
- and verify with CPD_GROUP_OK option set. */
- testdir = get_datadir_fname("checkdir_exists_groupok");
- cpd_chkopts = CPD_CREATE;
- unix_verify_optsmask = 0077;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- cpd_chkopts = CPD_GROUP_OK;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: check existing dir created with defaults,
- and verify with CPD_GROUP_READ option set. */
- testdir = get_datadir_fname("checkdir_exists_groupread");
- cpd_chkopts = CPD_CREATE;
- unix_verify_optsmask = 0027;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- cpd_chkopts = CPD_GROUP_READ;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: check existing dir created with CPD_GROUP_READ,
- and verify with CPD_GROUP_OK option set. */
- testdir = get_datadir_fname("checkdir_existsread_groupok");
- cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
- unix_verify_optsmask = 0027;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- cpd_chkopts = CPD_GROUP_OK;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- tor_free(testdir);
- /* test: check existing dir created with CPD_GROUP_READ,
- and verify with CPD_GROUP_READ option set. */
- testdir = get_datadir_fname("checkdir_existsread_groupread");
- cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
- unix_verify_optsmask = 0027;
- tt_int_op(0, OP_EQ, check_private_dir(testdir, cpd_chkopts, NULL));
- tt_int_op(0, OP_EQ, stat(testdir, &st));
- tt_int_op_nowin(0, OP_EQ, (st.st_mode & unix_verify_optsmask));
- done:
- tor_free(testdir);
- }
- #define CHECKDIR(name,flags) \
- { #name, test_checkdir_##name, (flags), NULL, NULL }
- struct testcase_t checkdir_tests[] = {
- CHECKDIR(perms, TT_FORK),
- END_OF_TESTCASES
- };
|