Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/lib/libcasper/services/cap_net/tests/net_test.c
48380 views
1
/*-

2
 * Copyright (c) 2020 Mariusz Zaborski <[email protected]>

3
 *

4
 * Redistribution and use in source and binary forms, with or without

5
 * modification, are permitted provided that the following conditions

6
 * are met:

7
 * 1. Redistributions of source code must retain the above copyright

8
 *    notice, this list of conditions and the following disclaimer.

9
 * 2. Redistributions in binary form must reproduce the above copyright

10
 *    notice, this list of conditions and the following disclaimer in the

11
 *    documentation and/or other materials provided with the distribution.

12
 *

13
 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS

14
 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED

15
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR

16
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS

17
 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR

18
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF

19
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS

20
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN

21
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

22
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE

23
 * POSSIBILITY OF SUCH DAMAGE.

24
 */

25


26
#include <sys/param.h>

27
#include <sys/socket.h>

28
#include <netinet/in.h>

29
#include <arpa/inet.h>

30


31
#include <errno.h>

32
#include <netdb.h>

33


34
#include <atf-c.h>

35


36
#include <libcasper.h>

37
#include <casper/cap_net.h>

38


39
#define	TEST_DOMAIN_0	"example.com"

40
#define	TEST_DOMAIN_1	"freebsd.org"

41
#define	TEST_IPV4	"1.1.1.1"

42
#define	TEST_IPV6	"2001:4860:4860::8888"

43
#define	TEST_BIND_IPV4	"127.0.0.1"

44
#define	TEST_PORT	80

45
#define	TEST_PORT_STR	"80"

46


47
static cap_channel_t *

48
create_network_service(void)

49
{

50
	cap_channel_t *capcas, *capnet;

51


52
	capcas = cap_init();

53
	ATF_REQUIRE(capcas != NULL);

54


55
	capnet = cap_service_open(capcas, "system.net");

56
	ATF_REQUIRE(capnet != NULL);

57


58
	cap_close(capcas);

59
	return (capnet);

60
}

61


62
static int

63
test_getnameinfo_v4(cap_channel_t *chan, int family, const char *ip)

64
{

65
	struct sockaddr_in ipaddr;

66
	char capfn[MAXHOSTNAMELEN];

67
	char origfn[MAXHOSTNAMELEN];

68
	int capret, sysret;

69


70
	memset(&ipaddr, 0, sizeof(ipaddr));

71
	ipaddr.sin_family = family;

72
	inet_pton(family, ip, &ipaddr.sin_addr);

73


74
	capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr),

75
	    capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD);

76
	if (capret != 0 && capret == ENOTCAPABLE)

77
		return (ENOTCAPABLE);

78


79
	sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn,

80
	    sizeof(origfn), NULL, 0, NI_NAMEREQD);

81
	if (sysret != 0) {

82
		atf_tc_skip("getnameinfo(%s) failed: %s",

83
		    ip, gai_strerror(sysret));

84
	}

85
	ATF_REQUIRE(capret == 0);

86
	ATF_REQUIRE(strcmp(origfn, capfn) == 0);

87


88
	return (0);

89
}

90


91
static int

92
test_getnameinfo_v6(cap_channel_t *chan, const char *ip)

93
{

94
	struct sockaddr_in6 ipaddr;

95
	char capfn[MAXHOSTNAMELEN];

96
	char origfn[MAXHOSTNAMELEN];

97
	int capret, sysret;

98


99
	memset(&ipaddr, 0, sizeof(ipaddr));

100
	ipaddr.sin6_family = AF_INET6;

101
	inet_pton(AF_INET6, ip, &ipaddr.sin6_addr);

102


103
	capret = cap_getnameinfo(chan, (struct sockaddr *)&ipaddr, sizeof(ipaddr),

104
	    capfn, sizeof(capfn), NULL, 0, NI_NAMEREQD);

105
	if (capret != 0 && capret == ENOTCAPABLE)

106
		return (ENOTCAPABLE);

107


108
	sysret = getnameinfo((struct sockaddr *)&ipaddr, sizeof(ipaddr), origfn,

109
	    sizeof(origfn), NULL, 0, NI_NAMEREQD);

110
	if (sysret != 0) {

111
		atf_tc_skip("getnameinfo(%s) failed: %s",

112
		    ip, gai_strerror(sysret));

113
	}

114
	ATF_REQUIRE(capret == 0);

115
	ATF_REQUIRE(strcmp(origfn, capfn) == 0);

116


117
	return (0);

118
}

119


120
static int

121
test_getnameinfo(cap_channel_t *chan, int family, const char *ip)

122
{

123


124
	if (family == AF_INET6) {

125
		return (test_getnameinfo_v6(chan, ip));

126
	}

127


128
	return (test_getnameinfo_v4(chan, family, ip));

129
}

130


131
static int

132
test_gethostbyaddr_v4(cap_channel_t *chan, int family, const char *ip)

133
{

134
	struct in_addr ipaddr;

135
	struct hostent *caphp, *orighp;

136


137
	memset(&ipaddr, 0, sizeof(ipaddr));

138
	inet_pton(AF_INET, ip, &ipaddr);

139


140
	caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), family);

141
	if (caphp == NULL && h_errno == ENOTCAPABLE)

142
		return (ENOTCAPABLE);

143


144
	orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), family);

145
	if (orighp == NULL)

146
		atf_tc_skip("gethostbyaddr(%s) failed", ip);

147
	ATF_REQUIRE(caphp != NULL);

148
	ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0);

149


150
	return (0);

151
}

152


153
static int

154
test_gethostbyaddr_v6(cap_channel_t *chan, const char *ip)

155
{

156
	struct in6_addr ipaddr;

157
	struct hostent *caphp, *orighp;

158


159
	memset(&ipaddr, 0, sizeof(ipaddr));

160
	inet_pton(AF_INET6, ip, &ipaddr);

161


162
	caphp = cap_gethostbyaddr(chan, &ipaddr, sizeof(ipaddr), AF_INET6);

163
	if (caphp == NULL && h_errno == ENOTCAPABLE)

164
		return (ENOTCAPABLE);

165


166
	orighp = gethostbyaddr(&ipaddr, sizeof(ipaddr), AF_INET6);

167
	if (orighp == NULL)

168
		atf_tc_skip("gethostbyaddr(%s) failed", ip);

169
	ATF_REQUIRE(caphp != NULL);

170
	ATF_REQUIRE(strcmp(orighp->h_name, caphp->h_name) == 0);

171


172
	return (0);

173
}

174


175
static int

176
test_gethostbyaddr(cap_channel_t *chan, int family, const char *ip)

177
{

178


179
	if (family == AF_INET6) {

180
		return (test_gethostbyaddr_v6(chan, ip));

181
	} else {

182
		return (test_gethostbyaddr_v4(chan, family, ip));

183
	}

184
}

185


186
static int

187
test_getaddrinfo(cap_channel_t *chan, int family, const char *domain,

188
    const char *servname)

189
{

190
	struct addrinfo hints, *capres, *origres, *res0, *res1;

191
	bool found;

192
	int capret, sysret;

193


194
	memset(&hints, 0, sizeof(hints));

195
	hints.ai_family = family;

196
	hints.ai_socktype = SOCK_STREAM;

197


198
	capret = cap_getaddrinfo(chan, domain, servname, &hints, &capres);

199
	if (capret != 0 && capret == ENOTCAPABLE)

200
		return (capret);

201


202
	sysret = getaddrinfo(domain, servname, &hints, &origres);

203
	if (sysret != 0)

204
		atf_tc_skip("getaddrinfo(%s) failed: %s",

205
		    domain, gai_strerror(sysret));

206
	ATF_REQUIRE(capret == 0);

207


208
	for (res0 = capres; res0 != NULL; res0 = res0->ai_next) {

209
		found = false;

210
		for (res1 = origres; res1 != NULL; res1 = res1->ai_next) {

211
			if (res1->ai_addrlen == res0->ai_addrlen &&

212
			    memcmp(res1->ai_addr, res0->ai_addr,

213
			    res0->ai_addrlen) == 0) {

214
				found = true;

215
				break;

216
			}

217
		}

218
		ATF_REQUIRE(found);

219
	}

220


221
	freeaddrinfo(capres);

222
	freeaddrinfo(origres);

223
	return (0);

224
}

225


226
static int

227
test_gethostbyname(cap_channel_t *chan, int family, const char *domain)

228
{

229
	struct hostent *caphp, *orighp;

230


231
	caphp = cap_gethostbyname2(chan, domain, family);

232
	if (caphp == NULL && h_errno == ENOTCAPABLE)

233
		return (h_errno);

234


235
	orighp = gethostbyname2(domain, family);

236
	if (orighp == NULL)

237
		atf_tc_skip("gethostbyname2(%s) failed", domain);

238


239
	ATF_REQUIRE(caphp != NULL);

240
	ATF_REQUIRE(strcmp(caphp->h_name, orighp->h_name) == 0);

241
	return (0);

242
}

243


244
static int

245
test_bind(cap_channel_t *chan, const char *ip)

246
{

247
	struct sockaddr_in ipv4;

248
	int capfd, ret, serrno;

249


250
	capfd = socket(AF_INET, SOCK_STREAM, 0);

251
	ATF_REQUIRE(capfd > 0);

252


253
	memset(&ipv4, 0, sizeof(ipv4));

254
	ipv4.sin_family = AF_INET;

255
	inet_pton(AF_INET, ip, &ipv4.sin_addr);

256


257
	ret = cap_bind(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4));

258
	serrno = errno;

259
	close(capfd);

260


261
	return (ret < 0 ? serrno : 0);

262
}

263


264
static int

265
test_connect(cap_channel_t *chan, const char *ip, unsigned short port)

266
{

267
	struct sockaddr_in ipv4;

268
	int capfd, ret, serrno;

269


270
	capfd = socket(AF_INET, SOCK_STREAM, 0);

271
	ATF_REQUIRE(capfd >= 0);

272


273
	memset(&ipv4, 0, sizeof(ipv4));

274
	ipv4.sin_family = AF_INET;

275
	ipv4.sin_port = htons(port);

276
	inet_pton(AF_INET, ip, &ipv4.sin_addr);

277


278
	ret = cap_connect(chan, capfd, (struct sockaddr *)&ipv4, sizeof(ipv4));

279
	serrno = errno;

280
	ATF_REQUIRE(close(capfd) == 0);

281


282
	if (ret < 0 && serrno != ENOTCAPABLE) {

283
		int sd;

284


285
		/*

286
		 * If the connection failed, it might be because we can't reach

287
		 * the destination host.  To check, try a plain connect() and

288
		 * see if it fails with the same error.

289
		 */

290
		sd = socket(AF_INET, SOCK_STREAM, 0);

291
		ATF_REQUIRE(sd >= 0);

292


293
		memset(&ipv4, 0, sizeof(ipv4));

294
		ipv4.sin_family = AF_INET;

295
		ipv4.sin_port = htons(port);

296
		inet_pton(AF_INET, ip, &ipv4.sin_addr);

297
		ret = connect(sd, (struct sockaddr *)&ipv4, sizeof(ipv4));

298
		ATF_REQUIRE(ret < 0);

299
		ATF_REQUIRE_MSG(errno == serrno, "errno %d != serrno %d",

300
		    errno, serrno);

301
		ATF_REQUIRE(close(sd) == 0);

302
		atf_tc_skip("connect(%s:%d) failed: %s",

303
		    ip, port, strerror(serrno));

304
	}

305


306
	return (ret < 0 ? serrno : 0);

307
}

308


309
static void

310
test_extend_mode(cap_channel_t *capnet, int current)

311
{

312
	cap_net_limit_t *limit;

313
	const int rights[] = {

314
		CAPNET_ADDR2NAME,

315
		CAPNET_NAME2ADDR,

316
		CAPNET_DEPRECATED_ADDR2NAME,

317
		CAPNET_DEPRECATED_NAME2ADDR,

318
		CAPNET_CONNECT,

319
		CAPNET_BIND,

320
		CAPNET_CONNECTDNS

321
	};

322
	size_t i;

323


324
	for (i = 0; i < nitems(rights); i++) {

325
		if (current == rights[i])

326
			continue;

327


328
		limit = cap_net_limit_init(capnet, current | rights[i]);

329
		ATF_REQUIRE(limit != NULL);

330
		ATF_REQUIRE(cap_net_limit(limit) != 0);

331
	}

332
}

333


334
ATF_TC(capnet__getnameinfo);

335
ATF_TC_HEAD(capnet__getnameinfo, tc)

336
{

337
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

338
}

339
ATF_TC_BODY(capnet__getnameinfo, tc)

340
{

341
	cap_channel_t *capnet;

342


343
	capnet = create_network_service();

344


345
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

346
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);

347


348
	cap_close(capnet);

349
}

350


351
ATF_TC(capnet__connect);

352
ATF_TC_HEAD(capnet__connect, tc)

353
{

354
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

355
}

356
ATF_TC_BODY(capnet__connect, tc)

357
{

358
	cap_channel_t *capnet;

359


360
	capnet = create_network_service();

361


362
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);

363


364
	cap_close(capnet);

365
}

366


367
ATF_TC(capnet__bind);

368
ATF_TC_HEAD(capnet__bind, tc)

369
{

370
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

371
}

372
ATF_TC_BODY(capnet__bind, tc)

373
{

374
	cap_channel_t *capnet;

375


376
	capnet = create_network_service();

377


378
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);

379


380
	cap_close(capnet);

381
}

382


383
ATF_TC(capnet__getaddrinfo);

384
ATF_TC_HEAD(capnet__getaddrinfo, tc)

385
{

386
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

387
}

388
ATF_TC_BODY(capnet__getaddrinfo, tc)

389
{

390
	cap_channel_t *capnet;

391
	struct addrinfo hints, *capres;

392


393
	capnet = create_network_service();

394


395
	memset(&hints, 0, sizeof(hints));

396
	hints.ai_family = AF_INET;

397
	hints.ai_socktype = SOCK_STREAM;

398


399
	ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) ==

400
	    0);

401


402
	cap_close(capnet);

403
}

404


405
ATF_TC(capnet__gethostbyname);

406
ATF_TC_HEAD(capnet__gethostbyname, tc)

407
{

408
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

409
}

410
ATF_TC_BODY(capnet__gethostbyname, tc)

411
{

412
	cap_channel_t *capnet;

413


414
	capnet = create_network_service();

415


416
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

417


418
	cap_close(capnet);

419
}

420


421
ATF_TC(capnet__gethostbyaddr);

422
ATF_TC_HEAD(capnet__gethostbyaddr, tc)

423
{

424
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

425
}

426
ATF_TC_BODY(capnet__gethostbyaddr, tc)

427
{

428
	cap_channel_t *capnet;

429


430
	capnet = create_network_service();

431


432
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

433
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);

434


435
	cap_close(capnet);

436
}

437


438
ATF_TC(capnet__getnameinfo_buffer);

439
ATF_TC_HEAD(capnet__getnameinfo_buffer, tc)

440
{

441
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

442
}

443
ATF_TC_BODY(capnet__getnameinfo_buffer, tc)

444
{

445
	cap_channel_t *chan;

446
	struct sockaddr_in sin;

447
	int ret;

448
	struct {

449
		char host[sizeof(TEST_IPV4)];

450
		char host_canary;

451
		char serv[sizeof(TEST_PORT_STR)];

452
		char serv_canary;

453
	} buffers;

454


455
	memset(&sin, 0, sizeof(sin));

456
	sin.sin_family = AF_INET;

457
	sin.sin_port = htons(TEST_PORT);

458
	ret = inet_pton(AF_INET, TEST_IPV4, &sin.sin_addr);

459
	ATF_REQUIRE_EQ(1, ret);

460


461
	memset(&buffers, '!', sizeof(buffers));

462


463
	chan = create_network_service();

464
	ret = cap_getnameinfo(chan, (struct sockaddr *)&sin, sizeof(sin),

465
	    buffers.host, sizeof(buffers.host),

466
	    buffers.serv, sizeof(buffers.serv),

467
	    NI_NUMERICHOST | NI_NUMERICSERV);

468
	ATF_REQUIRE_EQ_MSG(0, ret, "%d", ret);

469


470
	// Verify that cap_getnameinfo worked with minimally sized buffers.

471
	ATF_CHECK_EQ(0, strcmp(TEST_IPV4, buffers.host));

472
	ATF_CHECK_EQ(0, strcmp(TEST_PORT_STR, buffers.serv));

473


474
	// Verify that cap_getnameinfo did not overflow the buffers.

475
	ATF_CHECK_EQ('!', buffers.host_canary);

476
	ATF_CHECK_EQ('!', buffers.serv_canary);

477


478
	cap_close(chan);

479
}

480


481
ATF_TC(capnet__limits_addr2name_mode);

482
ATF_TC_HEAD(capnet__limits_addr2name_mode, tc)

483
{

484
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

485
}

486
ATF_TC_BODY(capnet__limits_addr2name_mode, tc)

487
{

488
	cap_channel_t *capnet;

489
	cap_net_limit_t *limit;

490


491
	capnet = create_network_service();

492


493
	/* LIMIT */

494
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

495
	ATF_REQUIRE(limit != NULL);

496
	ATF_REQUIRE(cap_net_limit(limit) == 0);

497


498
	/* ALLOWED */

499
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

500


501
	/* DISALLOWED */

502
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) ==

503
	    ENOTCAPABLE);

504
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

505
	    ENOTCAPABLE);

506
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

507
	    ENOTCAPABLE);

508
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

509
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);

510


511
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

512


513
	cap_close(capnet);

514
}

515


516
ATF_TC(capnet__limits_addr2name_family);

517
ATF_TC_HEAD(capnet__limits_addr2name_family, tc)

518
{

519
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

520
}

521
ATF_TC_BODY(capnet__limits_addr2name_family, tc)

522
{

523
	cap_channel_t *capnet;

524
	cap_net_limit_t *limit;

525
	int family[] = { AF_INET6, AF_INET };

526


527
	capnet = create_network_service();

528


529
	/* Limit to AF_INET6 and AF_INET. */

530
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

531
	ATF_REQUIRE(limit != NULL);

532
	cap_net_limit_addr2name_family(limit, family, nitems(family));

533
	ATF_REQUIRE(cap_net_limit(limit) == 0);

534


535
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

536
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);

537


538
	/* Limit to AF_INET6 and AF_INET. */

539
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

540
	ATF_REQUIRE(limit != NULL);

541
	cap_net_limit_addr2name_family(limit, &family[0], 1);

542
	cap_net_limit_addr2name_family(limit, &family[1], 1);

543
	ATF_REQUIRE(cap_net_limit(limit) == 0);

544


545
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

546
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);

547


548
	/* Limit to AF_INET6. */

549
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

550
	ATF_REQUIRE(limit != NULL);

551
	cap_net_limit_addr2name_family(limit, family, 1);

552
	ATF_REQUIRE(cap_net_limit(limit) == 0);

553


554
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

555
	    ENOTCAPABLE);

556
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);

557


558
	/* Unable to set empty limits. Empty limits means full access. */

559
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

560
	ATF_REQUIRE(cap_net_limit(limit) != 0);

561


562
	cap_close(capnet);

563
}

564


565
ATF_TC(capnet__limits_addr2name);

566
ATF_TC_HEAD(capnet__limits_addr2name, tc)

567
{

568
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

569
}

570
ATF_TC_BODY(capnet__limits_addr2name, tc)

571
{

572
	cap_channel_t *capnet;

573
	cap_net_limit_t *limit;

574
	struct sockaddr_in ipaddrv4;

575
	struct sockaddr_in6 ipaddrv6;

576


577
	capnet = create_network_service();

578


579
	/* Limit to TEST_IPV4 and TEST_IPV6. */

580
	memset(&ipaddrv4, 0, sizeof(ipaddrv4));

581
	memset(&ipaddrv6, 0, sizeof(ipaddrv6));

582


583
	ipaddrv4.sin_family = AF_INET;

584
	inet_pton(AF_INET, TEST_IPV4, &ipaddrv4.sin_addr);

585


586
	ipaddrv6.sin6_family = AF_INET6;

587
	inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6.sin6_addr);

588


589
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

590
	ATF_REQUIRE(limit != NULL);

591


592
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,

593
	    sizeof(ipaddrv4));

594
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6,

595
	    sizeof(ipaddrv6));

596
	ATF_REQUIRE(cap_net_limit(limit) == 0);

597


598
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

599
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) == 0);

600
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") ==

601
	    ENOTCAPABLE);

602


603
	/* Limit to AF_INET. */

604
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

605
	ATF_REQUIRE(limit != NULL);

606
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,

607
	    sizeof(ipaddrv4));

608
	ATF_REQUIRE(cap_net_limit(limit) == 0);

609


610
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) == 0);

611
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET6, TEST_IPV6) ==

612
	    ENOTCAPABLE);

613
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, "127.0.0.1") ==

614
	    ENOTCAPABLE);

615


616
	/* Unable to set empty limits. Empty limits means full access. */

617
	limit = cap_net_limit_init(capnet, CAPNET_ADDR2NAME);

618
	ATF_REQUIRE(cap_net_limit(limit) != 0);

619


620
	cap_close(capnet);

621
}

622


623
ATF_TC(capnet__limits_deprecated_addr2name_mode);

624
ATF_TC_HEAD(capnet__limits_deprecated_addr2name_mode, tc)

625
{

626
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

627
}

628
ATF_TC_BODY(capnet__limits_deprecated_addr2name_mode, tc)

629
{

630
	cap_channel_t *capnet;

631
	cap_net_limit_t *limit;

632


633
	capnet = create_network_service();

634


635
	/* LIMIT */

636
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

637
	ATF_REQUIRE(limit != NULL);

638
	ATF_REQUIRE(cap_net_limit(limit) == 0);

639


640
	/* ALLOWED */

641
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

642


643
	/* DISALLOWED */

644
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) ==

645
	    ENOTCAPABLE);

646
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

647
	    ENOTCAPABLE);

648
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

649
	    ENOTCAPABLE);

650
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

651
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);

652


653
	cap_close(capnet);

654
}

655


656
ATF_TC(capnet__limits_deprecated_addr2name_family);

657
ATF_TC_HEAD(capnet__limits_deprecated_addr2name_family, tc)

658
{

659
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

660
}

661
ATF_TC_BODY(capnet__limits_deprecated_addr2name_family, tc)

662
{

663
	cap_channel_t *capnet;

664
	cap_net_limit_t *limit;

665
	int family[] = { AF_INET6, AF_INET };

666


667
	capnet = create_network_service();

668


669
	/* Limit to AF_INET6 and AF_INET. */

670
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

671
	ATF_REQUIRE(limit != NULL);

672
	cap_net_limit_addr2name_family(limit, family, nitems(family));

673
	ATF_REQUIRE(cap_net_limit(limit) == 0);

674


675
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

676
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);

677
	ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==

678
	    ENOTCAPABLE);

679


680
	/* Limit to AF_INET6 and AF_INET. */

681
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

682
	ATF_REQUIRE(limit != NULL);

683
	cap_net_limit_addr2name_family(limit, &family[0], 1);

684
	cap_net_limit_addr2name_family(limit, &family[1], 1);

685
	ATF_REQUIRE(cap_net_limit(limit) == 0);

686


687
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

688
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);

689
	ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==

690
	    ENOTCAPABLE);

691


692
	/* Limit to AF_INET6. */

693
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

694
	ATF_REQUIRE(limit != NULL);

695
	cap_net_limit_addr2name_family(limit, family, 1);

696
	ATF_REQUIRE(cap_net_limit(limit) == 0);

697


698
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

699
	    ENOTCAPABLE);

700
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);

701
	ATF_REQUIRE(test_gethostbyaddr(capnet, PF_LINK, TEST_IPV4) ==

702
	    ENOTCAPABLE);

703


704
	/* Unable to set empty limits. Empty limits means full access. */

705
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

706
	ATF_REQUIRE(cap_net_limit(limit) != 0);

707


708
	cap_close(capnet);

709
}

710


711
ATF_TC(capnet__limits_deprecated_addr2name);

712
ATF_TC_HEAD(capnet__limits_deprecated_addr2name, tc)

713
{

714
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

715
}

716
ATF_TC_BODY(capnet__limits_deprecated_addr2name, tc)

717
{

718
	cap_channel_t *capnet;

719
	cap_net_limit_t *limit;

720
	struct in_addr ipaddrv4;

721
	struct in6_addr ipaddrv6;

722


723
	capnet = create_network_service();

724


725
	/* Limit to TEST_IPV4 and TEST_IPV6. */

726
	memset(&ipaddrv4, 0, sizeof(ipaddrv4));

727
	memset(&ipaddrv6, 0, sizeof(ipaddrv6));

728


729
	inet_pton(AF_INET, TEST_IPV4, &ipaddrv4);

730
	inet_pton(AF_INET6, TEST_IPV6, &ipaddrv6);

731


732
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

733
	ATF_REQUIRE(limit != NULL);

734


735
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,

736
	    sizeof(ipaddrv4));

737
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv6,

738
	    sizeof(ipaddrv6));

739
	ATF_REQUIRE(cap_net_limit(limit) == 0);

740


741
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

742
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) == 0);

743
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") ==

744
	    ENOTCAPABLE);

745


746
	/* Limit to AF_INET. */

747
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

748
	ATF_REQUIRE(limit != NULL);

749
	cap_net_limit_addr2name(limit, (struct sockaddr *)&ipaddrv4,

750
	    sizeof(ipaddrv4));

751
	ATF_REQUIRE(cap_net_limit(limit) == 0);

752


753
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) == 0);

754
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET6, TEST_IPV6) ==

755
	    ENOTCAPABLE);

756
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, "127.0.0.1") ==

757
	    ENOTCAPABLE);

758


759
	/* Unable to set empty limits. Empty limits means full access. */

760
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_ADDR2NAME);

761
	ATF_REQUIRE(cap_net_limit(limit) != 0);

762


763
	cap_close(capnet);

764
}

765


766


767
ATF_TC(capnet__limits_name2addr_mode);

768
ATF_TC_HEAD(capnet__limits_name2addr_mode, tc)

769
{

770
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

771
}

772
ATF_TC_BODY(capnet__limits_name2addr_mode, tc)

773
{

774
	cap_channel_t *capnet;

775
	cap_net_limit_t *limit;

776


777
	capnet = create_network_service();

778


779
	/* LIMIT */

780
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

781
	ATF_REQUIRE(limit != NULL);

782
	ATF_REQUIRE(cap_net_limit(limit) == 0);

783


784
	/* ALLOWED */

785
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

786
	    0);

787


788
	/* DISALLOWED */

789
	ATF_REQUIRE(

790
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);

791
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

792
	    ENOTCAPABLE);

793
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

794
	    ENOTCAPABLE);

795
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

796
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);

797


798
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

799


800
	cap_close(capnet);

801
}

802


803
ATF_TC(capnet__limits_name2addr_hosts);

804
ATF_TC_HEAD(capnet__limits_name2addr_hosts, tc)

805
{

806
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

807
}

808
ATF_TC_BODY(capnet__limits_name2addr_hosts, tc)

809
{

810
	cap_channel_t *capnet;

811
	cap_net_limit_t *limit;

812


813
	capnet = create_network_service();

814


815
	/* Limit to TEST_DOMAIN_0 and localhost only. */

816
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

817
	ATF_REQUIRE(limit != NULL);

818
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

819
	cap_net_limit_name2addr(limit, "localhost", NULL);

820
	ATF_REQUIRE(cap_net_limit(limit) == 0);

821


822
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

823
	    0);

824
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) == 0);

825
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) ==

826
	    ENOTCAPABLE);

827


828
	/* Limit to TEST_DOMAIN_0 only. */

829
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

830
	ATF_REQUIRE(limit != NULL);

831
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

832
	ATF_REQUIRE(cap_net_limit(limit) == 0);

833


834
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, "localhost", NULL) ==

835
	    ENOTCAPABLE);

836
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, NULL) ==

837
	    ENOTCAPABLE);

838
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

839
	    0);

840


841
	/* Unable to set empty limits. Empty limits means full access. */

842
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

843
	ATF_REQUIRE(cap_net_limit(limit) != 0);

844


845
	/* Try to extend the limit. */

846
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

847
	ATF_REQUIRE(limit != NULL);

848
	cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);

849
	ATF_REQUIRE(cap_net_limit(limit) != 0);

850


851
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

852
	ATF_REQUIRE(limit != NULL);

853
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

854
	cap_net_limit_name2addr(limit, TEST_DOMAIN_1, NULL);

855
	ATF_REQUIRE(cap_net_limit(limit) != 0);

856


857
	cap_close(capnet);

858
}

859


860
ATF_TC(capnet__limits_name2addr_hosts_servnames_strict);

861
ATF_TC_HEAD(capnet__limits_name2addr_hosts_servnames_strict, tc)

862
{

863
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

864
}

865
ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_strict, tc)

866
{

867
	cap_channel_t *capnet;

868
	cap_net_limit_t *limit;

869


870
	capnet = create_network_service();

871


872
	/*

873
	 * Limit to TEST_DOMAIN_0 and HTTP service.

874
	 */

875
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

876
	ATF_REQUIRE(limit != NULL);

877
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, "http");

878
	ATF_REQUIRE(cap_net_limit(limit) == 0);

879


880
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==

881
	    0);

882
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

883
	    ENOTCAPABLE);

884
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "snmp") ==

885
	    ENOTCAPABLE);

886
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==

887
	    ENOTCAPABLE);

888


889
	/* Unable to set empty limits. Empty limits means full access. */

890
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

891
	ATF_REQUIRE(cap_net_limit(limit) != 0);

892


893
	cap_close(capnet);

894
}

895


896
ATF_TC(capnet__limits_name2addr_hosts_servnames_mix);

897
ATF_TC_HEAD(capnet__limits_name2addr_hosts_servnames_mix, tc)

898
{

899
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

900
}

901
ATF_TC_BODY(capnet__limits_name2addr_hosts_servnames_mix, tc)

902
{

903
	cap_channel_t *capnet;

904
	cap_net_limit_t *limit;

905


906
	capnet = create_network_service();

907


908
	/*

909
	 * Limit to TEST_DOMAIN_0 and any servnamex, and any domain with

910
	 * servname HTTP.

911
	 */

912
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

913
	ATF_REQUIRE(limit != NULL);

914
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

915
	cap_net_limit_name2addr(limit, NULL, "http");

916
	ATF_REQUIRE(cap_net_limit(limit) == 0);

917


918
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==

919
	    0);

920
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

921
	    0);

922
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==

923
	    0);

924
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

925
	    0);

926
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") ==

927
	    ENOTCAPABLE);

928


929
	/* Limit to HTTP servname only. */

930
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

931
	ATF_REQUIRE(limit != NULL);

932
	cap_net_limit_name2addr(limit, NULL, "http");

933
	ATF_REQUIRE(cap_net_limit(limit) == 0);

934


935
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, "http") ==

936
	    0);

937
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

938
	    ENOTCAPABLE);

939
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "http") ==

940
	    0);

941
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

942
	    ENOTCAPABLE);

943
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_1, "snmp") ==

944
	    ENOTCAPABLE);

945


946
	/* Unable to set empty limits. Empty limits means full access. */

947
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

948
	ATF_REQUIRE(cap_net_limit(limit) != 0);

949


950
	cap_close(capnet);

951
}

952


953
ATF_TC(capnet__limits_name2addr_family);

954
ATF_TC_HEAD(capnet__limits_name2addr_family, tc)

955
{

956
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

957
}

958
ATF_TC_BODY(capnet__limits_name2addr_family, tc)

959
{

960
	cap_channel_t *capnet;

961
	cap_net_limit_t *limit;

962
	int family[] = { AF_INET6, AF_INET };

963


964
	capnet = create_network_service();

965


966
	/* Limit to AF_INET and AF_INET6. */

967
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

968
	ATF_REQUIRE(limit != NULL);

969
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

970
	cap_net_limit_name2addr_family(limit, family, nitems(family));

971
	ATF_REQUIRE(cap_net_limit(limit) == 0);

972


973
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

974
	    0);

975
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==

976
	    0);

977
	ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==

978
	    ENOTCAPABLE);

979


980
	/* Limit to AF_INET and AF_INET6. */

981
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

982
	ATF_REQUIRE(limit != NULL);

983
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

984
	cap_net_limit_name2addr_family(limit, &family[0], 1);

985
	cap_net_limit_name2addr_family(limit, &family[1], 1);

986
	ATF_REQUIRE(cap_net_limit(limit) == 0);

987


988
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

989
	    0);

990
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==

991
	    0);

992
	ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==

993
	    ENOTCAPABLE);

994


995
	/* Limit to AF_INET6 only. */

996
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

997
	ATF_REQUIRE(limit != NULL);

998
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

999
	cap_net_limit_name2addr_family(limit, family, 1);

1000
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1001


1002
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

1003
	    ENOTCAPABLE);

1004
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET6, TEST_DOMAIN_0, NULL) ==

1005
	    0);

1006
	ATF_REQUIRE(test_getaddrinfo(capnet, PF_LINK, TEST_DOMAIN_0, NULL) ==

1007
	    ENOTCAPABLE);

1008


1009
	/* Unable to set empty limits. Empty limits means full access. */

1010
	limit = cap_net_limit_init(capnet, CAPNET_NAME2ADDR);

1011
	ATF_REQUIRE(cap_net_limit(limit) != 0);

1012


1013
	cap_close(capnet);

1014
}

1015


1016
ATF_TC(capnet__limits_deprecated_name2addr_mode);

1017
ATF_TC_HEAD(capnet__limits_deprecated_name2addr_mode, tc)

1018
{

1019
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1020
}

1021
ATF_TC_BODY(capnet__limits_deprecated_name2addr_mode, tc)

1022
{

1023
	cap_channel_t *capnet;

1024
	cap_net_limit_t *limit;

1025


1026
	capnet = create_network_service();

1027


1028
	/* LIMIT */

1029
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1030
	ATF_REQUIRE(limit != NULL);

1031
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1032


1033
	/* ALLOWED */

1034
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

1035


1036
	/* DISALLOWED */

1037
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

1038
	    ENOTCAPABLE);

1039
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

1040
	    ENOTCAPABLE);

1041
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

1042
	    ENOTCAPABLE);

1043
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

1044
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);

1045


1046
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

1047


1048
	cap_close(capnet);

1049
}

1050


1051
ATF_TC(capnet__limits_deprecated_name2addr_hosts);

1052
ATF_TC_HEAD(capnet__limits_deprecated_name2addr_hosts, tc)

1053
{

1054
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1055
}

1056
ATF_TC_BODY(capnet__limits_deprecated_name2addr_hosts, tc)

1057
{

1058
	cap_channel_t *capnet;

1059
	cap_net_limit_t *limit;

1060


1061
	capnet = create_network_service();

1062


1063
	/* Limit to TEST_DOMAIN_0 and localhost only. */

1064
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1065
	ATF_REQUIRE(limit != NULL);

1066
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

1067
	cap_net_limit_name2addr(limit, "localhost", NULL);

1068
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1069


1070
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

1071
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, "localhost") == 0);

1072
	ATF_REQUIRE(

1073
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE);

1074


1075
	/* Limit to TEST_DOMAIN_0 only. */

1076
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1077
	ATF_REQUIRE(limit != NULL);

1078
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

1079
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1080


1081
	ATF_REQUIRE(

1082
	    test_gethostbyname(capnet, AF_INET, "localhost") == ENOTCAPABLE);

1083
	ATF_REQUIRE(

1084
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_1) == ENOTCAPABLE);

1085
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

1086


1087
	/* Unable to set empty limits. Empty limits means full access. */

1088
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1089
	ATF_REQUIRE(cap_net_limit(limit) != 0);

1090


1091
	cap_close(capnet);

1092
}

1093


1094
ATF_TC(capnet__limits_deprecated_name2addr_family);

1095
ATF_TC_HEAD(capnet__limits_deprecated_name2addr_family, tc)

1096
{

1097
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1098
}

1099
ATF_TC_BODY(capnet__limits_deprecated_name2addr_family, tc)

1100
{

1101
	cap_channel_t *capnet;

1102
	cap_net_limit_t *limit;

1103
	int family[] = { AF_INET6, AF_INET };

1104


1105
	capnet = create_network_service();

1106


1107
	/* Limit to AF_INET and AF_INET6. */

1108
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1109
	ATF_REQUIRE(limit != NULL);

1110
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

1111
	cap_net_limit_name2addr_family(limit, family, nitems(family));

1112
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1113


1114
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

1115
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);

1116
	ATF_REQUIRE(

1117
	    test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);

1118


1119
	/* Limit to AF_INET and AF_INET6. */

1120
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1121
	ATF_REQUIRE(limit != NULL);

1122
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

1123
	cap_net_limit_name2addr_family(limit, &family[0], 1);

1124
	cap_net_limit_name2addr_family(limit, &family[1], 1);

1125
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1126


1127
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == 0);

1128
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);

1129
	ATF_REQUIRE(

1130
	    test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);

1131


1132
	/* Limit to AF_INET6 only. */

1133
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1134
	ATF_REQUIRE(limit != NULL);

1135
	cap_net_limit_name2addr(limit, TEST_DOMAIN_0, NULL);

1136
	cap_net_limit_name2addr_family(limit, family, 1);

1137
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1138


1139
	ATF_REQUIRE(

1140
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);

1141
	ATF_REQUIRE(test_gethostbyname(capnet, AF_INET6, TEST_DOMAIN_0) == 0);

1142
	ATF_REQUIRE(

1143
	    test_gethostbyname(capnet, PF_LINK, TEST_DOMAIN_0) == ENOTCAPABLE);

1144


1145
	/* Unable to set empty limits. Empty limits means full access. */

1146
	limit = cap_net_limit_init(capnet, CAPNET_DEPRECATED_NAME2ADDR);

1147
	ATF_REQUIRE(cap_net_limit(limit) != 0);

1148


1149
	cap_close(capnet);

1150
}

1151


1152
ATF_TC(capnet__limits_bind_mode);

1153
ATF_TC_HEAD(capnet__limits_bind_mode, tc)

1154
{

1155
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1156
}

1157
ATF_TC_BODY(capnet__limits_bind_mode, tc)

1158
{

1159
	cap_channel_t *capnet;

1160
	cap_net_limit_t *limit;

1161


1162
	capnet = create_network_service();

1163


1164
	/* LIMIT */

1165
	limit = cap_net_limit_init(capnet, CAPNET_BIND);

1166
	ATF_REQUIRE(limit != NULL);

1167
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1168


1169
	/* ALLOWED */

1170
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);

1171


1172
	/* DISALLOWED */

1173
	ATF_REQUIRE(

1174
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);

1175
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

1176
	    ENOTCAPABLE);

1177
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

1178
	    ENOTCAPABLE);

1179
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

1180
	    ENOTCAPABLE);

1181
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == ENOTCAPABLE);

1182


1183
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

1184


1185
	cap_close(capnet);

1186
}

1187


1188
ATF_TC(capnet__limits_bind);

1189
ATF_TC_HEAD(capnet__limits_bind, tc)

1190
{

1191
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1192
}

1193
ATF_TC_BODY(capnet__limits_bind, tc)

1194
{

1195
	cap_channel_t *capnet;

1196
	cap_net_limit_t *limit;

1197
	struct sockaddr_in ipv4;

1198


1199
	capnet = create_network_service();

1200


1201
	limit = cap_net_limit_init(capnet, CAPNET_BIND);

1202
	ATF_REQUIRE(limit != NULL);

1203


1204
	memset(&ipv4, 0, sizeof(ipv4));

1205
	ipv4.sin_family = AF_INET;

1206
	inet_pton(AF_INET, TEST_BIND_IPV4, &ipv4.sin_addr);

1207


1208
	cap_net_limit_bind(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));

1209
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1210


1211
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == 0);

1212
	ATF_REQUIRE(test_bind(capnet, "127.0.0.2") == ENOTCAPABLE);

1213


1214
	cap_close(capnet);

1215
}

1216


1217
ATF_TC(capnet__limits_connect_mode);

1218
ATF_TC_HEAD(capnet__limits_connect_mode, tc)

1219
{

1220
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1221
}

1222
ATF_TC_BODY(capnet__limits_connect_mode, tc)

1223
{

1224
	cap_channel_t *capnet;

1225
	cap_net_limit_t *limit;

1226


1227
	capnet = create_network_service();

1228


1229
	/* LIMIT */

1230
	limit = cap_net_limit_init(capnet, CAPNET_CONNECT);

1231
	ATF_REQUIRE(limit != NULL);

1232
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1233


1234
	/* ALLOWED */

1235
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);

1236


1237
	/* DISALLOWED */

1238
	ATF_REQUIRE(

1239
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);

1240
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

1241
	    ENOTCAPABLE);

1242
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

1243
	    ENOTCAPABLE);

1244
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

1245
	    ENOTCAPABLE);

1246
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

1247


1248
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

1249


1250
	cap_close(capnet);

1251
}

1252


1253
ATF_TC(capnet__limits_connect_dns_mode);

1254
ATF_TC_HEAD(capnet__limits_connect_dns_mode, tc)

1255
{

1256
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1257
}

1258
ATF_TC_BODY(capnet__limits_connect_dns_mode, tc)

1259
{

1260
	cap_channel_t *capnet;

1261
	cap_net_limit_t *limit;

1262


1263
	capnet = create_network_service();

1264


1265
	/* LIMIT */

1266
	limit = cap_net_limit_init(capnet, CAPNET_CONNECT | CAPNET_CONNECTDNS);

1267
	ATF_REQUIRE(limit != NULL);

1268
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1269


1270
	/* ALLOWED */

1271
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);

1272


1273
	/* DISALLOWED */

1274
	ATF_REQUIRE(

1275
	    test_gethostbyname(capnet, AF_INET, TEST_DOMAIN_0) == ENOTCAPABLE);

1276
	ATF_REQUIRE(test_getnameinfo(capnet, AF_INET, TEST_IPV4) ==

1277
	    ENOTCAPABLE);

1278
	ATF_REQUIRE(test_gethostbyaddr(capnet, AF_INET, TEST_IPV4) ==

1279
	    ENOTCAPABLE);

1280
	ATF_REQUIRE(test_getaddrinfo(capnet, AF_INET, TEST_DOMAIN_0, NULL) ==

1281
	    ENOTCAPABLE);

1282
	ATF_REQUIRE(test_bind(capnet, TEST_BIND_IPV4) == ENOTCAPABLE);

1283


1284
	test_extend_mode(capnet, CAPNET_ADDR2NAME);

1285


1286
	cap_close(capnet);

1287
}

1288


1289
ATF_TC(capnet__limits_connect);

1290
ATF_TC_HEAD(capnet__limits_connect, tc)

1291
{

1292
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1293
}

1294
ATF_TC_BODY(capnet__limits_connect, tc)

1295
{

1296
	cap_channel_t *capnet;

1297
	cap_net_limit_t *limit;

1298
	struct sockaddr_in ipv4;

1299


1300
	capnet = create_network_service();

1301


1302
	/* Limit only to TEST_IPV4 on port 80 and 443. */

1303
	limit = cap_net_limit_init(capnet, CAPNET_CONNECT);

1304
	ATF_REQUIRE(limit != NULL);

1305
	memset(&ipv4, 0, sizeof(ipv4));

1306
	ipv4.sin_family = AF_INET;

1307
	ipv4.sin_port = htons(80);

1308
	inet_pton(AF_INET, TEST_IPV4, &ipv4.sin_addr);

1309
	cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));

1310


1311
	ipv4.sin_port = htons(443);

1312
	cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));

1313
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1314


1315
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 80) == 0);

1316
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE);

1317
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1318
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0);

1319


1320
	/* Limit only to TEST_IPV4 on port 443. */

1321
	limit = cap_net_limit_init(capnet, CAPNET_CONNECT);

1322
	cap_net_limit_connect(limit, (struct sockaddr *)&ipv4, sizeof(ipv4));

1323
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1324


1325
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 433) == ENOTCAPABLE);

1326
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 80) == ENOTCAPABLE);

1327
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1328
	ATF_REQUIRE(test_connect(capnet, TEST_IPV4, 443) == 0);

1329


1330
	/* Unable to set empty limits. Empty limits means full access. */

1331
	limit = cap_net_limit_init(capnet, CAPNET_CONNECT);

1332
	ATF_REQUIRE(cap_net_limit(limit) != 0);

1333


1334
	cap_close(capnet);

1335
}

1336


1337
ATF_TC(capnet__limits_connecttodns);

1338
ATF_TC_HEAD(capnet__limits_connecttodns, tc)

1339
{

1340
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1341
}

1342
ATF_TC_BODY(capnet__limits_connecttodns, tc)

1343
{

1344
	cap_channel_t *capnet;

1345
	cap_net_limit_t *limit;

1346
	struct addrinfo hints, *capres, *res;

1347
	int family[] = { AF_INET };

1348
	int error;

1349


1350
	capnet = create_network_service();

1351


1352
	limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS |

1353
	    CAPNET_NAME2ADDR);

1354
	ATF_REQUIRE(limit != NULL);

1355
	cap_net_limit_name2addr(limit, TEST_IPV4, "80");

1356
	cap_net_limit_name2addr_family(limit, family, 1);

1357
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1358


1359
	memset(&hints, 0, sizeof(hints));

1360
	hints.ai_family = AF_INET;

1361
	hints.ai_socktype = SOCK_STREAM;

1362


1363
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1364
	ATF_REQUIRE(cap_getaddrinfo(capnet, TEST_IPV4, "80", &hints, &capres) ==

1365
	    0);

1366
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1367


1368
	for (res = capres; res != NULL; res = res->ai_next) {

1369
		int s;

1370


1371
		ATF_REQUIRE(res->ai_family == AF_INET);

1372
		ATF_REQUIRE(res->ai_socktype == SOCK_STREAM);

1373


1374
		s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);

1375
		ATF_REQUIRE(s >= 0);

1376


1377
		error = cap_connect(capnet, s, res->ai_addr,

1378
		    res->ai_addrlen);

1379
		if (error != 0 && errno != ENOTCAPABLE)

1380
			atf_tc_skip("unable to connect: %s", strerror(errno));

1381
		ATF_REQUIRE(error == 0);

1382
		ATF_REQUIRE(close(s) == 0);

1383
	}

1384


1385
	freeaddrinfo(capres);

1386
	cap_close(capnet);

1387
}

1388


1389


1390
ATF_TC(capnet__limits_deprecated_connecttodns);

1391
ATF_TC_HEAD(capnet__limits_deprecated_connecttodns, tc)

1392
{

1393
	atf_tc_set_md_var(tc, "require.config", "allow_network_access");

1394
}

1395
ATF_TC_BODY(capnet__limits_deprecated_connecttodns, tc)

1396
{

1397
	cap_channel_t *capnet;

1398
	cap_net_limit_t *limit;

1399
	struct hostent *caphp;

1400
	struct in_addr ipaddr;

1401
	struct sockaddr_in connaddr;

1402
	int family[] = { AF_INET };

1403
	int error, i;

1404


1405
	capnet = create_network_service();

1406


1407
	limit = cap_net_limit_init(capnet, CAPNET_CONNECTDNS |

1408
	    CAPNET_DEPRECATED_NAME2ADDR);

1409
	ATF_REQUIRE(limit != NULL);

1410
	cap_net_limit_name2addr(limit, TEST_IPV4, NULL);

1411
	cap_net_limit_name2addr_family(limit, family, 1);

1412
	ATF_REQUIRE(cap_net_limit(limit) == 0);

1413


1414
	memset(&ipaddr, 0, sizeof(ipaddr));

1415
	inet_pton(AF_INET, TEST_IPV4, &ipaddr);

1416


1417
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1418
	caphp = cap_gethostbyname2(capnet, TEST_IPV4, AF_INET);

1419
	ATF_REQUIRE(caphp != NULL);

1420
	ATF_REQUIRE(caphp->h_addrtype == AF_INET);

1421
	ATF_REQUIRE(test_connect(capnet, "8.8.8.8", 433) == ENOTCAPABLE);

1422


1423
	for (i = 0; caphp->h_addr_list[i] != NULL; i++) {

1424
		int s;

1425


1426
		s = socket(AF_INET, SOCK_STREAM, 0);

1427
		ATF_REQUIRE(s >= 0);

1428


1429
		memset(&connaddr, 0, sizeof(connaddr));

1430
		connaddr.sin_family = AF_INET;

1431
		memcpy((char *)&connaddr.sin_addr.s_addr,

1432
		    (char *)caphp->h_addr_list[i], caphp->h_length);

1433
		connaddr.sin_port = htons(80);

1434


1435
		error = cap_connect(capnet, s, (struct sockaddr *)&connaddr,

1436
		    sizeof(connaddr));

1437
		if (error != 0 && errno != ENOTCAPABLE)

1438
			atf_tc_skip("unable to connect: %s", strerror(errno));

1439
		ATF_REQUIRE(error == 0);

1440
		ATF_REQUIRE(close(s) == 0);

1441
	}

1442


1443
	cap_close(capnet);

1444
}

1445


1446
ATF_TP_ADD_TCS(tp)

1447
{

1448


1449
	ATF_TP_ADD_TC(tp, capnet__connect);

1450
	ATF_TP_ADD_TC(tp, capnet__bind);

1451
	ATF_TP_ADD_TC(tp, capnet__getnameinfo);

1452
	ATF_TP_ADD_TC(tp, capnet__getaddrinfo);

1453
	ATF_TP_ADD_TC(tp, capnet__gethostbyname);

1454
	ATF_TP_ADD_TC(tp, capnet__gethostbyaddr);

1455


1456
	ATF_TP_ADD_TC(tp, capnet__getnameinfo_buffer);

1457


1458
	ATF_TP_ADD_TC(tp, capnet__limits_addr2name_mode);

1459
	ATF_TP_ADD_TC(tp, capnet__limits_addr2name_family);

1460
	ATF_TP_ADD_TC(tp, capnet__limits_addr2name);

1461


1462
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_mode);

1463
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name_family);

1464
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_addr2name);

1465


1466
	ATF_TP_ADD_TC(tp, capnet__limits_name2addr_mode);

1467
	ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts);

1468
	ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_strict);

1469
	ATF_TP_ADD_TC(tp, capnet__limits_name2addr_hosts_servnames_mix);

1470
	ATF_TP_ADD_TC(tp, capnet__limits_name2addr_family);

1471


1472
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_mode);

1473
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_hosts);

1474
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_name2addr_family);

1475


1476
	ATF_TP_ADD_TC(tp, capnet__limits_bind_mode);

1477
	ATF_TP_ADD_TC(tp, capnet__limits_bind);

1478


1479
	ATF_TP_ADD_TC(tp, capnet__limits_connect_mode);

1480
	ATF_TP_ADD_TC(tp, capnet__limits_connect_dns_mode);

1481
	ATF_TP_ADD_TC(tp, capnet__limits_connect);

1482


1483
	ATF_TP_ADD_TC(tp, capnet__limits_connecttodns);

1484
	ATF_TP_ADD_TC(tp, capnet__limits_deprecated_connecttodns);

1485


1486
	return (atf_no_error());

1487
}

1488


1489