summaryrefslogtreecommitdiff
path: root/src/test/test_checkdir.c
blob: 1580e6271db9429d9cc00402cb720f9e75504d5b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124

/* Copyright (c) 2014, The Tor Project, Inc. */
/* See LICENSE for licensing information */

#include "orconfig.h"
#include "or.h"
#include <dirent.h>
#include "config.h"
#include "test.h"
#include "util.h"

/** Run unit tests for private dir permission enforcement logic. */
static void
test_checkdir_perms(void *testdata)
{
  or_options_t *options = get_options_mutable();
  const char *subdir = "test_checkdir";
  char *testdir;
  cpd_check_t  cpd_chkopts;
  cpd_check_t  unix_create_opts;
  cpd_check_t  unix_verify_optsmask;
  struct stat st;

  /* setup data directory before tests. */
  tor_free(options->DataDirectory);
  options->DataDirectory = tor_strdup(get_fname(subdir));
  tt_int_op(mkdir(options->DataDirectory, 0750), ==, 0);

  /* test: create new dir, no flags. */
  testdir = get_datadir_fname("checkdir_new_none");
  cpd_chkopts = CPD_CREATE;
  unix_verify_optsmask = 0077;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: create new dir, CPD_GROUP_OK option set. */
  testdir = get_datadir_fname("checkdir_new_groupok");
  cpd_chkopts = CPD_CREATE|CPD_GROUP_OK;
  unix_verify_optsmask = 0077;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: create new dir, CPD_GROUP_READ option set. */
  testdir = get_datadir_fname("checkdir_new_groupread");
  cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
  unix_verify_optsmask = 0027;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: check existing dir created with defaults,
            and verify with CPD_CREATE only. */
  testdir = get_datadir_fname("checkdir_exists_none");
  cpd_chkopts = CPD_CREATE;
  unix_create_opts = 0700;
  unix_verify_optsmask = 0077;
  tt_int_op(0, ==, mkdir(testdir, unix_create_opts));
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: check existing dir created with defaults,
            and verify with CPD_GROUP_OK option set. */
  testdir = get_datadir_fname("checkdir_exists_groupok");
  cpd_chkopts = CPD_CREATE;
  unix_verify_optsmask = 0077;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  cpd_chkopts = CPD_GROUP_OK;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: check existing dir created with defaults,
            and verify with CPD_GROUP_READ option set. */
  testdir = get_datadir_fname("checkdir_exists_groupread");
  cpd_chkopts = CPD_CREATE;
  unix_verify_optsmask = 0027;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  cpd_chkopts = CPD_GROUP_READ;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: check existing dir created with CPD_GROUP_READ,
            and verify with CPD_GROUP_OK option set. */
  testdir = get_datadir_fname("checkdir_existsread_groupok");
  cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
  unix_verify_optsmask = 0027;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  cpd_chkopts = CPD_GROUP_OK;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  /* test: check existing dir created with CPD_GROUP_READ,
            and verify with CPD_GROUP_READ option set. */
  testdir = get_datadir_fname("checkdir_existsread_groupread");
  cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
  unix_verify_optsmask = 0027;
  tt_int_op(0, ==, check_private_dir(testdir, cpd_chkopts, NULL));
  tt_int_op(0, ==, stat(testdir, &st));
  tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
  tor_free(testdir);

  done:
  ;
}

#define CHECKDIR(name,flags)                              \
  { #name, test_checkdir_##name, (flags), NULL, NULL }

struct testcase_t checkdir_tests[] = {
  CHECKDIR(perms, 0),
  END_OF_TESTCASES
};
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion