This doesn't verify that they're atomic, but does verify that they
return the right things.
This commit adds a new test function _dbus_test_check (a) to make
writing tests easier. It checks the given boolean expression and
generates a "not ok" test result if the expression is false.
Due to the current design of the test api, the test is only compiled
if embedded tests were enabled at the time of configuration.
It was also necessary to move the test_atomic target definitions in
test/Makefile.am to the --enable-embedded-tests section to avoid a
make distcheck build error.
The test case itself has been authored by smcv.
Co-authored-by: Simon McVittie <smcv@collabora.com>
Instead of exposing _dbus_sha_test() as a private exported symbol,
we can expose _dbus_sha_compute(), which is the only thing called by
the test that isn't already exported.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Some CI environments run build-time tests as root with CAP_AUDIT_WRITE.
In this case we need to close the audit socket so that it will not be
reported as leaked.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Some CI systems do the entire build as uid 0 in a throwaway container.
If this is done in a build directory for which the messagebus user
does not have search (+x) permission, then they will be unable to
execute the just-built dbus-daemon binary.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Some CI systems do the build as root in a disposable container, and
run tests without ever having installed dbus. This means we can't
expect to be able to drop privileges from root to the DBUS_USER (usually
named messagebus or dbus) unless we have checked that the
DBUS_USER exists.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We don't actually complete successful authentication, because that
would require us to generate a cookie and compute the correct SHA1,
which is difficult to do in a deterministic authentication script.
However, we do assert that dbus#269 (CVE-2019-12749) has been fixed.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This adds a few tests for checking if activation is allowed
for names specified within send_destination_prefix namespaces.
Signed-off-by: Adrian Szyndela <adrian.s@samsung.com>
Change-Id: I7a5a66f82fc08ce6cb46e37de2c3dfae24d9ea67
This adds tests for mostly "send_destination_prefix" cases
and some "send_destination" cases.
The general test case is:
- addressed recipient is running and owns a name;
- a message is sent to the name owner;
- the response is checked for allow/deny (method return/error).
Each test case is executed both for primary and queued ownership.
The tests include:
- checking send allow/deny for names and namespaces, including nesting;
- checking send allow/deny for neighbour names;
- checking send allow/deny for names/namespaces+interface+member.
Signed-off-by: Adrian Szyndela <adrian.s@samsung.com>
Change-Id: If5fcada01601355e7aadefadad79c0b24f8c397f
MSYS2 has enough of a Unixish environment to run Autotools, but
apparently not enough of a Unixish environment to have functional
permissions.
Closes: dbus#216
In D-Bus I'd expect "ay_iter" to be an iterator over the type 'ay',
i.e. a byte-array. Abbreviate a little less to avoid this.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Traditional activation could be disabled if all services use
SystemdService activation instead. Provide an example of a hardened
DBus systemd service drop-in file for such a setup.
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Some NSS modules like those for sssd and LDAP might allocate fds
on a one-per-process basis, for example a socket to talk to sssd.
Make sure those have already been allocated before we enter the code
under test, so that they don't show up as having been "leaked" by the
first module of code under test that happens to do a NSS lookup.
The call to _dbus_test_check_memleaks tears down libdbus' own memory
allocations, but not any hidden state in libc or NSS.
Signed-off-by: Simon McVittie <smcv@collabora.com>
We need to link the code coverage objects, directly or indirectly,
into every executable and every shared library. The rule I've followed
to make it clear that we do this, without too much repetition, is:
each executable, shared library or convenience library has
CODE_COVERAGE_LIBS in its LDADD or LIBADD, unless it is linked to a
convenience library in the same directory that has CODE_COVERAGE_LIBS
in *its* LIBADD.
Signed-off-by: Simon McVittie <smcv@collabora.com>
AX_CODE_COVERAGE recently changed the way it embedded its Makefile rules
in the output file: instead of using @CODE_COVERAGE_RULES@, users
are now meant to include aminclude_static.am.
The new AX_CODE_COVERAGE is only in the latest autoconf-archive release,
version 2019.01.06, which is inconveniently new, so bundle everything
we need for the moment.
This requires us to stop using the deprecated CODE_COVERAGE_LDFLAGS
(which we still used to support older versions of autoconf-archive)
and replace them with CODE_COVERAGE_LIBS.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This requires exposing _dbus_connection_get_address() as an internal
symbol, but that seems worth it.
Signed-off-by: Simon McVittie <smcv@collabora.com>
dbus-marshal-recursive-util.c contains utility functions used by the
other two, as well as tests. The others are purely test code.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This required exposing one additional internal symbol:
_dbus_hash_table_ref(). I think that's a reasonable trade-off for not
compiling this test into the library.
Signed-off-by: Simon McVittie <smcv@collabora.com>
This makes it easier for a developer to run just the fast parts while
debugging some issue reproduced by the faster tests.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Now that there is no code outside test/ that calls into this, we can
move it into test/, reducing the size of libdbus.
dbus-test-tap.[ch] still need to stay in dbus/ as long as there is
code in dbus/ or bus/ relying on them, and also need to be linked into
libdbus as long as there is other code in libdbus relying on them,
so they stay where they are for now. Similarly, dbus-tests.h lists
the tests that are still embedded in libdbus, and must stay where
it is for the moment.
With this move, various tests now need to be linked to the dbus-testutils
convenience library.
Signed-off-by: Simon McVittie <smcv@collabora.com>
The -test suffix does not indicate that this is a test, but rather that
it is for tests (similar to the -unix and -win suffixes on modules like
dbus-sysdeps). This seems unnecessarily confusing, so rename it to end
with -for-tests.
Signed-off-by: Simon McVittie <smcv@collabora.com>
