main.c (173679) | main.c (196172) |
---|---|
1/*- 2 * Copyright (c) 2006 nCircle Network Security, Inc. 3 * Copyright (c) 2007 Robert N. M. Watson 4 * All rights reserved. 5 * 6 * This software was developed by Robert N. M. Watson for the TrustedBSD 7 * Project under contract to nCircle Network Security, Inc. 8 * --- 13 unchanged lines hidden (view full) --- 22 * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 24 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * | 1/*- 2 * Copyright (c) 2006 nCircle Network Security, Inc. 3 * Copyright (c) 2007 Robert N. M. Watson 4 * All rights reserved. 5 * 6 * This software was developed by Robert N. M. Watson for the TrustedBSD 7 * Project under contract to nCircle Network Security, Inc. 8 * --- 13 unchanged lines hidden (view full) --- 22 * INC., OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 23 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 24 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 25 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 26 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 27 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 28 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 29 * |
30 * $FreeBSD: head/tools/regression/priv/main.c 173679 2007-11-16 21:24:45Z bz $ | 30 * $FreeBSD: head/tools/regression/priv/main.c 196172 2009-08-13 09:11:47Z bz $ |
31 */ 32 33/* 34 * Privilege test framework. Each test is encapsulated on a .c file 35 * exporting a function that implements the test. Each test is run from its 36 * own child process, and they are run in sequence one at a time. 37 */ 38 --- 98 unchanged lines hidden (view full) --- 137 138 { "priv_netinet_ipsec_pfkey", NULL, priv_netinet_ipsec_pfkey, NULL }, 139 140 { "priv_netinet_ipsec_policy4_bypass", 141 priv_netinet_ipsec_policy4_bypass_setup, 142 priv_netinet_ipsec_policy4_bypass, 143 priv_netinet_ipsec_policy_bypass_cleanup }, 144 | 31 */ 32 33/* 34 * Privilege test framework. Each test is encapsulated on a .c file 35 * exporting a function that implements the test. Each test is run from its 36 * own child process, and they are run in sequence one at a time. 37 */ 38 --- 98 unchanged lines hidden (view full) --- 137 138 { "priv_netinet_ipsec_pfkey", NULL, priv_netinet_ipsec_pfkey, NULL }, 139 140 { "priv_netinet_ipsec_policy4_bypass", 141 priv_netinet_ipsec_policy4_bypass_setup, 142 priv_netinet_ipsec_policy4_bypass, 143 priv_netinet_ipsec_policy_bypass_cleanup }, 144 |
145#ifdef INET6 |
|
145 { "priv_netinet_ipsec_policy6_bypass", 146 priv_netinet_ipsec_policy6_bypass_setup, 147 priv_netinet_ipsec_policy6_bypass, 148 priv_netinet_ipsec_policy_bypass_cleanup }, | 146 { "priv_netinet_ipsec_policy6_bypass", 147 priv_netinet_ipsec_policy6_bypass_setup, 148 priv_netinet_ipsec_policy6_bypass, 149 priv_netinet_ipsec_policy_bypass_cleanup }, |
150#endif |
|
149 150 { "priv_netinet_ipsec_policy4_entrust", 151 priv_netinet_ipsec_policy4_entrust_setup, 152 priv_netinet_ipsec_policy4_entrust, 153 priv_netinet_ipsec_policy_entrust_cleanup }, 154 | 151 152 { "priv_netinet_ipsec_policy4_entrust", 153 priv_netinet_ipsec_policy4_entrust_setup, 154 priv_netinet_ipsec_policy4_entrust, 155 priv_netinet_ipsec_policy_entrust_cleanup }, 156 |
157#ifdef INET6 |
|
155 { "priv_netinet_ipsec_policy6_entrust", 156 priv_netinet_ipsec_policy6_entrust_setup, 157 priv_netinet_ipsec_policy6_entrust, 158 priv_netinet_ipsec_policy_entrust_cleanup }, | 158 { "priv_netinet_ipsec_policy6_entrust", 159 priv_netinet_ipsec_policy6_entrust_setup, 160 priv_netinet_ipsec_policy6_entrust, 161 priv_netinet_ipsec_policy_entrust_cleanup }, |
162#endif |
|
159 160 { "priv_netinet_raw", priv_netinet_raw_setup, priv_netinet_raw, 161 priv_netinet_raw_cleanup }, 162 163 { "priv_proc_setlogin", priv_proc_setlogin_setup, priv_proc_setlogin, 164 priv_proc_setlogin_cleanup }, 165 166 { "priv_proc_setrlimit_raisemax", priv_proc_setrlimit_setup, --- 248 unchanged lines hidden (view full) --- 415 if (setuid(uid) < 0) 416 err(-1, "test %s: seteuid(%d)", test, uid); 417} 418 419static void 420enter_jail(const char *test) 421{ 422 struct jail j; | 163 164 { "priv_netinet_raw", priv_netinet_raw_setup, priv_netinet_raw, 165 priv_netinet_raw_cleanup }, 166 167 { "priv_proc_setlogin", priv_proc_setlogin_setup, priv_proc_setlogin, 168 priv_proc_setlogin_cleanup }, 169 170 { "priv_proc_setrlimit_raisemax", priv_proc_setrlimit_setup, --- 248 unchanged lines hidden (view full) --- 419 if (setuid(uid) < 0) 420 err(-1, "test %s: seteuid(%d)", test, uid); 421} 422 423static void 424enter_jail(const char *test) 425{ 426 struct jail j; |
427 struct in_addr ia4; 428#ifdef INET6 429 struct in6_addr ia6 = IN6ADDR_LOOPBACK_INIT; 430#endif |
|
423 424 bzero(&j, sizeof(j)); | 431 432 bzero(&j, sizeof(j)); |
425 j.version = 0; | 433 j.version = JAIL_API_VERSION; |
426 j.path = "/"; 427 j.hostname = "test"; | 434 j.path = "/"; 435 j.hostname = "test"; |
428 j.ip_number = htonl(INADDR_LOOPBACK); | 436 j.jailname = "regressions/priv"; 437 ia4.s_addr = htonl(INADDR_LOOPBACK); 438 j.ip4s = 1; 439 j.ip4 = &ia4; 440#ifdef INET6 441 j.ip6s = 1; 442 j.ip6 = &ia6; 443#endif |
429 if (jail(&j) < 0) 430 err(-1, "test %s: jail", test); 431} 432 433static void 434run_child(struct test *test, int asroot, int injail) 435{ 436 --- 83 unchanged lines hidden --- | 444 if (jail(&j) < 0) 445 err(-1, "test %s: jail", test); 446} 447 448static void 449run_child(struct test *test, int asroot, int injail) 450{ 451 --- 83 unchanged lines hidden --- |