mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-09 10:51:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/libraries/libapparmor/testsuite/test_multi.c

154 lines
3.6 KiB
C
Raw Normal View History

- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated.
2007-07-28 15:41:04 +00:00
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "aalogparse.h"
int print_results(aa_log_record *record);
int main(int argc, char **argv)
{
FILE *testcase;
char log_line[1024];
aa_log_record *test = NULL;
int ret = -1;
if (argc != 2)
{
fprintf(stderr, "Usage: test_multi.multi <filename>\n");
return(1);
}
printf("START\n");
printf("File: %s\n", argv[1]);
testcase = fopen(argv[1], "r");
if (testcase == NULL)
{
perror("Could not open testcase: ");
return(1);
}
if (fgets(log_line, 1023, testcase) == NULL)
{
fprintf(stderr, "Could not read testcase.\n");
fclose(testcase);
return(1);
}
fclose(testcase);
test = parse_record(log_line);
if (test == NULL)
{
fprintf(stderr,"Parsing failed.\n");
return(1);
}
ret = print_results(test);
free_record(test);
return ret;
}
libapparmor: add support for ip addresses and ports Bugs: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/800826 https://bugzilla.novell.com/show_bug.cgi?id=755923 This patch modifies the libapparmor log parsing code to add support for the additional ip address and port keywords that can occur in network rejection rules. The laddr and faddr keywords stand for local address and foreign address respectively. The regex used to match an ip address is not very strict, to hopefully catch the formats that the kernel emits for ipv6 addresses; however, because this is in a context triggered by the addr keywords, it should not over-eagerly consume non-ip addresses. Said addresses are returned as strings in the struct to be processed by the calling application. Bug: https://launchpad.net/bugs/800826
2012-04-06 15:59:04 -07:00
#define print_string(description, var) \
if ((var) != NULL) { \
printf("%s: %s\n", (description), (var)); \
}
/* unset is the value that the library sets to the var to indicate
that it is unset */
#define print_long(description, var, unset) \
if ((var) != (unsigned long) (unset)) { \
printf("%s: %ld\n", (description), (var)); \
}
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated.
2007-07-28 15:41:04 +00:00
int print_results(aa_log_record *record)
{
printf("Event type: ");
switch(record->event)
{
case AA_RECORD_ERROR:
{
printf("AA_RECORD_ERROR\n");
break;
}
case AA_RECORD_INVALID:
{
printf("AA_RECORD_INVALID\n");
break;
}
case AA_RECORD_AUDIT:
{
printf("AA_RECORD_AUDIT\n");
break;
}
case AA_RECORD_ALLOWED:
{
printf("AA_RECORD_ALLOWED\n");
break;
}
case AA_RECORD_DENIED:
{
printf("AA_RECORD_DENIED\n");
break;
}
case AA_RECORD_HINT:
{
printf("AA_RECORD_HINT\n");
break;
}
case AA_RECORD_STATUS:
{
printf("AA_RECORD_STATUS\n");
break;
}
default:
{
printf("UNKNOWN EVENT TYPE\n");
break;
}
}
Subject: libapparmor - convert other fields to use macros in C test program This patch converts most of the fields to using the existing macros for output, to make consistent and simplify the code a bit. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com>
2013-09-06 14:08:25 -07:00
print_string("Audit ID", record->audit_id);
print_string("Operation", record->operation);
print_string("Mask", record->requested_mask);
print_string("Denied Mask", record->denied_mask);
print_long("fsuid", record->fsuid, (unsigned long) -1);
print_long("ouid", record->ouid, (unsigned long) -1)
print_string("Profile", record->profile);
print_string("Peer profile", record->peer_profile);
print_string("Name", record->name);
print_string("Command", record->comm);
print_string("Name2", record->name2);
print_string("Namespace", record->namespace);
print_string("Attribute", record->attribute);
print_long("Task", record->task, 0);
print_long("Parent", record->parent, 0);
print_long("Token", record->magic_token, 0);
print_string("Info", record->info);
print_string("Peer info", record->peer_info);
print_long("ErrorCode", (long) record->error_code, 0);
print_long("PID", record->pid, 0);
print_long("Peer PID", record->peer_pid, 0);
print_string("Active hat", record->active_hat);
print_string("Network family", record->net_family);
print_string("Socket type", record->net_sock_type);
print_string("Protocol", record->net_protocol);
libapparmor: add support for ip addresses and ports Bugs: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/800826 https://bugzilla.novell.com/show_bug.cgi?id=755923 This patch modifies the libapparmor log parsing code to add support for the additional ip address and port keywords that can occur in network rejection rules. The laddr and faddr keywords stand for local address and foreign address respectively. The regex used to match an ip address is not very strict, to hopefully catch the formats that the kernel emits for ipv6 addresses; however, because this is in a context triggered by the addr keywords, it should not over-eagerly consume non-ip addresses. Said addresses are returned as strings in the struct to be processed by the calling application. Bug: https://launchpad.net/bugs/800826
2012-04-06 15:59:04 -07:00
print_string("Local addr", record->net_local_addr);
print_string("Foreign addr", record->net_foreign_addr);
print_long("Local port", record->net_local_port, 0);
print_long("Foreign port", record->net_foreign_port, 0);
Subject: libapparmor - convert other fields to use macros in C test program This patch converts most of the fields to using the existing macros for output, to make consistent and simplify the code a bit. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com>
2013-09-06 14:08:25 -07:00
libaalogparse: Regression tests for dbus-daemon audit messages Test a set of send, bind, and receive denials routed through syslog, as well as a set routed through auditd. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-By: Seth Arnold <seth.arnold@canonical.com>
2013-08-09 11:08:57 -07:00
print_string("DBus bus", record->dbus_bus);
print_string("DBus path", record->dbus_path);
print_string("DBus interface", record->dbus_interface);
print_string("DBus member", record->dbus_member);
libapparmor: add support for ip addresses and ports Bugs: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/800826 https://bugzilla.novell.com/show_bug.cgi?id=755923 This patch modifies the libapparmor log parsing code to add support for the additional ip address and port keywords that can occur in network rejection rules. The laddr and faddr keywords stand for local address and foreign address respectively. The regex used to match an ip address is not very strict, to hopefully catch the formats that the kernel emits for ipv6 addresses; however, because this is in a context triggered by the addr keywords, it should not over-eagerly consume non-ip addresses. Said addresses are returned as strings in the struct to be processed by the calling application. Bug: https://launchpad.net/bugs/800826
2012-04-06 15:59:04 -07:00
Subject: libapparmor - c tests, only print epoch and audit subid if identified The test program didn't make use of the existing print_long() macro for printing long values, which meant that they were always emitted for every testcase. This patch makes them consistent with all the other emitted fields and fixes up the expected output where they shouldn't be emitted. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com>
2013-09-06 14:04:22 -07:00
print_long("Epoch", record->epoch, 0);
print_long("Audit subid", (long) record->audit_sub_id, 0);
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated.
2007-07-28 15:41:04 +00:00
return(0);
}
Reference in a new issue Copy permalink