projects / apple / security.git / blame
| Commit | Line | Data |
|---|---|---|
| 427c49bc A |
1 | /* |
| 2 | * si-31-keychain-unreadable.c | |
| 3 | * Security | |
| 4 | * | |
| 5 | * Created by Michael Brouwer on 5/23/08. | |
| 6 | * Copyright (c) 2008-2010 Apple Inc. All Rights Reserved. | |
| 7 | * | |
| 8 | */ | |
| 9 | ||
| 10 | #include <CoreFoundation/CoreFoundation.h> | |
| 11 | #include <Security/SecBase.h> | |
| 12 | #include <Security/SecItem.h> | |
| 13 | #include <Security/SecInternal.h> | |
| 14 | ||
| 15 | #include <stdlib.h> | |
| 16 | #include <fcntl.h> | |
| 17 | #include <unistd.h> | |
| 18 | #include <sys/stat.h> | |
| 19 | #include <sqlite3.h> | |
| 20 | ||
| 21 | #include "Security_regressions.h" | |
| 22 | ||
| 23 | #ifdef NO_SERVER | |
| 24 | static void ensureKeychainExists(void) { | |
| 25 | CFDictionaryRef query = CFDictionaryCreate(0, &kSecClass, &kSecClassInternetPassword, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks); | |
| 26 | CFTypeRef results = NULL; | |
| 27 | is_status(SecItemCopyMatching(query, &results), errSecItemNotFound, "expected nothing got %@", results); | |
| 28 | CFReleaseNull(query); | |
| 29 | CFReleaseNull(results); | |
| 30 | } | |
| 31 | #endif | |
| 32 | ||
| 33 | void kc_dbhandle_reset(void); | |
| 34 | ||
| 35 | /* Create an empty keychain file that can't be read or written and make sure | |
| 36 | securityd can deal with it. */ | |
| 37 | static void tests(void) | |
| 38 | { | |
| 39 | #ifndef NO_SERVER | |
| 40 | plan_skip_all("No testing against server."); | |
| 41 | #else | |
| 42 | const char *home_dir = getenv("HOME"); | |
| 43 | char keychain_dir[1000]; | |
| 44 | char keychain_name[1000]; | |
| 45 | sprintf(keychain_dir, "%s/Library/Keychains", home_dir); | |
| 46 | sprintf(keychain_name, "%s/keychain-2-debug.db", keychain_dir); | |
| 47 | ||
| 48 | ensureKeychainExists(); | |
| 49 | int fd; | |
| 50 | ok_unix(fd = open(keychain_name, O_RDWR | O_CREAT | O_TRUNC, 0644), | |
| 51 | "create keychain file '%s'", keychain_name); | |
| 52 | ok_unix(fchmod(fd, 0), " keychain file '%s'", keychain_name); | |
| 53 | ok_unix(close(fd), "close keychain file '%s'", keychain_name); | |
| 54 | ||
| 55 | kc_dbhandle_reset(); | |
| 56 | ||
| 57 | int v_eighty = 80; | |
| 58 | CFNumberRef eighty = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty); | |
| 59 | const char *v_data = "test"; | |
| 60 | CFDataRef pwdata = CFDataCreate(NULL, (UInt8 *)v_data, strlen(v_data)); | |
| 61 | CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, NULL, NULL); | |
| 62 | CFDictionaryAddValue(query, kSecClass, kSecClassInternetPassword); | |
| 63 | CFDictionaryAddValue(query, kSecAttrServer, CFSTR("members.spamcop.net")); | |
| 64 | CFDictionaryAddValue(query, kSecAttrAccount, CFSTR("smith")); | |
| 65 | CFDictionaryAddValue(query, kSecAttrPort, eighty); | |
| 66 | CFDictionaryAddValue(query, kSecAttrProtocol, kSecAttrProtocolHTTP); | |
| 67 | CFDictionaryAddValue(query, kSecAttrAuthenticationType, kSecAttrAuthenticationTypeDefault); | |
| 68 | CFDictionaryAddValue(query, kSecValueData, pwdata); | |
| 69 | ok_status(SecItemAdd(query, NULL), "add internet password"); | |
| 70 | is_status(SecItemAdd(query, NULL), errSecDuplicateItem, | |
| 71 | "add internet password again"); | |
| 72 | ||
| 73 | ok_status(SecItemCopyMatching(query, NULL), "Found the item we added"); | |
| 74 | ||
| 75 | ok_status(SecItemDelete(query),"Deleted the item we added"); | |
| 76 | ||
| 77 | CFReleaseSafe(eighty); | |
| 78 | CFReleaseSafe(pwdata); | |
| 79 | CFReleaseSafe(query); | |
| 80 | #endif | |
| 81 | } | |
| 82 | ||
| 83 | int si_31_keychain_unreadable(int argc, char *const *argv) | |
| 84 | { | |
| 85 | plan_tests(8); | |
| 86 | tests(); | |
| 87 | ||
| 88 | return 0; | |
| 89 | } |