]> git.saurik.com Git - apple/security.git/blob - OSX/sec/securityd/Regressions/secd-31-keychain-unreadable.c
Security-57336.1.9.tar.gz
[apple/security.git] / OSX / sec / securityd / Regressions / secd-31-keychain-unreadable.c
1 /*
2 * Copyright (c) 2008-2010,2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 #include <CoreFoundation/CoreFoundation.h>
26 #include <Security/SecBase.h>
27 #include <Security/SecItem.h>
28 #include <Security/SecInternal.h>
29 #include <utilities/SecFileLocations.h>
30 #include <utilities/SecCFWrappers.h>
31
32 #include <stdlib.h>
33 #include <fcntl.h>
34 #include <unistd.h>
35 #include <sys/stat.h>
36 #include <sqlite3.h>
37
38 #include "secd_regressions.h"
39
40 #include <securityd/SecItemServer.h>
41
42 #include "SecdTestKeychainUtilities.h"
43
44
45 /* Create an empty keychain file that can't be read or written and make sure
46 securityd can deal with it. */
47 static void tests(void)
48 {
49 /* custom keychain dir */
50 secd_test_setup_temp_keychain("secd_31_keychain_unreadable", ^{
51 CFStringRef keychain_path_cf = __SecKeychainCopyPath();
52
53 CFStringPerformWithCString(keychain_path_cf, ^(const char *keychain_path) {
54 int fd;
55 ok_unix(fd = open(keychain_path, O_RDWR | O_CREAT | O_TRUNC, 0644),
56 "create keychain file '%s'", keychain_path);
57 ok_unix(fchmod(fd, 0), " keychain file '%s'", keychain_path);
58 ok_unix(close(fd), "close keychain file '%s'", keychain_path);
59
60 });
61
62 CFReleaseSafe(keychain_path_cf);
63 });
64
65 __security_simulatecrash_enable(false);
66
67 int v_eighty = 80;
68 CFNumberRef eighty = CFNumberCreate(NULL, kCFNumberSInt32Type, &v_eighty);
69 const char *v_data = "test";
70 CFDataRef pwdata = CFDataCreate(NULL, (UInt8 *)v_data, strlen(v_data));
71 CFMutableDictionaryRef query = CFDictionaryCreateMutable(NULL, 0, NULL, NULL);
72 CFDictionaryAddValue(query, kSecClass, kSecClassInternetPassword);
73 CFDictionaryAddValue(query, kSecAttrServer, CFSTR("members.spamcop.net"));
74 CFDictionaryAddValue(query, kSecAttrAccount, CFSTR("smith"));
75 CFDictionaryAddValue(query, kSecAttrPort, eighty);
76 CFDictionaryAddValue(query, kSecAttrProtocol, kSecAttrProtocolHTTP);
77 CFDictionaryAddValue(query, kSecAttrAuthenticationType, kSecAttrAuthenticationTypeDefault);
78 CFDictionaryAddValue(query, kSecValueData, pwdata);
79 ok_status(SecItemAdd(query, NULL), "add internet password");
80 is_status(SecItemAdd(query, NULL), errSecDuplicateItem,
81 "add internet password again");
82
83 ok_status(SecItemCopyMatching(query, NULL), "Found the item we added");
84
85 ok_status(SecItemDelete(query),"Deleted the item we added");
86
87 #if TARGET_OS_IPHONE && !TARGET_OS_SIMULATOR
88 // When running on iOS device in debugger, the target usually runs as root and no simcrash will actually happen,
89 // because file with access rights '000' is read-write available.
90 int crash_count = __security_simulatecrash_enable(true);
91 ok(crash_count == 0 || crash_count == 1, "Expecting no or one simcrash from recovery of corrupted DB");
92 #else
93 is(__security_simulatecrash_enable(true), 1, "Expecting simcrash from recovery of corrupted DB");
94 #endif
95
96 CFReleaseSafe(eighty);
97 CFReleaseSafe(pwdata);
98 CFReleaseSafe(query);
99 }
100
101 int secd_31_keychain_unreadable(int argc, char *const *argv)
102 {
103 plan_tests(8 + kSecdTestSetupTestCount);
104 tests();
105
106 return 0;
107 }