Commit a650bd05 authored by Simon McVittie's avatar Simon McVittie

Add a regression test for being a new-style monitor

This includes most of the situations I could think of:

* method call on dbus-daemon and response
* NameOwnerChanged
* NameAcquired, NameLost (although I'm not 100% sure these should
  get captured, since they're redundant with NameOwnerChanged)
* unicast message is allowed through
* unicast message is rejected by no-sending or no-receiving policy
* broadcast is allowed through
* broadcast is rejected by no-sending policy (the error reply
  is also captured)
* broadcast is rejected by no-receiving policy (there is no error
  reply)
* message causing service activation, and the message telling systemd
  to do the actual activation
* systemd reporting that activation failed

It does not cover:

* sending a message to dbus-daemon, then provoking a reply, then
  dbus-daemon does not allow itself to send the reply due to its
  own security policy

This is such an obscure corner case that I'm not even convinced it's
testable without dropping down into lower-level socket manipulation:
dbus-daemon's replies are always assumed to be requested replies,
and replies contain so little other metadata that I think we can
only forbid them by forbidding all method replies. If we do that,
the reply to Hello() won't arrive and the client-side connection will
not become active.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=46787Reviewed-by: Philip Withnall's avatarPhilip Withnall <philip.withnall@collabora.co.uk>
parent 1acedfdd
......@@ -156,6 +156,7 @@ installable_tests += \
test-corrupt \
test-dbus-daemon \
test-dbus-daemon-eavesdrop \
test-monitor \
test-loopback \
test-marshal \
test-refs \
......@@ -245,6 +246,15 @@ test_marshal_LDADD = \
$(GLIB_LIBS) \
$(NULL)
test_monitor_SOURCES = \
monitor.c \
$(NULL)
test_monitor_CPPFLAGS = $(testutils_shared_if_possible_cppflags)
test_monitor_LDADD = \
$(testutils_shared_if_possible_libs) \
$(GLIB_LIBS) \
$(NULL)
test_syntax_SOURCES = syntax.c
test_syntax_LDADD = \
$(top_builddir)/dbus/libdbus-1.la \
......@@ -295,6 +305,7 @@ in_data = \
data/valid-config-files/debug-allow-all-sha1.conf.in \
data/valid-config-files/debug-allow-all.conf.in \
data/valid-config-files/finite-timeout.conf.in \
data/valid-config-files/forbidding.conf.in \
data/valid-config-files/incoming-limit.conf.in \
data/valid-config-files/multi-user.conf.in \
data/valid-config-files/systemd-activation.conf.in \
......
<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN"
"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
<busconfig>
<!-- Our well-known bus type, don't change this -->
<type>session</type>
<listen>@TEST_LISTEN@</listen>
<policy context="default">
<!-- Allow everything -->
<allow send_destination="*"/>
<allow receive_sender="*"/>
<allow own="*"/>
<!-- Exception: some messages are forbidden -->
<deny send_interface="com.example.CannotSend"/>
<deny receive_interface="com.example.CannotReceive"/>
</policy>
</busconfig>
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment