00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027 #include <config.h>
00028
00029 #include <CUnit/CUnit.h>
00030 #include <apol/avrule-query.h>
00031 #include <apol/domain-trans-analysis.h>
00032 #include <apol/policy.h>
00033 #include <apol/policy-path.h>
00034 #include <stdbool.h>
00035 #include <string.h>
00036
00037 #define POLICY TEST_POLICIES "/setools-3.3/apol/dta_test.policy.conf"
00038
00039 static apol_policy_t *p = NULL;
00040
00041 static void dta_forward(void)
00042 {
00043 apol_policy_reset_domain_trans_table(p);
00044 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00045 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00046 int retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_FORWARD);
00047 CU_ASSERT_EQUAL_FATAL(retval, 0);
00048 retval = apol_domain_trans_analysis_set_start_type(p, d, "tuna_t");
00049 CU_ASSERT_EQUAL_FATAL(retval, 0);
00050
00051 apol_vector_t *v = NULL;
00052 retval = apol_domain_trans_analysis_do(p, d, &v);
00053 apol_domain_trans_analysis_destroy(&d);
00054 CU_ASSERT_EQUAL_FATAL(retval, 0);
00055 CU_ASSERT_PTR_NOT_NULL(v);
00056
00057 qpol_policy_t *q = apol_policy_get_qpol(p);
00058 size_t i;
00059 for (i = 0; i < apol_vector_get_size(v); i++) {
00060 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00061
00062 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00063 CU_ASSERT_PTR_NOT_NULL(qt);
00064 const char *name, *ep_name;
00065 retval = qpol_type_get_name(q, qt, &name);
00066 CU_ASSERT_EQUAL_FATAL(retval, 0);
00067 CU_ASSERT_STRING_EQUAL(name, "tuna_t");
00068
00069 qt = apol_domain_trans_result_get_end_type(dtr);
00070 CU_ASSERT_PTR_NOT_NULL(qt);
00071 retval = qpol_type_get_name(q, qt, &name);
00072 CU_ASSERT_EQUAL_FATAL(retval, 0);
00073 CU_ASSERT(strcmp(name, "boat_t") == 0 || strcmp(name, "sand_t") == 0);
00074
00075 qt = apol_domain_trans_result_get_entrypoint_type(dtr);
00076 CU_ASSERT_PTR_NOT_NULL(qt);
00077 retval = qpol_type_get_name(q, qt, &ep_name);
00078 CU_ASSERT_EQUAL_FATAL(retval, 0);
00079
00080 if (strcmp(name, "boat_t") == 0) {
00081 CU_ASSERT_STRING_EQUAL(ep_name, "net_t");
00082 } else if (strcmp(name, "sand_t") == 0) {
00083 CU_ASSERT(strcmp(ep_name, "reel_t") == 0 || strcmp(ep_name, "wave_t") == 0);
00084 }
00085 }
00086
00087 apol_vector_destroy(&v);
00088 }
00089
00090 static void dta_forward_multi_end(void)
00091 {
00092 apol_policy_reset_domain_trans_table(p);
00093 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00094 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00095 int retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_FORWARD);
00096 CU_ASSERT_EQUAL_FATAL(retval, 0);
00097 retval = apol_domain_trans_analysis_set_start_type(p, d, "shark_t");
00098 CU_ASSERT_EQUAL_FATAL(retval, 0);
00099
00100 apol_vector_t *v = NULL;
00101 retval = apol_domain_trans_analysis_do(p, d, &v);
00102 apol_domain_trans_analysis_destroy(&d);
00103 CU_ASSERT_EQUAL_FATAL(retval, 0);
00104 CU_ASSERT_PTR_NOT_NULL(v);
00105 CU_ASSERT(apol_vector_get_size(v) == 2);
00106
00107 qpol_policy_t *q = apol_policy_get_qpol(p);
00108 size_t i;
00109 for (i = 0; i < apol_vector_get_size(v); i++) {
00110 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00111
00112 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00113 CU_ASSERT_PTR_NOT_NULL(qt);
00114 const char *name, *ep_name;
00115 retval = qpol_type_get_name(q, qt, &name);
00116 CU_ASSERT_EQUAL_FATAL(retval, 0);
00117 CU_ASSERT_STRING_EQUAL(name, "shark_t");
00118
00119 qt = apol_domain_trans_result_get_end_type(dtr);
00120 CU_ASSERT_PTR_NOT_NULL(qt);
00121 retval = qpol_type_get_name(q, qt, &name);
00122 CU_ASSERT_EQUAL_FATAL(retval, 0);
00123 CU_ASSERT(strcmp(name, "surf_t") == 0 || strcmp(name, "sand_t") == 0);
00124
00125 qt = apol_domain_trans_result_get_entrypoint_type(dtr);
00126 CU_ASSERT_PTR_NOT_NULL(qt);
00127 retval = qpol_type_get_name(q, qt, &ep_name);
00128 CU_ASSERT_EQUAL_FATAL(retval, 0);
00129
00130 CU_ASSERT_STRING_EQUAL(ep_name, "wave_t");
00131 }
00132
00133 apol_vector_destroy(&v);
00134 }
00135
00136 static void dta_forward_access(void)
00137 {
00138 apol_policy_reset_domain_trans_table(p);
00139 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00140 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00141 int retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_FORWARD);
00142 CU_ASSERT_EQUAL_FATAL(retval, 0);
00143 retval = apol_domain_trans_analysis_set_start_type(p, d, "tuna_t");
00144 CU_ASSERT_EQUAL_FATAL(retval, 0);
00145 retval = apol_domain_trans_analysis_append_access_type(p, d, "boat_t");
00146 CU_ASSERT_EQUAL_FATAL(retval, 0);
00147 retval = apol_domain_trans_analysis_append_access_type(p, d, "sand_t");
00148 CU_ASSERT_EQUAL_FATAL(retval, 0);
00149 retval = apol_domain_trans_analysis_append_access_type(p, d, "wave_t");
00150 CU_ASSERT_EQUAL_FATAL(retval, 0);
00151 retval = apol_domain_trans_analysis_append_class(p, d, "file");
00152 CU_ASSERT_EQUAL_FATAL(retval, 0);
00153 retval = apol_domain_trans_analysis_append_perm(p, d, "write");
00154 CU_ASSERT_EQUAL_FATAL(retval, 0);
00155
00156 apol_vector_t *v = NULL;
00157 retval = apol_domain_trans_analysis_do(p, d, &v);
00158 CU_ASSERT_EQUAL_FATAL(retval, 0);
00159 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00160
00161 qpol_policy_t *q = apol_policy_get_qpol(p);
00162 size_t i;
00163 for (i = 0; i < apol_vector_get_size(v); i++) {
00164 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00165
00166 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00167 CU_ASSERT_PTR_NOT_NULL(qt);
00168 const char *name;
00169 retval = qpol_type_get_name(q, qt, &name);
00170 CU_ASSERT_EQUAL_FATAL(retval, 0);
00171 CU_ASSERT_STRING_EQUAL(name, "tuna_t");
00172
00173 qt = apol_domain_trans_result_get_end_type(dtr);
00174 CU_ASSERT_PTR_NOT_NULL(qt);
00175 retval = qpol_type_get_name(q, qt, &name);
00176 CU_ASSERT_EQUAL_FATAL(retval, 0);
00177 CU_ASSERT_STRING_EQUAL(name, "boat_t");
00178
00179 const apol_vector_t *rules_v = apol_domain_trans_result_get_access_rules(dtr);
00180 CU_ASSERT_FATAL(rules_v != NULL && apol_vector_get_size(rules_v) > 0);
00181 size_t j;
00182 for (j = 0; j < apol_vector_get_size(rules_v); j++) {
00183 const qpol_avrule_t *qa = (const qpol_avrule_t *)apol_vector_get_element(rules_v, j);
00184 char *render = apol_avrule_render(p, qa);
00185 CU_ASSERT_PTR_NOT_NULL_FATAL(render);
00186 CU_ASSERT_STRING_EQUAL(render, "allow boat_t wave_t : file { write getattr execute };");
00187 free(render);
00188 }
00189 }
00190
00191 apol_vector_destroy(&v);
00192
00193 retval = apol_domain_trans_analysis_set_start_type(p, d, "boat_t");
00194 CU_ASSERT_EQUAL_FATAL(retval, 0);
00195 retval = apol_domain_trans_analysis_append_access_type(p, d, NULL);
00196 CU_ASSERT_EQUAL_FATAL(retval, 0);
00197 retval = apol_domain_trans_analysis_append_class(p, d, NULL);
00198 CU_ASSERT_EQUAL_FATAL(retval, 0);
00199 retval = apol_domain_trans_analysis_append_perm(p, d, NULL);
00200 CU_ASSERT_EQUAL_FATAL(retval, 0);
00201
00202 apol_policy_reset_domain_trans_table(p);
00203 retval = apol_domain_trans_analysis_do(p, d, &v);
00204 apol_domain_trans_analysis_destroy(&d);
00205 CU_ASSERT_EQUAL_FATAL(retval, 0);
00206 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00207
00208 for (i = 0; i < apol_vector_get_size(v); i++) {
00209 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00210
00211 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00212 CU_ASSERT_PTR_NOT_NULL(qt);
00213 const char *name;
00214 retval = qpol_type_get_name(q, qt, &name);
00215 CU_ASSERT_EQUAL_FATAL(retval, 0);
00216 CU_ASSERT_STRING_EQUAL(name, "boat_t");
00217
00218 qt = apol_domain_trans_result_get_end_type(dtr);
00219 CU_ASSERT_PTR_NOT_NULL(qt);
00220 retval = qpol_type_get_name(q, qt, &name);
00221 CU_ASSERT_EQUAL_FATAL(retval, 0);
00222 CU_ASSERT(strcmp(name, "sand_t") == 0 || strcmp(name, "dock_t") == 0);
00223 }
00224 apol_vector_destroy(&v);
00225 }
00226
00227 static void dta_reverse(void)
00228 {
00229 apol_policy_reset_domain_trans_table(p);
00230 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00231 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00232 int retval;
00233 retval = apol_domain_trans_analysis_set_start_type(p, d, "sand_t");
00234 CU_ASSERT_EQUAL_FATAL(retval, 0);
00235 retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_REVERSE);
00236 CU_ASSERT_EQUAL_FATAL(retval, 0);
00237
00238 apol_vector_t *v = NULL;
00239 retval = apol_domain_trans_analysis_do(p, d, &v);
00240 apol_domain_trans_analysis_destroy(&d);
00241 CU_ASSERT_EQUAL_FATAL(retval, 0);
00242 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00243
00244 qpol_policy_t *q = apol_policy_get_qpol(p);
00245 size_t i;
00246 for (i = 0; i < apol_vector_get_size(v); i++) {
00247 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00248
00249 const qpol_type_t *qt = apol_domain_trans_result_get_end_type(dtr);
00250 CU_ASSERT_PTR_NOT_NULL(qt);
00251 const char *name;
00252 retval = qpol_type_get_name(q, qt, &name);
00253 CU_ASSERT_EQUAL_FATAL(retval, 0);
00254 CU_ASSERT_STRING_EQUAL(name, "sand_t");
00255
00256 qt = apol_domain_trans_result_get_start_type(dtr);
00257 CU_ASSERT_PTR_NOT_NULL(qt);
00258 retval = qpol_type_get_name(q, qt, &name);
00259 CU_ASSERT_EQUAL_FATAL(retval, 0);
00260 CU_ASSERT(strcmp(name, "boat_t") == 0 || strcmp(name, "grouper_t") == 0 || strcmp(name, "shark_t") == 0 ||
00261 strcmp(name, "tuna_t") == 0);
00262 }
00263
00264 apol_vector_destroy(&v);
00265 }
00266
00267 static void dta_reverse_regexp(void)
00268 {
00269 apol_policy_reset_domain_trans_table(p);
00270 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00271 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00272 int retval;
00273 retval = apol_domain_trans_analysis_set_start_type(p, d, "sand_t");
00274 CU_ASSERT_EQUAL_FATAL(retval, 0);
00275 retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_REVERSE);
00276 CU_ASSERT_EQUAL_FATAL(retval, 0);
00277 retval = apol_domain_trans_analysis_set_result_regex(p, d, "u");
00278 CU_ASSERT_EQUAL_FATAL(retval, 0);
00279
00280 apol_vector_t *v = NULL;
00281 retval = apol_domain_trans_analysis_do(p, d, &v);
00282 apol_domain_trans_analysis_destroy(&d);
00283 CU_ASSERT_EQUAL_FATAL(retval, 0);
00284 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00285
00286 qpol_policy_t *q = apol_policy_get_qpol(p);
00287 size_t i;
00288 bool found_tuna_wave = false, found_grouper_reel = false, found_grouper_wave = false;
00289 for (i = 0; i < apol_vector_get_size(v); i++) {
00290 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00291
00292 const qpol_type_t *qt = apol_domain_trans_result_get_end_type(dtr);
00293 CU_ASSERT_PTR_NOT_NULL(qt);
00294 const char *name, *ep_name;
00295 retval = qpol_type_get_name(q, qt, &name);
00296 CU_ASSERT_EQUAL_FATAL(retval, 0);
00297 CU_ASSERT_STRING_EQUAL(name, "sand_t");
00298
00299 qt = apol_domain_trans_result_get_start_type(dtr);
00300 CU_ASSERT_PTR_NOT_NULL(qt);
00301 retval = qpol_type_get_name(q, qt, &name);
00302 CU_ASSERT_EQUAL_FATAL(retval, 0);
00303 CU_ASSERT(strcmp(name, "tuna_t") == 0 || strcmp(name, "grouper_t") == 0);
00304
00305 qt = apol_domain_trans_result_get_entrypoint_type(dtr);
00306 CU_ASSERT_PTR_NOT_NULL(qt);
00307 retval = qpol_type_get_name(q, qt, &ep_name);
00308 CU_ASSERT_EQUAL_FATAL(retval, 0);
00309
00310 if (strcmp(name, "tuna_t") == 0) {
00311 if (strcmp(ep_name, "wave_t") == 0) {
00312 found_tuna_wave = true;
00313 }
00314 } else if (strcmp(name, "grouper_t") == 0) {
00315 if (strcmp(ep_name, "reel_t") == 0) {
00316 found_grouper_reel = true;
00317 } else if (strcmp(ep_name, "wave_t") == 0) {
00318 found_grouper_wave = true;
00319 }
00320 }
00321 }
00322 CU_ASSERT(found_tuna_wave && found_grouper_reel && found_grouper_wave);
00323
00324 apol_vector_destroy(&v);
00325 }
00326
00327 static void dta_reflexive(void)
00328 {
00329 apol_policy_reset_domain_trans_table(p);
00330 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00331 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00332 int retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_FORWARD);
00333 CU_ASSERT_EQUAL_FATAL(retval, 0);
00334 retval = apol_domain_trans_analysis_set_start_type(p, d, "sand_t");
00335 CU_ASSERT_EQUAL_FATAL(retval, 0);
00336
00337 apol_vector_t *v = NULL;
00338 retval = apol_domain_trans_analysis_do(p, d, &v);
00339 CU_ASSERT_EQUAL_FATAL(retval, 0);
00340 CU_ASSERT(v != NULL && apol_vector_get_size(v) == 0);
00341 apol_vector_destroy(&v);
00342
00343 retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_REVERSE);
00344 CU_ASSERT_EQUAL_FATAL(retval, 0);
00345
00346 retval = apol_domain_trans_analysis_do(p, d, &v);
00347 CU_ASSERT_EQUAL_FATAL(retval, 0);
00348 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00349 size_t i;
00350 qpol_policy_t *q = apol_policy_get_qpol(p);
00351 for (i = 0; i < apol_vector_get_size(v); i++) {
00352 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00353
00354 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00355 CU_ASSERT_PTR_NOT_NULL(qt);
00356 const char *name;
00357 retval = qpol_type_get_name(q, qt, &name);
00358 CU_ASSERT_EQUAL_FATAL(retval, 0);
00359 CU_ASSERT_STRING_NOT_EQUAL(name, "sand_t");
00360 }
00361 apol_vector_destroy(&v);
00362
00363 apol_domain_trans_analysis_destroy(&d);
00364 }
00365
00366 struct dta_invalid_item
00367 {
00368 const char *start_type;
00369 const char *end_type;
00370 const char *entrypoint_type;
00371 const bool missing_proc_trans;
00372 const bool missing_entrypoint;
00373 const bool missing_exec;
00374 const bool missing_setexec;
00375 const bool missing_type_trans;
00376 bool used;
00377 };
00378
00379 static void dta_invalid(void)
00380 {
00381 struct dta_invalid_item items[] = {
00382 {"boat_t", "dock_t", "net_t", false, false, true, false, false, false},
00383 {"boat_t", "sand_t", "reel_t", false, false, true, false, false, false},
00384 {"crab_t", "dock_t", "net_t", false, false, false, true, false, false},
00385 {"crab_t", "dock_t", "rope_t", false, false, true, true, false, false},
00386 {"crab_t", "dock_t", "wave_t", false, true, true, false, false, false},
00387 {"gull_t", "dock_t", "net_t", false, false, false, true, true, false},
00388 {"gull_t", "dock_t", "rope_t", false, false, true, true, true, false},
00389 {"gull_t", "sand_t", "net_t", true, true, false, false, false, false},
00390 {"marlin_t", "boat_t", "line_t", false, false, true, false, false, false},
00391 {"marlin_t", "boat_t", "net_t", false, false, true, false, false, false},
00392 {"ray_t", "boat_t", "line_t", true, false, true, false, false, false},
00393 {"ray_t", "sand_t", "wave_t", true, false, false, false, false, false},
00394 {"shark_t", "sand_t", "reel_t", false, false, true, false, false, false},
00395 {"tuna_t", "boat_t", "line_t", false, false, true, false, false, false},
00396 {"tuna_t", "boat_t", "reel_t", false, true, false, false, false, false},
00397 {NULL, NULL, NULL, false, false, false, false, false, false}
00398 };
00399 const char *start_types[] = {
00400 "boat_t", "crab_t", "gull_t", "marlin_t", "ray_t", "shark_t", "tuna_t", NULL
00401 };
00402 apol_domain_trans_analysis_t *d = apol_domain_trans_analysis_create();
00403 CU_ASSERT_PTR_NOT_NULL_FATAL(d);
00404 int retval = apol_domain_trans_analysis_set_direction(p, d, APOL_DOMAIN_TRANS_DIRECTION_FORWARD);
00405 CU_ASSERT_EQUAL_FATAL(retval, 0);
00406 retval = apol_domain_trans_analysis_set_valid(p, d, APOL_DOMAIN_TRANS_SEARCH_INVALID);
00407 CU_ASSERT_EQUAL_FATAL(retval, 0);
00408
00409 qpol_policy_t *q = apol_policy_get_qpol(p);
00410 apol_vector_t *v = NULL;
00411 struct dta_invalid_item *item;
00412 for (const char **start = start_types; *start != NULL; start++) {
00413 apol_policy_reset_domain_trans_table(p);
00414 retval = apol_domain_trans_analysis_set_start_type(p, d, *start);
00415 CU_ASSERT_EQUAL_FATAL(retval, 0);
00416
00417 retval = apol_domain_trans_analysis_do(p, d, &v);
00418 CU_ASSERT_EQUAL_FATAL(retval, 0);
00419 CU_ASSERT(v != NULL && apol_vector_get_size(v) > 0);
00420
00421 for (size_t i = 0; i < apol_vector_get_size(v); i++) {
00422 const apol_domain_trans_result_t *dtr = (const apol_domain_trans_result_t *)apol_vector_get_element(v, i);
00423
00424 const char *result_start, *result_end, *result_entry;
00425
00426 const qpol_type_t *qt = apol_domain_trans_result_get_start_type(dtr);
00427 CU_ASSERT_PTR_NOT_NULL(qt);
00428 retval = qpol_type_get_name(q, qt, &result_start);
00429 CU_ASSERT_EQUAL_FATAL(retval, 0);
00430 CU_ASSERT_STRING_EQUAL(result_start, *start);
00431
00432 qt = apol_domain_trans_result_get_end_type(dtr);
00433 CU_ASSERT_PTR_NOT_NULL(qt);
00434 retval = qpol_type_get_name(q, qt, &result_end);
00435 CU_ASSERT_EQUAL_FATAL(retval, 0);
00436
00437 qt = apol_domain_trans_result_get_entrypoint_type(dtr);
00438 CU_ASSERT_PTR_NOT_NULL(qt);
00439 retval = qpol_type_get_name(q, qt, &result_entry);
00440 CU_ASSERT_EQUAL_FATAL(retval, 0);
00441
00442 CU_ASSERT(apol_domain_trans_result_is_trans_valid(dtr) == 0);
00443
00444 for (item = items + 0; item->start_type != NULL; item++) {
00445 if (strcmp(result_start, item->start_type) == 0 &&
00446 strcmp(result_end, item->end_type) == 0 &&
00447 strcmp(result_entry, item->entrypoint_type) == 0 && !item->used) {
00448 item->used = true;
00449
00450 const apol_vector_t *cv;
00451 if (item->missing_proc_trans) {
00452 cv = apol_domain_trans_result_get_proc_trans_rules(dtr);
00453 CU_ASSERT(cv != NULL && apol_vector_get_size(cv) == 0);
00454 }
00455 if (item->missing_entrypoint) {
00456 cv = apol_domain_trans_result_get_entrypoint_rules(dtr);
00457 CU_ASSERT(cv != NULL && apol_vector_get_size(cv) == 0);
00458 }
00459 if (item->missing_exec) {
00460 cv = apol_domain_trans_result_get_exec_rules(dtr);
00461 CU_ASSERT(cv != NULL && apol_vector_get_size(cv) == 0);
00462 }
00463 if (item->missing_setexec) {
00464 cv = apol_domain_trans_result_get_setexec_rules(dtr);
00465 CU_ASSERT(cv != NULL && apol_vector_get_size(cv) == 0);
00466 }
00467 if (item->missing_type_trans) {
00468 cv = apol_domain_trans_result_get_type_trans_rules(dtr);
00469 CU_ASSERT(cv != NULL && apol_vector_get_size(cv) == 0);
00470 }
00471 break;
00472 }
00473 }
00474 if (item->start_type == NULL) {
00475 CU_FAIL();
00476 }
00477 }
00478 apol_vector_destroy(&v);
00479 }
00480
00481 for (item = items + 0; item->start_type != NULL; item++) {
00482 CU_ASSERT(item->used);
00483 }
00484 apol_domain_trans_analysis_destroy(&d);
00485 }
00486
00487 CU_TestInfo dta_tests[] = {
00488 {"dta forward", dta_forward}
00489 ,
00490 {"dta forward + access", dta_forward_access}
00491 ,
00492 {"dta forward with multiple endpoints for same entrypoint", dta_forward_multi_end}
00493 ,
00494 {"dta reverse", dta_reverse}
00495 ,
00496 {"dta reverse + regexp", dta_reverse_regexp}
00497 ,
00498 {"dta reflexive", dta_reflexive}
00499 ,
00500 {"dta invalid transitions", dta_invalid}
00501 ,
00502 CU_TEST_INFO_NULL
00503 };
00504
00505 int dta_init()
00506 {
00507 apol_policy_path_t *ppath = apol_policy_path_create(APOL_POLICY_PATH_TYPE_MONOLITHIC, POLICY, NULL);
00508 if (ppath == NULL) {
00509 return 1;
00510 }
00511
00512 if ((p = apol_policy_create_from_policy_path(ppath, QPOL_POLICY_OPTION_NO_NEVERALLOWS, NULL, NULL)) == NULL) {
00513 apol_policy_path_destroy(&ppath);
00514 return 1;
00515 }
00516 apol_policy_path_destroy(&ppath);
00517
00518 int retval = apol_policy_build_domain_trans_table(p);
00519 if (retval != 0) {
00520 return 1;
00521 }
00522 return 0;
00523 }
00524
00525 int dta_cleanup()
00526 {
00527 apol_policy_destroy(&p);
00528 return 0;
00529 }
