Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge branch 'master' of github.com:nemomobile/ssu
  • Loading branch information
Bernd Wachter committed Oct 15, 2013
2 parents 3999dd0 + 882bb90 commit 076bf2d
Show file tree
Hide file tree
Showing 8 changed files with 62 additions and 50 deletions.
3 changes: 3 additions & 0 deletions libssu/ssu.cpp
Expand Up @@ -16,6 +16,7 @@
#include <pwd.h>

#include "ssu.h"
#include "sandbox_p.h"
#include "ssulog.h"
#include "ssuvariables.h"
#include "ssucoreconfig.h"
Expand Down Expand Up @@ -474,6 +475,8 @@ void Ssu::storeAuthorizedKeys(QByteArray data){
} else
return;

homePath = Sandbox::map(homePath);

if (dir.exists(homePath + "/.ssh/authorized_keys")){
ssuLog->print(LOG_DEBUG, QString(".ssh/authorized_keys already exists in %1")
.arg(homePath));
Expand Down
5 changes: 3 additions & 2 deletions libssu/ssudeviceinfo.cpp
Expand Up @@ -15,6 +15,7 @@ extern "C" {
#include <boardname.h>
}

#include "sandbox_p.h"
#include "ssudeviceinfo.h"
#include "ssucoreconfig.h"
#include "ssulog.h"
Expand Down Expand Up @@ -165,7 +166,7 @@ QString SsuDeviceInfo::deviceModel(){
// check if the device can be identified by testing for a file
foreach (const QString &key, keys){
QString value = boardMappings->value(key).toString();
if (dir.exists(value)){
if (dir.exists(Sandbox::map(value))){
cachedModel = key;
break;
}
Expand Down Expand Up @@ -224,7 +225,7 @@ QString SsuDeviceInfo::deviceModel(){
*/

// check if the device can be identified by a string in /proc/cpuinfo
procCpuinfo.setFileName("/proc/cpuinfo");
procCpuinfo.setFileName(Sandbox::map("/proc/cpuinfo"));
procCpuinfo.open(QIODevice::ReadOnly | QIODevice::Text);
if (procCpuinfo.isOpen()){
QTextStream in(&procCpuinfo);
Expand Down
7 changes: 4 additions & 3 deletions libssu/ssurepomanager.cpp
Expand Up @@ -9,6 +9,7 @@
#include <QRegExp>
#include <QDirIterator>

#include "sandbox_p.h"
#include "ssudeviceinfo.h"
#include "ssurepomanager.h"
#include "ssucoreconfig.h"
Expand Down Expand Up @@ -154,7 +155,7 @@ void SsuRepoManager::update(){
// assume configuration error if there are no device repos, and don't delete
// anything, even in strict mode
if ((deviceMode & Ssu::LenientMode) != Ssu::LenientMode && !repos.isEmpty()){
QDirIterator it(ZYPP_REPO_PATH, QDir::AllEntries|QDir::NoDot|QDir::NoDotDot);
QDirIterator it(Sandbox::map(ZYPP_REPO_PATH), QDir::AllEntries|QDir::NoDot|QDir::NoDotDot);
while (it.hasNext()){
it.next();
if (it.fileName().left(4) != "ssu_"){
Expand All @@ -166,7 +167,7 @@ void SsuRepoManager::update(){

// ... delete all ssu-managed repositories not valid for this device ...
ssuFilters.append("ssu_*");
QDirIterator it(ZYPP_REPO_PATH, ssuFilters);
QDirIterator it(Sandbox::map(ZYPP_REPO_PATH), ssuFilters);
while (it.hasNext()){
QString f = it.next();

Expand All @@ -192,7 +193,7 @@ void SsuRepoManager::update(){
}

QString repoFilePath = QString("%1/ssu_%2_%3.repo")
.arg(ZYPP_REPO_PATH)
.arg(Sandbox::map(ZYPP_REPO_PATH))
.arg(repo)
.arg(rndMode ? "rnd" : "release");

Expand Down
19 changes: 12 additions & 7 deletions ssuurlresolver/ssuurlresolver.cpp
Expand Up @@ -12,6 +12,7 @@
#include <QStringList>
#include <systemd/sd-journal.h>

#include "libssu/sandbox_p.h"
#include "libssu/ssulog.h"

SsuUrlResolver::SsuUrlResolver(): QObject(){
Expand All @@ -30,7 +31,16 @@ void SsuUrlResolver::error(QString message){
QCoreApplication::exit(1);
}

bool SsuUrlResolver::writeCredentials(QString filePath, QString credentialsScope){
bool SsuUrlResolver::writeZyppCredentialsIfNeeded(QString credentialsScope){
QString filePath = Sandbox::map("/etc/zypp/credentials.d/" + credentialsScope);
QFileInfo credentialsFileInfo(filePath);

if (credentialsFileInfo.exists() &&
credentialsFileInfo.lastModified() > ssu.lastCredentialsUpdate()){
// zypp credentials up to date
return true;
}

QFile credentialsFile(filePath);
QPair<QString, QString> credentials = ssu.credentials(credentialsScope);
SsuLog *ssuLog = SsuLog::instance();
Expand Down Expand Up @@ -126,12 +136,7 @@ void SsuUrlResolver::run(){
QString credentialsScope = ssu.credentialsScope(repo, isRnd);
if (!credentialsScope.isEmpty()){
headerList.append(QString("credentials=%1").arg(credentialsScope));

QFileInfo credentialsFileInfo("/etc/zypp/credentials.d/" + credentialsScope);
if (!credentialsFileInfo.exists() ||
credentialsFileInfo.lastModified() <= ssu.lastCredentialsUpdate()){
writeCredentials(credentialsFileInfo.filePath(), credentialsScope);
}
writeZyppCredentialsIfNeeded(credentialsScope);
} else
ssuLog->print(LOG_DEBUG, "Skipping credential update due to missing credentials scope");
}
Expand Down
2 changes: 1 addition & 1 deletion ssuurlresolver/ssuurlresolver.h
Expand Up @@ -55,7 +55,7 @@ class SsuUrlResolver: public QObject {
Ssu ssu;
void error(QString message);
void printJournal(int priority, QString message);
bool writeCredentials(QString filePath, QString credentialsScope);
bool writeZyppCredentialsIfNeeded(QString credentialsScope);

public slots:
void run();
Expand Down
30 changes: 30 additions & 0 deletions tests/ut_rndssucli/rndssuclitest.cpp
Expand Up @@ -26,9 +26,39 @@ void RndSsuCliTest::init(){
QFAIL("Failed to activate sandbox");
}
setenv("LD_PRELOAD", qPrintable(QString("%1/libsandboxhook.so").arg(TESTS_PATH)), 1);

m_bus = new QProcess(this);
m_bus->start("dbus-daemon",
Args() << "--session" << "--nofork" << "--nopidfile" << "--print-address");
if (!m_bus->waitForReadyRead()){
QFAIL("Failed to run sandboxed D-Bus instance");
}
const QByteArray busAddress = m_bus->readAllStandardOutput();
setenv("DBUS_SESSION_BUS_ADDRESS", busAddress.constData(), 1);
setenv("DBUS_SYSTEM_BUS_ADDRESS", busAddress.constData(), 1);

m_ssud = new QProcess(this);
m_ssud->start("ssud");
if (!m_ssud->waitForStarted()){
QFAIL("Failed to run sandboxed ssud instance");
}
}

void RndSsuCliTest::cleanup(){
if (m_ssud->state() != QProcess::Running){
QFAIL("Sandboxed ssud instance exited unexpectedly");
}
delete m_ssud;
m_ssud = 0;

if (m_bus->state() != QProcess::Running){
QFAIL("Sandboxed D-Bus instance exited unexpectedly");
}
unsetenv("DBUS_SESSION_BUS_ADDRESS");
unsetenv("DBUS_SYSTEM_BUS_ADDRESS");
delete m_bus;
m_bus = 0;

delete m_sandbox;
m_sandbox = 0;
}
Expand Down
4 changes: 4 additions & 0 deletions tests/ut_rndssucli/rndssuclitest.h
Expand Up @@ -10,6 +10,8 @@

#include <QObject>

class QProcess;

class Sandbox;

class RndSsuCliTest: public QObject {
Expand All @@ -28,6 +30,8 @@ class RndSsuCliTest: public QObject {

private:
Sandbox *m_sandbox;
QProcess *m_bus;
QProcess *m_ssud;
};

#endif
42 changes: 5 additions & 37 deletions tests/ut_urlresolver/urlresolvertest.cpp
Expand Up @@ -10,6 +10,7 @@
#include <QtXml/QDomDocument>

#include "constants.h"
#include "libssu/sandbox_p.h"
#include "testutils/process.h"

void UrlResolverTest::initTestCase(){
Expand Down Expand Up @@ -243,45 +244,12 @@ void UrlResolverTest::checkSetCredentials(){
}

void UrlResolverTest::checkStoreAuthorizedKeys(){
struct Cleanup {
~Cleanup(){
if (!tempHomePath.isEmpty()){
Process rmtemp;
rmtemp.execute("rm", QStringList() << "-rf" << tempHomePath);
if (rmtemp.hasError()){
qWarning("%s: Failed to remove temporary directory '%s': %s", Q_FUNC_INFO,
tempHomePath.constData(), qPrintable(rmtemp.fmtErrorMessage()));
}

if (!qputenv("HOME", originalHomePath)){
qFatal("%s: Failed to restore HOME environment variable", Q_FUNC_INFO);
}
}
}

QByteArray originalHomePath;
QByteArray tempHomePath;
} cleanup;

// Temporarily change HOME path so Ssu::storeAuthorizedKeys() does not touch
// real home directory
cleanup.originalHomePath = qgetenv("HOME");
QVERIFY(!cleanup.originalHomePath.isEmpty());

Process mktemp;
cleanup.tempHomePath = mktemp.execute("mktemp",
QStringList() << "-t" << "-d" << "ut_urlresolver.temp-home.XXX").trimmed().toLocal8Bit();
QVERIFY2(!mktemp.hasError(), qPrintable(mktemp.fmtErrorMessage()));

QVERIFY(qputenv("HOME", cleanup.tempHomePath));
QVERIFY2(QDir::homePath() == QString(cleanup.tempHomePath),
"QDir::homePath() does not change after qputenv(\"HOME\", \"...\")");

// Here starts the test itself
QVERIFY(QDir().mkpath(Sandbox::map(QDir::homePath())));

QByteArray testData("# test data\n");
ssu.storeAuthorizedKeys(testData);

QFile authorizedKeys(QDir::home().filePath(".ssh/authorized_keys"));
QFile authorizedKeys(Sandbox::map(QDir::home().filePath(".ssh/authorized_keys")));
QVERIFY(authorizedKeys.open(QIODevice::ReadOnly));

QVERIFY(authorizedKeys.readAll().split('\n').contains(testData.trimmed()));
Expand All @@ -296,7 +264,7 @@ void UrlResolverTest::checkStoreAuthorizedKeys(){
const QFile::Permissions go_rwx =
QFile::ReadGroup | QFile::WriteGroup | QFile::ExeGroup |
QFile::ReadOther | QFile::WriteOther | QFile::ExeOther;
QVERIFY((QFileInfo(QDir::home().filePath(".ssh")).permissions() & go_rwx) == 0);
QVERIFY((QFileInfo(Sandbox::map(QDir::home().filePath(".ssh"))).permissions() & go_rwx) == 0);
}

void UrlResolverTest::checkVerifyResponse(){
Expand Down

0 comments on commit 076bf2d

Please sign in to comment.