132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# Use of this source code is governed by a BSD-style license that can be 332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone# found in the LICENSE file. 432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 564170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masoneimport logging, os, tempfile 664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masonefrom dbus.mainloop.glib import DBusGMainLoop 732ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 8d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masonefrom autotest_lib.client.bin import test, utils 932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masonefrom autotest_lib.client.common_lib import autotemp, error 105d010aa50a0694d498e8317fd8044e56474ce7edChris Masonefrom autotest_lib.client.common_lib.cros import policy, session_manager 11d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masonefrom autotest_lib.client.cros import cros_ui, cryptohome, ownership 1232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 1332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 14d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masoneclass login_OwnershipApi(test.test): 154dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone """Tests to ensure that the Ownership API works for a local device owner. 164dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone """ 1732ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone version = 1 1832ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 1932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone _tempdir = None 2032ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 21bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone def setup(self): 22bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone os.chdir(self.srcdir) 23bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone utils.make('OUT_DIR=.') 24bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone 25bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone 26bbd576fc1975e33aa89e67b412d5be8fe36bd683Chris Masone def initialize(self): 27eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone super(login_OwnershipApi, self).initialize() 2864170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone self._bus_loop = DBusGMainLoop(set_as_default=True) 2964170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone self._cryptohome_proxy = cryptohome.CryptohomeProxy(self._bus_loop) 3064170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone 31a2b32851e8716f188dde273c73f4c76058bbd289Chris Masone # Clear existing ownership and inject known keys. 3214b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone cros_ui.stop() 33a2b32851e8716f188dde273c73f4c76058bbd289Chris Masone ownership.clear_ownership_files_no_restart() 344dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone 35d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone # Make device already owned by ownership.TESTUSER. 3664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone self._cryptohome_proxy.mount(ownership.TESTUSER, 3764170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone ownership.TESTPASS, 3864170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone create=True) 39d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone ownership.use_known_ownerkeys(ownership.TESTUSER) 404dbb67c9f8fbb9d31cffa910feda5186c4c1994aChris Masone 4114b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone self._tempdir = autotemp.tempdir(unique_id=self.__class__.__name__) 4214b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone cros_ui.start() 4314b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone 4432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 45d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone def __generate_temp_filename(self, dir): 46d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone """Generate a guaranteed-unique filename in dir.""" 47d5d577a535556c6911ef4ba0f76e148036c7f060Chris Masone just_for_name = tempfile.NamedTemporaryFile(dir=dir, delete=True) 4832ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone basename = just_for_name.name 4932ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone just_for_name.close() # deletes file. 5032ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone return basename 5132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 5232ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 5332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone def run_once(self): 54105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone pkey = ownership.known_privkey() 55105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone pubkey = ownership.known_pubkey() 5664170f8e7053f92f4bbad501c61a352fdabf6d82Chris Masone sm = session_manager.connect(self._bus_loop) 57d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone if not sm.StartSession(ownership.TESTUSER, ''): 58eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone raise error.TestFail('Could not start session for owner') 5914b746590380faa30a2119b3be1d5fcf2d953f11Chris Masone 60d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone poldata = policy.build_policy_data(self.srcdir, 61d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone owner=ownership.TESTUSER, 62d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone guests=False, 63d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone new_users=True, 64d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone roaming=True, 65d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone whitelist=(ownership.TESTUSER, 66d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone 'a@b.c'), 67d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone proxies={ 'proxy_mode': 'direct' }) 68d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone 69d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone policy_string = policy.generate_policy(self.srcdir, 70d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone pkey, 71d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone pubkey, 72d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone poldata) 73d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone policy.push_policy_and_verify(policy_string, sm) 74d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone retrieved_policy = policy.get_policy(sm) 75105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone if retrieved_policy is None: raise error.TestFail('Policy not found') 76d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone policy.compare_policy_response(self.srcdir, 77d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone retrieved_policy, 78d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone owner=ownership.TESTUSER, 79d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone guests=False, 80d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone new_users=True, 81d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone roaming=True, 82d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone whitelist=(ownership.TESTUSER, 'a@b.c'), 83d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone proxies={ 'proxy_mode': 'direct' }) 84105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone try: 85105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone # Sanity check against an incorrect policy 86d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone policy.compare_policy_response(self.srcdir, 87d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone retrieved_policy, 88d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone owner=ownership.TESTUSER, 89d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone guests=True, 90d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone whitelist=(ownership.TESTUSER, 91d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone 'a@b.c'), 92d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone proxies={ 'proxy_mode': 'direct' }) 93105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone except ownership.OwnershipError: 94105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone pass 95105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone else: 96105706efb7ebc97575dafd7a92bb815f79d8bb47Chris Masone raise error.TestFail('Did not detect bad policy') 97d51ac9cdab93aee5b408dde4543a00d9913f740fDavid James 9867f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone try: 99d976e0ed3cb28e532f15826c5071149b8fabeaf8Chris Masone sm.StopSession('') 10067f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone except error.TestError as e: 10167f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone logging.error(str(e)) 10267f77a12725f81b88235a9d865bd4b8322fb83c7Chris Masone raise error.TestFail('Could not stop session for owner') 10332ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 10432ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone 10532ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone def cleanup(self): 106eac4f4f0839c57d84d5c042deed64cf6d2189d26Chris Masone if self._tempdir: self._tempdir.clean() 1079fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone # Best effort to bounce the UI, which may be up or down. 1089fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone cros_ui.stop(allow_fail=True) 1099fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone self._cryptohome_proxy.remove(ownership.TESTUSER) 1109fef4639415a0481373e073f40b7c32ed93a99b5Chris Masone cros_ui.start(allow_fail=True, wait_for_login_prompt=False) 11132ca7d25a0d23fe40e25aedf0337e561b3362c1aChris Masone super(login_OwnershipApi, self).cleanup() 112