Chris Masone | 5e06f18 | 2010-03-23 08:29:52 -0700 | [diff] [blame] | 1 | # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 | # Use of this source code is governed by a BSD-style license that can be |
| 3 | # found in the LICENSE file. |
| 4 | |
Eric Li | f7b8192 | 2011-03-04 14:39:35 -0800 | [diff] [blame] | 5 | import logging, os, re |
Eric Li | c4d8f4a | 2010-12-10 09:49:23 -0800 | [diff] [blame] | 6 | import common |
| 7 | import constants as chromeos_constants |
Eric Li | f7b8192 | 2011-03-04 14:39:35 -0800 | [diff] [blame] | 8 | from autotest_lib.client.bin import test, utils |
Chris Masone | 5e06f18 | 2010-03-23 08:29:52 -0700 | [diff] [blame] | 9 | from autotest_lib.client.common_lib import error |
Eric Li | c4d8f4a | 2010-12-10 09:49:23 -0800 | [diff] [blame] | 10 | |
Sean O | e5d8fd0 | 2010-09-30 10:44:44 +0200 | [diff] [blame] | 11 | |
| 12 | CRYPTOHOME_CMD = '/usr/sbin/cryptohome' |
| 13 | |
| 14 | class ChromiumOSError(error.InstallError): |
| 15 | """Generic error for ChromiumOS-specific exceptions.""" |
| 16 | pass |
| 17 | |
| 18 | |
| 19 | def __run_cmd(cmd): |
| 20 | return utils.system_output(cmd + ' 2>&1', retain_output=True, |
| 21 | ignore_status=True).strip() |
| 22 | |
| 23 | |
| 24 | def get_user_hash(user): |
| 25 | """Get the hash for the test user account.""" |
| 26 | hash_cmd = CRYPTOHOME_CMD + ' --action=obfuscate_user --user=%s' % user |
| 27 | return __run_cmd(hash_cmd) |
| 28 | |
| 29 | |
| 30 | def remove_vault(user): |
| 31 | """Remove the test user account.""" |
| 32 | logging.debug('user is %s', user) |
| 33 | user_hash = get_user_hash(user) |
| 34 | logging.debug('Removing vault for user %s - %s' % (user, user_hash)) |
| 35 | cmd = CRYPTOHOME_CMD + ' --action=remove --force --user=%s' % user |
| 36 | __run_cmd(cmd) |
| 37 | # Ensure that the user directory does not exist |
| 38 | if os.path.exists(os.path.join('/home/.shadow/', user_hash)): |
| 39 | raise ChromiumOSError('Cryptohome could not remove the test user.') |
| 40 | |
| 41 | |
| 42 | def mount_vault(user, password, create=False): |
| 43 | cmd = (CRYPTOHOME_CMD + ' --action=mount --user=%s --password=%s' % |
| 44 | (user, password)) |
| 45 | if create: |
| 46 | cmd += ' --create' |
| 47 | __run_cmd(cmd) |
| 48 | # Ensure that the user directory exists |
| 49 | user_hash = get_user_hash(user) |
| 50 | if not os.path.exists(os.path.join('/home/.shadow/', user_hash)): |
| 51 | raise ChromiumOSError('Cryptohome vault not found after mount.') |
| 52 | # Ensure that the user directory is mounted |
| 53 | if not is_mounted(allow_fail=True): |
| 54 | raise ChromiumOSError('Cryptohome created the user but did not mount.') |
| 55 | |
| 56 | |
| 57 | def test_auth(user, password): |
| 58 | cmd = (CRYPTOHOME_CMD + ' --action=test_auth --user=%s --password=%s' % |
| 59 | (user, password)) |
| 60 | return 'Authentication succeeded' in __run_cmd(cmd) |
| 61 | |
| 62 | |
Elly Jones | 686c2f4 | 2011-10-24 16:45:07 -0400 | [diff] [blame^] | 63 | def unmount_vault(user=None): |
| 64 | """ |
| 65 | Unmount the directory. Once unmount-by-user is supported, the user |
| 66 | parameter will name the target user. See crosbug.com/20778 |
| 67 | """ |
Sean O | e5d8fd0 | 2010-09-30 10:44:44 +0200 | [diff] [blame] | 68 | cmd = (CRYPTOHOME_CMD + ' --action=unmount') |
| 69 | __run_cmd(cmd) |
| 70 | # Ensure that the user directory is not mounted |
| 71 | if is_mounted(allow_fail=True): |
| 72 | raise ChromiumOSError('Cryptohome did not unmount the user.') |
| 73 | |
| 74 | |
| 75 | def __get_mount_parts(expected_mountpt=chromeos_constants.CRYPTOHOME_MOUNT_PT, |
Sourav Poddar | 574bd62 | 2010-05-26 14:22:26 +0530 | [diff] [blame] | 76 | allow_fail = False): |
Will Drewry | 81ad616 | 2010-04-01 10:26:07 -0500 | [diff] [blame] | 77 | mount_line = utils.system_output( |
| 78 | 'grep %s /proc/$(pgrep cryptohomed)/mounts' % expected_mountpt, |
Sourav Poddar | 574bd62 | 2010-05-26 14:22:26 +0530 | [diff] [blame] | 79 | ignore_status = allow_fail) |
| 80 | return mount_line.split() |
| 81 | |
| 82 | |
Jim Hebert | f08f88d | 2011-04-22 10:33:49 -0700 | [diff] [blame] | 83 | def current_mounted_vault(device=chromeos_constants.CRYPTOHOME_DEVICE_REGEX, |
| 84 | expected_mountpt= |
| 85 | chromeos_constants.CRYPTOHOME_MOUNT_PT, |
| 86 | allow_fail=False): |
Frank Swiderski | 52653c3 | 2010-05-26 17:40:47 -0700 | [diff] [blame] | 87 | mount_line = utils.system_output( |
| 88 | 'grep %s /proc/$(pgrep cryptohomed)/mounts' % expected_mountpt, |
| 89 | ignore_status=allow_fail) |
| 90 | mount_parts = mount_line.split() |
Jim Hebert | f08f88d | 2011-04-22 10:33:49 -0700 | [diff] [blame] | 91 | if len(mount_parts) > 0 and re.match(device, mount_parts[0]): |
| 92 | return mount_parts[0] |
| 93 | else: |
| 94 | return None |
| 95 | |
| 96 | |
| 97 | def is_mounted(device=chromeos_constants.CRYPTOHOME_DEVICE_REGEX, |
| 98 | expected_mountpt=chromeos_constants.CRYPTOHOME_MOUNT_PT, |
| 99 | allow_fail=False): |
| 100 | return None != current_mounted_vault(device=device, |
| 101 | expected_mountpt=expected_mountpt, |
| 102 | allow_fail=allow_fail) |
Sourav Poddar | 574bd62 | 2010-05-26 14:22:26 +0530 | [diff] [blame] | 103 | |
| 104 | |
Frank Swiderski | 52653c3 | 2010-05-26 17:40:47 -0700 | [diff] [blame] | 105 | def is_mounted_on_tmpfs(device = chromeos_constants.CRYPTOHOME_INCOGNITO, |
Sourav Poddar | 574bd62 | 2010-05-26 14:22:26 +0530 | [diff] [blame] | 106 | expected_mountpt = |
| 107 | chromeos_constants.CRYPTOHOME_MOUNT_PT, |
| 108 | allow_fail = False): |
| 109 | mount_parts = __get_mount_parts(device, allow_fail) |
| 110 | return (len(mount_parts) > 2 and device == mount_parts[0] and |
| 111 | 'tmpfs' == mount_parts[2]) |
Nirnimesh | 6681449 | 2011-06-27 18:00:33 -0700 | [diff] [blame] | 112 | |
| 113 | |
| 114 | def canonicalize(credential): |
| 115 | """Perform basic canonicalization of |email_address| |
| 116 | |
| 117 | Perform basic canonicalization of |email_address|, taking |
| 118 | into account that gmail does not consider '.' or caps inside a |
| 119 | username to matter. It also ignores everything after a '+'. |
| 120 | For example, c.masone+abc@gmail.com == cMaSone@gmail.com, per |
| 121 | http://mail.google.com/support/bin/answer.py?hl=en&ctx=mail&answer=10313 |
| 122 | """ |
| 123 | if not credential: |
| 124 | return None |
| 125 | |
| 126 | parts = credential.split('@') |
| 127 | if len(parts) != 2: |
| 128 | raise error.TestError('Malformed email: ' + credential) |
| 129 | |
| 130 | (name, domain) = parts |
| 131 | name = name.partition('+')[0] |
| 132 | if (domain == chromeos_constants.SPECIAL_CASE_DOMAIN): |
| 133 | name = name.replace('.', '') |
| 134 | return '@'.join([name, domain]).lower() |
Elly Jones | 686c2f4 | 2011-10-24 16:45:07 -0400 | [diff] [blame^] | 135 | |
| 136 | def user_path(user): |
| 137 | return utils.system_output('cryptohome-path user %s' % user) |
| 138 | |
| 139 | def system_path(user): |
| 140 | return utils.system_output('cryptohome-path system %s' % user) |