@Test public void testOutboundJudge() { final TestContext context = new TestContext(); final CondomOptions options = new CondomOptions().setOutboundJudge(new OutboundJudge() { @Override public boolean shouldAllow(final OutboundType type, final @Nullable Intent intent, final String target_pkg) { context.assertBaseNotCalled(); assertOutboundJudgeCalled(1); assertNotNull(dry_pm.resolveService(intent().setPackage(DISALLOWED_PACKAGE), 0)); context.assertBaseCalled(); assertOutboundJudgeCalled(1); context.assertBaseCalled(); assertOutboundJudgeCalled(2); assertEquals(2, dry_pm.queryIntentServices(intent(), 0).size()); context.assertBaseCalled(); assertOutboundJudgeCalled(2); context.assertBaseCalled(); assertOutboundJudgeCalled(2); assertEquals(2, dry_pm.queryBroadcastReceivers(intent(), 0).size()); context.assertBaseCalled(); assertOutboundJudgeCalled(2); context.assertBaseCalled(); assertOutboundJudgeCalled(0); dry_condom.sendBroadcast(intent()); context.assertBaseCalled(); assertOutboundJudgeCalled(0);
@Override public List<ResolveInfo> queryIntentServices(final Intent intent, final int flags) { check(intent); final List<ResolveInfo> resolves = new ArrayList<>(); if (mTestingBackgroundUid) { final ActivityManager am = (ActivityManager) getSystemService(ACTIVITY_SERVICE); Assume.assumeTrue(am != null); final List<ActivityManager.RunningServiceInfo> services = am.getRunningServices(32); if (services != null) for (final ActivityManager.RunningServiceInfo service : services) { if (service.pid == 0 || service.uid == android.os.Process.myUid()) continue; resolves.add(buildResolveInfo(DISALLOWED_PACKAGE, true, 7777777)); // Simulate a background UID. resolves.add(buildResolveInfo("non.bg.service", true, service.uid)); break; } } resolves.add(buildResolveInfo(ALLOWED_PACKAGE, true, android.os.Process.myUid())); resolves.add(buildResolveInfo(DISALLOWED_PACKAGE, true, android.os.Process.myUid())); return resolves; }
@Test public void testSelfTargeted() { final TestContext context = new TestContext(); final CondomContext condom = CondomContext.wrap(context, TAG), dry_condom = CondomContext.wrap(context, TAG, new CondomOptions().setDryRun(true)); // Self-targeting test final String self_pkg = condom.getPackageName(); final Intent[] self_targeted_intents = new Intent[] { intent().setPackage(self_pkg), intent().setComponent(new ComponentName(self_pkg, "X")) }; for (final Context context2test : new Context[] {condom, condom.getApplicationContext(), dry_condom, dry_condom.getApplicationContext()}) with(self_targeted_intents, allBroadcastAndServiceApis(context2test), context.EXPECT_BASE_CALLED, context.expectFlags(0)); }
@Test public void testOutboundJudge() { final TestContext context = new TestContext(); final CondomOptions options = new CondomOptions().setOutboundJudge(new OutboundJudge() { @Override public boolean shouldAllow(final OutboundType type, final @Nullable Intent intent, final String target_pkg) { context.assertBaseNotCalled(); assertOutboundJudgeCalled(1); assertNotNull(dry_pm.resolveService(intent().setPackage(DISALLOWED_PACKAGE), 0)); context.assertBaseCalled(); assertOutboundJudgeCalled(1); context.assertBaseCalled(); assertOutboundJudgeCalled(2); assertEquals(2, dry_pm.queryIntentServices(intent(), 0).size()); context.assertBaseCalled(); assertOutboundJudgeCalled(2); context.assertBaseCalled(); assertOutboundJudgeCalled(2); assertEquals(2, dry_pm.queryBroadcastReceivers(intent(), 0).size()); context.assertBaseCalled(); assertOutboundJudgeCalled(2); context.assertBaseCalled(); assertOutboundJudgeCalled(0); dry_condom.sendBroadcast(intent()); context.assertBaseCalled(); assertOutboundJudgeCalled(0);
@Test public void testContentProvider() { final TestContext context = new TestContext(); final CondomContext condom = CondomContext.wrap(context, TAG), dry_condom = CondomContext.wrap(context, TAG, new CondomOptions().setDryRun(true)); // Regular provider access final String android_id = Settings.System.getString(context.getContentResolver(), Settings.System.ANDROID_ID); assertNotNull(android_id); final String condom_android_id = Settings.System.getString(condom.getContentResolver(), Settings.System.ANDROID_ID); assertEquals(android_id, condom_android_id); final String dry_android_id = Settings.System.getString(dry_condom.getContentResolver(), Settings.System.ANDROID_ID); assertEquals(android_id, dry_android_id); context.mTestingStoppedProvider = true; // Prevent stopped packages, assertNull(condom.getPackageManager().resolveContentProvider(TEST_AUTHORITY, 0)); assertNotNull(dry_condom.getPackageManager().resolveContentProvider(TEST_AUTHORITY, 0)); assertNull(condom.getContentResolver().acquireContentProviderClient(TEST_CONTENT_URI)); assertNotNull(dry_condom.getContentResolver().acquireContentProviderClient(TEST_CONTENT_URI)); // Providers in system package should not be blocked. assertNotNull(condom.getPackageManager().resolveContentProvider(Settings.AUTHORITY, 0)); assertNotNull(dry_condom.getPackageManager().resolveContentProvider(Settings.AUTHORITY, 0)); assertNotNull(condom.getContentResolver().acquireContentProviderClient(Settings.System.CONTENT_URI)); assertNotNull(dry_condom.getContentResolver().acquireContentProviderClient(Settings.System.CONTENT_URI)); context.mTestingStoppedProvider = false; } private static final String TEST_AUTHORITY = "com.oasisfeng.condom.test";
@Override public List<ResolveInfo> queryIntentServices(final Intent intent, final int flags) { check(intent); final List<ResolveInfo> resolves = new ArrayList<>(); if (mTestingBackgroundUid) { final ActivityManager am = (ActivityManager) getSystemService(ACTIVITY_SERVICE); final List<ActivityManager.RunningServiceInfo> services = am.getRunningServices(32); if (services != null) for (final ActivityManager.RunningServiceInfo service : services) { if (service.uid == android.os.Process.myUid()) continue; resolves.add(buildResolveInfo(DISALLOWED_PACKAGE, true, 7777777)); // Simulate a background UID. resolves.add(buildResolveInfo("non.bg.service", true, service.uid)); break; } } resolves.add(buildResolveInfo(ALLOWED_PACKAGE, true, android.os.Process.myUid())); resolves.add(buildResolveInfo(DISALLOWED_PACKAGE, true, android.os.Process.myUid())); return resolves; }
@Override public void sendOrderedBroadcast(final Intent intent, final String p) { check(intent); } @Override public void sendOrderedBroadcast(final Intent intent, final String p, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); }
@Override public void sendBroadcast(final Intent intent, final String p) { check(intent); } @Override public void sendBroadcastAsUser(final Intent intent, final UserHandle user) { check(intent); }
final Runnable EXPECT_BASE_CALLED = new Runnable() { @Override public void run() { assertBaseCalled(); } }; }
@Override public void sendStickyOrderedBroadcast(final Intent intent, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); } @Override public void sendStickyOrderedBroadcastAsUser(final Intent intent, final UserHandle u, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); }
@Override public void sendOrderedBroadcastAsUser(final Intent intent, final UserHandle u, final String p, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); } @Override public void sendStickyOrderedBroadcast(final Intent intent, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); }
@Override public boolean bindService(final Intent intent, final ServiceConnection c, final int f) { check(intent); return false; } @Override public void sendBroadcast(final Intent intent) { check(intent); }
@Override public void sendOrderedBroadcast(final Intent intent, final String p, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); } @Override public void sendOrderedBroadcastAsUser(final Intent intent, final UserHandle u, final String p, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); }
@Override public void sendStickyBroadcastAsUser(final Intent intent, final UserHandle u) { check(intent); } @Override public void sendOrderedBroadcast(final Intent intent, final String p) { check(intent); }
@Override public void sendStickyBroadcast(final Intent intent) { check(intent); } @Override public void sendStickyBroadcastAsUser(final Intent intent, final UserHandle u) { check(intent); }
@Override public void sendBroadcastAsUser(final Intent intent, final UserHandle user) { check(intent); } @Override public void sendBroadcastAsUser(final Intent intent, final UserHandle user, final String receiverPermission) { check(intent); }
@Override public ComponentName startService(final Intent intent) { check(intent); return null; } @Override public boolean bindService(final Intent intent, final ServiceConnection c, final int f) { check(intent); return false; }
@Override public void sendStickyOrderedBroadcastAsUser(final Intent intent, final UserHandle u, final BroadcastReceiver r, final Handler s, final int c, final String d, final Bundle e) { check(intent); }
@Override public void sendBroadcast(final Intent intent) { check(intent); } @Override public void sendBroadcast(final Intent intent, final String p) { check(intent); }
@Test public void testSelfTargeted() { final TestContext context = new TestContext(); final CondomContext condom = CondomContext.wrap(context, TAG), dry_condom = CondomContext.wrap(context, TAG, new CondomOptions().setDryRun(true)); // Self-targeting test final String self_pkg = condom.getPackageName(); final Intent[] self_targeted_intents = new Intent[] { intent().setPackage(self_pkg), intent().setComponent(new ComponentName(self_pkg, "X")) }; with(self_targeted_intents, allBroadcastApis(condom), context.EXPECT_BASE_CALLED, context.expectFlags(0)); with(self_targeted_intents, allServiceApis(condom), context.EXPECT_BASE_CALLED, context.expectFlags(0)); with(self_targeted_intents, allBroadcastApis(dry_condom), context.EXPECT_BASE_CALLED, context.expectFlags(0)); with(self_targeted_intents, allServiceApis(dry_condom), context.EXPECT_BASE_CALLED, context.expectFlags(0)); }