1# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2# Use of this source code is governed by a BSD-style license that can be
3# found in the LICENSE file.
4
5import gobject, os
6from dbus.mainloop.glib import DBusGMainLoop
7
8from autotest_lib.client.bin import test, utils
9from autotest_lib.client.common_lib import error
10from autotest_lib.client.common_lib.cros import policy, session_manager
11from autotest_lib.client.cros import constants, cros_ui, cryptohome, ownership
12
13
14class login_OwnershipRetaken(test.test):
15    """"Ensure that ownership is re-taken upon loss of owner's cryptohome."""
16    version = 1
17
18    _tempdir = None
19    _got_new_key = False
20    _got_new_policy = False
21
22    def setup(self):
23        os.chdir(self.srcdir)
24        utils.make('OUT_DIR=.')
25
26
27    def initialize(self):
28        super(login_OwnershipRetaken, self).initialize()
29        # Start clean, wrt ownership and the desired user.
30        ownership.restart_ui_to_clear_ownership_files()
31
32        bus_loop = DBusGMainLoop(set_as_default=True)
33        self._cryptohome_proxy = cryptohome.CryptohomeProxy(bus_loop)
34        self._cryptohome_proxy.remove(ownership.TESTUSER)
35
36        self._sm = session_manager.connect(bus_loop)
37
38
39    def run_once(self):
40        pkey = ownership.known_privkey()
41        pubkey = ownership.known_pubkey()
42
43        # Pre-configure some owner settings, including initial key.
44        poldata = policy.build_policy_data(self.srcdir,
45                                           owner=ownership.TESTUSER,
46                                           guests=False,
47                                           new_users=True,
48                                           roaming=True,
49                                           whitelist=(ownership.TESTUSER,
50                                                      'a@b.c'),
51                                           proxies={ 'proxy_mode': 'direct' })
52        policy_string = policy.generate_policy(self.srcdir,
53                                               pkey,
54                                               pubkey,
55                                               poldata)
56        policy.push_policy_and_verify(policy_string, self._sm)
57
58        # grab key, ensure that it's the same as the known key.
59        if (utils.read_file(constants.OWNER_KEY_FILE) != pubkey):
60            raise error.TestFail('Owner key should not have changed!')
61
62        # Start a new session, which will trigger the re-taking of ownership.
63        listener = session_manager.OwnershipSignalListener(gobject.MainLoop())
64        listener.listen_for_new_key_and_policy()
65        self._cryptohome_proxy.mount(ownership.TESTUSER,
66                                     ownership.TESTPASS,
67                                     create=True)
68        if not self._sm.StartSession(ownership.TESTUSER, ''):
69            raise error.TestError('Could not start session for owner')
70
71        listener.wait_for_signals(desc='Re-taking of ownership complete.')
72
73        # grab key, ensure that it's different than known key
74        if (utils.read_file(constants.OWNER_KEY_FILE) == pubkey):
75            raise error.TestFail('Owner key should have changed!')
76
77        # RetrievePolicy, check sig against new key, check properties
78        retrieved_policy = self._sm.RetrievePolicy(byte_arrays=True)
79        if retrieved_policy is None:
80            raise error.TestError('Policy not found')
81        policy.compare_policy_response(self.srcdir,
82                                       retrieved_policy,
83                                       owner=ownership.TESTUSER,
84                                       guests=False,
85                                       new_users=True,
86                                       roaming=True,
87                                       whitelist=(ownership.TESTUSER, 'a@b.c'),
88                                       proxies={ 'proxy_mode': 'direct' })
89
90
91    def cleanup(self):
92        if self._tempdir: self._tempdir.clean()
93        cros_ui.restart()
94        self._cryptohome_proxy.remove(ownership.TESTUSER)
95        super(login_OwnershipRetaken, self).cleanup()
96