3a95d9df41
Due to a naming mixup in `oss-internship-2020/curl/CMakeLists.txt`, the necessary `WriteToMemory()` callback was not linked into the sandboxee, leading to a segfault in the sandboxee when trying to run the tests/examples. As another issue, cURL seems to call `sysinfo` and `rt_sigaction` in recent versions and with recent libc. Drive-by changes: - Use the SAPI status macros instead of manually checking `absl::Status` - Put tests in namespace - Some Google C++-style fixes - Start the mock test server only once per test suite Fixes #72 for cURL. Signed-off-by: Christian Blichmann <cblichmann@google.com> |
||
---|---|---|
.. | ||
callbacks | ||
curl_wrapper | ||
examples | ||
tests | ||
.gitignore | ||
CMakeLists.txt | ||
README.md | ||
sandbox.h |
LibCurl Sandbox
This library is a sandboxed version of curl's C API, libcurl, implemented using Sandboxed API.
Setup
The repository can be cloned using: git clone --recursive <URL to this repo>
The --recursive
flag ensures that submodules are also cloned.
Alternatively, if the repository has already been cloned but the submodules have
not, these can be cloned using: git submodule update --init --recursive
The full list of Sandboxed API dependencies can be found on Sandboxed API Getting Started page.
The following commands, used from the current curl/
directory, build the
library:
mkdir -p build && cd build
cmake .. -G Ninja -D SAPI_ROOT=<path to sandboxed-api>
cmake --build .
Implementation details
All of libcurl's methods are supported by the library. However, a few of these
have different signatures defined in the sandboxed header custom_curl.h
, which
wraps and extends libcurl.
This is necessary because Sandboxed API sandboxes most of libcurl correctly, but encounters some issues when sandboxing a few methods. The simplest solution is wrapping these methods into wrapper methods that accomplish the same tasks but can also be sandboxed.
The next sections describe the issues encountered and contain some information on the signatures of the wrapper methods solving these issues.
Variadic methods
Variadic methods are currently not supported by Sandboxed API. To solve this,
these methods are defined with an additional explicit parameter in
custom_curl.h
.
The methods are:
curl_easy_setopt
. Usecurl_easy_setopt_ptr
,curl_easy_setopt_long
orcurl_easy_setopt_curl_off_t
instead.curl_easy_getinfo
. Usecurl_easy_getinfo_ptr
instead.curl_multi_setopt
. Usecurl_multi_setopt_ptr
,curl_multi_setopt_long
orcurl_multi_setopt_curl_off_t
instead.curl_share_setopt
. Usecurl_share_setopt_ptr
orcurl_share_setopt_long
instead
Methods with incomplete array arguments
Incomplete array arguments are currently not supported by Sandboxed API. To
solve this, methods taking an incomplete array argument have a wrapper in
custom_curl.h
, and take a pointer as the argument.
The methods are:
curl_multi_poll
. Usecurl_multi_poll_sapi
instead.curl_multi_wait
. Usecurl_multi_wait_sapi
instead.
Methods with conflicts on the generated header
Some methods create conflicts on the generated header because of redefined
#define
directives from files included by the header. To solve this, the
conflicting types and methods are redefined in custom_curl.h
.
The types are:
time_t
. Usetime_t_sapi
instead.fd_set
. Usefd_set_sapi
instead.
The methods are:
curl_getdate
. Usecurl_getdate_sapi
instead.curl_multi_fdset
. Usecurl_multi_fdset_sapi
instead.
Function pointers
The functions whose pointers will be passed to the library's methods
(callbacks) can't be implemented in the files making use of the library, but
must be in other files. These files must be compiled together with the library,
and this is done by adding their absolute path to the cmake variable
CURL_SAPI_CALLBACKS
.
The pointers can then be obtained using an RPCChannel
object, as shown in
example2.cc
.
Examples
The examples
directory contains the sandboxed versions of example source codes
taken from this page on curl's
website. More information about each example can be found in the examples'
README.
To build these examples when building the library, the cmake variable
CURL_SAPI_ENABLE_EXAMPLES
must be set to ON
. This enables Sandboxed API
examples as well.
Policy
The sandbox.h
file contains a policy allowing all is necessary for libcurl to
perform simple requests. It is used by all the examples, except by example3.
This example needs some additional policies and files in its namespace (since it
uses HTTPS), and the file example3.cc
shows how to easily extend an existing
policy.
Testing
The tests
folder contains some test cases created using Google Test. The class
CurlTestUtils
is used to facilitate some tasks that all test cases need,
including the setup of a mock local server on which test requests are performed.
To build these tests when building the library, the cmake variable
CURL_SAPI_ENABLE_TESTS
must be set to ON
. This enables Sandboxed API tests
as well.
Callbacks
The callbacks.h
and callbacks.cc
files implement all the callbacks used by
examples and tests.