#!/bin/sh

. ./test-functions

echo -n "FIFO post-create untaint test:	"
( # Sub-shell so as not to taint the test process.
	fifo=$(mktemp -u sft-XXXXXX)
	mkfifo $fifo
        _wget=$(copy wget)
	# Write twice and read twice; first write will block until read,
	# so fifo will not taint until after first read (double read and
	# write allows us to get a setfattr in there.
	cat confidential > $fifo &
	head -n 1 $fifo | wget -i - --quiet -O /dev/null
	value=$(getfattr --only-values -n security.simple-flow.confidential $fifo)
	if [ x$value != xinherited ]; then
		failmsg did not set xattr
	else
		setfattr -x security.simple-flow.confidential $fifo
		echo https://$SF_HOSTNAME/ > $fifo &
		head -n 1 $fifo | test_no_evil_bit $_wget --no-check-certificate -i - --quiet -O /dev/null
	fi
	rm -f $fifo
	rm -f $_wget
)
