# Tests to ensure that the monkeysphere is working
-# Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-# Date: 2008-09-13 13:40:15-0400
+# Authors:
+# Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+# Jameson Rollins <jrollins@fifthhorseman.net>
+# Copyright: 2008
+# License: GPL v3 or later
-# these tests might be best run under fakeroot, particularly the
-# "server-side" tests. Using fakeroot, they should be able to be run
+# these tests should all be able to
# as a non-privileged user.
-# NOTE: these tests have *not* themselves been tested yet
-# (2008-09-13). Please exercise with caution!
-
-# fail on fail
+# all subcommands in this script should complete without failure:
set -e
# gpg command for test admin user
GNUPGHOME="$TEMPDIR"/admin/.gnupg gpg "$@"
}
+failed_cleanup() {
+# FIXME: can we be more verbose here?
+ echo 'FAILED!'
+ cleanup
+}
+
# cleanup:
cleanup() {
echo
read -p "press enter to cleanup and remove tmp:"
- echo "### stop sshd..."
- kill "$SSHD_PID"
+ if ( ps $SSHD_PID >/dev/null ) ; then
+ echo "### stopping still-running sshd..."
+ kill $SSHD_PID
+ fi
echo "### removing temp dir..."
rm -rf "$TEMPDIR"
+
+ wait
}
## setup trap
-trap cleanup EXIT
+trap failed_cleanup EXIT
## set up some variables to ensure that we're operating strictly in
## the tests, not system-wide:
cp -a "$TESTDIR"/home/admin "$TEMPDIR"/
cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/
+cat <<EOF >> "$TEMPDIR"/testuser/.ssh/config
+UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts
+ProxyCommand $TEMPDIR/testuser/.ssh/proxy-command %h %p $SOCKET
+EOF
+cat <<EOF >> "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf
+KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts
+EOF
### SERVER TESTS
# launch test sshd with the new host key.
echo "### starting sshd..."
-socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -d -d -d -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log &
+socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log &
export SSHD_PID=$!
-
### TESTUSER TESTS
# generate an auth subkey for the test user
echo "### generating key for testuser..."
-MONKEYSPHERE_GNUPGHOME="$TEMPDIR"/testuser/.gnupg \
- monkeysphere gen-subkey --expire 0
+export GNUPGHOME="$TEMPDIR"/testuser/.gnupg
+export SSH_ASKPASS="$TEMPDIR"/testuser/.ssh/askpass
+export MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere
+
+monkeysphere gen-subkey --expire 0
# add server key to testuser keychain
echo "### export server key to testuser..."
-gpgadmin --armor --export "$HOSTKEYID" | \
- GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --import
+gpgadmin --armor --export "$HOSTKEYID" | gpg --import
-# connect to test sshd, using monkeysphere to verify the identity
-# before connection.
+# connect to test sshd, using monkeysphere-ssh-proxycommand to verify
+# the identity before connection. This should work in both directions!
echo "### testuser connecting to sshd socket..."
-PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}"
-GNUPGHOME="$TEMPDIR"/testuser/.gnupg ssh -oProxyCommand="$PROXY_COMMAND" testhost
-# create a new client side key, certify it with the "CA", use it to
-# log in.
-## FIXME: implement!
+ssh-agent bash -c \
+ 'monkeysphere subkey-to-ssh-agent && ssh -F "$TEMPDIR"/testuser/.ssh/config testhost'
+
+trap - EXIT
+cleanup
projects / monkeysphere.git / blobdiff