X-Git-Url: https://codewiz.org/gitweb?a=blobdiff_plain;f=tests%2Fbasic;h=fd4f6736059f684543ae61241d63accf4c7a6735;hb=d7141bd2a46b59e7637aa3c7a750fa4b6a925b64;hp=9114f3254adfac0b85d84772fb9e190dd8f89f28;hpb=d2874b94fedbe6d043d44ca3562879251e6ea10f;p=monkeysphere.git diff --git a/tests/basic b/tests/basic index 9114f32..fd4f673 100755 --- a/tests/basic +++ b/tests/basic @@ -26,6 +26,7 @@ source "$TESTDIR"/common ## test has *more* requirements than plain ol' monkeysphere: which socat >/dev/null || { echo "You must have socat installed to run this test." ; exit 1; } + ## FIXME: other checks? ###################################################################### @@ -109,9 +110,16 @@ export MONKEYSPHERE_SYSDATADIR="$TEMPDIR" export MONKEYSPHERE_SYSCONFIGDIR="$TEMPDIR" export MONKEYSPHERE_SYSSHAREDIR="$TESTDIR"/../src/share export MONKEYSPHERE_MONKEYSPHERE_USER=$(whoami) + export MONKEYSPHERE_CHECK_KEYSERVER=false +# example.org does not respond to the HKP port, so this should cause +# any keyserver connection attempts that do happen (they shouldn't!) +# to hang, so we'll notice them: +export MONKEYSPHERE_KEYSERVER=example.org + export MONKEYSPHERE_LOG_LEVEL=DEBUG export MONKEYSPHERE_CORE_KEYLENGTH=1024 +export MONKEYSPHERE_PROMPT=false export SSHD_CONFIG="$TEMPDIR"/sshd_config export SOCKET="$TEMPDIR"/ssh-socket @@ -122,6 +130,21 @@ export SOCKET="$TEMPDIR"/ssh-socket # *anything* with any running X11 session. export DISPLAY=monkeys +## make sure that the version number matches the debian changelog +## (don't bother if this is being run from the tests). + +if [ -f "$TESTDIR"/../packaging/debian/changelog ]; then + echo "##################################################" + echo "### checking version string match..." + repver=$(monkeysphere version) + debver=$(head -n1 "$TESTDIR"/../packaging/debian/changelog | sed 's/.*(\([^-]*\)-.*/\1/') + if [ "$repver" = "$debver" ] ; then + echo "Versions match!" + else + printf "reported version string (%s) does not match debian changelog (%s)\n" "$repver" "$debver" + exit 1 + fi +fi ###################################################################### ### CONFIGURE ENVIRONMENTS @@ -157,7 +180,7 @@ cp "$TESTDIR"/etc/ssh/sshd_config "$SSHD_CONFIG" # write the sshd_config cat <> "$SSHD_CONFIG" HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key -AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authentication/authorized_keys/%u +AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u EOF @@ -168,7 +191,7 @@ EOF echo "##################################################" echo "### import host key..." ssh-keygen -b 1024 -t rsa -N '' -f "$TEMPDIR"/ssh_host_rsa_key -monkeysphere-host import-key testhost < "$TEMPDIR"/ssh_host_rsa_key +monkeysphere-host import-key "$TEMPDIR"/ssh_host_rsa_key testhost echo "##################################################" echo "### getting host key fingerprint..." @@ -185,7 +208,7 @@ monkeysphere-host set-expire 1 # (this would normally be done via keyservers) echo "##################################################" echo "### certifying server host key..." -GNUPGHOME="$MONKEYSPHERE_SYSCONFIGDIR"/host gpg --armor --export "$HOSTKEYID" | gpgadmin --import +< "$MONKEYSPHERE_SYSCONFIGDIR"/ssh_host_rsa_key.pub.gpg gpgadmin --import echo y | gpgadmin --command-fd 0 --sign-key "$HOSTKEYID" # FIXME: add revoker? @@ -212,7 +235,7 @@ get_gpg_prng_arg >> "$MONKEYSPHERE_SYSDATADIR"/authentication/sphere/gpg.conf # add admin as identity certifier for testhost echo "##################################################" echo "### adding admin as certifier..." -monkeysphere-authentication add-id-certifier -y "$TEMPDIR"/admin/.gnupg/pubkey.gpg +monkeysphere-authentication add-id-certifier "$TEMPDIR"/admin/.gnupg/pubkey.gpg echo "##################################################" echo "### list certifiers..." @@ -226,7 +249,7 @@ monkeysphere-authentication list-certifiers # generate an auth subkey for the test user that expires in 2 days echo "##################################################" echo "### generating key for testuser..." -monkeysphere gen-subkey --expire 2 +monkeysphere gen-subkey # add server key to testuser keychain echo "##################################################" @@ -284,13 +307,22 @@ echo "##################################################" echo "### ssh connection test for server authentication denial..." ssh_test 255 chmod o-w "$TESTHOME"/.monkeysphere/authorized_user_ids +monkeysphere-authentication update-users $(whoami) # FIXME: addtest: remove admin as id-certifier and check ssh failure # FIXME: addtest: add hostname on host key # FIXME: addtest: revoke hostname on host key and check ssh failure -# FIXME: addtest: revoke the host key and check ssh failure +# addtest: revoke the host key and check ssh failure +# test to make sure things are OK after the previous tests: +ssh_test +echo "##################################################" +echo "### ssh connection test for server with revoked key..." +# generate the revocation certificate and feed it directly to the test +# user's keyring (we're not publishing to the keyservers) +monkeysphere-host revoke-key | gpg --import +ssh_test 255 ######################################################################