#!/usr/bin/env bash # Tests to ensure that the monkeysphere is working # Author: Daniel Kahn Gillmor # Date: 2008-09-13 13:40:15-0400 # these tests might be best run under fakeroot, particularly the # "server-side" tests. Using fakeroot, they should be able to be run # as a non-privileged user. # NOTE: these tests have *not* themselves been tested yet # (2008-09-13). Please exercise with caution! # these tests assume a commonly-trusted "Admin's key", a fake key # permanently stored in ./admin: gpgadmin() { GNUPGHOME=./admin gpg "$@" } # cleanup: cleanup() { # FIXME: stop the sshd process rm -f "$SOCKET" # FIXME: how should we clear out the temporary $VARLIB? # FIXME: clear out ssh client config file and known hosts. } ## set up some variables to ensure that we're operating strictly in ## the tests, not system-wide: TESTDIR=$(pwd) export MONKEYSPHERE_SYSDATADIR="$TESTDIR"/var export MONKEYSPHERE_SYSCONFIGDIR="$TESTDIR"/etc export SOCKET="$TESTDIR"/ssh-socket ### SERVER TESTS # Use the local copy of executables first, instead of system ones. # This should help us test without installing. export PATH="$TESTDIR"/../src:"$TESTDIR"/../src/keytrans:"$PATH" export MONKEYSPHERE_SHARE="$TESTDIR"/../src # create a new host key echo | monkeysphere-server gen-key --expire 2d HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ ) # certify it with the "Admin's Key". # (this would normally be done via keyservers) monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | gpgadmin --import gpgadmin --sign-key "$HOSTKEYID" # FIXME: how can we test publish-key without flooding junk into the # keyservers? # indicate that the "Admin's" key is an identity certifier for the # host monkeysphere-server add-identity-certifier ./home/admin/.gnupg/pubkey.gpg # write the sshd_config cat < "$TESTDIR"/etc/ssh/sshd_config HostKey ${TESTDIR}/etc/ssh/ssh_host_rsa_key EOF # launch sshd with the new host key. mkfifo "$SOCKET" /usr/sbin/sshd -f "$TESTDIR"/etc/ssh/sshd_config -i <>"$SOCKET" ### TESTUSER TESTS # connect to sample sshd host key, using monkeysphere to verify the # identity before connection. ## FIXME: implement! # create a new client side key, certify it with the "CA", use it to # log in. ## FIXME: implement!