From a718b8d343f7b7de02be1a27a9f98a0ae52f0071 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 00:58:33 -0400 Subject: testing: adding temporary monkeysphere config and ssh config. --- tests/home/testuser/.ssh/config | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 tests/home/testuser/.ssh/config (limited to 'tests/home/testuser/.ssh/config') diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config new file mode 100644 index 0000000..566d1c0 --- /dev/null +++ b/tests/home/testuser/.ssh/config @@ -0,0 +1,9 @@ +# ssh config file for testuser for monkeysphere test suite. +Host * +PasswordAuthentication no +KbdInteractiveAuthentication no +RSAAuthentication no +GSSAPIAuthentication no +StrictHostKeyChecking yes + +# UserKnownHosts file will be filled in dynamically. -- cgit v1.2.3 From f0fc313acc49c2f24cfc4d7e0a49fb7c1e3755f7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:07:41 -0400 Subject: testing: fix ssh_config var UserKnownHosts to UserKnownHostsFile. --- tests/basic | 2 +- tests/home/testuser/.ssh/config | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/home/testuser/.ssh/config') diff --git a/tests/basic b/tests/basic index 2314684..30c6d17 100755 --- a/tests/basic +++ b/tests/basic @@ -68,7 +68,7 @@ cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ cat < "$TEMPDIR"/testuser/.ssh/config -UserKnownHosts $TEMPDIR/testuser/.ssh/known_hosts +UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts EOF cat < "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 566d1c0..8610bc9 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -6,4 +6,4 @@ RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes -# UserKnownHosts file will be filled in dynamically. +# UserKnownHostsFile will be filled in dynamically. -- cgit v1.2.3 From 8859ba489c1234a3920cb121c177d06b3b8779f7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:51:13 -0400 Subject: testing: move ProxyCommand into a simple shell script to ease invocation (shell logical operators do not work directly in ProxyCommand argument). --- tests/basic | 9 ++++----- tests/home/testuser/.ssh/config | 2 +- tests/home/testuser/.ssh/proxy-command | 8 ++++++++ 3 files changed, 13 insertions(+), 6 deletions(-) create mode 100755 tests/home/testuser/.ssh/proxy-command (limited to 'tests/home/testuser/.ssh/config') diff --git a/tests/basic b/tests/basic index a04cc0e..d497d84 100755 --- a/tests/basic +++ b/tests/basic @@ -71,15 +71,15 @@ echo "### copying admin and testuser homes..." cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ -cat < "$TEMPDIR"/testuser/.ssh/config +cat <> "$TEMPDIR"/testuser/.ssh/config UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts +ProxyCommand $TEMPDIR/testuser/.ssh/proxy-command %h %p $SOCKET EOF -cat < "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf +cat <> "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts EOF - ### SERVER TESTS # setup monkeysphere temp gnupghome directories @@ -142,7 +142,6 @@ gpgadmin --armor --export "$HOSTKEYID" | \ # connect to test sshd, using monkeysphere-ssh-proxycommand to verify # the identity before connection. This should work in both directions! echo "### testuser connecting to sshd socket..." -PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}" GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ - ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v -oProxyCommand="$PROXY_COMMAND" testhost + ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v testhost diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 8610bc9..113a511 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -6,4 +6,4 @@ RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes -# UserKnownHostsFile will be filled in dynamically. +# UserKnownHostsFile and ProxyCommand will be filled in dynamically. diff --git a/tests/home/testuser/.ssh/proxy-command b/tests/home/testuser/.ssh/proxy-command new file mode 100755 index 0000000..630327d --- /dev/null +++ b/tests/home/testuser/.ssh/proxy-command @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# simple socket-based proxy-command wrapper for testing monkeysphere. + +# pass this thing the host, the port, and the socket. + +monkeysphere-ssh-proxycommand --no-connect "$1" "$2" && \ +socat STDIO UNIX:"$3" -- cgit v1.2.3 From 74b446aef77a46302430ee8aac7124f40d9bf1b4 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:59:55 -0400 Subject: testing: moved the LogLevel debugging for ssh into config files, added an ssh-agent to the final ssh invocation. --- tests/basic | 31 ++++++++++++++++++++----------- tests/etc/ssh/sshd_config | 1 + tests/home/testuser/.ssh/config | 1 + 3 files changed, 22 insertions(+), 11 deletions(-) (limited to 'tests/home/testuser/.ssh/config') diff --git a/tests/basic b/tests/basic index d497d84..751dec4 100755 --- a/tests/basic +++ b/tests/basic @@ -2,17 +2,16 @@ # Tests to ensure that the monkeysphere is working -# Author: Daniel Kahn Gillmor -# Date: 2008-09-13 13:40:15-0400 +# Authors: +# Daniel Kahn Gillmor +# Jameson Rollins +# Copyright: 2008 +# License: GPL v3 or later -# these tests might be best run under fakeroot, particularly the -# "server-side" tests. Using fakeroot, they should be able to be run +# these tests should all be able to # as a non-privileged user. -# NOTE: these tests have *not* themselves been tested yet -# (2008-09-13). Please exercise with caution! - -# fail on fail +# all subcommands in this script should complete without failure: set -e # gpg command for test admin user @@ -20,6 +19,12 @@ gpgadmin() { GNUPGHOME="$TEMPDIR"/admin/.gnupg gpg "$@" } +failed_cleanup() { +# FIXME: can we be more verbose here? + echo 'FAILED!' + cleanup +} + # cleanup: cleanup() { @@ -38,7 +43,7 @@ cleanup() { } ## setup trap -trap cleanup EXIT +trap failed_cleanup EXIT ## set up some variables to ensure that we're operating strictly in ## the tests, not system-wide: @@ -123,7 +128,7 @@ EOF # launch test sshd with the new host key. echo "### starting sshd..." -socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -d -d -d -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & +socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & export SSHD_PID=$! ### TESTUSER TESTS @@ -144,4 +149,8 @@ gpgadmin --armor --export "$HOSTKEYID" | \ echo "### testuser connecting to sshd socket..." GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ - ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v testhost + ssh-agent bash -c \ + 'monkeysphere subkey-to-ssh-agent && ssh -F "$TEMPDIR"/testuser/.ssh/config testhost' + +trap - EXIT +cleanup diff --git a/tests/etc/ssh/sshd_config b/tests/etc/ssh/sshd_config index 15b980c..82c72b9 100644 --- a/tests/etc/ssh/sshd_config +++ b/tests/etc/ssh/sshd_config @@ -20,3 +20,4 @@ TCPKeepAlive no AcceptEnv LANG LC_* UsePAM no UsePrivilegeSeparation no +LogLevel DEBUG diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 113a511..1da2344 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -5,5 +5,6 @@ KbdInteractiveAuthentication no RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes +LogLevel DEBUG # UserKnownHostsFile and ProxyCommand will be filled in dynamically. -- cgit v1.2.3