From 2983d63efb6371cf7dc8815bfcdbefb42cadb1d3 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 25 Oct 2008 14:58:36 -0400 Subject: more changes to test suite, and add admin/testuser gpg.conf files to use quick-random option --- tests/home/testuser/.gnupg/gpg.conf | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 tests/home/testuser/.gnupg/gpg.conf (limited to 'tests/home/testuser') diff --git a/tests/home/testuser/.gnupg/gpg.conf b/tests/home/testuser/.gnupg/gpg.conf new file mode 100644 index 0000000..34bf93a --- /dev/null +++ b/tests/home/testuser/.gnupg/gpg.conf @@ -0,0 +1,2 @@ +# command to avoid depleting the system entropy +quick-random -- cgit v1.2.3 From 7676e30c681c9c040a92780409ba962a45499d41 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sat, 25 Oct 2008 16:18:32 -0400 Subject: testing: admin has signed key of testuser; testuser has lsigned key of admin, and granted full ownertrust to admin. --- tests/home/testuser/.gnupg/pubring.gpg | Bin 405 -> 1153 bytes tests/home/testuser/.gnupg/trustdb.gpg | Bin 1280 -> 1360 bytes 2 files changed, 0 insertions(+), 0 deletions(-) (limited to 'tests/home/testuser') diff --git a/tests/home/testuser/.gnupg/pubring.gpg b/tests/home/testuser/.gnupg/pubring.gpg index 8cea4b5..bef6b42 100644 Binary files a/tests/home/testuser/.gnupg/pubring.gpg and b/tests/home/testuser/.gnupg/pubring.gpg differ diff --git a/tests/home/testuser/.gnupg/trustdb.gpg b/tests/home/testuser/.gnupg/trustdb.gpg index e67f5c8..bc946df 100644 Binary files a/tests/home/testuser/.gnupg/trustdb.gpg and b/tests/home/testuser/.gnupg/trustdb.gpg differ -- cgit v1.2.3 From fa4afa22523331e9d0325bdbb5b6f92115686bce Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Sat, 25 Oct 2008 17:33:27 -0400 Subject: more work on test suite. --- etc/gnupg-authentication.conf | 2 +- tests/basic | 40 +++++++++++++++++++++++------------- tests/home/admin/.gnupg/gpg.conf | 2 -- tests/home/admin/.gnupg/pubring.gpg | Bin 421 -> 4331 bytes tests/home/admin/.gnupg/trustdb.gpg | Bin 1280 -> 1760 bytes tests/home/testuser/.gnupg/gpg.conf | 3 +++ 6 files changed, 30 insertions(+), 17 deletions(-) delete mode 100644 tests/home/admin/.gnupg/gpg.conf (limited to 'tests/home/testuser') diff --git a/etc/gnupg-authentication.conf b/etc/gnupg-authentication.conf index e00d317..7e5620b 100644 --- a/etc/gnupg-authentication.conf +++ b/etc/gnupg-authentication.conf @@ -8,7 +8,7 @@ primary-keyring /var/lib/monkeysphere/gnupg-authentication/pubring.gpg keyring /var/lib/monkeysphere/gnupg-host/pubring.gpg # PGP keyserver to use for PGP queries. -keyserver hkp://pgp.mit.edu +keyserver hkp://pool.sks-keyservers.net # GPG list options. It is recommended that you have at least # "show-uid-validity". diff --git a/tests/basic b/tests/basic index fc7dfba..81f3b91 100755 --- a/tests/basic +++ b/tests/basic @@ -12,6 +12,9 @@ # NOTE: these tests have *not* themselves been tested yet # (2008-09-13). Please exercise with caution! +# fail on fail +set -e + # these tests assume a commonly-trusted "Admin's key", a fake key # permanently stored in ./home/admin/.gnupg: gpgadmin() { @@ -20,6 +23,9 @@ gpgadmin() { # cleanup: cleanup() { + + read -p "press enter to cleanup and remove tmp:" + # FIXME: stop the sshd process echo @@ -63,16 +69,21 @@ export SOCKET="$TEMPDIR"/ssh-socket ### SERVER TESTS -# create the temp gnupghome directories +# setup monkeysphere temp gnupghome directories mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/gnupg-host mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication - -# add the quick-random option to the gpg host config -echo "quick-random" >> "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf +cat < "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication/gpg.conf +primary-keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-authentication/pubring.gpg +keyring ${MONKEYSPHERE_SYSDATADIR}/gnupg-host/pubring.gpg +EOF # create a new host key echo "### generating server key..." +# add gpg.conf with quick-random +echo "quick-random" >> "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf echo | monkeysphere-server gen-key --length 1024 --expire 0 testhost +# remove the gpg.conf +rm "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ ) @@ -80,7 +91,7 @@ HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ ) # (this would normally be done via keyservers) echo "### certifying server key..." monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | gpgadmin --import -gpgadmin --sign-key "$HOSTKEYID" +echo y | gpgadmin --command-fd 0 --sign-key "$HOSTKEYID" # FIXME: how can we test publish-key without flooding junk into the # keyservers? @@ -89,7 +100,7 @@ gpgadmin --sign-key "$HOSTKEYID" # host echo "### adding admin as certifier..." -monkeysphere-server add-identity-certifier "$TESTDIR"/home/admin/.gnupg/pubkey.gpg +echo y | monkeysphere-server add-identity-certifier "$TESTDIR"/home/admin/.gnupg/pubkey.gpg # initialize base sshd_config cp etc/ssh/sshd_config "$SSHD_CONFIG" @@ -101,12 +112,13 @@ EOF # launch test sshd with the new host key. echo "### starting sshd..." -socat EXEC:'/usr/sbin/sshd -f '"$SSHD_CONFIG"' -i -d -d -d -D -e' "UNIX-LISTEN:${SOCKET}" & +socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -d -d -d -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & ### TESTUSER TESTS # copy testuser home directory into temp dir +echo "### seting up testuser home..." cp -r "$TESTDIR"/home/testuser "$TEMPDIR"/ # generate an auth subkey for the test user @@ -115,19 +127,19 @@ MONKEYSPHERE_GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ monkeysphere gen-subkey --expire 0 # add server key to testuser keychain -monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | \ +echo "### export server key to testuser..." +gpgadmin --armor --export "$HOSTKEYID" | \ GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --import +#GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --list-keys +#read -p "?" + # connect to test sshd, using monkeysphere to verify the identity # before connection. -echo "### connecting to sshd socket..." +echo "### testuser connecting to sshd socket..." PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}" -ssh -oProxyCommand="$PROXY_COMMAND" testhost +GNUPGHOME="$TEMPDIR"/testuser/.gnupg ssh -oProxyCommand="$PROXY_COMMAND" testhost # create a new client side key, certify it with the "CA", use it to # log in. ## FIXME: implement! - - -### FINISH -read -p "press enter to cleanup tmp:" diff --git a/tests/home/admin/.gnupg/gpg.conf b/tests/home/admin/.gnupg/gpg.conf deleted file mode 100644 index 34bf93a..0000000 --- a/tests/home/admin/.gnupg/gpg.conf +++ /dev/null @@ -1,2 +0,0 @@ -# command to avoid depleting the system entropy -quick-random diff --git a/tests/home/admin/.gnupg/pubring.gpg b/tests/home/admin/.gnupg/pubring.gpg index ce19633..8e10c4a 100644 Binary files a/tests/home/admin/.gnupg/pubring.gpg and b/tests/home/admin/.gnupg/pubring.gpg differ diff --git a/tests/home/admin/.gnupg/trustdb.gpg b/tests/home/admin/.gnupg/trustdb.gpg index 77ef133..171a891 100644 Binary files a/tests/home/admin/.gnupg/trustdb.gpg and b/tests/home/admin/.gnupg/trustdb.gpg differ diff --git a/tests/home/testuser/.gnupg/gpg.conf b/tests/home/testuser/.gnupg/gpg.conf index 34bf93a..f65c71b 100644 --- a/tests/home/testuser/.gnupg/gpg.conf +++ b/tests/home/testuser/.gnupg/gpg.conf @@ -1,2 +1,5 @@ # command to avoid depleting the system entropy quick-random +# other options +verify-options show-uid-validity +list-options show-uid-validity -- cgit v1.2.3 From a718b8d343f7b7de02be1a27a9f98a0ae52f0071 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 00:58:33 -0400 Subject: testing: adding temporary monkeysphere config and ssh config. --- tests/basic | 13 ++++++++++--- tests/home/testuser/.monkeysphere/monkeysphere.conf | 3 +++ tests/home/testuser/.ssh/config | 9 +++++++++ 3 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 tests/home/testuser/.monkeysphere/monkeysphere.conf create mode 100644 tests/home/testuser/.ssh/config (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index b1f3493..2314684 100755 --- a/tests/basic +++ b/tests/basic @@ -67,6 +67,13 @@ echo "### copying admin and testuser homes..." cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ +cat < "$TEMPDIR"/testuser/.ssh/config +UserKnownHosts $TEMPDIR/testuser/.ssh/known_hosts +EOF + +cat < "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf +KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts +EOF ### SERVER TESTS @@ -133,6 +140,6 @@ gpgadmin --armor --export "$HOSTKEYID" | \ # the identity before connection. This should work in both directions! echo "### testuser connecting to sshd socket..." PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}" -GNUPGHOME="$TEMPDIR"/testuser/.gnupg ssh -v -v -v -oProxyCommand="$PROXY_COMMAND" testhost - - +GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ +MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ + ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v -oProxyCommand="$PROXY_COMMAND" testhost diff --git a/tests/home/testuser/.monkeysphere/monkeysphere.conf b/tests/home/testuser/.monkeysphere/monkeysphere.conf new file mode 100644 index 0000000..59cc0cf --- /dev/null +++ b/tests/home/testuser/.monkeysphere/monkeysphere.conf @@ -0,0 +1,3 @@ +# monkeysphere config for testuser in monkeysphere test suite + +# KNOWN_HOSTS will be dynamically defined after creation. diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config new file mode 100644 index 0000000..566d1c0 --- /dev/null +++ b/tests/home/testuser/.ssh/config @@ -0,0 +1,9 @@ +# ssh config file for testuser for monkeysphere test suite. +Host * +PasswordAuthentication no +KbdInteractiveAuthentication no +RSAAuthentication no +GSSAPIAuthentication no +StrictHostKeyChecking yes + +# UserKnownHosts file will be filled in dynamically. -- cgit v1.2.3 From f0fc313acc49c2f24cfc4d7e0a49fb7c1e3755f7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:07:41 -0400 Subject: testing: fix ssh_config var UserKnownHosts to UserKnownHostsFile. --- tests/basic | 2 +- tests/home/testuser/.ssh/config | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index 2314684..30c6d17 100755 --- a/tests/basic +++ b/tests/basic @@ -68,7 +68,7 @@ cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ cat < "$TEMPDIR"/testuser/.ssh/config -UserKnownHosts $TEMPDIR/testuser/.ssh/known_hosts +UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts EOF cat < "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 566d1c0..8610bc9 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -6,4 +6,4 @@ RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes -# UserKnownHosts file will be filled in dynamically. +# UserKnownHostsFile will be filled in dynamically. -- cgit v1.2.3 From 8859ba489c1234a3920cb121c177d06b3b8779f7 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:51:13 -0400 Subject: testing: move ProxyCommand into a simple shell script to ease invocation (shell logical operators do not work directly in ProxyCommand argument). --- tests/basic | 9 ++++----- tests/home/testuser/.ssh/config | 2 +- tests/home/testuser/.ssh/proxy-command | 8 ++++++++ 3 files changed, 13 insertions(+), 6 deletions(-) create mode 100755 tests/home/testuser/.ssh/proxy-command (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index a04cc0e..d497d84 100755 --- a/tests/basic +++ b/tests/basic @@ -71,15 +71,15 @@ echo "### copying admin and testuser homes..." cp -a "$TESTDIR"/home/admin "$TEMPDIR"/ cp -a "$TESTDIR"/home/testuser "$TEMPDIR"/ -cat < "$TEMPDIR"/testuser/.ssh/config +cat <> "$TEMPDIR"/testuser/.ssh/config UserKnownHostsFile $TEMPDIR/testuser/.ssh/known_hosts +ProxyCommand $TEMPDIR/testuser/.ssh/proxy-command %h %p $SOCKET EOF -cat < "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf +cat <> "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts EOF - ### SERVER TESTS # setup monkeysphere temp gnupghome directories @@ -142,7 +142,6 @@ gpgadmin --armor --export "$HOSTKEYID" | \ # connect to test sshd, using monkeysphere-ssh-proxycommand to verify # the identity before connection. This should work in both directions! echo "### testuser connecting to sshd socket..." -PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}" GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ - ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v -oProxyCommand="$PROXY_COMMAND" testhost + ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v testhost diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 8610bc9..113a511 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -6,4 +6,4 @@ RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes -# UserKnownHostsFile will be filled in dynamically. +# UserKnownHostsFile and ProxyCommand will be filled in dynamically. diff --git a/tests/home/testuser/.ssh/proxy-command b/tests/home/testuser/.ssh/proxy-command new file mode 100755 index 0000000..630327d --- /dev/null +++ b/tests/home/testuser/.ssh/proxy-command @@ -0,0 +1,8 @@ +#!/usr/bin/env bash + +# simple socket-based proxy-command wrapper for testing monkeysphere. + +# pass this thing the host, the port, and the socket. + +monkeysphere-ssh-proxycommand --no-connect "$1" "$2" && \ +socat STDIO UNIX:"$3" -- cgit v1.2.3 From 74b446aef77a46302430ee8aac7124f40d9bf1b4 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 01:59:55 -0400 Subject: testing: moved the LogLevel debugging for ssh into config files, added an ssh-agent to the final ssh invocation. --- tests/basic | 31 ++++++++++++++++++++----------- tests/etc/ssh/sshd_config | 1 + tests/home/testuser/.ssh/config | 1 + 3 files changed, 22 insertions(+), 11 deletions(-) (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index d497d84..751dec4 100755 --- a/tests/basic +++ b/tests/basic @@ -2,17 +2,16 @@ # Tests to ensure that the monkeysphere is working -# Author: Daniel Kahn Gillmor -# Date: 2008-09-13 13:40:15-0400 +# Authors: +# Daniel Kahn Gillmor +# Jameson Rollins +# Copyright: 2008 +# License: GPL v3 or later -# these tests might be best run under fakeroot, particularly the -# "server-side" tests. Using fakeroot, they should be able to be run +# these tests should all be able to # as a non-privileged user. -# NOTE: these tests have *not* themselves been tested yet -# (2008-09-13). Please exercise with caution! - -# fail on fail +# all subcommands in this script should complete without failure: set -e # gpg command for test admin user @@ -20,6 +19,12 @@ gpgadmin() { GNUPGHOME="$TEMPDIR"/admin/.gnupg gpg "$@" } +failed_cleanup() { +# FIXME: can we be more verbose here? + echo 'FAILED!' + cleanup +} + # cleanup: cleanup() { @@ -38,7 +43,7 @@ cleanup() { } ## setup trap -trap cleanup EXIT +trap failed_cleanup EXIT ## set up some variables to ensure that we're operating strictly in ## the tests, not system-wide: @@ -123,7 +128,7 @@ EOF # launch test sshd with the new host key. echo "### starting sshd..." -socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -d -d -d -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & +socat EXEC:"/usr/sbin/sshd -f ${SSHD_CONFIG} -i -D -e" "UNIX-LISTEN:${SOCKET}" 2> "$TEMPDIR"/sshd.log & export SSHD_PID=$! ### TESTUSER TESTS @@ -144,4 +149,8 @@ gpgadmin --armor --export "$HOSTKEYID" | \ echo "### testuser connecting to sshd socket..." GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ - ssh -F "$TEMPDIR"/testuser/.ssh/config -v -v -v testhost + ssh-agent bash -c \ + 'monkeysphere subkey-to-ssh-agent && ssh -F "$TEMPDIR"/testuser/.ssh/config testhost' + +trap - EXIT +cleanup diff --git a/tests/etc/ssh/sshd_config b/tests/etc/ssh/sshd_config index 15b980c..82c72b9 100644 --- a/tests/etc/ssh/sshd_config +++ b/tests/etc/ssh/sshd_config @@ -20,3 +20,4 @@ TCPKeepAlive no AcceptEnv LANG LC_* UsePAM no UsePrivilegeSeparation no +LogLevel DEBUG diff --git a/tests/home/testuser/.ssh/config b/tests/home/testuser/.ssh/config index 113a511..1da2344 100644 --- a/tests/home/testuser/.ssh/config +++ b/tests/home/testuser/.ssh/config @@ -5,5 +5,6 @@ KbdInteractiveAuthentication no RSAAuthentication no GSSAPIAuthentication no StrictHostKeyChecking yes +LogLevel DEBUG # UserKnownHostsFile and ProxyCommand will be filled in dynamically. -- cgit v1.2.3 From c4a5813c6847201ae55ab8d3d49b6b4bb9691561 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 02:24:01 -0400 Subject: testing: added a passphrase (abc123) for the testuser private key; supplied a phony SSH_ASKPASS to provide the password when needed. --- tests/basic | 16 ++++++++-------- tests/home/testuser/.gnupg/random_seed | Bin 600 -> 600 bytes tests/home/testuser/.gnupg/secring.gpg | Bin 737 -> 775 bytes tests/home/testuser/.ssh/askpass | 6 ++++++ 4 files changed, 14 insertions(+), 8 deletions(-) create mode 100755 tests/home/testuser/.ssh/askpass (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index 751dec4..10b3c31 100755 --- a/tests/basic +++ b/tests/basic @@ -135,21 +135,21 @@ export SSHD_PID=$! # generate an auth subkey for the test user echo "### generating key for testuser..." -MONKEYSPHERE_GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ -SSH_ASKPASS=echo \ - monkeysphere gen-subkey --expire 0 +export GNUPGHOME="$TEMPDIR"/testuser/.gnupg +export SSH_ASKPASS="$TEMPDIR"/testuser/.ssh/askpass +export MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere + +monkeysphere gen-subkey --expire 0 # add server key to testuser keychain echo "### export server key to testuser..." -gpgadmin --armor --export "$HOSTKEYID" | \ - GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --import +gpgadmin --armor --export "$HOSTKEYID" | gpg --import # connect to test sshd, using monkeysphere-ssh-proxycommand to verify # the identity before connection. This should work in both directions! echo "### testuser connecting to sshd socket..." -GNUPGHOME="$TEMPDIR"/testuser/.gnupg \ -MONKEYSPHERE_HOME="$TEMPDIR"/testuser/.monkeysphere \ - ssh-agent bash -c \ + +ssh-agent bash -c \ 'monkeysphere subkey-to-ssh-agent && ssh -F "$TEMPDIR"/testuser/.ssh/config testhost' trap - EXIT diff --git a/tests/home/testuser/.gnupg/random_seed b/tests/home/testuser/.gnupg/random_seed index 40ab6a6..230b315 100644 Binary files a/tests/home/testuser/.gnupg/random_seed and b/tests/home/testuser/.gnupg/random_seed differ diff --git a/tests/home/testuser/.gnupg/secring.gpg b/tests/home/testuser/.gnupg/secring.gpg index a5519a6..26cf230 100644 Binary files a/tests/home/testuser/.gnupg/secring.gpg and b/tests/home/testuser/.gnupg/secring.gpg differ diff --git a/tests/home/testuser/.ssh/askpass b/tests/home/testuser/.ssh/askpass new file mode 100755 index 0000000..5b7b059 --- /dev/null +++ b/tests/home/testuser/.ssh/askpass @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +# phony/automatic askpass, to provide the passphrase for the +# testuser's GPG key. + +echo abc123 -- cgit v1.2.3 From 6b5b0fdfc95625892df654e4ae057a798e59d588 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 02:56:03 -0400 Subject: testing: setting up the fake testuser account with an authorized_user_id. --- tests/basic | 9 +++++++-- tests/home/testuser/.monkeysphere/authorized_user_ids | 1 + 2 files changed, 8 insertions(+), 2 deletions(-) create mode 100644 tests/home/testuser/.monkeysphere/authorized_user_ids (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index 9f4d02e..8d2b8f8 100755 --- a/tests/basic +++ b/tests/basic @@ -85,6 +85,11 @@ cat <> "$TEMPDIR"/testuser/.monkeysphere/monkeysphere.conf KNOWN_HOSTS=$TEMPDIR/testuser/.ssh/known_hosts EOF +# set up a simple default monkeysphere-server.conf +cat <> "$TEMPDIR"/monkeysphere-server.conf +AUTHORIZED_USER_IDS="$TEMPDIR/testuser/.monkeysphere/authorized_user_ids" +EOF + ### SERVER TESTS # setup monkeysphere temp gnupghome directories @@ -149,8 +154,8 @@ gpgadmin --armor --export "$HOSTKEYID" | gpg --import # teach the "server" about the testuser's key echo "### export testuser key to server..." gpg --export testuser | monkeysphere-server gpg-authentication-cmd --import -echo "### update server authorized_keys file for testuser..." -monkeysphere-server update-users testuser +echo "### update server authorized_keys file for this testuser..." +monkeysphere-server update-users "$USER" # connect to test sshd, using monkeysphere-ssh-proxycommand to verify # the identity before connection. This should work in both directions! diff --git a/tests/home/testuser/.monkeysphere/authorized_user_ids b/tests/home/testuser/.monkeysphere/authorized_user_ids new file mode 100644 index 0000000..4b51eaf --- /dev/null +++ b/tests/home/testuser/.monkeysphere/authorized_user_ids @@ -0,0 +1 @@ +Monkeysphere Test Suite Test User (DO NOT USE!!!) -- cgit v1.2.3 From 96ac22cf25565e62b5a8a2dae820b074cb5ab32d Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Sun, 26 Oct 2008 03:02:11 -0400 Subject: testing: A bit more fine-tuning, so that the test suite should successfully complete without any user interaction. --- tests/basic | 17 ++++++++++------- tests/home/testuser/.ssh/proxy-command | 2 +- 2 files changed, 11 insertions(+), 8 deletions(-) (limited to 'tests/home/testuser') diff --git a/tests/basic b/tests/basic index 8d2b8f8..2befac2 100755 --- a/tests/basic +++ b/tests/basic @@ -22,18 +22,16 @@ gpgadmin() { failed_cleanup() { # FIXME: can we be more verbose here? echo 'FAILED!' + read -p "press enter to cleanup and remove tmp:" + cleanup } # cleanup: cleanup() { - - echo - read -p "press enter to cleanup and remove tmp:" - - if ( ps $SSHD_PID >/dev/null ) ; then + if ( ps "$SSHD_PID" >/dev/null ) ; then echo "### stopping still-running sshd..." - kill $SSHD_PID + kill "$SSHD_PID" fi echo "### removing temp dir..." @@ -162,7 +160,12 @@ monkeysphere-server update-users "$USER" echo "### testuser connecting to sshd socket..." ssh-agent bash -c \ - "monkeysphere subkey-to-ssh-agent && ssh -F $TEMPDIR/testuser/.ssh/config testhost" + "monkeysphere subkey-to-ssh-agent && ssh -F $TEMPDIR/testuser/.ssh/config testhost true" trap - EXIT + +echo +echo "Monkeysphere basic tests completed successfully!" +echo + cleanup diff --git a/tests/home/testuser/.ssh/proxy-command b/tests/home/testuser/.ssh/proxy-command index 630327d..21c66fa 100755 --- a/tests/home/testuser/.ssh/proxy-command +++ b/tests/home/testuser/.ssh/proxy-command @@ -5,4 +5,4 @@ # pass this thing the host, the port, and the socket. monkeysphere-ssh-proxycommand --no-connect "$1" "$2" && \ -socat STDIO UNIX:"$3" +exec socat STDIO UNIX:"$3" -- cgit v1.2.3