summaryrefslogtreecommitdiff
path: root/tests/basic
blob: fc7dfba10667b1fbab917971e4635cf4d62e1c80 (plain)
  1. #!/usr/bin/env bash
  2. # Tests to ensure that the monkeysphere is working
  3. # Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
  4. # Date: 2008-09-13 13:40:15-0400
  5. # these tests might be best run under fakeroot, particularly the
  6. # "server-side" tests. Using fakeroot, they should be able to be run
  7. # as a non-privileged user.
  8. # NOTE: these tests have *not* themselves been tested yet
  9. # (2008-09-13). Please exercise with caution!
  10. # these tests assume a commonly-trusted "Admin's key", a fake key
  11. # permanently stored in ./home/admin/.gnupg:
  12. gpgadmin() {
  13. GNUPGHOME="$TESTDIR"/home/admin/.gnupg gpg "$@"
  14. }
  15. # cleanup:
  16. cleanup() {
  17. # FIXME: stop the sshd process
  18. echo
  19. echo "### removing temp dir..."
  20. rm -rf "$TEMPDIR"
  21. # FIXME: how should we clear out the temporary $VARLIB?
  22. # FIXME: clear out ssh client config file and known hosts.
  23. }
  24. ## setup trap
  25. trap cleanup EXIT
  26. ## set up some variables to ensure that we're operating strictly in
  27. ## the tests, not system-wide:
  28. export TESTDIR=$(pwd)
  29. # make temp dir
  30. TEMPDIR="$TESTDIR"/tmp
  31. if [ -e "$TEMPDIR" ] ; then
  32. echo "tempdir '$TEMPDIR' already exists."
  33. exit 1
  34. fi
  35. mkdir "$TEMPDIR"
  36. # Use the local copy of executables first, instead of system ones.
  37. # This should help us test without installing.
  38. export PATH="$TESTDIR"/../src:"$TESTDIR"/../src/keytrans:"$PATH"
  39. export MONKEYSPHERE_SYSDATADIR="$TEMPDIR"
  40. export MONKEYSPHERE_SYSCONFIGDIR="$TEMPDIR"
  41. export MONKEYSPHERE_SYSSHAREDIR="$TESTDIR"/../src
  42. export MONKEYSPHERE_MONKEYSPHERE_USER="$USER"
  43. export MONKEYSPHERE_CHECK_KEYSERVER=false
  44. SSHD_CONFIG="$TEMPDIR"/sshd_config
  45. export SOCKET="$TEMPDIR"/ssh-socket
  46. ### SERVER TESTS
  47. # create the temp gnupghome directories
  48. mkdir -p -m 750 "$MONKEYSPHERE_SYSDATADIR"/gnupg-host
  49. mkdir -p -m 700 "$MONKEYSPHERE_SYSDATADIR"/gnupg-authentication
  50. # add the quick-random option to the gpg host config
  51. echo "quick-random" >> "$MONKEYSPHERE_SYSCONFIGDIR"/gnupg-host/gpg.conf
  52. # create a new host key
  53. echo "### generating server key..."
  54. echo | monkeysphere-server gen-key --length 1024 --expire 0 testhost
  55. HOSTKEYID=$( monkeysphere-server show-key | tail -n1 | cut -f3 -d\ )
  56. # certify it with the "Admin's Key".
  57. # (this would normally be done via keyservers)
  58. echo "### certifying server key..."
  59. monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | gpgadmin --import
  60. gpgadmin --sign-key "$HOSTKEYID"
  61. # FIXME: how can we test publish-key without flooding junk into the
  62. # keyservers?
  63. # indicate that the "Admin's" key is an identity certifier for the
  64. # host
  65. echo "### adding admin as certifier..."
  66. monkeysphere-server add-identity-certifier "$TESTDIR"/home/admin/.gnupg/pubkey.gpg
  67. # initialize base sshd_config
  68. cp etc/ssh/sshd_config "$SSHD_CONFIG"
  69. # write the sshd_config
  70. cat <<EOF >> "$SSHD_CONFIG"
  71. HostKey ${MONKEYSPHERE_SYSDATADIR}/ssh_host_rsa_key
  72. AuthorizedKeysFile ${MONKEYSPHERE_SYSDATADIR}/authorized_keys/%u
  73. EOF
  74. # launch test sshd with the new host key.
  75. echo "### starting sshd..."
  76. socat EXEC:'/usr/sbin/sshd -f '"$SSHD_CONFIG"' -i -d -d -d -D -e' "UNIX-LISTEN:${SOCKET}" &
  77. ### TESTUSER TESTS
  78. # copy testuser home directory into temp dir
  79. cp -r "$TESTDIR"/home/testuser "$TEMPDIR"/
  80. # generate an auth subkey for the test user
  81. echo "### generating key for testuser..."
  82. MONKEYSPHERE_GNUPGHOME="$TEMPDIR"/testuser/.gnupg \
  83. monkeysphere gen-subkey --expire 0
  84. # add server key to testuser keychain
  85. monkeysphere-server gpg-authentication-cmd "--armor --export $HOSTKEYID" | \
  86. GNUPGHOME="$TEMPDIR"/testuser/.gnupg gpg --import
  87. # connect to test sshd, using monkeysphere to verify the identity
  88. # before connection.
  89. echo "### connecting to sshd socket..."
  90. PROXY_COMMAND="monkeysphere-ssh-proxycommand --no-connect %h && socat STDIO UNIX:${SOCKET}"
  91. ssh -oProxyCommand="$PROXY_COMMAND" testhost
  92. # create a new client side key, certify it with the "CA", use it to
  93. # log in.
  94. ## FIXME: implement!
  95. ### FINISH
  96. read -p "press enter to cleanup tmp:"