blob: c14d0cc1ee3f5e94d793b2cf2b9d52e40c4e2af7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
|
#!/bin/sh
. ../../../prepare.inc.sh
. ../../../toolbox.inc.sh
# ---- do the actual testing ----
result=PASS
echo "++++ BEGINNING TEST" >$OUTPUTFILE
set_gc_delay 10
# create a pair of keyrings to play in
marker "CREATE KEYRINGS"
create_keyring "sandbox" @s
expect_keyid keyringid
# check that we can't yet request a non-existent key
marker "CHECK REQUEST FAILS"
request_key --fail user lizard $keyringid
expect_error ENOKEY
# add a user key to the first keyring
marker "ADD USER KEY"
create_key user lizard gizzard $keyringid
expect_keyid keyid
# request the key
marker "REQUEST KEY"
request_key user lizard
expect_keyid keyid2 $keyid
# remove the key from the keyring
marker "DETACH KEY FROM KEYRING"
unlink_key $keyid $keyringid
# request a key from /sbin/request-key to the session keyring
marker "CALL OUT REQUEST KEY TO SESSION"
request_key_callout user debug:lizard gizzard
expect_keyid keyid
# should have appeared in the session keyring
marker "CHECK ATTACHMENT TO SESSION KEYRING"
list_keyring @s
expect_keyring_rlist rlist $keyid
# rerequesting should pick up that key again
marker "REDO CALL OUT REQUEST KEY TO SESSION"
request_key_callout user debug:lizard gizzard
expect_keyid keyid2 $keyid
# remove the key from the session
# - it was installed twice
# - once by request_key's keyring arg
# - once from the instantiation call
# but it will only have one link
marker "DETACH KEY FROM SESSION"
unlink_key --wait $keyid @s
unlink_key --fail $keyid @s
expect_error ENOKEY
# request a key from /sbin/request-key to the keyring we made
marker "CALL OUT REQUEST KEY TO KEYRING"
request_key_callout user debug:lizard gizzard $keyringid
expect_keyid keyid
# should have appeared once each in the sandbox and session keyrings
marker "CHECK ATTACHMENT TO KEYRING"
list_keyring $keyringid
expect_keyring_rlist rlist $keyid
marker "CHECK ATTACHMENT TO SESSION"
list_keyring @s
expect_keyring_rlist rlist $keyid
# rerequesting should pick up that key again
marker "REDO CALL OUT REQUEST KEY TO KEYRING"
request_key_callout user debug:lizard gizzard $keyringid
expect_keyid keyid2 $keyid
# remove the key from the session
marker "DETACH KEY"
unlink_key $keyid $keyringid
unlink_key --wait $keyid @s
unlink_key --fail $keyid @s
expect_error ENOKEY
# remove the keyrings we added
marker "UNLINK KEYRINGS"
unlink_key $keyringid @s
set_gc_delay $orig_gc_delay
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
# --- then report the results in the database ---
toolbox_report_result $TEST $result
|
