blob: 0674826306a4c9b36f23b745ac403a35e8e6f08c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
#!/bin/sh
. ../../../prepare.inc.sh
. ../../../toolbox.inc.sh
# ---- do the actual testing ----
result=PASS
echo "++++ BEGINNING TEST" >$OUTPUTFILE
# create a keyring and attach it to the session keyring
marker "ADD KEYRING"
create_keyring wibble @s
expect_keyid keyringid
# create a key and attach it to the new keyring
marker "ADD KEY"
create_key user lizard gizzard $keyringid
expect_keyid keyid
# check that we can list the keyring
marker "LIST KEYRING"
list_keyring $keyringid
expect_keyring_rlist ringlist $keyid
# check we can read the key description
marker "CHECK VALIDATE KEY"
describe_key $keyid
expect_key_rdesc kdesc 'user@.*@lizard'
# check we can read the key's payload
marker "CHECK READ PAYLOAD"
print_key $keyid
expect_payload kpayload "gizzard"
# set a silly timeout on the key
marker "SET BIG TIMEOUT"
timeout_key $keyid 10000000
# check we can still read the key's payload
marker "CHECK READ PAYLOAD 2"
print_key $keyid
expect_payload kpayload "gizzard"
# set a small timeout on the key
marker "SET SMALL TIMEOUT"
timeout_key $keyid 2
marker "WAIT FOR TIMEOUT"
sleep_at_least 2
# check the key has expired
marker "CHECK NO READ PAYLOAD"
print_key --fail $keyid
expect_error EKEYEXPIRED
# check revocation doesn't work
marker "CHECK NO REVOKE KEY"
revoke_key --fail $keyid
expect_error EKEYEXPIRED
# check timeout setting doesn't work
marker "CHECK NO TIMEOUT KEY"
timeout_key --fail $keyid 20
expect_error EKEYEXPIRED
# remove the key we added
marker "UNLINK KEY"
unlink_key $keyid $keyringid
###############################################################################
# create a key and attach it to the new keyring
marker "ADD KEY"
create_key user lizard gizzard $keyringid
expect_keyid keyid
# set a silly timeout on the key
marker "SET BIG TIMEOUT"
timeout_key $keyid 10000000
# revoke the key
marker "REVOKE KEY"
revoke_key $keyid
# check we can no longer set the key's timeout
marker "CHECK NO SET KEY TIMEOUT"
timeout_key --fail $keyid 20
expect_error EKEYREVOKED
# remove the key we added
marker "UNLINK KEY"
unlink_key $keyid $keyringid
# revoke the keyring
marker "TIMEOUT KEYRING"
timeout_key $keyringid 1
marker "WAIT FOR KEYRING TIMEOUT"
sleep_at_least 1
# listing the session keyring should fail
marker "CHECK NO LIST SESSION KEYRING"
list_keyring --fail $keyringid
expect_error EKEYEXPIRED
# validating the new keyring's name and type should also fail
marker "CHECK NO VALIDATE KEYRING"
describe_key --fail $keyringid
expect_error EKEYEXPIRED
# remove the keyring we added
marker "UNLINK KEYRING"
unlink_key $keyringid @s
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
# --- then report the results in the database ---
toolbox_report_result $TEST $result
|
