diff options
Diffstat (limited to 'tests')
51 files changed, 559 insertions, 468 deletions
diff --git a/tests/bugzillas/bz1031154/runtest.sh b/tests/bugzillas/bz1031154/runtest.sh index d90afb4..2c85f4d 100644 --- a/tests/bugzillas/bz1031154/runtest.sh +++ b/tests/bugzillas/bz1031154/runtest.sh @@ -54,8 +54,7 @@ fi # create a big key to probe marker "CREATE BIG KEY" -pcreate_key_by_size 8192 big_key test-key @s -expect_keyid id +pcreate_key_by_size --new=id 8192 big_key test-key @s # check the big key is file backed and the right size marker "CHECK BIG KEY" diff --git a/tests/bugzillas/bz1033467/runtest.sh b/tests/bugzillas/bz1033467/runtest.sh index 54ec293..b34a2d6 100644 --- a/tests/bugzillas/bz1033467/runtest.sh +++ b/tests/bugzillas/bz1033467/runtest.sh @@ -13,16 +13,14 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD SANDBOX KEYRING" -create_keyring sandbox @s -expect_keyid sandbox +create_keyring --new=sandbox sandbox @s # create a bunch of nested keyrings in the sandbox marker "ADD NESTED KEYRINGS" declare -a ring for ((i=0; i<=16; i++)) do - create_keyring ring$i $sandbox - expect_keyid "ring[$i]" + create_keyring --new="ring[$i]" ring$i $sandbox done # create a key in each of those keyrings @@ -30,9 +28,9 @@ marker "ADD KEYS" keys="" for ((i=0; i<=16; i++)) do - create_key user a$i a ${ring[$i]} - expect_keyid id + create_key --new=id user a$i a ${ring[$i]} keys="$keys $id" + keyid[$i]=$id done # search for the added keys, beginning at sandbox and exercising the nesting @@ -40,9 +38,8 @@ marker "SEARCH KEYS" keys2="" for ((i=0; i<=16; i++)) do - search_for_key $sandbox user a$i - expect_keyid id - keys2="$keys2 $id" + search_for_key --expect=${keyid[$i]} $sandbox user a$i + keys2="$keys2 ${keyid[$i]}" done marker "COMPARE KEY LISTS" diff --git a/tests/bugzillas/bz1071346/runtest.sh b/tests/bugzillas/bz1071346/runtest.sh index 45f0a02..b60b33d 100644 --- a/tests/bugzillas/bz1071346/runtest.sh +++ b/tests/bugzillas/bz1071346/runtest.sh @@ -13,13 +13,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD SANDBOX KEYRING" -create_keyring sandbox @s -expect_keyid sandbox +create_keyring --new=sandbox sandbox @s # Add a second keyring of the same name into the sandbox marker "ADD SECOND SANDBOX KEYRING" -create_keyring sandbox $sandbox -expect_keyid second +create_keyring --new=second sandbox $sandbox # Now try and link keyrings together in ways that should fail marker "CHECK NO LINK SESSION TO SECOND" @@ -34,11 +32,9 @@ expect_error EDEADLK # Add another keyring into sandbox and stick a third sandbox keyring in that marker "ADD SIDE KEYRING" -create_keyring side $sandbox -expect_keyid side +create_keyring --new=side side $sandbox marker "ADD THIRD SANDBOX KEYRING" -create_keyring sandbox $side -expect_keyid third +create_keyring --new=third sandbox $side # Make sure we can't link the session keyring, the sandbox, the side # keyring or the third keyring itself into the third keyring. diff --git a/tests/features/builtin_trusted/runtest.sh b/tests/features/builtin_trusted/runtest.sh index 632669d..27910b5 100644 --- a/tests/features/builtin_trusted/runtest.sh +++ b/tests/features/builtin_trusted/runtest.sh @@ -17,12 +17,9 @@ fi # Find the various trusted keys marker "FIND BUILTIN TRUSTED KEYRINGS" -id_key %:.builtin_trusted_keys -expect_keyid btk -id_key %:.secondary_trusted_keys -expect_keyid stk -id_key %:.blacklist -expect_keyid blk +id_key --to=btk %:.builtin_trusted_keys +id_key --to=stk %:.secondary_trusted_keys +id_key --to=blk %:.blacklist # There should be at least one built-in trusted key for module signing. list_keyring $btk diff --git a/tests/keyctl/add/bad-args/runtest.sh b/tests/keyctl/add/bad-args/runtest.sh index 38795fa..270ee0a 100644 --- a/tests/keyctl/add/bad-args/runtest.sh +++ b/tests/keyctl/add/bad-args/runtest.sh @@ -43,8 +43,8 @@ expect_error EINVAL if [ $PAGE_SIZE -lt $maxsquota ] then marker "CHECK MAXLEN DESC" - create_key user $maxdesc stuff @p - expect_keyid keyid + create_key --new=keyid user $maxdesc stuff @s + clear_keyring @s else marker "CHECK MAXLEN DESC FAILS WITH EDQUOT" create_key --fail user $maxdesc stuff @p diff --git a/tests/keyctl/add/useradd/runtest.sh b/tests/keyctl/add/useradd/runtest.sh index e421a89..956fb98 100644 --- a/tests/keyctl/add/useradd/runtest.sh +++ b/tests/keyctl/add/useradd/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # check that we can add a user key to the session keyring marker "ADD USER KEY" -create_key user wibble stuff @s -expect_keyid keyid +create_key --new=keyid user wibble stuff @s # read back what we put in it marker "PRINT PAYLOAD" @@ -21,8 +20,7 @@ expect_payload payload "stuff" # check that we can add a hex-encoded user key to the session keyring marker "ADD HEX USER KEY" -create_key -x user wibble "73 7475 66 66 " @s -expect_keyid keyid +create_key --update=$keyid -x user wibble "73 7475 66 66 " @s # read back what we put in it marker "PRINT PAYLOAD" @@ -31,15 +29,7 @@ expect_payload payload "stuff" # check that we can update a user key marker "UPDATE USER KEY" -create_key user wibble lizard @s - -# check we get the same key ID back -expect_keyid keyid2 - -if [ "x$keyid" != "x$keyid2" ] -then - failed -fi +create_key --update=$keyid user wibble lizard @s # read back what we changed it to marker "PRINT UPDATED PAYLOAD" diff --git a/tests/keyctl/clear/bad-args/runtest.sh b/tests/keyctl/clear/bad-args/runtest.sh index feb89f6..0d97489 100644 --- a/tests/keyctl/clear/bad-args/runtest.sh +++ b/tests/keyctl/clear/bad-args/runtest.sh @@ -16,8 +16,7 @@ expect_error EINVAL # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that a non-keyring ID fails correctly marker "CHECK CLEAR NON-KEYRING KEY" diff --git a/tests/keyctl/clear/valid/runtest.sh b/tests/keyctl/clear/valid/runtest.sh index 9cb35ef..bdefa46 100644 --- a/tests/keyctl/clear/valid/runtest.sh +++ b/tests/keyctl/clear/valid/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # validate the new keyring's name and type marker "VALIDATE KEYRING" @@ -35,8 +34,7 @@ expect_keyring_rlist rlist empty # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -57,8 +55,7 @@ marker "ADD FORTY KEYS" keys="" for ((i=0; i<40; i++)) do - create_key user lizard$i gizzard$i $keyringid - expect_keyid x + create_key --new=x user lizard$i gizzard$i $keyringid keys="$keys $x" list_keyring $keyringid expect_keyring_rlist rlist $x diff --git a/tests/keyctl/describing/bad-args/runtest.sh b/tests/keyctl/describing/bad-args/runtest.sh index a49ee52..213a341 100644 --- a/tests/keyctl/describing/bad-args/runtest.sh +++ b/tests/keyctl/describing/bad-args/runtest.sh @@ -18,8 +18,7 @@ expect_error EINVAL # create a key marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # dispose of the key marker "UNLINK KEY" diff --git a/tests/keyctl/describing/valid/runtest.sh b/tests/keyctl/describing/valid/runtest.sh index e327e4b..d8f778a 100644 --- a/tests/keyctl/describing/valid/runtest.sh +++ b/tests/keyctl/describing/valid/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # validate the new keyring's name and type marker "VALIDATE KEYRING" @@ -31,8 +30,7 @@ expect_keyring_rlist rlist empty # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # validate the new key's name and type marker "VALIDATE KEY" diff --git a/tests/keyctl/dh_compute/bad-args/runtest.sh b/tests/keyctl/dh_compute/bad-args/runtest.sh index 7e8828b..6fcba06 100644 --- a/tests/keyctl/dh_compute/bad-args/runtest.sh +++ b/tests/keyctl/dh_compute/bad-args/runtest.sh @@ -58,17 +58,10 @@ private+="\x50\x08\x66\xd5\x46\x1c\x5f\xa3\x54\x02\x38\x32\x4a\x29\xf3" private+="\x16\xe0\x68\xf3\xba\x17\x37\xd0\x42\xcb\x51\xa8\x97\x1b\xc7" private+="\xa2" -pcreate_key "-e $prime" user dh:prime @s -expect_keyid primeid - -pcreate_key "-e $generator" user dh:generator @s -expect_keyid generatorid - -pcreate_key "-e $private" user dh:private @s -expect_keyid privateid - -pcreate_key "-e \x00" logon dh:logon @s -expect_keyid logonid +pcreate_key --new=primeid "-e $prime" user dh:prime @s +pcreate_key --new=generatorid "-e $generator" user dh:generator @s +pcreate_key --new=privateid "-e $private" user dh:private @s +pcreate_key --new=logonid "-e \x00" logon dh:logon @s marker "CHECK WRONG KEY TYPE" dh_compute --fail $privateid $primeid $logonid diff --git a/tests/keyctl/dh_compute/valid/runtest.sh b/tests/keyctl/dh_compute/valid/runtest.sh index 1ff2687..342a1d5 100644 --- a/tests/keyctl/dh_compute/valid/runtest.sh +++ b/tests/keyctl/dh_compute/valid/runtest.sh @@ -69,14 +69,10 @@ a328e894 acc343f4 66a95281 86cea6a3 93eb4fee f83c0e2e f4a00ce6 fcc9ef81 cc4624d5 ba659411 d1ba7b5f 14a3e286 d42e6ac8 afa9f846 41cb7cb5 66965725 EOF -create_key -x user dh:prime $prime @s -expect_keyid primeid - -create_key -x user dh:generator $generator @s -expect_keyid generatorid - -create_key -x user dh:private $private @s -expect_keyid privateid +marker "LOAD SOURCE KEYS" +create_key --new=primeid -x user dh:prime $prime @s +create_key --new=generatorid -x user dh:generator $generator @s +create_key --new=privateid -x user dh:private $private @s marker "COMPUTE DH PUBLIC KEY" dh_compute $privateid $primeid $generatorid @@ -92,6 +88,7 @@ echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE ################################################################ # SHA-256 +marker "LOAD SHA-256 SOURCE KEYS" # XephemCAVS private="81b2c65f5cbac00b1353ac38bd77a25a" @@ -154,14 +151,9 @@ read -d '' derived <<"EOF" 8284e313 02c8a26b 393ec52d 9f9e0882 EOF -create_key -x user dh:prime $prime @s -expect_keyid primeid - -create_key -x user dh:xa $xa @s -expect_keyid xaid - -create_key -x user dh:private $private @s -expect_keyid privateid +create_key --update=primeid -x user dh:prime $prime @s +create_key --new=xaid -x user dh:xa $xa @s +create_key --update=privateid -x user dh:private $private @s marker "COMPUTE DH SHARED SECRET" dh_compute $privateid $primeid $xaid @@ -171,8 +163,7 @@ marker "COMPUTE DERIVED KEY FROM DH SHARED SECRET (SHA-256)" echo -e -n $otherinfo | dh_compute_kdf_oi -x $privateid $primeid $xaid 16 "sha256" expect_multiline payload "$derived" -create_key -x user dh:leadingzero "01" @s -expect_keyid lzid +create_key --new=lzid -x user dh:leadingzero "01" @s read -d '' derived2 <<"EOF" 0066207b cdab1d64 bbf489b3 d6a0dadc @@ -183,6 +174,7 @@ echo -e -n $otherinfo | dh_compute_kdf_oi -x $privateid $primeid $lzid 16 "sha25 expect_multiline payload "$derived2" # SHA-224 +marker "LOAD SHA-224 SOURCE KEYS" # XephemCAVS private="861ba259aba6aa577de22f508ecbbc26" @@ -245,14 +237,9 @@ read -d '' derived <<"EOF" 88bf39c0 08eec33a dc3b4430 054ba262 EOF -create_key -x user dh:prime $prime @s -expect_keyid primeid - -create_key -x user dh:xa $xa @s -expect_keyid xaid - -create_key -x user dh:private $private @s -expect_keyid privateid +create_key --update=primeid -x user dh:prime $prime @s +create_key --update=xaid -x user dh:xa $xa @s +create_key --update=privateid -x user dh:private $private @s marker "COMPUTE DH SHARED SECRET" dh_compute $privateid $primeid $xaid diff --git a/tests/keyctl/id/valid/runtest.sh b/tests/keyctl/id/valid/runtest.sh index 56c2d95..ffed995 100644 --- a/tests/keyctl/id/valid/runtest.sh +++ b/tests/keyctl/id/valid/runtest.sh @@ -15,9 +15,9 @@ id_key --fail @t expect_error ENOKEY id_key --fail @p expect_error ENOKEY -id_key @s -id_key @u -id_key @us +id_key --to=x @s +id_key --to=x @u +id_key --to=x @us id_key --fail @g expect_error EINVAL id_key --fail @a @@ -25,13 +25,12 @@ expect_error ENOKEY # create a keyring marker "CREATE KEYRING" -create_keyring lizard @s -expect_keyid keyid +create_keyring --new=keyid lizard @s # check that a non-keyring ID works marker "CHECK NON-KEYRING KEY" -id_key $keyid -id_key %:lizard +id_key --to=x $keyid +id_key --to=x %:lizard id_key --fail %:lizardx # dispose of the key we were using @@ -45,13 +44,12 @@ expect_error ENOKEY # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that a non-keyring ID works marker "CHECK NON-KEYRING KEY" -id_key $keyid -id_key %user:lizard +id_key --to=x $keyid +id_key --to=x %user:lizard # dispose of the key we were using marker "UNLINK KEY" diff --git a/tests/keyctl/instantiating/bad-args/runtest.sh b/tests/keyctl/instantiating/bad-args/runtest.sh index 1922282..0b01395 100644 --- a/tests/keyctl/instantiating/bad-args/runtest.sh +++ b/tests/keyctl/instantiating/bad-args/runtest.sh @@ -20,8 +20,7 @@ expect_error EPERM # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that instantiation of an instantiated key fails marker "CHECK ALREADY INSTANTIATED KEY" diff --git a/tests/keyctl/invalidate/bad-args/runtest.sh b/tests/keyctl/invalidate/bad-args/runtest.sh index 2d9ab11..b95a8c9 100644 --- a/tests/keyctl/invalidate/bad-args/runtest.sh +++ b/tests/keyctl/invalidate/bad-args/runtest.sh @@ -22,8 +22,7 @@ expect_error EINVAL # create a key marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # and dispose of it marker "UNLINK KEY" diff --git a/tests/keyctl/invalidate/valid/runtest.sh b/tests/keyctl/invalidate/valid/runtest.sh index afc0d3e..100f711 100644 --- a/tests/keyctl/invalidate/valid/runtest.sh +++ b/tests/keyctl/invalidate/valid/runtest.sh @@ -17,8 +17,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # check that we have an empty keyring marker "LIST KEYRING" @@ -27,8 +26,7 @@ expect_keyring_rlist rlist empty # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING 2" @@ -49,8 +47,7 @@ expect_keyring_rlist rlist empty # stick another key in the keyring marker "ADD KEY" -create_key user lizard2 gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard2 gizzard $keyringid # check that we can list it marker "LIST KEYRING 4" diff --git a/tests/keyctl/link/bad-args/runtest.sh b/tests/keyctl/link/bad-args/runtest.sh index 39612f4..08bf2d3 100644 --- a/tests/keyctl/link/bad-args/runtest.sh +++ b/tests/keyctl/link/bad-args/runtest.sh @@ -20,8 +20,7 @@ expect_error EINVAL # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that linking to a non-keyring ID fails correctly marker "CHECK LINK TO NON-KEYRING KEY" diff --git a/tests/keyctl/link/recursion/runtest.sh b/tests/keyctl/link/recursion/runtest.sh index 1012871..65abd9c 100644 --- a/tests/keyctl/link/recursion/runtest.sh +++ b/tests/keyctl/link/recursion/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "CREATE KEYRING 1" -create_keyring "first" @s -expect_keyid keyringid +create_keyring --new=keyringid "first" @s set_key_perm $keyringid 0x3f3f0000 # attempt to link a keyring to itself @@ -22,8 +21,7 @@ expect_error EDEADLK # create a second keyring in the first marker "CREATE KEYRING 2" -create_keyring "second" $keyringid -expect_keyid keyring2id +create_keyring --new=keyring2id "second" $keyringid set_key_perm $keyring2id 0x3f3f0000 # attempt to link a keyring to its child keyring @@ -33,8 +31,7 @@ expect_error EDEADLK # create a third keyring in the second marker "CREATE KEYRING 3" -create_keyring "third" $keyring2id -expect_keyid keyring3id +create_keyring --new=keyring3id "third" $keyring2id set_key_perm $keyring3id 0x3f3f0000 # attempt to link a keyring to its grandchild keyring @@ -44,8 +41,7 @@ expect_error EDEADLK # create a fourth keyring in the third marker "CREATE KEYRING 4" -create_keyring "fourth" $keyring3id -expect_keyid keyring4id +create_keyring --new=keyring4id "fourth" $keyring3id set_key_perm $keyring4id 0x3f3f0000 # attempt to link a keyring to its great grandchild keyring @@ -55,8 +51,7 @@ expect_error EDEADLK # create a fifth keyring in the fourth marker "CREATE KEYRING 5" -create_keyring "fifth" $keyring4id -expect_keyid keyring5id +create_keyring --new=keyring5id "fifth" $keyring4id set_key_perm $keyring5id 0x3f3f0000 # attempt to link a keyring to its great great grandchild keyring @@ -66,8 +61,7 @@ expect_error EDEADLK # create a sixth keyring in the fifth marker "CREATE KEYRING 6" -create_keyring "sixth" $keyring5id -expect_keyid keyring6id +create_keyring --new=keyring6id "sixth" $keyring5id set_key_perm $keyring6id 0x3f3f0000 # attempt to link a keyring to its great great great grandchild keyring @@ -77,8 +71,7 @@ expect_error EDEADLK # create a seventh keyring in the sixth marker "CREATE KEYRING 7" -create_keyring "seventh" $keyring6id -expect_keyid keyring7id +create_keyring --new=keyring7id "seventh" $keyring6id set_key_perm $keyring7id 0x3f3f0000 # attempt to link a keyring to its great great great great grandchild keyring @@ -88,8 +81,7 @@ expect_error EDEADLK # create an eigth keyring in the seventh marker "CREATE KEYRING 8" -create_keyring "eighth" @s -expect_keyid keyring8id +create_keyring --new=keyring8id "eighth" @s set_key_perm $keyring8id 0x3f3f0000 link_key $keyring8id $keyring7id unlink_key $keyring8id @s @@ -101,8 +93,7 @@ expect_error EDEADLK # create a ninth keyring in the eighth marker "CREATE KEYRING 9" -create_keyring "ninth" @s -expect_keyid keyring9id +create_keyring --new=keyring9id "ninth" @s set_key_perm $keyring9id 0x3f3f0000 link_key $keyring9id $keyring8id unlink_key $keyring9id @s @@ -118,19 +109,15 @@ unlink_key $keyringid @s # create two stacks of keyrings marker "CREATE KEYRING STACKS" -create_keyring "A1" @s -expect_keyid aroot -create_keyring "B1" @s -expect_keyid broot +create_keyring --new=aroot "A1" @s +create_keyring --new=broot "B1" @s a=$aroot b=$broot for ((i=2; i<=4; i++)) do - create_keyring "A$i" $a - expect_keyid a - create_keyring "B$i" $b - expect_keyid b + create_keyring --new=a "A$i" $a + create_keyring --new=b "B$i" $b done # make sure we can't create a cycle by linking the two stacks together @@ -156,10 +143,8 @@ unlink_key $broot $a # extend the stacks marker "EXTEND STACKS" -create_keyring "A5" $a -expect_keyid a -create_keyring "B5" $b -expect_keyid b +create_keyring --new=a "A5" $a +create_keyring --new=b "B5" $b # make sure we can't hide a cycle by linking the two bigger stacks together marker "CHECK MAXDEPTH A TO B" diff --git a/tests/keyctl/link/valid/runtest.sh b/tests/keyctl/link/valid/runtest.sh index fc7f28a..8483831 100644 --- a/tests/keyctl/link/valid/runtest.sh +++ b/tests/keyctl/link/valid/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # validate the new keyring's name and type marker "VALIDATE KEYRING" @@ -26,8 +25,7 @@ expect_keyring_rlist rlist empty # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -85,8 +83,7 @@ unlink_key --fail $keyid $keyringid expect_error ENOKEY # create a second keyring in the first -create_keyring "zebra" $keyringid -expect_keyid keyring2id +create_keyring --new=keyring2id "zebra" $keyringid # link thrice across to the session keyring marker "LINK 2ND KEYRING TO SESSION" diff --git a/tests/keyctl/listing/bad-args/runtest.sh b/tests/keyctl/listing/bad-args/runtest.sh index beb6c99..84e3f07 100644 --- a/tests/keyctl/listing/bad-args/runtest.sh +++ b/tests/keyctl/listing/bad-args/runtest.sh @@ -18,8 +18,7 @@ expect_error ENOKEY # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # dispose of the key we were using marker "UNLINK KEY" diff --git a/tests/keyctl/listing/valid/runtest.sh b/tests/keyctl/listing/valid/runtest.sh index fe67bd4..872f3ed 100644 --- a/tests/keyctl/listing/valid/runtest.sh +++ b/tests/keyctl/listing/valid/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # validate the new keyring's name and type marker "VALIDATE KEYRING" @@ -30,8 +29,7 @@ expect_payload payload "keyring is empty" # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -50,8 +48,7 @@ fi # stick a second key in the keyring marker "ADD KEY 2" -create_key user snake skin $keyringid -expect_keyid keyid2 +create_key --new=keyid2 user snake skin $keyringid # check that we can see both keys marker "LIST KEYRING WITH TWO" diff --git a/tests/keyctl/move/bad-args/runtest.sh b/tests/keyctl/move/bad-args/runtest.sh index 8ce62ff..b1c7e66 100644 --- a/tests/keyctl/move/bad-args/runtest.sh +++ b/tests/keyctl/move/bad-args/runtest.sh @@ -36,12 +36,10 @@ expect_error EINVAL # create a pair of non-keyrings marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s marker "CREATE KEY2" -create_key user zebra stripes @s -expect_keyid keyid2 +create_key --new=keyid2 user zebra stripes @s # check that linking to a non-keyring ID fails correctly marker "CHECK MOVE FROM NON-KEYRING KEY" diff --git a/tests/keyctl/move/recursion/runtest.sh b/tests/keyctl/move/recursion/runtest.sh index 1e68963..36cd5cb 100644 --- a/tests/keyctl/move/recursion/runtest.sh +++ b/tests/keyctl/move/recursion/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "CREATE KEYRING 1" -create_keyring "first" @s -expect_keyid keyringid +create_keyring --new=keyringid "first" @s set_key_perm $keyringid 0x3f3f0000 # attempt to move a keyring to itself @@ -25,8 +24,7 @@ expect_error EDEADLK # create a second keyring in the first marker "CREATE KEYRING 2" -create_keyring "second" $keyringid -expect_keyid keyring2id +create_keyring --new=keyring2id "second" $keyringid set_key_perm $keyring2id 0x3f3f0000 # attempt to move a keyring to its child keyring @@ -39,8 +37,7 @@ expect_error EDEADLK # create a third keyring in the second marker "CREATE KEYRING 3" -create_keyring "third" $keyring2id -expect_keyid keyring3id +create_keyring --new=keyring3id "third" $keyring2id set_key_perm $keyring3id 0x3f3f0000 # attempt to move a keyring to its grandchild keyring @@ -53,8 +50,7 @@ expect_error EDEADLK # create a fourth keyring in the third marker "CREATE KEYRING 4" -create_keyring "fourth" $keyring3id -expect_keyid keyring4id +create_keyring --new=keyring4id "fourth" $keyring3id set_key_perm $keyring4id 0x3f3f0000 # attempt to move a keyring to its great grandchild keyring @@ -67,8 +63,7 @@ expect_error EDEADLK # create a fifth keyring in the fourth marker "CREATE KEYRING 5" -create_keyring "fifth" $keyring4id -expect_keyid keyring5id +create_keyring --new=keyring5id "fifth" $keyring4id set_key_perm $keyring5id 0x3f3f0000 # attempt to move a keyring to its great great grandchild keyring @@ -81,8 +76,7 @@ expect_error EDEADLK # create a sixth keyring in the fifth marker "CREATE KEYRING 6" -create_keyring "sixth" $keyring5id -expect_keyid keyring6id +create_keyring --new=keyring6id "sixth" $keyring5id set_key_perm $keyring6id 0x3f3f0000 # attempt to move a keyring to its great great great grandchild keyring @@ -95,8 +89,7 @@ expect_error EDEADLK # create a seventh keyring in the sixth marker "CREATE KEYRING 7" -create_keyring "seventh" $keyring6id -expect_keyid keyring7id +create_keyring --new=keyring7id "seventh" $keyring6id set_key_perm $keyring7id 0x3f3f0000 # attempt to move a keyring to its great great great great grandchild keyring @@ -109,8 +102,7 @@ expect_error EDEADLK # create an eigth keyring in the seventh marker "CREATE KEYRING 8" -create_keyring "eighth" @s -expect_keyid keyring8id +create_keyring --new=keyring8id "eighth" @s set_key_perm $keyring8id 0x3f3f0000 move_key $keyring8id @s $keyring7id @@ -121,8 +113,7 @@ expect_error EDEADLK # create a ninth keyring in the eighth marker "CREATE KEYRING 9" -create_keyring "ninth" @s -expect_keyid keyring9id +create_keyring --new=keyring9id "ninth" @s set_key_perm $keyring9id 0x3f3f0000 move_key $keyring9id @s $keyring8id @@ -140,19 +131,15 @@ unlink_key $keyringid @s # create two stacks of keyrings marker "CREATE KEYRING STACKS" -create_keyring "A1" @s -expect_keyid aroot -create_keyring "B1" @s -expect_keyid broot +create_keyring --new=aroot "A1" @s +create_keyring --new=broot "B1" @s a=$aroot b=$broot for ((i=2; i<=4; i++)) do - create_keyring "A$i" $a - expect_keyid a - create_keyring "B$i" $b - expect_keyid b + create_keyring --new=a "A$i" $a + create_keyring --new=b "B$i" $b done # make sure we can't create a cycle by linking the two stacks together @@ -184,10 +171,8 @@ unlink_key $broot $a # extend the stacks marker "EXTEND STACKS" -create_keyring "A5" $a -expect_keyid a -create_keyring "B5" $b -expect_keyid b +create_keyring --new=a "A5" $a +create_keyring --new=b "B5" $b # make sure we can't hide a cycle by linking the two bigger stacks together marker "CHECK MAXDEPTH A TO B" diff --git a/tests/keyctl/move/valid/runtest.sh b/tests/keyctl/move/valid/runtest.sh index 73bf7c2..31b51d7 100644 --- a/tests/keyctl/move/valid/runtest.sh +++ b/tests/keyctl/move/valid/runtest.sh @@ -11,13 +11,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -55,8 +53,7 @@ expect_error ENOENT # Create a conflicting key and try to have an unforced move displace it marker "ADD KEY 2" -create_key user lizard gizzard @s -expect_keyid keyid2 +create_key --new=keyid2 user lizard gizzard @s marker "MOVE KEY 5" move_key --fail $keyid $keyringid @s @@ -100,8 +97,7 @@ expect_error ENOKEY ############################################################################### # Create a second keyring in the first -create_keyring "zebra" $keyringid -expect_keyid keyring2id +create_keyring --new=keyring2id "zebra" $keyringid # Move thrice between the session keyring and back marker "LINK 2ND KEYRING TO SESSION" @@ -142,13 +138,11 @@ expect_error ENOKEY ############################################################################### # Create a second keyring in the session keyring -create_keyring "zebra" @s -expect_keyid keyring2id +create_keyring --new=keyring2id "zebra" @s # Add a key to the session keyring and link it into each keyring marker "ADD KEY 3" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s marker "LINK KEY" link_key $keyid $keyringid diff --git a/tests/keyctl/newring/bad-args/runtest.sh b/tests/keyctl/newring/bad-args/runtest.sh index 9b0fe01..734b44e 100644 --- a/tests/keyctl/newring/bad-args/runtest.sh +++ b/tests/keyctl/newring/bad-args/runtest.sh @@ -13,11 +13,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE if [ $PAGE_SIZE -lt $maxsquota ] then marker "CHECK MAXLEN DESC" - create_keyring $maxdesc @p - expect_keyid keyid + create_keyring --new=keyid $maxdesc @s + clear_keyring @s else marker "CHECK MAXLEN DESC FAILS WITH EDQUOT" - create_keyring --fail $maxdesc @p + create_keyring --fail $maxdesc @s expect_error EDQUOT fi @@ -29,13 +29,13 @@ if kernel_at_or_later_than 3.19 || then # check that an overlong key description fails correctly (>4095 inc NUL) marker "CHECK OVERLONG DESC" - create_keyring --fail a$maxdesc @p + create_keyring --fail a$maxdesc @s expect_error EINVAL fi # check that an empty keyring name fails marker "CHECK EMPTY KEYRING NAME" -create_keyring --fail "" @p +create_keyring --fail "" @s expect_error EINVAL # check that a bad key ID fails correctly diff --git a/tests/keyctl/newring/valid/runtest.sh b/tests/keyctl/newring/valid/runtest.sh index b89a0d1..a80f030 100644 --- a/tests/keyctl/newring/valid/runtest.sh +++ b/tests/keyctl/newring/valid/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # check that we now have an empty keyring marker "LIST KEYRING" @@ -21,8 +20,7 @@ expect_keyring_rlist rlist empty # check that creating a second keyring of the same name displaces the first marker "ADD KEYRING AGAIN" -create_keyring wibble @s -expect_keyid keyringid2 +create_keyring --new=keyringid2 wibble @s # should be different keyrings if [ "x$keyringid" == "x$keyringid2" ] diff --git a/tests/keyctl/padd/bad-args/runtest.sh b/tests/keyctl/padd/bad-args/runtest.sh index fc82682..291584e 100644 --- a/tests/keyctl/padd/bad-args/runtest.sh +++ b/tests/keyctl/padd/bad-args/runtest.sh @@ -43,8 +43,8 @@ expect_error EINVAL if [ $PAGE_SIZE -lt $maxsquota ] then marker "CHECK MAXLEN DESC" - pcreate_key stuff user $maxdesc @p - expect_keyid keyid + pcreate_key --new=keyid stuff user $maxdesc @s + clear_keyring @s else marker "CHECK MAXLEN DESC FAILS WITH EDQUOT" pcreate_key --fail stuff user $maxdesc @p diff --git a/tests/keyctl/padd/useradd/runtest.sh b/tests/keyctl/padd/useradd/runtest.sh index 6bd3c09..aea21d9 100644 --- a/tests/keyctl/padd/useradd/runtest.sh +++ b/tests/keyctl/padd/useradd/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # check that we can add a user key to the session keyring marker "ADD USER KEY" -pcreate_key stuff user wibble @s -expect_keyid keyid +pcreate_key --new=keyid stuff user wibble @s # read back what we put in it marker "PRINT PAYLOAD" @@ -21,8 +20,7 @@ expect_payload payload "stuff" # check that we can add a hex-encoded user key to the session keyring marker "ADD HEX USER KEY" -pcreate_key "73 7475 66 66 " -x user wibble @s -expect_keyid keyid +pcreate_key --update=$keyid "73 7475 66 66 " -x user wibble @s # read back what we put in it marker "PRINT PAYLOAD" @@ -31,15 +29,7 @@ expect_payload payload "stuff" # check that we can update a user key marker "UPDATE USER KEY" -pcreate_key lizard user wibble @s - -# check we get the same key ID back -expect_keyid keyid2 - -if [ "x$keyid" != "x$keyid2" ] -then - failed -fi +pcreate_key --update=$keyid lizard user wibble @s # read back what we changed it to marker "PRINT UPDATED PAYLOAD" @@ -64,22 +54,19 @@ then fi marker "ADD LARGE USER KEY" - pcreate_key_by_size 32767 user large @s - expect_keyid keyid + pcreate_key_by_size --new=keyid 32767 user large @s md5sum_key $keyid expect_payload payload "f128f774ede3fe931e7c6745c4292f40" if [ $have_big_key_type = 1 ] then marker "ADD SMALL BIG KEY" - pcreate_key_by_size 128 big_key small @s - expect_keyid keyid + pcreate_key_by_size --new=keyid 128 big_key small @s md5sum_key $keyid expect_payload payload "f09f35a5637839458e462e6350ecbce4" marker "ADD HUGE BIG KEY" - pcreate_key_by_size $((1024*1024-1)) big_key huge @s - expect_keyid keyid + pcreate_key_by_size --new=keyid $((1024*1024-1)) big_key huge @s md5sum_key $keyid expect_payload payload "e57598cd670284cf7d09e16ed9d4b2ac" fi diff --git a/tests/keyctl/permitting/bad-args/runtest.sh b/tests/keyctl/permitting/bad-args/runtest.sh index 630f85f..69c1271 100644 --- a/tests/keyctl/permitting/bad-args/runtest.sh +++ b/tests/keyctl/permitting/bad-args/runtest.sh @@ -20,8 +20,7 @@ expect_error EINVAL # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that unsupported permissions aren't permitted marker "CHECK PERMS" diff --git a/tests/keyctl/permitting/valid/runtest.sh b/tests/keyctl/permitting/valid/runtest.sh index 70600e7..d901164 100644 --- a/tests/keyctl/permitting/valid/runtest.sh +++ b/tests/keyctl/permitting/valid/runtest.sh @@ -11,13 +11,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # changing the key's ownership is not supported before 2.6.18-rc1 if kernel_older_than 2.6.18 diff --git a/tests/keyctl/pupdate/bad-args/runtest.sh b/tests/keyctl/pupdate/bad-args/runtest.sh index e8bc28f..c890481 100644 --- a/tests/keyctl/pupdate/bad-args/runtest.sh +++ b/tests/keyctl/pupdate/bad-args/runtest.sh @@ -21,8 +21,7 @@ expect_error EINVAL # add a user key to the session keyring for us to play with marker "ADD USER KEY" -create_key user wibble stuff @s -expect_keyid keyid +create_key --new=keyid user wibble stuff @s # remove the key we just added marker "UNLINK KEY" diff --git a/tests/keyctl/pupdate/userupdate/runtest.sh b/tests/keyctl/pupdate/userupdate/runtest.sh index eada6ff..30aba54 100644 --- a/tests/keyctl/pupdate/userupdate/runtest.sh +++ b/tests/keyctl/pupdate/userupdate/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # check that we can add a user key to the session keyring marker "ADD USER KEY" -create_key user wibble stuff @s -expect_keyid keyid +create_key --new=keyid user wibble stuff @s # read back what we put in it marker "PRINT PAYLOAD" diff --git a/tests/keyctl/reading/bad-args/runtest.sh b/tests/keyctl/reading/bad-args/runtest.sh index 35ce9a3..357d4d5 100644 --- a/tests/keyctl/reading/bad-args/runtest.sh +++ b/tests/keyctl/reading/bad-args/runtest.sh @@ -20,8 +20,7 @@ expect_error ENOKEY # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # dispose of the key we just made marker "UNLINK KEY" diff --git a/tests/keyctl/reading/valid/runtest.sh b/tests/keyctl/reading/valid/runtest.sh index 8e4d864..a40ccaf 100644 --- a/tests/keyctl/reading/valid/runtest.sh +++ b/tests/keyctl/reading/valid/runtest.sh @@ -11,13 +11,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that the key is in the keyring marker "LIST KEYRING" diff --git a/tests/keyctl/requesting/piped/runtest.sh b/tests/keyctl/requesting/piped/runtest.sh index 029ae08..010af33 100644 --- a/tests/keyctl/requesting/piped/runtest.sh +++ b/tests/keyctl/requesting/piped/runtest.sh @@ -21,8 +21,7 @@ set_gc_delay 10 # create a pair of keyrings to play in marker "CREATE KEYRINGS" -create_keyring "sandbox" @s -expect_keyid keyringid +create_keyring --new=keyringid "sandbox" @s # check that we can't yet request a non-existent key marker "CHECK REQUEST FAILS" @@ -31,13 +30,11 @@ expect_error ENOKEY # add a user key to the first keyring marker "ADD USER KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # request the key marker "REQUEST KEY" -request_key user lizard -expect_keyid keyid2 $keyid +request_key --old=$keyid user lizard # remove the key from the keyring marker "DETACH KEY FROM KEYRING" @@ -45,8 +42,7 @@ unlink_key $keyid $keyringid # request a key from /sbin/request-key to the session keyring marker "PIPED CALL OUT REQUEST KEY TO SESSION" -prequest_key_callout gizzard user debug:lizard -expect_keyid keyid +prequest_key_callout --new=keyid gizzard user debug:lizard # should have appeared in the session keyring marker "CHECK ATTACHMENT TO SESSION KEYRING" @@ -55,8 +51,7 @@ expect_keyring_rlist rlist $keyid # rerequesting should pick up that key again marker "REDO PIPED CALL OUT REQUEST KEY TO SESSION" -prequest_key_callout gizzard user debug:lizard -expect_keyid keyid2 $keyid +prequest_key_callout --old=$keyid gizzard user debug:lizard # remove the key from the session # - it was installed twice @@ -70,8 +65,7 @@ expect_error ENOKEY # request a key from /sbin/request-key to the keyring we made marker "PIPED CALL OUT REQUEST KEY TO KEYRING" -prequest_key_callout gizzard user debug:lizard $keyringid -expect_keyid keyid +prequest_key_callout --new=keyid gizzard user debug:lizard $keyringid # should have appeared once each in the sandbox and session keyrings marker "CHECK ATTACHMENT TO KEYRING" @@ -84,8 +78,7 @@ expect_keyring_rlist rlist $keyid # rerequesting should pick up that key again marker "REDO PIPED CALL OUT REQUEST KEY TO KEYRING" -prequest_key_callout gizzard user debug:lizard $keyringid -expect_keyid keyid2 $keyid +prequest_key_callout --old=$keyid gizzard user debug:lizard $keyringid # remove the key from the session marker "DETACH KEY" diff --git a/tests/keyctl/requesting/valid/runtest.sh b/tests/keyctl/requesting/valid/runtest.sh index e49fb0f..824b700 100644 --- a/tests/keyctl/requesting/valid/runtest.sh +++ b/tests/keyctl/requesting/valid/runtest.sh @@ -21,8 +21,7 @@ set_gc_delay 10 # create a pair of keyrings to play in marker "CREATE KEYRINGS" -create_keyring "sandbox" @s -expect_keyid keyringid +create_keyring --new=keyringid "sandbox" @s # check that we can't yet request a non-existent key marker "CHECK REQUEST FAILS" @@ -31,13 +30,11 @@ expect_error ENOKEY # add a user key to the first keyring marker "ADD USER KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # request the key marker "REQUEST KEY" -request_key user lizard -expect_keyid keyid2 $keyid +request_key --old=$keyid user lizard # remove the key from the keyring marker "DETACH KEY FROM KEYRING" @@ -45,8 +42,7 @@ unlink_key $keyid $keyringid # request a key from /sbin/request-key to the session keyring marker "CALL OUT REQUEST KEY TO SESSION" -request_key_callout user debug:lizard gizzard -expect_keyid keyid +request_key_callout --new=keyid user debug:lizard gizzard # should have appeared in the session keyring marker "CHECK ATTACHMENT TO SESSION KEYRING" @@ -55,8 +51,7 @@ expect_keyring_rlist rlist $keyid # rerequesting should pick up that key again marker "REDO CALL OUT REQUEST KEY TO SESSION" -request_key_callout user debug:lizard gizzard -expect_keyid keyid2 $keyid +request_key_callout --old=$keyid user debug:lizard gizzard # remove the key from the session # - it was installed twice @@ -70,8 +65,8 @@ expect_error ENOKEY # request a key from /sbin/request-key to the keyring we made marker "CALL OUT REQUEST KEY TO KEYRING" -request_key_callout user debug:lizard gizzard $keyringid -expect_keyid keyid +request_key_callout --new=keyid user debug:lizard gizzard $keyringid +check_notify -2 linked $keyringid $keyid # should have appeared once each in the sandbox and session keyrings marker "CHECK ATTACHMENT TO KEYRING" @@ -84,8 +79,7 @@ expect_keyring_rlist rlist $keyid # rerequesting should pick up that key again marker "REDO CALL OUT REQUEST KEY TO KEYRING" -request_key_callout user debug:lizard gizzard $keyringid -expect_keyid keyid2 $keyid +request_key_callout --old=$keyid user debug:lizard gizzard $keyringid # remove the key from the session marker "DETACH KEY" diff --git a/tests/keyctl/restrict/bad-args/runtest.sh b/tests/keyctl/restrict/bad-args/runtest.sh index 8cd073e..e69d2d7 100644 --- a/tests/keyctl/restrict/bad-args/runtest.sh +++ b/tests/keyctl/restrict/bad-args/runtest.sh @@ -16,13 +16,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring for CA keys marker "ADD CA KEYRING" -create_keyring cakeyring @s -expect_keyid cakeyringid +create_keyring --new=cakeyringid cakeyring @s # create a keyring marker "ADD KEYRING TO RESTRICT" -create_keyring restrict @s -expect_keyid restrictid +create_keyring --new=restrictid restrict @s # invalid payload marker "INVALID EXTRA PARAMETER 1" diff --git a/tests/keyctl/restrict/valid/runtest.sh b/tests/keyctl/restrict/valid/runtest.sh index 2ed1eaf..e822c0b 100644 --- a/tests/keyctl/restrict/valid/runtest.sh +++ b/tests/keyctl/restrict/valid/runtest.sh @@ -386,13 +386,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring for CA keys marker "ADD CA KEYRING" -create_keyring ca @s -expect_keyid cakeyring +create_keyring --new=cakeyring ca @s # create a keyring using the keys in user CA for validation marker "ADD RESTRICTED USER KEYRING (parent keyring)" -create_keyring rbkr @s -expect_keyid restricted_by_keyring +create_keyring --new=restricted_by_keyring rbkr @s restrict_keyring $restricted_by_keyring "asymmetric" "key_or_keyring:$cakeyring" # verify cycle detection @@ -405,14 +403,12 @@ restrict_keyring --fail $restricted_by_keyring "asymmetric" "builtin_trusted" # create a keyring using the keys in builtin CA for validation marker "ADD RESTRICTED BUILTIN KEYRING" -create_keyring rbb @s -expect_keyid restricted_by_builtin +create_keyring --new=restricted_by_builtin rbb @s restrict_keyring $restricted_by_builtin "asymmetric" "builtin_trusted" # add CA certificate to CA keyring marker "ADD USER SIGNED CERT" -pcreate_key "-e $cacert1" asymmetric "" $cakeyring -expect_keyid cacert1id +pcreate_key --new=cacert1id "-e $cacert1" asymmetric "" $cakeyring # attempt validation of signed key marker "REJECT KEY SIGNED BY UNKNOWN CA" @@ -424,19 +420,16 @@ pcreate_key --fail "-e $signed" asymmetric "" $restricted_by_builtin # add another CA certificate to CA keyring marker "ADD SECOND CA KEY" -pcreate_key "-e $cacert2" asymmetric "" $cakeyring -expect_keyid cacert2id +pcreate_key --new=cacert2id "-e $cacert2" asymmetric "" $cakeyring # create a keyring restricted on a single key marker "ADD RESTRICTED USER KEYRING (parent key)" -create_keyring rbk @s -expect_keyid restricted_by_key +create_keyring --new=restricted_by_key rbk @s restrict_keyring $restricted_by_key "asymmetric" "key_or_keyring:$cacert2id" # attempt validation of signed key marker "ADD KEY SIGNED BY KNOWN CA" -pcreate_key "-e $signed" asymmetric "" $restricted_by_keyring -expect_keyid signedid +pcreate_key --new=signedid "-e $signed" asymmetric "" $restricted_by_keyring link_key $signedid $restricted_by_key # confirm that self-signed key cannot be added @@ -450,10 +443,8 @@ restrict_keyring --fail $restricted_by_key "asymmetric" "builtin_trusted" # create two self-restricted keyrings marker "ADD USER KEYRINGS (self)" -create_keyring rbs1 @s -expect_keyid restricted_by_self1 -create_keyring rbs2 @s -expect_keyid restricted_by_self2 +create_keyring --new=restricted_by_self1 rbs1 @s +create_keyring --new=restricted_by_self2 rbs2 @s # add first certificate (treated as root cert) to self-restricted keyrings marker "ADD FIRST CERT TO SELF-RESTRICTED KEYRINGS" @@ -477,15 +468,12 @@ link_key $signedid $restricted_by_self2 # check certificate signed using an intermediate CA marker "ADD INTERMEDIATE SIGNED CERT TO SELF-RESTRICTED KEYRING" -pcreate_key "-e $intcert" asymmetric "" $restricted_by_self2 -expect_keyid intcertid -pcreate_key "-e $intsigned" asymmetric "" $restricted_by_self2 -expect_keyid intsignedid +pcreate_key --new=intcertid "-e $intcert" asymmetric "" $restricted_by_self2 +pcreate_key --new=intsignedid "-e $intsigned" asymmetric "" $restricted_by_self2 # check intermediate CA with a parent keyring when CA is missing marker "REJECT INTERMEDIATE SIGNED CERT WITHOUT INTERMEDIATE CA" -create_keyring restricted_by_int @s -expect_keyid restricted_by_int +create_keyring --new=restricted_by_int restricted_by_int @s restrict_keyring $restricted_by_int "asymmetric" "key_or_keyring:$cakeyring:chain" link_key --fail $intsignedid $restricted_by_int @@ -496,8 +484,7 @@ link_key $intsignedid $restricted_by_int # create a fully-restricted keyring (no links allowed) marker "ADD FULLY-RESTRICTED KEYRING" -create_keyring fr @s -expect_keyid fully_restricted +create_keyring --new=fully_restricted fr @s link_key $cacert2id $fully_restricted restrict_keyring $fully_restricted diff --git a/tests/keyctl/revoke/valid/runtest.sh b/tests/keyctl/revoke/valid/runtest.sh index 55bbbdf..b015acc 100644 --- a/tests/keyctl/revoke/valid/runtest.sh +++ b/tests/keyctl/revoke/valid/runtest.sh @@ -10,13 +10,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # create a key and attach it to the new keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list the keyring marker "LIST KEYRING" diff --git a/tests/keyctl/search/bad-args/runtest.sh b/tests/keyctl/search/bad-args/runtest.sh index dfec8dd..2128790 100644 --- a/tests/keyctl/search/bad-args/runtest.sh +++ b/tests/keyctl/search/bad-args/runtest.sh @@ -67,8 +67,7 @@ expect_error EINVAL # create a non-keyring key marker "CREATE KEY" -create_key user a a @s -expect_keyid keyid +create_key --new=keyid user a a @s # search the non-keyring key marker "SEARCH KEY" diff --git a/tests/keyctl/search/valid/runtest.sh b/tests/keyctl/search/valid/runtest.sh index fb51b21..d60ea61 100644 --- a/tests/keyctl/search/valid/runtest.sh +++ b/tests/keyctl/search/valid/runtest.sh @@ -11,16 +11,12 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a pair of keyrings and attach them to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid - -create_keyring wibble2 @s -expect_keyid keyring2id +create_keyring --new=keyringid wibble @s +create_keyring --new=keyring2id wibble2 @s # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -34,13 +30,11 @@ expect_error ENOKEY # search the session keyring for the key marker "SEARCH SESSION" -search_for_key @s user lizard -expect_keyid found $keyid +search_for_key --expect=$keyid @s user lizard # search the session keyring for the key and attach to second keyring marker "SEARCH SESSION AND ATTACH" -search_for_key @s user lizard $keyring2id -expect_keyid found $keyid +search_for_key --expect=$keyid @s user lizard $keyring2id # check it's attached to the second keyring marker "CHECK ATTACHED" @@ -54,11 +48,10 @@ expect_payload payload "gizzard" # detach the attachment just made marker "DETACH KEY" -unlink_key $found $keyring2id +unlink_key $keyid $keyring2id # create an overlapping key in the second keyring -create_key user lizard skin $keyring2id -expect_keyid keyid2 +create_key --new=keyid2 user lizard skin $keyring2id # check the two keys contain what we expect marker "CHECK PAYLOADS" @@ -69,18 +62,15 @@ expect_payload payload "skin" # a search from the session keyring should find the first key marker "SEARCH SESSION AGAIN" -search_for_key @s user lizard -expect_keyid found $keyid +search_for_key --expect=$keyid @s user lizard # a search from the first keyring should find the first key marker "SEARCH FIRST KEYRING" -search_for_key $keyringid user lizard -expect_keyid found $keyid +search_for_key --expect=$keyid $keyringid user lizard # a search from the second keyring should find the second key marker "SEARCH SECOND KEYRING" -search_for_key $keyring2id user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyring2id user lizard # link the second keyring to the first marker "LINK FIRST KEYRING TO SECOND" @@ -88,13 +78,11 @@ link_key $keyring2id $keyringid # a search from the first keyring should again find the first key marker "SEARCH FIRST KEYRING AGAIN" -search_for_key $keyringid user lizard -expect_keyid found $keyid +search_for_key --expect=$keyid $keyringid user lizard # revoking the first key should cause the second key to be available revoke_key $keyid -search_for_key $keyringid user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyringid user lizard # get rid of the dead key marker "UNLINK FIRST KEY" @@ -102,13 +90,11 @@ unlink_key $keyid $keyringid # a search from the first keyring should now find the second key marker "SEARCH FIRST KEYRING AGAIN 2" -search_for_key $keyringid user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyringid user lizard # a search from the session keyring should now find the second key marker "SEARCH SESSION KEYRING AGAIN 2" -search_for_key @s user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 @s user lizard # unlink the second keyring from the first marker "UNLINK SECOND KEYRING FROM FIRST" @@ -121,8 +107,7 @@ expect_error ENOKEY # a search from the session keyring should still find the second key marker "SEARCH SESSION KEYRING AGAIN 3" -search_for_key @s user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 @s user lizard # move the second keyring into the first marker "MOVE SECOND KEYRING INTO FIRST" @@ -131,8 +116,7 @@ unlink_key $keyring2id @s # a search from the first keyring should now find the second key once again marker "SEARCH FIRST KEYRING AGAIN 4" -search_for_key $keyringid user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyringid user lizard # removing search permission on the second keyring should hide the key marker "SEARCH WITH NO-SEARCH KEYRING" @@ -143,8 +127,7 @@ expect_error ENOKEY # putting search permission on the second keyring back again should make it # available again set_key_perm $keyring2id 0x3f0000 -search_for_key $keyringid user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyringid user lizard # removing search permission on the second key should hide the key marker "SEARCH WITH NO-SEARCH KEYRING2" @@ -155,8 +138,7 @@ expect_error ENOKEY # putting search permission on the second key back again should make it # available again set_key_perm $keyring2id 0x3f0000 -search_for_key $keyringid user lizard -expect_keyid found $keyid2 +search_for_key --expect=$keyid2 $keyringid user lizard # revoking the key should make the key unavailable revoke_key $keyid2 diff --git a/tests/keyctl/session/valid2/runtest.sh b/tests/keyctl/session/valid2/runtest.sh index ca5c9fb..12ad234 100644 --- a/tests/keyctl/session/valid2/runtest.sh +++ b/tests/keyctl/session/valid2/runtest.sh @@ -11,11 +11,9 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # Replace the script's session keyring with an anonymous keyring marker "ANON SESSION TO PARENT" -id_key @s -expect_keyid ses1 +id_key --to=ses1 @s new_session_to_parent -id_key @s -expect_keyid ses2 +id_key --to=ses2 @s if [ $ses2 = $ses1 ] then @@ -28,8 +26,7 @@ expect_key_rdesc rdesc "keyring@.*@.*@.*@_ses" # Replace the script's session keyring with a named keyring marker "NAMED SESSION TO PARENT" new_session_to_parent lizard -id_key @s -expect_keyid ses3 +id_key --to=ses3 @s if [ $ses3 = $ses2 -o $ses3 = $ses1 ] then diff --git a/tests/keyctl/show/valid/runtest.sh b/tests/keyctl/show/valid/runtest.sh index cbdd85f..b4d5b2c 100644 --- a/tests/keyctl/show/valid/runtest.sh +++ b/tests/keyctl/show/valid/runtest.sh @@ -16,8 +16,7 @@ parent=@s for ((i=1; i<=$nr_keyrings; i++)) do marker "ADD KEYRING $i" - create_keyring wibble$i $parent - expect_keyid keyringid + create_keyring --new=keyringid wibble$i $parent parent=$keyringid keyrings="$keyrings $keyringid" done diff --git a/tests/keyctl/timeout/bad-args/runtest.sh b/tests/keyctl/timeout/bad-args/runtest.sh index a93cd2d..9d53e8d 100644 --- a/tests/keyctl/timeout/bad-args/runtest.sh +++ b/tests/keyctl/timeout/bad-args/runtest.sh @@ -16,8 +16,7 @@ expect_error EINVAL # get a key marker "CREATE KEY" -create_key user a a @s -expect_keyid keyid +create_key --new=keyid user a a @s # dispose of the key so we can use its ID marker "DESTROY KEY ID" diff --git a/tests/keyctl/timeout/valid/runtest.sh b/tests/keyctl/timeout/valid/runtest.sh index 4d772bb..5f7f2f3 100644 --- a/tests/keyctl/timeout/valid/runtest.sh +++ b/tests/keyctl/timeout/valid/runtest.sh @@ -10,13 +10,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # create a key and attach it to the new keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list the keyring marker "LIST KEYRING" @@ -77,8 +75,7 @@ unlink_key $keyid $keyringid ############################################################################### # create a key and attach it to the new keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # set a silly timeout on the key marker "SET BIG TIMEOUT" diff --git a/tests/keyctl/unlink/all/runtest.sh b/tests/keyctl/unlink/all/runtest.sh index 24aaa3f..3f12a42 100644 --- a/tests/keyctl/unlink/all/runtest.sh +++ b/tests/keyctl/unlink/all/runtest.sh @@ -14,13 +14,11 @@ then # create a keyring and attach it to the session keyring marker "ADD KEYRING" - create_keyring wibble @s - expect_keyid keyringid + create_keyring --new=keyringid wibble @s # stick a key in the keyring marker "ADD KEY" - create_key user lizard gizzard $keyringid - expect_keyid keyid + create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -43,16 +41,14 @@ then # create a key to be massively linked marker "ADD MULTI KEY" - create_key user lizard gizzard $keyringid - expect_keyid keyid + create_key --new=keyid user lizard gizzard $keyringid # stick twenty keyrings in the keyring with twenty links marker "ADD TWENTY KEYRINGS WITH LINKS" subrings= for ((i=0; i<20; i++)) do - create_keyring ring$i $keyringid - expect_keyid x + create_keyring --new=x ring$i $keyringid keys="$keys $x" subrings="$subrings $x" list_keyring $keyringid diff --git a/tests/keyctl/unlink/bad-args/runtest.sh b/tests/keyctl/unlink/bad-args/runtest.sh index 67cc498..a631ad1 100644 --- a/tests/keyctl/unlink/bad-args/runtest.sh +++ b/tests/keyctl/unlink/bad-args/runtest.sh @@ -20,8 +20,7 @@ expect_error EINVAL # create a non-keyring marker "CREATE KEY" -create_key user lizard gizzard @s -expect_keyid keyid +create_key --new=keyid user lizard gizzard @s # check that unlinking from a non-keyring ID fails correctly marker "CHECK UNLINK FROM NON-KEYRING KEY" diff --git a/tests/keyctl/unlink/valid/runtest.sh b/tests/keyctl/unlink/valid/runtest.sh index 9b9fa2e..8cfbe47 100644 --- a/tests/keyctl/unlink/valid/runtest.sh +++ b/tests/keyctl/unlink/valid/runtest.sh @@ -11,13 +11,11 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # create a keyring and attach it to the session keyring marker "ADD KEYRING" -create_keyring wibble @s -expect_keyid keyringid +create_keyring --new=keyringid wibble @s # stick a key in the keyring marker "ADD KEY" -create_key user lizard gizzard $keyringid -expect_keyid keyid +create_key --new=keyid user lizard gizzard $keyringid # check that we can list it marker "LIST KEYRING WITH ONE" @@ -43,8 +41,7 @@ marker "ADD TWENTY KEYS" keys="" for ((i=0; i<20; i++)) do - create_key user lizard$i gizzard$i $keyringid - expect_keyid x + create_key --new=x user lizard$i gizzard$i $keyringid keys="$keys $x" list_keyring $keyringid expect_keyring_rlist rlist $x @@ -53,8 +50,7 @@ done marker "ADD TWENTY KEYRINGS" for ((i=0; i<20; i++)) do - create_keyring ring$i $keyringid - expect_keyid x + create_keyring --new=x ring$i $keyringid keys="$keys $x" list_keyring $keyringid expect_keyring_rlist rlist $x diff --git a/tests/keyctl/update/bad-args/runtest.sh b/tests/keyctl/update/bad-args/runtest.sh index 14e7a19..14d22ce 100644 --- a/tests/keyctl/update/bad-args/runtest.sh +++ b/tests/keyctl/update/bad-args/runtest.sh @@ -21,8 +21,7 @@ expect_error EINVAL # add a user key to the session keyring for us to play with marker "ADD USER KEY" -create_key user wibble stuff @s -expect_keyid keyid +create_key --new=keyid user wibble stuff @s # remove the key we just added marker "UNLINK KEY" diff --git a/tests/keyctl/update/userupdate/runtest.sh b/tests/keyctl/update/userupdate/runtest.sh index 4a86eb3..e7df452 100644 --- a/tests/keyctl/update/userupdate/runtest.sh +++ b/tests/keyctl/update/userupdate/runtest.sh @@ -11,8 +11,7 @@ echo "++++ BEGINNING TEST" >$OUTPUTFILE # check that we can add a user key to the session keyring marker "ADD USER KEY" -create_key user wibble stuff @s -expect_keyid keyid +create_key --new=keyid user wibble stuff @s # read back what we put in it marker "PRINT PAYLOAD" diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh index 7ee5d92..53652de 100644 --- a/tests/toolbox.inc.sh +++ b/tests/toolbox.inc.sh @@ -243,20 +243,49 @@ function pause_till_key_unlinked () function id_key () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - elif [ "x$1" = "x--fail2" ] - then - my_exitval=2 - shift - fi + case "x$1" in + x--to=*) + my_exitval=0 + my_varname=${1#--to=} + my_keyid=v + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + x--fail2) + my_exitval=2 + my_keyid=x + ;; + *) + echo "BAD id_key ARGUMENT" >&2 + failed + return + ;; + esac + shift echo keyctl id "$@" >>$OUTPUTFILE keyctl id "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + else + echo "CAN'T EXTRACT KEY ID FROM create_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -269,16 +298,51 @@ function id_key () function request_key () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--old=*) + my_exitval=0 + my_keyid=${1#--old=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD request_key ARGUMENT" >&2 + failed + return + ;; + esac + shift + + my_keyring=$3 echo keyctl request "$@" >>$OUTPUTFILE keyctl request "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + else + echo "CAN'T EXTRACT KEY ID FROM create_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -291,16 +355,51 @@ function request_key () function request_key_callout () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--old=*) + my_exitval=0 + my_keyid=${1#--old=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD request_key_callout ARGUMENT" >&2 + failed + return + ;; + esac + shift + + my_keyring=$4 echo keyctl request2 "$@" >>$OUTPUTFILE keyctl request2 "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + else + echo "CAN'T EXTRACT KEY ID FROM create_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -314,19 +413,54 @@ function request_key_callout () function prequest_key_callout () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--old=*) + my_exitval=0 + my_keyid=${1#--old=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD request_key_callout ARGUMENT" >&2 + failed + return + ;; + esac + shift data="$1" shift + my_keyring=$3 + echo echo -n $data \| keyctl prequest2 "$@" >>$OUTPUTFILE echo -n $data | keyctl prequest2 "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + else + echo "CAN'T EXTRACT KEY ID FROM create_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -339,16 +473,57 @@ function prequest_key_callout () function create_key () { my_exitval=0 - if [ "x$1" = "x--fail" ] + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--update=*) + my_exitval=0 + my_keyid=${1#--update=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD create_key ARGUMENT" >&2 + failed + return + ;; + esac + shift + + if [ "$1" = "-x" ] then - my_exitval=1 - shift + my_keyring=$5 + else + my_keyring=$4 fi echo keyctl add "$@" >>$OUTPUTFILE keyctl add "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + + else + echo "CAN'T EXTRACT KEY ID FROM create_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -361,19 +536,59 @@ function create_key () function pcreate_key () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi - + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--update=*) + my_exitval=0 + my_keyid=${1#--update=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD pcreate_key ARGUMENT" >&2 + failed + return + ;; + esac + shift data="$1" shift + if [ "$1" = "-x" ] + then + my_keyring=$4 + else + my_keyring=$3 + fi + echo echo -n $data \| keyctl padd "$@" >>$OUTPUTFILE echo -n $data | keyctl padd "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + + else + echo "CAN'T EXTRACT KEY ID FROM pcreate_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -386,19 +601,53 @@ function pcreate_key () function pcreate_key_by_size () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi - + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--update=*) + my_exitval=0 + my_keyid=${1#--update=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD create_key ARGUMENT" >&2 + failed + return + ;; + esac + shift data="$1" shift + my_keyring=$3 echo dd if=/dev/zero count=1 bs=$data \| keyctl padd "$@" >>$OUTPUTFILE dd if=/dev/zero count=1 bs=$data 2>/dev/null | keyctl padd "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $my_keyid == v ] + then + eval $my_varname=$got_keyid + fi + + else + echo "CAN'T EXTRACT KEY ID FROM pcreate_key_by_size OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } @@ -411,41 +660,44 @@ function pcreate_key_by_size () function create_keyring () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi + case "x$1" in + x--new=*) + my_exitval=0 + my_varname=${1#--new=} + my_keyid=v + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD create_key ARGUMENT" >&2 + failed + return + ;; + esac + shift + my_keyring=$2 echo keyctl newring "$@" >>$OUTPUTFILE keyctl newring "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] - then - failed - fi -} - -############################################################################### -# -# extract a key ID from the log file -# -############################################################################### -function expect_keyid () -{ - my_varname=$1 - - my_keyid="`tail -1 $OUTPUTFILE`" - if expr "$my_keyid" : '[1-9][0-9]*' >&/dev/null + e=$? + if [ $e == $my_exitval ] then - eval $my_varname=$my_keyid - - if [ $# = 2 -a "x$my_keyid" != "x$2" ] + if [ $e = 0 ] then - failed + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + eval $my_varname=$got_keyid + else + echo "CAN'T EXTRACT KEY ID FROM create_keyring OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi fi else - eval $my_varname=no - result=FAIL + failed fi } @@ -924,16 +1176,47 @@ function link_key () function search_for_key () { my_exitval=0 - if [ "x$1" = "x--fail" ] - then - my_exitval=1 - shift - fi + case "x$1" in + x--expect=*) + my_exitval=0 + my_keyid=${1#--expect=} + ;; + x--fail) + my_exitval=1 + my_keyid=x + ;; + *) + echo "BAD create_key ARGUMENT" >&2 + failed + return + ;; + esac + shift echo keyctl search "$@" >>$OUTPUTFILE keyctl search "$@" >>$OUTPUTFILE 2>&1 - if [ $? != $my_exitval ] + e=$? + if [ $e == $my_exitval ] then + if [ $e = 0 ] + then + got_keyid="`tail -1 $OUTPUTFILE`" + if expr "$got_keyid" : '[1-9][0-9]*' >&/dev/null + then + if [ $got_keyid = $my_keyid ] + then + : + else + echo "KEY MISMATCH $got_keyid != $my_keyid" >&2 + failed + fi + else + echo "CAN'T EXTRACT KEY ID FROM search_for_key OUTPUT" >&2 + eval $my_varname=no + result=FAIL + fi + fi + else failed fi } |