blob: 1496d06485f154ff3b8f579f1770b603af3033e4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
#!/bin/bash
. ../../../prepare.inc.sh
. ../../../toolbox.inc.sh
# ---- do the actual testing ----
result=PASS
if [ $skip_install_required -eq 1 ]
then
echo "++++ SKIPPING TEST" >$OUTPUTFILE
marker "SKIP BECAUSE TEST REQUIRES FULL INSTALL (for /sbin/request-key)"
toolbox_report_result $TEST PASS
exit 0
else
echo "++++ BEGINNING TEST" >$OUTPUTFILE
fi
set_gc_delay 10
# create a pair of keyrings to play in
marker "CREATE KEYRINGS"
create_keyring --new=keyringid "sandbox" @s
# check that we can't yet request a non-existent key
marker "CHECK REQUEST FAILS"
request_key --fail user lizard $keyringid
expect_error ENOKEY
# add a user key to the first keyring
marker "ADD USER KEY"
create_key --new=keyid user lizard gizzard $keyringid
# request the key
marker "REQUEST KEY"
request_key --old=$keyid user lizard
# remove the key from the keyring
marker "DETACH KEY FROM KEYRING"
unlink_key $keyid $keyringid
# request a key from /sbin/request-key to the session keyring
marker "PIPED CALL OUT REQUEST KEY TO SESSION"
prequest_key_callout --new=keyid gizzard user debug:lizard
# should have appeared in the session keyring
marker "CHECK ATTACHMENT TO SESSION KEYRING"
list_keyring @s
expect_keyring_rlist rlist $keyid
# re-requesting should pick up that key again
marker "REDO PIPED CALL OUT REQUEST KEY TO SESSION"
prequest_key_callout --old=$keyid gizzard user debug:lizard
# remove the key from the session
# - it was installed twice
# - once by request_key's keyring arg
# - once from the instantiation call
# but it will only have one link
marker "DETACH KEY FROM SESSION"
unlink_key --wait $keyid @s
unlink_key --fail $keyid @s
expect_error ENOKEY
# request a key from /sbin/request-key to the keyring we made
marker "PIPED CALL OUT REQUEST KEY TO KEYRING"
prequest_key_callout --new=keyid gizzard user debug:lizard $keyringid
# should have appeared once each in the sandbox and session keyrings
marker "CHECK ATTACHMENT TO KEYRING"
list_keyring $keyringid
expect_keyring_rlist rlist $keyid
marker "CHECK ATTACHMENT TO SESSION"
list_keyring @s
expect_keyring_rlist rlist $keyid
# re-requesting should pick up that key again
marker "REDO PIPED CALL OUT REQUEST KEY TO KEYRING"
prequest_key_callout --old=$keyid gizzard user debug:lizard $keyringid
# remove the key from the session
marker "DETACH KEY"
unlink_key $keyid $keyringid
unlink_key --wait $keyid @s
unlink_key --fail $keyid @s
expect_error ENOKEY
# remove the keyrings we added
marker "UNLINK KEYRINGS"
unlink_key $keyringid @s
set_gc_delay $orig_gc_delay
echo "++++ FINISHED TEST: $result" >>$OUTPUTFILE
# --- then report the results in the database ---
toolbox_report_result $TEST $result
|