Subject: Tests: unify tests Origin: v9-3-g69b47ce Upstream-Author: Sergio Correia Date: Wed Apr 28 20:54:16 2021 -0300 Let's try to not duplicate tests but instead reuse them across the supported platforms. --- a/tests/adv +++ b/tests/adv @@ -1,4 +1,4 @@ -#!/bin/bash -x +#!/bin/sh -ex # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80: # # Copyright (c) 2016 Red Hat, Inc. @@ -18,35 +18,11 @@ # along with this program. If not, see . # -function fetch() { - curl -sfg http://127.0.0.1:$PORT$1 -} - -function ver() { - jose jws ver -i- -k "$1" -} - -function on_exit() { - if [ "$PID" ]; then kill $PID; wait $PID || true; fi - [ -d "$TMP" ] && rm -rf $TMP -} - -validate() { - if ! _jwks="$(jose fmt --json="${1}" -Og payload -SyOg keys \ - -AUo- 2>/dev/null)"; then - echo "Advertisement is malformed" >&2 - exit 1 - fi - _ver="$(printf '%s' "${_jwks}" | jose jwk use -i- -r -u verify -o-)" - if ! printf '%s' "${_ver}" | jose jws ver -i "${1}" -k- -a; then - echo "Advertisement is missing signatures" >&2 - exit 1 - fi -} +. helpers -trap 'on_exit' EXIT -trap 'exit' ERR +sanity_check +trap 'on_exit' EXIT export TMP=`mktemp -d` mkdir -p $TMP/db @@ -54,8 +30,8 @@ jose jwk gen -i '{"alg": "ES512"}' -o $TMP/db/.sig.jwk jose jwk gen -i '{"alg": "ES512"}' -o $TMP/db/.oth.jwk -export PORT=`shuf -i 1024-65536 -n 1` -$SD_ACTIVATE -l "127.0.0.1:$PORT" -a $VALGRIND tangd $TMP/db & +export PORT=$(random_port) +start_server "${PORT}" export PID=$! sleep 0.5 @@ -95,7 +71,7 @@ -g 0 -Og protected -SyOg cty -Sq "jwk-set+json" -EUUUUU \ -g 1 -Og protected -SyOg cty -Sq "jwk-set+json" -EUUUUU -test "$(tang-show-keys $PORT)" == "$(jose jwk thp -i $TMP/db/sig.jwk)" +test "$(tang-show-keys $PORT)" = "$(jose jwk thp -i $TMP/db/sig.jwk)" # Check that new keys will be created if none exist. rm -rf "${TMP}/db" && mkdir -p "${TMP}/db" --- /dev/null +++ b/tests/helpers @@ -0,0 +1,62 @@ +#!/bin/sh -ex +# vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80: +# +# Copyright (c) 2016 Red Hat, Inc. +# Author: Nathaniel McCallum +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +fetch() { + curl -sfg "http://127.0.0.1:${PORT}${1}" +} + +ver() { + jose jws ver -i- -k "${1}" +} + +random_port() { + if [ -n "${TANG_BSD}" ]; then + jot -r 1 1024 65536 + else + shuf -i 1024-65536 -n 1 + fi +} + +start_server() { + "${SOCAT}" TCP-LISTEN:"${1}",bind=127.0.0.1,fork SYSTEM:"${VALGRIND} tangd ${TMP}/db" & +} + +on_exit() { + if [ "$PID" ]; then kill "${PID}"; wait "${PID}" || true; fi + [ -d "${TMP}" ] && rm -rf "${TMP}" +} + +validate() { + if ! _jwks="$(jose fmt --json="${1}" -Og payload -SyOg keys \ + -AUo- 2>/dev/null)"; then + echo "Advertisement is malformed" >&2 + exit 1 + fi + _ver="$(printf '%s' "${_jwks}" | jose jwk use -i- -r -u verify -o-)" + if ! printf '%s' "${_ver}" | jose jws ver -i "${1}" -k- -a; then + echo "Advertisement is missing signatures" >&2 + exit 1 + fi +} + +sanity_check() { + # Skip test if socat is not available. + [ -n "${SOCAT}" ] || exit 77 +} --- a/tests/meson.build +++ b/tests/meson.build @@ -18,9 +18,8 @@ include_directories: incdir ) -sd_activate = find_program( - 'systemd-socket-activate', - 'systemd-activate', +socat = find_program( + 'socat', required: false ) @@ -28,15 +27,21 @@ env.prepend('PATH', join_paths(meson.source_root(), 'src'), join_paths(meson.build_root(), 'src'), + join_paths(meson.source_root(), 'tests'), + join_paths(meson.build_root(), 'tests'), separator: ':' ) -if sd_activate.found() - env.set('SD_ACTIVATE', sd_activate.path() + ' --inetd') +if build_machine.system() == 'freebsd' + env.set('TANG_BSD', '1') +endif - test('adv', find_program('adv'), env: env, timeout: 60) - test('rec', find_program('rec'), env: env) +if socat.found() + env.set('SOCAT', socat.path()) endif + +test('adv', find_program('adv'), env: env, timeout: 60) +test('rec', find_program('rec'), env: env) test('test-keys', test_keys, env: env, timeout: 60) # vim:set ts=2 sw=2 et: --- a/tests/rec +++ b/tests/rec @@ -1,4 +1,4 @@ -#!/bin/bash -x +#!/bin/sh -ex # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80: # # Copyright (c) 2016 Red Hat, Inc. @@ -18,14 +18,11 @@ # along with this program. If not, see . # -function on_exit() { - if [ "$PID" ]; then kill $PID; wait $PID || true; fi - [ -d "$TMP" ] && rm -rf $TMP -} +. helpers -trap 'on_exit' EXIT -trap 'exit' ERR +sanity_check +trap 'on_exit' EXIT export TMP=`mktemp -d` mkdir -p $TMP/db @@ -39,19 +36,19 @@ jose jwk pub -i $TMP/exc.jwk -o $TMP/exc.pub.jwk # Start the server -port=`shuf -i 1024-65536 -n 1` -$SD_ACTIVATE -l 127.0.0.1:$port -a $VALGRIND tangd $TMP/db & +export PORT=$(random_port) +start_server "${PORT}" export PID=$! sleep 0.5 # Make sure that GET fails -! curl -sf http://127.0.0.1:$port/rec -! curl -sf http://127.0.0.1:$port/rec/ +! curl -sf http://127.0.0.1:$PORT/rec +! curl -sf http://127.0.0.1:$PORT/rec/ # Make a recovery request (NOTE: this is insecure! Don't do this in real code!) good=`jose jwk exc -i '{"alg":"ECMR","key_ops":["deriveKey"]}' -l $TMP/exc.jwk -r $TMP/db/exc.jwk` test=`curl -sf -X POST \ -H "Content-Type: application/jwk+json" \ --data-binary @- \ - http://127.0.0.1:$port/rec/${exc_kid} < $TMP/exc.pub.jwk` -[ "$good" == "$test" ] + http://127.0.0.1:$PORT/rec/${exc_kid} < $TMP/exc.pub.jwk` +[ "$good" = "$test" ]