1619654056.v9-3-g69b47ce.tests-unify-tests.patch 6.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232
  1. Subject: Tests: unify tests
  2. Origin: upstream, v9-3-g69b47ce <https://github.com/latchset/tang/commit/v9-3-g69b47ce>
  3. Upstream-Author: Sergio Correia <scorreia@redhat.com>
  4. Date: Wed Apr 28 20:54:16 2021 -0300
  5. Let's try to not duplicate tests but instead reuse them across the
  6. supported platforms.
  7. --- a/tests/adv
  8. +++ b/tests/adv
  9. @@ -1,4 +1,4 @@
  10. -#!/bin/bash -x
  11. +#!/bin/sh -ex
  12. # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
  13. #
  14. # Copyright (c) 2016 Red Hat, Inc.
  15. @@ -18,35 +18,11 @@
  16. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  17. #
  18. -function fetch() {
  19. - curl -sfg http://127.0.0.1:$PORT$1
  20. -}
  21. -
  22. -function ver() {
  23. - jose jws ver -i- -k "$1"
  24. -}
  25. -
  26. -function on_exit() {
  27. - if [ "$PID" ]; then kill $PID; wait $PID || true; fi
  28. - [ -d "$TMP" ] && rm -rf $TMP
  29. -}
  30. -
  31. -validate() {
  32. - if ! _jwks="$(jose fmt --json="${1}" -Og payload -SyOg keys \
  33. - -AUo- 2>/dev/null)"; then
  34. - echo "Advertisement is malformed" >&2
  35. - exit 1
  36. - fi
  37. - _ver="$(printf '%s' "${_jwks}" | jose jwk use -i- -r -u verify -o-)"
  38. - if ! printf '%s' "${_ver}" | jose jws ver -i "${1}" -k- -a; then
  39. - echo "Advertisement is missing signatures" >&2
  40. - exit 1
  41. - fi
  42. -}
  43. +. helpers
  44. -trap 'on_exit' EXIT
  45. -trap 'exit' ERR
  46. +sanity_check
  47. +trap 'on_exit' EXIT
  48. export TMP=`mktemp -d`
  49. mkdir -p $TMP/db
  50. @@ -54,8 +30,8 @@
  51. jose jwk gen -i '{"alg": "ES512"}' -o $TMP/db/.sig.jwk
  52. jose jwk gen -i '{"alg": "ES512"}' -o $TMP/db/.oth.jwk
  53. -export PORT=`shuf -i 1024-65536 -n 1`
  54. -$SD_ACTIVATE -l "127.0.0.1:$PORT" -a $VALGRIND tangd $TMP/db &
  55. +export PORT=$(random_port)
  56. +start_server "${PORT}"
  57. export PID=$!
  58. sleep 0.5
  59. @@ -95,7 +71,7 @@
  60. -g 0 -Og protected -SyOg cty -Sq "jwk-set+json" -EUUUUU \
  61. -g 1 -Og protected -SyOg cty -Sq "jwk-set+json" -EUUUUU
  62. -test "$(tang-show-keys $PORT)" == "$(jose jwk thp -i $TMP/db/sig.jwk)"
  63. +test "$(tang-show-keys $PORT)" = "$(jose jwk thp -i $TMP/db/sig.jwk)"
  64. # Check that new keys will be created if none exist.
  65. rm -rf "${TMP}/db" && mkdir -p "${TMP}/db"
  66. --- /dev/null
  67. +++ b/tests/helpers
  68. @@ -0,0 +1,62 @@
  69. +#!/bin/sh -ex
  70. +# vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
  71. +#
  72. +# Copyright (c) 2016 Red Hat, Inc.
  73. +# Author: Nathaniel McCallum <npmccallum@redhat.com>
  74. +#
  75. +# This program is free software: you can redistribute it and/or modify
  76. +# it under the terms of the GNU General Public License as published by
  77. +# the Free Software Foundation, either version 3 of the License, or
  78. +# (at your option) any later version.
  79. +#
  80. +# This program is distributed in the hope that it will be useful,
  81. +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  82. +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  83. +# GNU General Public License for more details.
  84. +#
  85. +# You should have received a copy of the GNU General Public License
  86. +# along with this program. If not, see <http://www.gnu.org/licenses/>.
  87. +#
  88. +
  89. +fetch() {
  90. + curl -sfg "http://127.0.0.1:${PORT}${1}"
  91. +}
  92. +
  93. +ver() {
  94. + jose jws ver -i- -k "${1}"
  95. +}
  96. +
  97. +random_port() {
  98. + if [ -n "${TANG_BSD}" ]; then
  99. + jot -r 1 1024 65536
  100. + else
  101. + shuf -i 1024-65536 -n 1
  102. + fi
  103. +}
  104. +
  105. +start_server() {
  106. + "${SOCAT}" TCP-LISTEN:"${1}",bind=127.0.0.1,fork SYSTEM:"${VALGRIND} tangd ${TMP}/db" &
  107. +}
  108. +
  109. +on_exit() {
  110. + if [ "$PID" ]; then kill "${PID}"; wait "${PID}" || true; fi
  111. + [ -d "${TMP}" ] && rm -rf "${TMP}"
  112. +}
  113. +
  114. +validate() {
  115. + if ! _jwks="$(jose fmt --json="${1}" -Og payload -SyOg keys \
  116. + -AUo- 2>/dev/null)"; then
  117. + echo "Advertisement is malformed" >&2
  118. + exit 1
  119. + fi
  120. + _ver="$(printf '%s' "${_jwks}" | jose jwk use -i- -r -u verify -o-)"
  121. + if ! printf '%s' "${_ver}" | jose jws ver -i "${1}" -k- -a; then
  122. + echo "Advertisement is missing signatures" >&2
  123. + exit 1
  124. + fi
  125. +}
  126. +
  127. +sanity_check() {
  128. + # Skip test if socat is not available.
  129. + [ -n "${SOCAT}" ] || exit 77
  130. +}
  131. --- a/tests/meson.build
  132. +++ b/tests/meson.build
  133. @@ -18,9 +18,8 @@
  134. include_directories: incdir
  135. )
  136. -sd_activate = find_program(
  137. - 'systemd-socket-activate',
  138. - 'systemd-activate',
  139. +socat = find_program(
  140. + 'socat',
  141. required: false
  142. )
  143. @@ -28,15 +27,21 @@
  144. env.prepend('PATH',
  145. join_paths(meson.source_root(), 'src'),
  146. join_paths(meson.build_root(), 'src'),
  147. + join_paths(meson.source_root(), 'tests'),
  148. + join_paths(meson.build_root(), 'tests'),
  149. separator: ':'
  150. )
  151. -if sd_activate.found()
  152. - env.set('SD_ACTIVATE', sd_activate.path() + ' --inetd')
  153. +if build_machine.system() == 'freebsd'
  154. + env.set('TANG_BSD', '1')
  155. +endif
  156. - test('adv', find_program('adv'), env: env, timeout: 60)
  157. - test('rec', find_program('rec'), env: env)
  158. +if socat.found()
  159. + env.set('SOCAT', socat.path())
  160. endif
  161. +
  162. +test('adv', find_program('adv'), env: env, timeout: 60)
  163. +test('rec', find_program('rec'), env: env)
  164. test('test-keys', test_keys, env: env, timeout: 60)
  165. # vim:set ts=2 sw=2 et:
  166. --- a/tests/rec
  167. +++ b/tests/rec
  168. @@ -1,4 +1,4 @@
  169. -#!/bin/bash -x
  170. +#!/bin/sh -ex
  171. # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
  172. #
  173. # Copyright (c) 2016 Red Hat, Inc.
  174. @@ -18,14 +18,11 @@
  175. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  176. #
  177. -function on_exit() {
  178. - if [ "$PID" ]; then kill $PID; wait $PID || true; fi
  179. - [ -d "$TMP" ] && rm -rf $TMP
  180. -}
  181. +. helpers
  182. -trap 'on_exit' EXIT
  183. -trap 'exit' ERR
  184. +sanity_check
  185. +trap 'on_exit' EXIT
  186. export TMP=`mktemp -d`
  187. mkdir -p $TMP/db
  188. @@ -39,19 +36,19 @@
  189. jose jwk pub -i $TMP/exc.jwk -o $TMP/exc.pub.jwk
  190. # Start the server
  191. -port=`shuf -i 1024-65536 -n 1`
  192. -$SD_ACTIVATE -l 127.0.0.1:$port -a $VALGRIND tangd $TMP/db &
  193. +export PORT=$(random_port)
  194. +start_server "${PORT}"
  195. export PID=$!
  196. sleep 0.5
  197. # Make sure that GET fails
  198. -! curl -sf http://127.0.0.1:$port/rec
  199. -! curl -sf http://127.0.0.1:$port/rec/
  200. +! curl -sf http://127.0.0.1:$PORT/rec
  201. +! curl -sf http://127.0.0.1:$PORT/rec/
  202. # Make a recovery request (NOTE: this is insecure! Don't do this in real code!)
  203. good=`jose jwk exc -i '{"alg":"ECMR","key_ops":["deriveKey"]}' -l $TMP/exc.jwk -r $TMP/db/exc.jwk`
  204. test=`curl -sf -X POST \
  205. -H "Content-Type: application/jwk+json" \
  206. --data-binary @- \
  207. - http://127.0.0.1:$port/rec/${exc_kid} < $TMP/exc.pub.jwk`
  208. -[ "$good" == "$test" ]
  209. + http://127.0.0.1:$PORT/rec/${exc_kid} < $TMP/exc.pub.jwk`
  210. +[ "$good" = "$test" ]