diff options
Diffstat (limited to 'testkiki')
-rw-r--r-- | testkiki/testkiki.hs | 35 |
1 files changed, 24 insertions, 11 deletions
diff --git a/testkiki/testkiki.hs b/testkiki/testkiki.hs index db984f5..c45764f 100644 --- a/testkiki/testkiki.hs +++ b/testkiki/testkiki.hs | |||
@@ -22,6 +22,7 @@ import Data.Time.Clock | |||
22 | import Data.Time.Clock.POSIX | 22 | import Data.Time.Clock.POSIX |
23 | import Data.IORef | 23 | import Data.IORef |
24 | import Crypto.Hash.SHA1 (hash) | 24 | import Crypto.Hash.SHA1 (hash) |
25 | import System.IO.Unsafe (unsafePerformIO) | ||
25 | 26 | ||
26 | #if !MIN_VERSION_base(4,7,0) | 27 | #if !MIN_VERSION_base(4,7,0) |
27 | setEnv k v = System.Posix.Env.setEnv k v True | 28 | setEnv k v = System.Posix.Env.setEnv k v True |
@@ -65,6 +66,9 @@ main = do | |||
65 | putStrLn "===" | 66 | putStrLn "===" |
66 | doTests config | 67 | doTests config |
67 | 68 | ||
69 | {-# NOINLINE didFirstEportSecret #-} | ||
70 | didFirstEportSecret = unsafePerformIO $ newIORef False | ||
71 | |||
68 | doTests :: TestKikiSettings -> IO () | 72 | doTests :: TestKikiSettings -> IO () |
69 | doTests tkConfig = hspec $ do | 73 | doTests tkConfig = hspec $ do |
70 | {- | 74 | {- |
@@ -73,6 +77,7 @@ doTests tkConfig = hspec $ do | |||
73 | it "throws an exception" $ | 77 | it "throws an exception" $ |
74 | evaluate (error "TODO:testsuite") `shouldThrow` anyException | 78 | evaluate (error "TODO:testsuite") `shouldThrow` anyException |
75 | -} | 79 | -} |
80 | didInit3 <- runIO $! newIORef False | ||
76 | 81 | ||
77 | -- **** kiki tests ***** | 82 | -- **** kiki tests ***** |
78 | describe "kiki init" $ do | 83 | describe "kiki init" $ do |
@@ -107,10 +112,10 @@ doTests tkConfig = hspec $ do | |||
107 | let p = (chroot cfg </> "root" </> ".gnupg" </> "secring.gpg") | 112 | let p = (chroot cfg </> "root" </> ".gnupg" </> "secring.gpg") |
108 | b <- doesFileExist p | 113 | b <- doesFileExist p |
109 | let c = isInfixOf "New packet" output | 114 | let c = isInfixOf "New packet" output |
115 | when (b && c) $ writeIORef didInit3 True | ||
110 | (b,c) `shouldBe` (True,True) | 116 | (b,c) `shouldBe` (True,True) |
111 | 117 | ||
112 | describe "kiki export-secret --pems" $ do | 118 | describe "kiki export-secret --pems" $ do |
113 | |||
114 | t <- runIO $ getPOSIXTime | 119 | t <- runIO $ getPOSIXTime |
115 | mtime1 <- runIO $ newIORef (posixSecondsToUTCTime t) | 120 | mtime1 <- runIO $ newIORef (posixSecondsToUTCTime t) |
116 | mtime2 <- runIO $ newIORef (posixSecondsToUTCTime t) | 121 | mtime2 <- runIO $ newIORef (posixSecondsToUTCTime t) |
@@ -118,6 +123,8 @@ doTests tkConfig = hspec $ do | |||
118 | hash2 <- runIO $ newIORef "" | 123 | hash2 <- runIO $ newIORef "" |
119 | 124 | ||
120 | it "creates external pem files which do not exist" $ do | 125 | it "creates external pem files which do not exist" $ do |
126 | bDidInit3 <-readIORef didInit3 | ||
127 | if not bDidInit3 then skipThisTest else do | ||
121 | let cfg' = appendpaths tkConfig "3" | 128 | let cfg' = appendpaths tkConfig "3" |
122 | home = chroot cfg' </> "root" | 129 | home = chroot cfg' </> "root" |
123 | gnuhome = home </> ".gnupg" | 130 | gnuhome = home </> ".gnupg" |
@@ -143,9 +150,12 @@ doTests tkConfig = hspec $ do | |||
143 | createDirectoryIfMissing True secs | 150 | createDirectoryIfMissing True secs |
144 | kiki ("export-secret":extraArgs) | 151 | kiki ("export-secret":extraArgs) |
145 | exists <- mapM doesFileExist files | 152 | exists <- mapM doesFileExist files |
153 | when (and exists) $ writeIORef didFirstEportSecret True | ||
146 | exists `shouldBe` replicate (length files) True | 154 | exists `shouldBe` replicate (length files) True |
147 | 155 | ||
148 | it "does not modify mtime nor SHA1 of GNUPGHOME keyrings" $ do | 156 | it "does not modify mtime nor SHA1 of GNUPGHOME keyrings" $ do |
157 | bDidFirstExportSecret <- readIORef didFirstEportSecret | ||
158 | if not bDidFirstExportSecret then skipThisTest else do | ||
149 | let cfg' = appendpaths tkConfig "3" | 159 | let cfg' = appendpaths tkConfig "3" |
150 | home = chroot cfg' </> "root" | 160 | home = chroot cfg' </> "root" |
151 | gnuhome = home </> ".gnupg" | 161 | gnuhome = home </> ".gnupg" |
@@ -170,7 +180,7 @@ doTests tkConfig = hspec $ do | |||
170 | 180 | ||
171 | 181 | ||
172 | describe "kiki export-public --pems" $ do | 182 | describe "kiki export-public --pems" $ do |
173 | 183 | didExportPublic <- runIO $ newIORef False | |
174 | t <- runIO $ getPOSIXTime | 184 | t <- runIO $ getPOSIXTime |
175 | mtime1 <- runIO $ newIORef (posixSecondsToUTCTime t) | 185 | mtime1 <- runIO $ newIORef (posixSecondsToUTCTime t) |
176 | mtime2 <- runIO $ newIORef (posixSecondsToUTCTime t) | 186 | mtime2 <- runIO $ newIORef (posixSecondsToUTCTime t) |
@@ -178,6 +188,8 @@ doTests tkConfig = hspec $ do | |||
178 | hash2 <- runIO $ newIORef "" | 188 | hash2 <- runIO $ newIORef "" |
179 | 189 | ||
180 | it "creates external pem files which do not exist" $ do | 190 | it "creates external pem files which do not exist" $ do |
191 | bDidInit3 <-readIORef didInit3 | ||
192 | if not bDidInit3 then skipThisTest else do | ||
181 | let cfg' = appendpaths tkConfig "3" | 193 | let cfg' = appendpaths tkConfig "3" |
182 | home = chroot cfg' </> "root" | 194 | home = chroot cfg' </> "root" |
183 | gnuhome = home </> ".gnupg" | 195 | gnuhome = home </> ".gnupg" |
@@ -202,9 +214,12 @@ doTests tkConfig = hspec $ do | |||
202 | createDirectoryIfMissing True pubs | 214 | createDirectoryIfMissing True pubs |
203 | kiki ("export-public":extraArgs) | 215 | kiki ("export-public":extraArgs) |
204 | exists <- mapM doesFileExist files | 216 | exists <- mapM doesFileExist files |
217 | when (and exists) $ writeIORef didExportPublic True | ||
205 | exists `shouldBe` replicate (length files) True | 218 | exists `shouldBe` replicate (length files) True |
206 | 219 | ||
207 | it "does not modify mtime nor SHA1 of GNUPGHOME keyrings" $ do | 220 | it "does not modify mtime nor SHA1 of GNUPGHOME keyrings" $ do |
221 | bDidInit3 <-readIORef didInit3 | ||
222 | if not bDidInit3 then skipThisTest else do | ||
208 | let cfg' = appendpaths tkConfig "3" | 223 | let cfg' = appendpaths tkConfig "3" |
209 | home = chroot cfg' </> "root" | 224 | home = chroot cfg' </> "root" |
210 | gnuhome = home </> ".gnupg" | 225 | gnuhome = home </> ".gnupg" |
@@ -221,6 +236,8 @@ doTests tkConfig = hspec $ do | |||
221 | ([ tsec , tpub], hsec == hsec0, hpub == hpub0 ) `shouldBe` ([ tsec0,tpub0],True,True) | 236 | ([ tsec , tpub], hsec == hsec0, hpub == hpub0 ) `shouldBe` ([ tsec0,tpub0],True,True) |
222 | 237 | ||
223 | it "always makes strictly smaller files than export-secret" $ do | 238 | it "always makes strictly smaller files than export-secret" $ do |
239 | bDidFirstExportSecret <-readIORef didFirstEportSecret | ||
240 | if not bDidFirstExportSecret then skipThisTest else do | ||
224 | let cfg' = appendpaths tkConfig "3" | 241 | let cfg' = appendpaths tkConfig "3" |
225 | home = chroot cfg' </> "root" | 242 | home = chroot cfg' </> "root" |
226 | gnuhome = home </> ".gnupg" | 243 | gnuhome = home </> ".gnupg" |
@@ -236,23 +253,19 @@ doTests tkConfig = hspec $ do | |||
236 | 253 | ||
237 | -- **** cokiki tests ***** | 254 | -- **** cokiki tests ***** |
238 | describe "cokiki ssh-client" $ do | 255 | describe "cokiki ssh-client" $ do |
239 | it "modifies system ssh configuration to respect /var/cache/kiki/ssh_known_hosts" $ do | 256 | it "modifies system ssh configuration to respect /var/cache/kiki/ssh_known_hosts." $ do |
240 | pending | ||
241 | it "sets kiki ssh-server key to /etc/ssh/ssh_host_rsa_key" $ do | ||
242 | pending | ||
243 | it "replaces existing ssh-server key with /etc/ssh/ssh_hosts_rsa_key" $ do | ||
244 | pending | ||
245 | it "refreshes /var/cache/kiki/*" $ do | ||
246 | pending | 257 | pending |
247 | 258 | ||
248 | describe "cokiki ssh-server" $ do | 259 | describe "cokiki ssh-server" $ do |
249 | it "does something" $ | 260 | it "modifies system ssh config to use /var/cache/kiki/ssh_host_rsa_key." $ do |
250 | pending | 261 | pending |
251 | 262 | ||
252 | describe "cokiki strongswan" $ do | 263 | describe "cokiki strongswan" $ do |
253 | it "does something" $ | 264 | it "modifies /etc/ipsec.conf to include settings from /var/cache/kiki/ipsec.conf." $ do |
254 | pending | 265 | pending |
266 | |||
255 | where | 267 | where |
268 | skipThisTest = pendingWith "SKIPPING due to prior failure." | ||
256 | kiki'Env config args = do | 269 | kiki'Env config args = do |
257 | setEnv "GNUPGHOME" (chroot config </> gnupghome config) | 270 | setEnv "GNUPGHOME" (chroot config </> gnupghome config) |
258 | let args' = args ++ ["--chroot=" ++ chroot config] | 271 | let args' = args ++ ["--chroot=" ++ chroot config] |