diff options
Diffstat (limited to 'tests/rep-auth.testscript')
-rw-r--r-- | tests/rep-auth.testscript | 634 |
1 files changed, 634 insertions, 0 deletions
diff --git a/tests/rep-auth.testscript b/tests/rep-auth.testscript new file mode 100644 index 0000000..ede815b --- /dev/null +++ b/tests/rep-auth.testscript @@ -0,0 +1,634 @@ +# file : tests/rep-auth.testscript +# copyright : Copyright (c) 2014-2018 Code Synthesis Ltd +# license : MIT; see accompanying LICENSE file + +.include common.testscript auth.testscript config.testscript remote.testscript + +# There is no rep-auth command, and this testscript contains tests for various +# authentication scenarios throughout different stages of repositories +# preparation and consumption. Note that by that reason usage of $* is +# meaningless. +# + +# Source repository: +# +# rep-auth +# |-- expired +# | |-- foo-1.tar.gz +# | |-- packages.manifest +# | |-- repositories.manifest +# | `-- signature.manifest +# `-- unsigned +# |-- foo-1.tar.gz +# `-- repositories.manifest + +# Prepare repositories used by tests if running in the local mode. +# ++if ($remote != true) + rc = $rep_create 2>! + + # Create the 'unsigned1' repository. + # + cp -r $src/unsigned $out/unsigned1 + $rc $out/unsigned1 &$out/unsigned1/packages.manifest + + # Create the 'unsigned2' repository. This is a copy of the just created + # 'unsigned1' repository. + # + cp -r $out/unsigned1 $out/unsigned2 + + # Create the 'signed' repository. + # + cp -r $src/unsigned $out/signed + cat <<<$cert_manifest >+$out/signed/repositories.manifest + + $rc --key $key $out/signed &$out/signed/packages.manifest \ + &$out/signed/signature.manifest + + # Create the 'self-match' repository. Note that its certificate name is + # the '*build2.org' wildcard (matches build2.org and any single-level + # subdomain). + # + cp -r $src/unsigned $out/self-match + + echo 'certificate: \' >+$out/self-match/repositories.manifest + cat <<<$src_base/auth/self-cert.pem >+$out/self-match/repositories.manifest + echo '\' >+$out/self-match/repositories.manifest + + $rc --key $key $out/self-match &$out/self-match/packages.manifest \ + &$out/self-match/signature.manifest + + # Create the 'self-any-match' repository. Note that its certificate name is + # the '**build2.org' wildcard (matches build2.org and any subdomain). + # + cp -r $src/unsigned $out/self-any-match + + echo 'certificate: \' >+$out/self-any-match/repositories.manifest + cat <<<$src_base/auth/self-any-cert.pem >+$out/self-any-match/repositories.manifest + echo '\' >+$out/self-any-match/repositories.manifest + + $rc --key $key $out/self-any-match &$out/self-any-match/packages.manifest \ + &$out/self-any-match/signature.manifest + + # Create the 'subdomain-match' repository. Note that its certificate name is + # the '*.build2.org' wildcard (matches any single-level subdomain of + # build2.org). + # + cp -r $src/unsigned $out/subdomain-match + + echo 'certificate: \' >+$out/subdomain-match/repositories.manifest + cat <<<$src_base/auth/subdomain-cert.pem >+$out/subdomain-match/repositories.manifest + echo '\' >+$out/subdomain-match/repositories.manifest + + $rc --key $key $out/subdomain-match &$out/subdomain-match/packages.manifest \ + &$out/subdomain-match/signature.manifest + + # Create the 'name-mismatch' repository. Note that its certificate name + # mismatches the repository location. + # + cp -r $src/unsigned $out/name-mismatch + + echo 'certificate: \' >+$out/name-mismatch/repositories.manifest + cat <<<$src_base/auth/mismatch-cert.pem >+$out/name-mismatch/repositories.manifest + echo '\' >+$out/name-mismatch/repositories.manifest + + $rc --key $key $out/name-mismatch &$out/name-mismatch/packages.manifest \ + &$out/name-mismatch/signature.manifest + + # Create the 'expired' repository. This repository is "pre-created" and its + # certificate is expired by now. So we just copy it from the source + # directory. + # + cp -r $src/expired $out/expired + + # Create the 'sha256sum-mismatch' repository. This is a copy of the just + # created 'signed' repository that has the sha256sum manifest value tampered. + # + cp -r $out/signed $out/sha256sum-mismatch + + v = 'd374c59b36fdbdbd0d4468665061d94fda9c6c687863dfe72b0bcc34ff9d5fb4' + + sed -i -e "s/^\(sha256sum: \).*\$/\\1$v/" \ + $out/sha256sum-mismatch/signature.manifest + + # Create the 'signature-mismatch' repository. This is a copy of the just + # created 'signed' repository that has the signature manifest value tampered. + # + cp -r $out/signed $out/signature-mismatch + + # Here we tamper the last signature line (the one of 76 chars length, without + # spaces and terminated with '='). + # + v = 'mnBAsS529NUdNIQy8EB4si/UK26ICaMywbLeHDVvWOB+AsqZ5rj8VjGDamLbmUrDr3ru7BU1gJU=' + sed -i -e "s%^[^ ]{75}=\$%$v%" $out/signature-mismatch/signature.manifest +end + +pkg_status += -d cfg +rep_add += -d cfg 2>! +rep_fetch += -d cfg + +# Check if rep-fetch command was successfull or not. +# +fetched = $pkg_status foo >'foo available 1' +not_fetched = $pkg_status foo >'foo unknown' + +sc = " " # Space character to append to here-document line when required. + +: no-auth +: +: Test that local repositories do not require authentication by default. +: +{ + r = 1/signed + +mkdir 1/ + +cp -r $src/unsigned $r + +cat <<<$cert_manifest >+$r/repositories.manifest + +$rep_create --key $key $r &$r/packages.manifest &$r/signature.manifest 2>! + + : rep-fetch + : + { + $clone_root_cfg && $rep_add ../$r; + + $rep_fetch 2>>/~%EOE% + %fetching .+/no-auth/signed% + 1 package(s) in 1 repository(s) + EOE + } + + : rep-info + : + $clone_root_cfg; + $rep_info --cert-name ../$r >'name:build2.org' +} + +: signed +: +{ + : rep-fetch + : + { + +$clone_root_cfg && $rep_add $rep/signed + rep_fetch += --auth all &?cfg/.bpkg/certs/** + + : no-auth + : + { + $clone_cfg; + + $rep_fetch 2>>"EOE" != 0; + fetching pkg:build2.org/rep-auth/signed + warning: authenticity of the certificate for repository pkg:build2.org/rep-auth/signed cannot be established + certificate is for build2.org, "Code Synthesis" <info@build2.org> + certificate SHA256 fingerprint: + $cert_fp + trust this certificate? [y/n]$sc + error: unable to read y/n answer from stdin + EOE + + $not_fetched + } + + : trust-fp + : + { + $clone_cfg; + + $rep_fetch --trust $cert_fp 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $fetched + } + + : trust-fp-no + : + { + $clone_cfg; + + $rep_fetch --trust-no --trust $cert_fp 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $fetched + } + + : trust-yes + : + { + $clone_cfg; + + $rep_fetch --trust-yes 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $fetched + } + + : trust-no + : + { + $clone_cfg; + + $rep_fetch --trust-no 2>>EOE != 0; + fetching pkg:build2.org/rep-auth/signed + error: authenticity of the certificate for repository pkg:build2.org/rep-auth/signed cannot be established + EOE + + $not_fetched + } + + : trust-yes-no + : + { + $clone_cfg; + + $rep_fetch --trust-yes --trust-no 2>>EOE != 0; + fetching pkg:build2.org/rep-auth/signed + error: --trust-yes and --trust-no are mutually exclusive + EOE + + $not_fetched + } + + : already-trusted + : + { + $clone_cfg; + + $rep_fetch --trust-yes 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $rep_fetch 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $fetched; + + $rep_fetch --trust-no 2>>EOE; + fetching pkg:build2.org/rep-auth/signed + 1 package(s) in 1 repository(s) + EOE + + $fetched + } + } + + : rep-info + : + { + rep_info += --cert-name --auth all $rep/signed + + : no-auth + : + $rep_info 2>>"EOE" != 0 + warning: authenticity of the certificate for repository pkg:build2.org/rep-auth/signed cannot be established + certificate is for build2.org, "Code Synthesis" <info@build2.org> + certificate SHA256 fingerprint: + $cert_fp + trust this certificate? [y/n]$sc + error: unable to read y/n answer from stdin + EOE + + : trust-fp + : + $rep_info --trust $cert_fp >'name:build2.org' + + : trust-yes + : + $rep_info --trust-yes >'name:build2.org' + + : trust-no + : + $rep_info --trust-no 2>>EOE != 0 + error: authenticity of the certificate for repository pkg:build2.org/rep-auth/signed cannot be established + EOE + + : already-trusted + : + { + $clone_root_cfg; + rep_info += -d cfg; + + $rep_info --trust "$cert_fp" &cfg/.bpkg/certs/** >>EOO; + name:build2.org + EOO + + $rep_info >'name:build2.org' + } + } + + : subdomain-wildcard + : + { + rep_info += --auth all --trust-yes --cert-name + + : self + : + { + : exact + : + $rep_info $rep/self-match >'name:*build2.org' + + : subdomain + : + if ($remote != true) + { + : first-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/a.build2.org/); + mkdir -p $r; + cp -r $rep/self-match $r; + + $rep_info $r/self-match >'name:*build2.org' + } + + : second-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/b.a.build2.org/); + mkdir -p $r; + cp -r $rep/self-match $r; + + $rep_info $r/self-match 2>>EOE != 0 + error: certificate name mismatch for repository pkg:b.a.build2.org/self-match + info: certificate name is *build2.org + EOE + } + } + } + + : self-any + : + { + : exact + : + $rep_info $rep/self-any-match >'name:**build2.org' + + : subdomain + : + if ($remote != true) + { + : first-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/a.build2.org/); + mkdir -p $r; + cp -r $rep/self-any-match $r; + + $rep_info $r/self-any-match >'name:**build2.org' + } + + : second-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/b.a.build2.org/); + mkdir -p $r; + cp -r $rep/self-any-match $r; + + $rep_info $r/self-any-match >'name:**build2.org' + } + } + } + + : subdomain + : + { + : exact + : + $rep_info $rep/subdomain-match 2>>EOE != 0 + error: certificate name mismatch for repository pkg:build2.org/rep-auth/subdomain-match + info: certificate name is *.build2.org + EOE + + : subdomain + : + if ($remote != true) + { + : first-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/a.build2.org/); + mkdir -p $r; + cp -r $rep/subdomain-match $r; + + $rep_info $r/subdomain-match >'name:*.build2.org' + } + + : second-level + : + { + r = $canonicalize([dir_path] $~/pkg/1/b.a.build2.org/); + mkdir -p $r; + cp -r $rep/subdomain-match $r; + + $rep_info $r/subdomain-match 2>>EOE != 0 + error: certificate name mismatch for repository pkg:b.a.build2.org/subdomain-match + info: certificate name is *.build2.org + EOE + } + } + } + } +} + +: unsigned +: +{ + : rep-fetch + : + { + +$clone_root_cfg && $rep_add $rep/unsigned1 + rep_fetch += --auth all + + : no-auth + : + { + $clone_cfg; + + $rep_fetch 2>>~%EOE% != 0; + fetching pkg:build2.org/rep-auth/unsigned1 + warning: repository pkg:build2.org/rep-auth/unsigned1 is unsigned + %continue without authenticating repositories at .+\? \[y/n\] % + error: unable to read y/n answer from stdin + EOE + + $not_fetched + } + + : trust-yes + : + { + $clone_cfg; + + $rep_fetch --trust-yes 2>>EOE; + fetching pkg:build2.org/rep-auth/unsigned1 + 1 package(s) in 1 repository(s) + EOE + + $fetched + } + + : trust-no + : + { + $clone_cfg; + + $rep_fetch --trust-no 2>>EOE != 0; + fetching pkg:build2.org/rep-auth/unsigned1 + error: repository pkg:build2.org/rep-auth/unsigned1 is unsigned + EOE + + $not_fetched + } + + : already-trusted + : + { + $clone_cfg; + + $rep_fetch --trust-yes 2>>EOE; + fetching pkg:build2.org/rep-auth/unsigned1 + 1 package(s) in 1 repository(s) + EOE + + $rep_fetch 2>>EOE; + fetching pkg:build2.org/rep-auth/unsigned1 + 1 package(s) in 1 repository(s) + EOE + + $fetched; + + $rep_fetch --trust-no 2>>EOE; + fetching pkg:build2.org/rep-auth/unsigned1 + 1 package(s) in 1 repository(s) + EOE + + $fetched; + + $rep_add $rep/unsigned2; + + $rep_fetch 2>>EOE; + fetching pkg:build2.org/rep-auth/unsigned1 + fetching pkg:build2.org/rep-auth/unsigned2 + 1 package(s) in 2 repository(s) + EOE + + $fetched + } + } + + : rep-info + : + { + rep_info += --name --auth all $rep/unsigned1 + + : no-auth + : + $rep_info 2>>~%EOE% != 0 + warning: repository pkg:build2.org/rep-auth/unsigned1 is unsigned + %continue without authenticating repositories at .+\? \[y/n\] % + error: unable to read y/n answer from stdin + EOE + + : trust-yes + : + $rep_info --trust-yes >>"EOO" + pkg:build2.org/rep-auth/unsigned1 ($rep/unsigned1) + EOO + + : trust-no + : + $rep_info --trust-no 2>>EOE != 0 + error: repository pkg:build2.org/rep-auth/unsigned1 is unsigned + EOE + + : already-trusted + : + { + $clone_root_cfg; + rep_info += -d cfg; + + $rep_info --trust-yes >>"EOO"; + pkg:build2.org/rep-auth/unsigned1 ($rep/unsigned1) + EOO + $rep_info >>"EOO" + pkg:build2.org/rep-auth/unsigned1 ($rep/unsigned1) + EOO + } + } +} + +: faulty +: +{ + rep_info += --auth all --trust-yes + + : name-mismatch + : + $rep_info $rep/name-mismatch 2>>EOE != 0 + error: certificate name mismatch for repository pkg:build2.org/rep-auth/name-mismatch + info: certificate name is build2.org/mismatched/name + EOE + + : expired + : + $rep_info $rep/expired 2>>EOE != 0 + error: certificate for repository pkg:build2.org/rep-auth/expired has expired + EOE + + : sha256sum-mismatch + : + $rep_info $rep/sha256sum-mismatch 2>>EOE != 0 + error: packages manifest file checksum mismatch for pkg:build2.org/rep-auth/sha256sum-mismatch + info: try again + EOE + + : signature-mismatch + : + $rep_info $rep/signature-mismatch 2>>~%EOE% != 0 + %.* + %error: unable to authenticate repository pkg:build2.org/rep-auth/signature-mismatch: .*% + EOE + + : create-rep + : + { + : no-email + : + { + cp -r $src/unsigned rep; + + echo 'certificate: \' >+rep/repositories.manifest; + cat <<<$src_base/auth/noemail-cert.pem >+rep/repositories.manifest; + echo '\' >+rep/repositories.manifest; + + $rep_create --key $key rep &rep/packages.manifest 2>>/EOE != 0 + added foo 1 + error: invalid certificate for rep/: no email + EOE + } + + : expired + : + { + cp -r $src/unsigned rep; + + echo 'certificate: \' >+rep/repositories.manifest; + cat <<<$src_base/auth/expired-cert.pem >+rep/repositories.manifest; + echo '\' >+rep/repositories.manifest; + + $rep_create --key $key rep &rep/packages.manifest 2>>/EOE != 0 + added foo 1 + error: certificate for repository rep/ has expired + EOE + } + } +} |