[test suite] add invalid gpg sig ID list

2014-07-04 20:05:54 -04:00 · 2014-07-04 20:05:54 -04:00 · f0285ae2b5
commit f0285ae2b5
parent ffa77a9e54
4 changed files with 20 additions and 0 deletions
--- a/Makefile.am
+++ b/Makefile.am
@ -165,6 +165,7 @@ EXTRA_DIST = \
    test/conf/gpg_no_pw_bad_fpr_access.conf \
    test/conf/gpg_no_pw_no_fpr_access.conf \
    test/conf/gpg_no_sig_verify_access.conf \
+    test/conf/gpg_invalid_sig_id_access.conf \
    test/conf/fwknoprc_gpg_invalid_exe \
    test/conf/fwknoprc_hmac_defaults \
    test/conf/fwknoprc_hmac_time_offset_mins \
--- a/test/conf/gpg_invalid_sig_id_access.conf
+++ b/test/conf/gpg_invalid_sig_id_access.conf
@ -0,0 +1,7 @@
+SOURCE                      ANY
+FW_ACCESS_TIMEOUT           3
+GPG_HOME_DIR                conf/server-gpg-no-pw
+GPG_DECRYPT_ID              361BBAD4
+GPG_ALLOW_NO_PW             Y
+### the following ID won't verify, but we've disabled signature verification
+GPG_REMOTE_ID               AAAAAAAA
--- a/test/test-fwknop.pl
+++ b/test/test-fwknop.pl
@ -119,6 +119,7 @@ our %cf = (
    'gpg_no_pw_hmac_serverdir_access' => "$conf_dir/gpg_no_pw_hmac_serverdir_access.conf",
    'gpg_no_pw_hmac_sha512_access' => "$conf_dir/gpg_no_pw_hmac_sha512_access.conf",
    'gpg_no_sig_verify_access'     => "$conf_dir/gpg_no_sig_verify_access.conf",
+    'gpg_invalid_sig_id_access'    => "$conf_dir/gpg_invalid_sig_id_access.conf",
    'tcp_server'                   => "$conf_dir/tcp_server_fwknopd.conf",
    'spa_over_http'                => "$conf_dir/spa_over_http_fwknopd.conf",
    'tcp_pcap_filter'              => "$conf_dir/tcp_pcap_filter_fwknopd.conf",
--- a/test/tests/gpg_no_pw.pl
+++ b/test/tests/gpg_no_pw.pl
@ -22,6 +22,17 @@
        'fw_rule_created' => $NEW_RULE_REQUIRED,
        'fw_rule_removed' => $NEW_RULE_REMOVED,
    },
+    {
+        'category' => 'GPG (no pw)',
+        'subcategory' => 'client+server',
+        'detail'   => 'invalid sig list',
+        'function' => \&spa_cycle,
+        'cmdline'  => $default_client_gpg_args_no_pw,
+        'fwknopd_cmdline' => "$fwknopdCmd -c $cf{'def'} " .
+            "-a $cf{'gpg_invalid_sig_id_access'} $intf_str " .
+            "-d $default_digest_file -p $default_pid_file",
+        'fw_rule_created' => $REQUIRE_NO_NEW_RULE,
+    },

    {
        'category' => 'GPG (no pw)',