Beispiel #1
0
func TestVerifyJobPayload(t *testing.T) {
	_, v := initSign(t)
	payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))
	s := &SignatureSet{TagForPayload("echo.service"), make([][]byte, 1)}
	fmt.Sscanf(echoPayloadSignature, "%x", &s.Signs[0])

	ok, err := v.VerifyPayload(payload, s)
	if err != nil {
		t.Fatal("veirfy payload error:", err)
	}
	if !ok {
		t.Fatal("fail to verify payload")
	}

	s.Tag = ""
	ok, err = v.VerifyPayload(payload, s)
	if err == nil || ok == true {
		t.Fatal("should fail on payload verification")
	}

	ok, err = v.VerifyPayload(payload, nil)
	if err == nil || ok == true {
		t.Fatal("should fail on payload verification")
	}
}
Beispiel #2
0
func TestSignJobPayload(t *testing.T) {
	c, _ := initSign(t)
	payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))

	data, err := marshal(payload)
	if err != nil {
		t.Fatal("marshal error:", err)
	}

	expectedSig, err := c.keyring.Sign(testPublicKeys["rsa"], data)
	if err != nil {
		t.Fatal("sign error:", err)
	}

	s, err := c.SignPayload(payload)
	if err != nil {
		t.Fatal("sign payload error:", err)
	}
	if s.Tag != TagForPayload("echo.service") {
		t.Fatal("sign tag error:", err)
	}

	if len(s.Signs) != 1 {
		t.Fatal("expect 1 signature instead of", len(s.Signs))
	}
	if bytes.Compare(s.Signs[0].Blob, expectedSig.Blob) != 0 {
		t.Fatal("wrong signature")
	}
}
Beispiel #3
0
func getJobPayloadFromFile(file string) (*job.JobPayload, error) {
	out, err := ioutil.ReadFile(file)
	if err != nil {
		return nil, err
	}

	unitFile := unit.NewSystemdUnitFile(string(out))

	name := path.Base(file)
	payload := job.NewJobPayload(name, *unitFile)

	return payload, nil
}
Beispiel #4
0
func TestAbleToRunConditionMachineBootIDMismatch(t *testing.T) {
	uf := unit.NewSystemdUnitFile(`[X-Fleet]
X-ConditionMachineBootID=XYZ
`)
	payload := job.NewJobPayload("example.service", *uf)
	job := job.NewJob("example.service", make(map[string][]string, 0), payload, nil)

	mach := machine.New("123", "", make(map[string]string, 0))
	agent := Agent{machine: mach, state: NewState()}
	if agent.AbleToRun(job) {
		t.Fatalf("Agent should not be able to run job")
	}
}
Beispiel #5
0
func TestPayloadDescription(t *testing.T) {
	contents := `[Unit]
Description=PING
`
	jp := []job.JobPayload{*job.NewJobPayload("ping.service", *unit.NewSystemdUnitFile(contents))}
	registryCtl = newTestRegistryForListUnits(jp, nil)

	names, _ := findAllUnits()
	if len(names) != 3 {
		t.Errorf("Expected to find three units: %v\n", names)
	}

	if names["ping.service"] != "PING" {
		t.Errorf("Expected to have `PING` as a description, but it was %s\n", names["ping.service"])
	}
}
Beispiel #6
0
func TestIgnoreDuplicatedUnits(t *testing.T) {
	jp := []job.JobPayload{*job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))}
	registryCtl = newTestRegistryForListUnits(jp, nil)

	names, sortable := findAllUnits()
	if len(names) != 2 {
		t.Errorf("Expected to find two units: %v\n", names)
	}

	if sortable[0] != "echo.service" {
		t.Errorf("Expected to find echo.service as the first name, but it was %s\n", sortable[0])
	}

	if sortable[1] != "pong.service" {
		t.Errorf("Expected to find pong.service as the second name, but it was %s\n", sortable[0])
	}
}
Beispiel #7
0
func newTestRegistryForListUnits(payloads []job.JobPayload, jobs []job.Job) Registry {
	j := []job.Job{*job.NewJob("pong.service", map[string][]string{}, nil, nil)}
	p := []job.JobPayload{*job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))}

	if payloads != nil {
		for _, jp := range payloads {
			p = append(p, jp)
		}
	}

	if jobs != nil {
		for _, job := range jobs {
			j = append(j, job)
		}
	}

	return TestRegistry{jobs: j, payloads: p}
}
Beispiel #8
0
func TestSignJobPayload(t *testing.T) {
	c, _ := initSign(t)
	payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))

	s, err := c.SignPayload(payload)
	if err != nil {
		t.Fatal("sign payload error:", err)
	}
	if s.Tag != TagForPayload("echo.service") {
		t.Fatal("sign tag error:", err)
	}

	var sign []byte
	fmt.Sscanf(echoPayloadSignature, "%x", &sign)
	if len(s.Signs) != 1 {
		t.Fatal("expect 1 signature instead of", len(s.Signs))
	}
	if bytes.Compare(s.Signs[0], sign) != 0 {
		t.Fatal("wrong signature")
	}
}
Beispiel #9
0
func TestVerifyJobPayload(t *testing.T) {
	c, v := initSign(t)
	payload := job.NewJobPayload("echo.service", *unit.NewSystemdUnitFile("Echo"))

	data, err := marshal(payload)
	if err != nil {
		t.Fatal("marshal error:", err)
	}

	v.pubkeys = append(v.pubkeys, testPublicKeys["rsa"])
	signature, err := c.keyring.Sign(testPublicKeys["rsa"], data)
	if err != nil {
		t.Fatal("sign error:", err)
	}

	s := &SignatureSet{TagForPayload("echo.service"), []*gossh.Signature{signature}}

	ok, err := v.VerifyPayload(payload, s)
	if err != nil {
		t.Fatal("verify payload error:", err)
	}
	if !ok {
		t.Fatal("fail to verify payload")
	}

	s.Tag = ""
	ok, err = v.VerifyPayload(payload, s)
	if err == nil || ok == true {
		t.Fatal("should fail on payload verification")
	}

	ok, err = v.VerifyPayload(payload, nil)
	if err == nil || ok == true {
		t.Fatal("should fail on payload verification")
	}
}