"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "testing/mudslinger.in" between
cryptmount-5.3.1.tar.gz and cryptmount-5.3.2.tar.gz

About: cryptmount allows any user to access encrypted filing systems on demand under GNU/Linux systems. It also assists the system administrator in creating and managing encrypted filesystems based on the kernels dm-crypt device-mapper target.

mudslinger.in  (cryptmount-5.3.1):mudslinger.in  (cryptmount-5.3.2)
#!/bin/bash #!/bin/bash
# Testing script for cryptmount (compiled with -DTESTING) # Testing script for cryptmount (compiled with -DTESTING)
# RW Penney, December 2005 # RW Penney, December 2005
DD=/bin/dd DD=/bin/dd
LOSETUP=/sbin/losetup LOSETUP=/sbin/losetup
SU_p="/bin/su -p" SU_p="/bin/su -p"
TMPDIR=/tmp/cm-$$ TMPDIR=/tmp/cm-$$
CM=../cryptmount CM=../cryptmount
PASSWD="hopeless" PASSWD="3normouslyComplexPassw0rd,maybe?"
# Pair of users, with valid login-shells: # Pair of users, with valid login-shells:
USER1=bin USER1=bin
USER2=nobody USER2=nobody
# Pair of unused loopback devices: # Pair of unused loopback devices:
LOOPDEV=`${LOSETUP} -f` LOOPDEV=`${LOSETUP} -f`
LOOPDEV2=/dev/loop5 LOOPDEV2=/dev/loop5
DATEFMT="+%d%b%y-%H:%M:%S" DATEFMT="+%d%b%y-%H:%M:%S"
# #
# Testing infrastructure # Testing infrastructure
skipping to change at line 108 skipping to change at line 108
function wait_udev() { function wait_udev() {
# Wait for udev events to settle # Wait for udev events to settle
udevadm settle 2>/dev/null \ udevadm settle 2>/dev/null \
|| udevsettle 2>/dev/null \ || udevsettle 2>/dev/null \
|| sleep 5 || sleep 5
}; };
function mk_ssl_keyfile() { function mk_ssl_keyfile() {
# Syntax: mk_ssl_keyfile <bytes> <message_digest> <cipher> # Syntax: mk_ssl_keyfile <bytes> <message_digest> <cipher>
${DD} if=/dev/urandom bs=${1}c count=1 2>/dev/null | \ ${DD} if=/dev/urandom bs=${1}c count=1 2>/dev/null | \
openssl enc -e -pass pass:${PASSWD} -md $2 -${3} 2>/dev/null openssl enc -e -pass pass:"${PASSWD}" -md $2 -${3} 2>/dev/null
}; };
function mkrandshort() { function mkrandshort() {
# Create random 4-digit hex number # Create random 4-digit hex number
od -An -N2 -t x2 /dev/urandom | sed 's% *%%g' od -An -N2 -t x2 /dev/urandom | sed 's% *%%g'
}; };
function mkbingrep() { function mkbingrep() {
# Create simple binary-grep for block-offset test # Create simple binary-grep for block-offset test
cat <<EOF > "${1}.c" cat <<EOF > "${1}.c"
skipping to change at line 213 skipping to change at line 213
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=${mgr} keyformat=${mgr}
keyfile=${TMPDIR}/keyfile } keyfile=${TMPDIR}/keyfile }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --newpassword $ if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --newpassword "
{PASSWD} --generate-key 16 target${idx}" 2>&3; then test_fail "privilege violati ${PASSWD}" --generate-key 16 target${idx}" 2>&3; then test_fail "privilege viola
on"; return; fi tion"; return; fi
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-k if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate
ey ${len} target${idx} 2>&3; then true; else test_fail make-key; return; fi -key ${len} target${idx} 2>&3; then true; else test_fail make-key; return; fi
if [ ! -f ${TMPDIR}/keyfile ]; then test_fail missing-key; return; f i if [ ! -f ${TMPDIR}/keyfile ]; then test_fail missing-key; return; f i
fllen=`wc -c ${TMPDIR}/keyfile | awk '{printf"%d", $1}'` fllen=`wc -c ${TMPDIR}/keyfile | awk '{printf"%d", $1}'`
if [ "${fllen}" -lt "${len}" ]; then test_fail "keyfile size"; retur n; fi if [ "${fllen}" -lt "${len}" ]; then test_fail "keyfile size"; retur n; fi
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-k ey 16 target${idx} 2>&3; then test_fail key-overwrite; return; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate -key 16 target${idx} 2>&3; then test_fail key-overwrite; return; fi
done done
done done
test_pass test_pass
}; };
function test_setup_dev() { function test_setup_dev() {
# Basic test of prepare/release on raw device # Basic test of prepare/release on raw device
if test_start "basic setup (device)"; then true; else return; fi if test_start "basic setup (device)"; then true; else return; fi
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=builtin keyfile=${TMPDIR}/keyfile keyformat=builtin keyfile=${TMPDIR}/keyfile
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16
rget${idx} 2>&3; then true; else test_fail "key-generation"; return; fi target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; ret urn; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; ret urn; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
test_pass test_pass
}; };
function test_setup_loop() { function test_setup_loop() {
# Basic test of prepare/release via loopback device # Basic test of prepare/release via loopback device
if test_start "basic setup (loopback)"; then true; else return; fi if test_start "basic setup (loopback)"; then true; else return; fi
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
loop=auto loop=auto
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=raw keyfile=${TMPDIR}/keyfile keyformat=raw keyfile=${TMPDIR}/keyfile
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16
rget${idx} 2>&3; then true; else test_fail "key-generation"; return; fi target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; ret urn; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; ret urn; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
test_pass test_pass
}; };
function test_setup_roloop() { function test_setup_roloop() {
# Test prepare/release of loopback on read-only device # Test prepare/release of loopback on read-only device
if test_start "read-only loopback"; then true; else return; fi if test_start "read-only loopback"; then true; else return; fi
idx=`mkrandshort` idx=`mkrandshort`
skipping to change at line 289 skipping to change at line 289
dev=${TMPDIR}/romnt/lpfl flags=nofsck dev=${TMPDIR}/romnt/lpfl flags=nofsck
loop=auto loop=auto
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=ro cipher=twofish fstype=ext2 mountoptions=ro cipher=twofish
keyformat=builtin keyfile=${TMPDIR}/keyfile keyformat=builtin keyfile=${TMPDIR}/keyfile
keyhash=sha1 keycipher=blowfish-cbc keyhash=sha1 keycipher=blowfish-cbc
} }
EOF EOF
cleanup="umount ${TMPDIR}/romnt; ${LOSETUP} -d ${LOOPDEV2}; rm ${TMPDIR}/rol oopfile; rmdir ${TMPDIR}/romnt" cleanup="umount ${TMPDIR}/romnt; ${LOSETUP} -d ${LOOPDEV2}; rm ${TMPDIR}/rol oopfile; rmdir ${TMPDIR}/romnt"
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16
rget${idx} 2>&3; then true; else test_fail "key-generation" "${cleanup}"; return target${idx} 2>&3; then true; else test_fail "key-generation" "${cleanup}"; retu
; fi rn; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail "prepare" "${cleanup}" ; return; fi } 2>&3; then true; else test_fail "prepare" "${cleanup}" ; return; fi
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs" "$ {cleanup}"; return; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs" "$ {cleanup}"; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release" "${cleanup}"; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release" "${cleanup}"; return; fi
mount -o remount,ro ${TMPDIR}/romnt mount -o remount,ro ${TMPDIR}/romnt
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --mount target${idx} 2> &3; then true; else test_fail "mount-ro" "${cleanup}" ; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --mount target${idx} 2>&3; then true; else test_fail "mount-ro" "${cleanup}" ; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --unmount target${idx} 2>&3; then true; else test_fail "unmount-ro" "${cleanup}" ; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --unmount target${idx } 2>&3; then true; else test_fail "unmount-ro" "${cleanup}" ; return; fi
# ideally we should try rw-mounting the filesystem, # ideally we should try rw-mounting the filesystem,
# and checking that the operation fails, but libdevmapper-1.01 apparently # and checking that the operation fails, but libdevmapper-1.01 apparently
# does not deal well with read-only loopback devices # does not deal well with read-only loopback devices
eval "${cleanup}" eval "${cleanup}"
test_pass test_pass
}; };
function test_null() { function test_null() {
# Test robustness to null cmtab targets # Test robustness to null cmtab targets
if test_start "null targets"; then true; else return; fi if test_start "null targets"; then true; else return; fi
skipping to change at line 341 skipping to change at line 341
keyline="keyformat=$mgr" keyline="keyformat=$mgr"
fi fi
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=blowfish fstype=ext2 mountoptions=defaults cipher=blowfish
${keyline} ${keyline}
} }
EOF EOF
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 1 if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key
6 target${idx} 1>&3 2>&3; then true; else test_fail "make-key"; return; fi 16 target${idx} 1>&3 2>&3; then true; else test_fail "make-key"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$
dx} 2>&3; then true; else test_fail "prepare"; return; fi {idx} 2>&3; then true; else test_fail "prepare"; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi
rm -f ${TMPDIR}/keyfile-old rm -f ${TMPDIR}/keyfile-old
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --newpassword ${NEW PASSWD} --change-password target${idx} 1>&3 2>&3; then true; else test_fail "cha nging password"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --newpassword "${ NEWPASSWD}" --change-password target${idx} 1>&3 2>&3; then true; else test_fail "changing password"; return; fi
if [ "${mgr}" != "luks" ]; then if [ "${mgr}" != "luks" ]; then
if [ -f ${TMPDIR}/keyfile-old ]; then rm ${TMPDIR}/keyfile-old; else test_fail "missing backup key"; return; fi if [ -f ${TMPDIR}/keyfile-old ]; then rm ${TMPDIR}/keyfile-old; else test_fail "missing backup key"; return; fi
fi fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$
dx} 2>&3; then test_fail "old password"; return; fi {idx} 2>&3; then test_fail "old password"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${NEWPASSWD} --prepare target if ${CM} --config-dir ${TMPDIR} --password "${NEWPASSWD}" --prepare targ
${idx} 2>&3; then true; else test_fail "prepare-new"; return; fi et${idx} 2>&3; then true; else test_fail "prepare-new"; return; fi
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release-new"; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release-new"; return; fi
wait_udev wait_udev
done done
test_pass test_pass
}; };
function test_mtab() { function test_mtab() {
# Test of updates to mtab # Test of updates to mtab
if test_start "mtab updates"; then true; else return; fi if test_start "mtab updates"; then true; else return; fi
if [ -x /sbin/mkfs.minix ]; then fstype=ext3
fstype=minix
else
fstype=ext3
fi
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
ln -s ./mnt ${TMPDIR}/mnt-link0 ln -s ./mnt ${TMPDIR}/mnt-link0
ln -s mnt ${TMPDIR}/mnt-link1 ln -s mnt ${TMPDIR}/mnt-link1
cleanup="true" cleanup="true"
# Slackware-12 doesn't like variant="/.//./", for unknown reasons # Slackware-12 doesn't like variant="/.//./", for unknown reasons
for variant in "" "/" "//" "/./" "/.//./" "-link0" "-link1" for variant in "" "/" "//" "/./" "/.//./" "-link0" "-link1"
do do
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
flags=user,fsck flags=user,fsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt${variant} dir=${TMPDIR}/mnt${variant}
fstype=${fstype} mountoptions=ro,noexec cipher=cast5 fstype=${fstype} mountoptions=ro,noexec cipher=cast5
fsckoptions=-N;-T;-V fsckoptions=-N;-T;-V
keyformat=builtin keyfile=${TMPDIR}/keyfile keyformat=builtin keyfile=${TMPDIR}/keyfile
} }
EOF EOF
cleanup="rm ${TMPDIR}/mnt-link0 ${TMPDIR}/mnt-link1" cleanup="rm ${TMPDIR}/mnt-link0 ${TMPDIR}/mnt-link1"
echo "variant=\"${variant}\"" >&3 echo "variant=\"${variant}\"" >&3
test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassword test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassword
${PASSWD} --generate-key 16 target${idx} 2>&3; "${PASSWD}" --generate-key 16 target${idx} 2>&3;
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$
dx} 2>&3; then true; else test_fail "prepare" "${cleanup}" ; return; fi {idx} 2>&3; then true; else test_fail "prepare" "${cleanup}" ; return; fi
if mkfs -t ${fstype} /dev/mapper/target${idx} 1>&3 2>&3; then true; else if mkfs -t ${fstype} /dev/mapper/target${idx} 1>&3 2>&3; then true; else
${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3;
test_fail "mkfs.${fstype}" "${cleanup}"; return test_fail "mkfs.${fstype}" "${cleanup}"; return
fi fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release" "${cleanup}" ; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release" "${cleanup}" ; return; fi
if [ `df -k | grep -c /dev/mapper/target${idx}` -ne 0 ]; then test_fail "pre-existing" "${cleanup}" ; return; fi if [ `df -k | grep -c /dev/mapper/target${idx}` -ne 0 ]; then test_fail "pre-existing" "${cleanup}" ; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } --mount target${idx}" 1>&3 2>&3; then true; else test_fail "mount" "${cleanup} " ; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" --mount target${idx}" 1>&3 2>&3; then true; else test_fail "mount" "${cleanu p}" ; return; fi
if [ `df -k | grep -c "/dev/mapper/target${idx}"` -ne 1 ]; then test_fai l "unregistered" "${cleanup}" ; return; fi if [ `df -k | grep -c "/dev/mapper/target${idx}"` -ne 1 ]; then test_fai l "unregistered" "${cleanup}" ; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount" "${cleanup}" ; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount" "${cleanup}" ; return; fi
if [ `df -k | grep -c /dev/mapper/target${idx}` -ne 0 ]; then test_fail "remnant" "${cleanup}" ; return; fi if [ `df -k | grep -c /dev/mapper/target${idx}` -ne 0 ]; then test_fail "remnant" "${cleanup}" ; return; fi
done done
eval "${cleanup}" eval "${cleanup}"
test_pass test_pass
}; };
function test_listing() { function test_listing() {
skipping to change at line 424 skipping to change at line 420
idx=`mkrandshort` idx=`mkrandshort`
idx2=`mkrandshort` idx2=`mkrandshort`
cat <<EOF >> ${TMPDIR}/cmtab cat <<EOF >> ${TMPDIR}/cmtab
target${idx} { dev=${TMPDIR}/loopfile dir=/mnt/point-${idx2} target${idx} { dev=${TMPDIR}/loopfile dir=/mnt/point-${idx2}
fstype=brokenfs mountoptions=nosuid,noatime,sync fstype=brokenfs mountoptions=nosuid,noatime,sync
cipher=blowfish cipher=blowfish
keyfile=${TMPDIR}/keyfile keyhash=md5 keycipher=aes } keyfile=${TMPDIR}/keyfile keyhash=md5 keycipher=aes }
EOF EOF
tlist="${tlist} target${idx},/mnt/point-${idx2}" tlist="${tlist} target${idx},/mnt/point-${idx2}"
done done
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} -- list" > ${TMPDIR}/tlist 2>&3; then true; else test_fail listing; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --list" > ${TMPDIR}/tlist 2>&3; then true; else test_fail listing; return; fi
for marker in ${tlist} for marker in ${tlist}
do do
tupelize $marker tgt dir tupelize $marker tgt dir
dirq=`awk "/^${tgt}/{ printf\"%s\",\\$5 }" ${TMPDIR}/tlist` dirq=`awk "/^${tgt}/{ printf\"%s\",\\$5 }" ${TMPDIR}/tlist`
if [ "${dirq}" = "" ]; then test_fail "absent"; return; fi if [ "${dirq}" = "" ]; then test_fail "absent"; return; fi
if [ "${dirq}" != "\"${dir}\"" ]; then test_fail "mismatched: ${dirq} != ${dir}"; return; fi if [ "${dirq}" != "\"${dir}\"" ]; then test_fail "mismatched: ${dirq} != ${dir}"; return; fi
done done
rm ${TMPDIR}/tlist rm ${TMPDIR}/tlist
test_pass test_pass
}; };
skipping to change at line 454 skipping to change at line 450
idx2=`mkrandshort` idx2=`mkrandshort`
idx3=`mkrandshort` idx3=`mkrandshort`
cat <<EOF >> ${TMPDIR}/cmtab cat <<EOF >> ${TMPDIR}/cmtab
_DEFAULTS_ { _DEFAULTS_ {
fstype=fs-${idx3} cipher=random keyhash=md-${idx} } fstype=fs-${idx3} cipher=random keyhash=md-${idx} }
target${idx} { dev=${TMPDIR}/loopfile dir=/mnt/point-${idx2} target${idx} { dev=${TMPDIR}/loopfile dir=/mnt/point-${idx2}
mountoptions=sync cipher=blowfish keyfile=${TMPDIR}/keyfile } mountoptions=sync cipher=blowfish keyfile=${TMPDIR}/keyfile }
EOF EOF
tlist="${tlist} target${idx},/mnt/point-${idx2},fs-${idx3}" tlist="${tlist} target${idx},/mnt/point-${idx2},fs-${idx3}"
done done
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} -- list" > ${TMPDIR}/tlist 2>&3; then true; else test_fail listing; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --list" > ${TMPDIR}/tlist 2>&3; then true; else test_fail listing; return; fi
if [ "`echo ${tlist} | wc -w`" -ne "`wc -l < ${TMPDIR}/tlist`" ]; then if [ "`echo ${tlist} | wc -w`" -ne "`wc -l < ${TMPDIR}/tlist`" ]; then
test_fail "wrong number of targets"; return test_fail "wrong number of targets"; return
fi fi
for marker in ${tlist} for marker in ${tlist}
do do
tupelize $marker tgt dir fs tupelize $marker tgt dir fs
echo $tgt __ $dir __ $fs 1>&3 echo $tgt __ $dir __ $fs 1>&3
dirq=`awk "/^${tgt}/{ printf\"%s\",\\$5 }" ${TMPDIR}/tlist` dirq=`awk "/^${tgt}/{ printf\"%s\",\\$5 }" ${TMPDIR}/tlist`
fsq=`awk "/^${tgt}/{ printf\"%s\",\\$7 }" ${TMPDIR}/tlist` fsq=`awk "/^${tgt}/{ printf\"%s\",\\$7 }" ${TMPDIR}/tlist`
if [ "${dirq}" != "\"${dir}\"" ]; then test_fail "mismatched mount-point (${dirq} != ${dir})"; return; fi if [ "${dirq}" != "\"${dir}\"" ]; then test_fail "mismatched mount-point (${dirq} != ${dir})"; return; fi
skipping to change at line 485 skipping to change at line 481
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=builtin keyfile=${TMPDIR}/keyfile keyformat=builtin keyfile=${TMPDIR}/keyfile
keyhash=sha1 keycipher=blowfish-cbc keyhash=sha1 keycipher=blowfish-cbc
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16
rget${idx} 2>&3; then true; else test_fail "key-generation"; return; fi target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi
if ${CM} --config-dir ${TMPDIR} --password NOT${PASSWD} --prepare target${id if ${CM} --config-dir ${TMPDIR} --password "NOT${PASSWD}" --prepare target${
x} 2>&3; then idx} 2>&3; then
${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3 ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3
test_fail prepare test_fail prepare
else else
test_pass; test_pass;
fi fi
}; };
function test_fdpasswd() { function test_fdpasswd() {
# Check reading of password via file-descriptor # Check reading of password via file-descriptor
if test_start "command-line passwords"; then true; else return; fi if test_start "command-line passwords"; then true; else return; fi
skipping to change at line 539 skipping to change at line 535
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyfile=${TMPDIR}/keyfile keyfile=${TMPDIR}/keyfile
keyformat=BAD keyformat=BAD
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta rget${idx} 2>&3; then test_fail "key-generation"; return; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then test_fail "key-generation"; return; fi
${DD} if=/dev/urandom of=${TMPDIR}/keyfile bs=16c count=1 2>/dev/null ${DD} if=/dev/urandom of=${TMPDIR}/keyfile bs=16c count=1 2>/dev/null
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} 2>&3; then if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx } 2>&3; then
${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3 ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3
test_fail prepare test_fail prepare
else else
test_pass; test_pass;
fi fi
}; };
function test_bad_keyhash() { function test_bad_keyhash() {
# Test of unavailable keyhash algorithm # Test of unavailable keyhash algorithm
if test_start "unavailable key-hashing"; then true; else return; fi if test_start "unavailable key-hashing"; then true; else return; fi
skipping to change at line 569 skipping to change at line 565
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=${mgr} keyfile=${TMPDIR}/keyfile keyformat=${mgr} keyfile=${TMPDIR}/keyfile
keyhash=${alg} keyhash=${alg}
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-k ey 16 target${idx} 2>&3; then test_fail "key-generation"; return; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate -key 16 target${idx} 2>&3; then test_fail "key-generation"; return; fi
done done
done done
test_pass; test_pass;
}; };
function test_envvars() { function test_envvars() {
# Test targets involving environmental variables # Test targets involving environmental variables
if test_start "environmental variables"; then true; else return; fi if test_start "environmental variables"; then true; else return; fi
idx=`mkrandshort` idx=`mkrandshort`
rm -f ${TMPDIR}/keyfile* rm -f ${TMPDIR}/keyfile*
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} flags=nofsck dev=${LOOPDEV} flags=nofsck
dir=${TMPDIR}/mnt-\$(GROUPNAME) dir=${TMPDIR}/mnt-\$(GROUPNAME)
fstype=ext2 mountoptions=defaults cipher=twofish fstype=ext2 mountoptions=defaults cipher=twofish
keyformat=builtin keyformat=builtin
keyfile=${TMPDIR}/keyfile-\$(USERNAME) keyfile=${TMPDIR}/keyfile-\$(USERNAME)
} }
EOF EOF
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 ta rget${idx} 2>&3; then true; else test_fail "make-key"; return; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then true; else test_fail "make-key"; return; fi
if [ ! -f ${TMPDIR}/keyfile-root ]; then test_fail "missing key"; return; fi if [ ! -f ${TMPDIR}/keyfile-root ]; then test_fail "missing key"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} 2>&3; then true; else test_fail "prepare"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx } 2>&3; then true; else test_fail "prepare"; return; fi
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs"; r eturn; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs"; r eturn; fi
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi
for user in ${USER1} ${USER2}; do for user in ${USER1} ${USER2}; do
group=`su -s /bin/sh -c "id -ng" ${user}` group=`su -s /bin/sh -c "id -ng" ${user}`
echo "user=${user}.${group}" >&3 echo "user=${user}.${group}" >&3
cp ${TMPDIR}/keyfile-root ${TMPDIR}/keyfile-${user} cp ${TMPDIR}/keyfile-root ${TMPDIR}/keyfile-${user}
if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} --newpassword ${PASSWD}-${user} --change-password target${idx}" 2>&3; then true ; else test_fail "changing password"; return; fi if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD }" --newpassword "${PASSWD}"-${user} --change-password target${idx}" 2>&3; then true; else test_fail "changing password"; return; fi
wait_udev wait_udev
mkdir ${TMPDIR}/mnt-${group} mkdir ${TMPDIR}/mnt-${group}
if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} -${user} --mount target${idx}" 2>&3; then true; else test_fail "mount-${user}"; return; fi if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD }-${user}" --mount target${idx}" 2>&3; then true; else test_fail "mount-${user}" ; return; fi
if [ ! -d ${TMPDIR}/mnt-${group}/lost+found ]; then test_fail "lost+foun d ${user}.${group}"; return; fi if [ ! -d ${TMPDIR}/mnt-${group}/lost+found ]; then test_fail "lost+foun d ${user}.${group}"; return; fi
if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --unmount target${id x}" 2>&3; then true; else test_fail "mount-${user}"; return; fi if ${SU_p} ${user} -c "${CM} --config-dir ${TMPDIR} --unmount target${id x}" 2>&3; then true; else test_fail "mount-${user}"; return; fi
done done
rm -f ${TMPDIR}/keyfile-* rm -f ${TMPDIR}/keyfile-*
rmdir ${TMPDIR}/mnt-* rmdir ${TMPDIR}/mnt-*
test_pass; test_pass;
}; };
function test_frenzy() { function test_frenzy() {
# Test multiple targets being (un)mounted in parallel # Test multiple targets being (un)mounted in parallel
skipping to change at line 635 skipping to change at line 631
idx=`mkrandshort` idx=`mkrandshort`
done done
tgtlist="$tgtlist target${idx}" tgtlist="$tgtlist target${idx}"
cat <<EOF >> ${TMPDIR}/cmtab cat <<EOF >> ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} startsector=${pos} numsectors=${fsz} dev=${LOOPDEV} startsector=${pos} numsectors=${fsz}
dir=${TMPDIR}/mnt${cnt} flags=user,nofsck dir=${TMPDIR}/mnt${cnt} flags=user,nofsck
fstype=ext2 mountoptions=defaults cipher=blowfish fstype=ext2 mountoptions=defaults cipher=blowfish
keyformat=builtin keyfile=${TMPDIR}/keyfile } keyformat=builtin keyfile=${TMPDIR}/keyfile }
EOF EOF
test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 target${idx} 2>&3 test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3
pos=`expr ${pos} + ${fsz}` pos=`expr ${pos} + ${fsz}`
done done
cleanup="${CM} --config-dir ${TMPDIR} --release --all" cleanup="${CM} --config-dir ${TMPDIR} --release --all"
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare --all 2>&3; t hen true; else test_fail "prepare" "${cleanup}"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare --all 2>&3; then true; else test_fail "prepare" "${cleanup}"; return; fi
for tgt in ${tgtlist}; do for tgt in ${tgtlist}; do
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null
if mke2fs -q /dev/mapper/${tgt}; then true; else test_fail mke2fs; retur n; fi if mke2fs -q /dev/mapper/${tgt}; then true; else test_fail mke2fs; retur n; fi
done done
wait_udev wait_udev
for tgt in ${tgtlist}; do for tgt in ${tgtlist}; do
if ${CM} --config-dir ${TMPDIR} --release ${tgt} 2>&3; then true; else t est_fail release; fi if ${CM} --config-dir ${TMPDIR} --release ${tgt} 2>&3; then true; else t est_fail release; fi
done done
srtlist=`echo ${tgtlist} | awk '{for (i=1; i<=NF; ++i) printf"%s\n",\$i}' | sort` srtlist=`echo ${tgtlist} | awk '{for (i=1; i<=NF; ++i) printf"%s\n",\$i}' | sort`
for tgt in ${srtlist}; do for tgt in ${srtlist}; do
${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} - -mount ${tgt}" 2>&3 & ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --mount ${tgt}" 2>&3 &
done done
wait wait
cat ${TMPDIR}/cryptmount.status 1>&3 cat ${TMPDIR}/cryptmount.status 1>&3
cleanup="${CM} --config-dir ${TMPDIR} --unmount --all" cleanup="${CM} --config-dir ${TMPDIR} --unmount --all"
if [ "`wc -l ${TMPDIR}/cryptmount.status | awk '{printf"%d",$1}'`" -ne 10 ]; then test_fail "cmstatus" "${cleanup}" ; return; fi if [ "`wc -l ${TMPDIR}/cryptmount.status | awk '{printf"%d",$1}'`" -ne 10 ]; then test_fail "cmstatus" "${cleanup}" ; return; fi
if [ `df -k | grep -c /dev/mapper/target` -lt 8 ]; then test_fail "df" "${cl eanup}" ; return; fi if [ `df -k | grep -c /dev/mapper/target` -lt 8 ]; then test_fail "df" "${cl eanup}" ; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount ${tgtlist}" 2 >&3; then true; else test_fail unmount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount ${tgtlist}" 2 >&3; then true; else test_fail unmount; return; fi
test_pass test_pass
}; };
skipping to change at line 681 skipping to change at line 677
target${idx} { target${idx} {
flags=user,fsck flags=user,fsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=noatime,sync cipher=${cipher} fstype=ext3 mountoptions=noatime,sync cipher=${cipher}
fsckoptions=-N;-V fsckoptions=-N;-V
keyfile=${TMPDIR}/keyfile keyformat=builtin keyfile=${TMPDIR}/keyfile keyformat=builtin
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 1 if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key
6 target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi 16 target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$
dx} 2>&3; then true; else test_fail prepare; return; fi {idx} 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2 fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2 fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } --mount target${idx}" 1>&3 2>&3; then true; else test_fail "mount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" --mount target${idx}" 1>&3 2>&3; then true; else test_fail "mount"; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi
done done
test_pass test_pass
}; };
function test_purepw() { function test_purepw() {
# Test pure-password key-manager # Test pure-password key-manager
if test_start "pure-password key-manager"; then true; else return; fi if test_start "pure-password key-manager"; then true; else return; fi
skipping to change at line 727 skipping to change at line 723
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
keyformat=password keyformat=password
dev=${TMPDIR}/loopfile dir=${TMPDIR}/mnt dev=${TMPDIR}/loopfile dir=${TMPDIR}/mnt
flags=user,nofsck fstype=ext2 flags=user,nofsck fstype=ext2
cipher=${cipher} cipher=${cipher}
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i dx} 2>&3; then true; else test_fail prepare; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$ {idx} 2>&3; then true; else test_fail prepare; return; fi
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "not-${P ASSWD}" --mount target${idx}" 2>&3; then test_fail "bad-password"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "not-${P ASSWD}" --mount target${idx}" 2>&3; then test_fail "bad-password"; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } --mount target${idx}" 2>&3; then true; else test_fail "mount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" --mount target${idx}" 2>&3; then true; else test_fail "mount"; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi
wait_udev wait_udev
done done
test_pass test_pass
}; };
function test_ssl_algs() { function test_ssl_algs() {
# Test usability of OpenSSL key & hashing algorithms # Test usability of OpenSSL key & hashing algorithms
if test_start "OpenSSL-algorithm availability"; then true; else return; fi if test_start "OpenSSL-algorithm availability"; then true; else return; fi
if ${CM} --key-managers 2>/dev/null | grep -q openssl; then true; else test_ fail "No OpenSSL support"; return; fi if ${CM} --key-managers 2>/dev/null | grep -q openssl; then true; else test_ fail "No OpenSSL support"; return; fi
skipping to change at line 764 skipping to change at line 760
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=noatime,sync cipher=aes-ecb fstype=ext3 mountoptions=noatime,sync cipher=aes-ecb
keyformat=openssl keyfile=${TMPDIR}/keyfile keyformat=openssl keyfile=${TMPDIR}/keyfile
keyhash=${keyhash} keycipher=${keycipher} keyhash=${keyhash} keycipher=${keycipher}
} }
EOF EOF
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare targe t${idx} 2>&3; then true; else test_fail prepare; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare tar get${idx} 2>&3; then true; else test_fail prepare; return; fi
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/ null ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/ null
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then tr ue; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then tr ue; else test_fail release; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PA SSWD} --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${P ASSWD}" --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount targe t${idx}" 2>&3; then true; else test_fail unmount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount targe t${idx}" 2>&3; then true; else test_fail unmount; return; fi
wait_udev wait_udev
done done
done done
test_pass test_pass
}; };
function test_gcry_algs() { function test_gcry_algs() {
skipping to change at line 802 skipping to change at line 798
target${idx} { target${idx} {
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=noatime,sync cipher=twofish fstype=ext3 mountoptions=noatime,sync cipher=twofish
keyformat=libgcrypt keyfile=${TMPDIR}/keyfile keyformat=libgcrypt keyfile=${TMPDIR}/keyfile
keyhash=${keyhash} keycipher=${keycipher} keyhash=${keyhash} keycipher=${keycipher}
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-k if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate
ey 16 target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi -key 16 target${idx} 2>&3; then true; else test_fail "key-generation"; return; f
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare targe i
t${idx} 2>&3; then true; else test_fail prepare; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare tar
get${idx} 2>&3; then true; else test_fail prepare; return; fi
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/ null ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/ null
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then tr ue; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then tr ue; else test_fail release; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PA SSWD} --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${P ASSWD}" --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount targe t${idx}" 2>&3; then true; else test_fail "unmount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount targe t${idx}" 2>&3; then true; else test_fail "unmount"; return; fi
wait_udev wait_udev
done done
done done
test_pass test_pass
}; };
function test_gcryossl() { function test_gcryossl() {
skipping to change at line 849 skipping to change at line 845
target${idx} { target${idx} {
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=noatime,sync cipher=aes-ecb fstype=ext3 mountoptions=noatime,sync cipher=aes-ecb
keyformat=openssl-compat keyfile=${TMPDIR}/keyfile keyformat=openssl-compat keyfile=${TMPDIR}/keyfile
keyhash=${Ghash} keycipher=${Gcipher} keyhash=${Ghash} keycipher=${Gcipher}
} }
EOF EOF
# Configure filesystem with libgcrypt-openssl compatibility layer: # Configure filesystem with libgcrypt-openssl compatibility layer:
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i dx} 2>&3; then true; else test_fail prepare; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$ {idx} 2>&3; then true; else test_fail prepare; return; fi
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1M count=1 2>/dev/null
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2 fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2 fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
# change to openssl-keymanager, if available: # change to openssl-keymanager, if available:
if ${CM} --key-managers 2>/dev/null | grep -q -w openssl; then if ${CM} --key-managers 2>/dev/null | grep -q -w openssl; then
ed -s ${TMPDIR}/cmtab <<EOF ed -s ${TMPDIR}/cmtab <<EOF
1,\$s/openssl-compat/openssl/ 1,\$s/openssl-compat/openssl/
/^ *keyhash/c /^ *keyhash/c
keyhash=${Ohash} keycipher=${Ocipher} keyhash=${Ohash} keycipher=${Ocipher}
. .
w w
q q
EOF EOF
fi fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail unmount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail unmount; return; fi
wait_udev wait_udev
done done
test_pass test_pass
}; };
function test_mountlock() { function test_mountlock() {
# Test of mounting & user-locking # Test of mounting & user-locking
skipping to change at line 889 skipping to change at line 885
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=nosuid,noexec cipher=twofish fstype=ext3 mountoptions=nosuid,noexec cipher=twofish
keyfile=${TMPDIR}/keyfile keyfile=${TMPDIR}/keyfile
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --generate-key 32 --newpassword ${PASSWD} ta if ${CM} --config-dir ${TMPDIR} --generate-key 32 --newpassword "${PASSWD}"
rget${idx} 2>&3; then true; else test_fail make-key; return; fi target${idx} 2>&3; then true; else test_fail make-key; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} -- mount target${idx}" 2>&3; then true; else test_fail mount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --mount target${idx}" 2>&3; then true; else test_fail mount; return; fi
if ${SU_p} ${USER2} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then test_fail bad-unmount; return; fi if ${SU_p} ${USER2} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then test_fail bad-unmount; return; fi
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then true; else test_fail unmount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then true; else test_fail unmount; return; fi
test_pass test_pass
}; };
function test_userflags() { function test_userflags() {
# Test of mounting with user/nouser flags # Test of mounting with user/nouser flags
if test_start "mounting & user-flags"; then true; else return; fi if test_start "mounting & user-flags"; then true; else return; fi
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
flags=nouser,nofsck flags=nouser,nofsck
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=nosuid,noexec cipher=twofish fstype=ext3 mountoptions=nosuid,noexec cipher=twofish
keyfile=${TMPDIR}/keyfile keyfile=${TMPDIR}/keyfile
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --generate-key 16 --newpassword ${PASSWD} ta if ${CM} --config-dir ${TMPDIR} --generate-key 16 --newpassword "${PASSWD}"
rget${idx} 2>&3; then true; else test_fail make-key; return; fi target${idx} 2>&3; then true; else test_fail make-key; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
for cfg in user,${USER1},pass user,root,pass nouser,${USER1},fail nouser,roo t,pass for cfg in user,${USER1},pass user,root,pass nouser,${USER1},fail nouser,roo t,pass
do do
tupelize $cfg flgs usr exp tupelize $cfg flgs usr exp
ed -s ${TMPDIR}/cmtab <<EOF 2>/dev/null 1>&2 ed -s ${TMPDIR}/cmtab <<EOF 2>/dev/null 1>&2
/flags=/ /flags=/
c c
flags=${flgs},nofsck flags=${flgs},nofsck
. .
w w
q q
EOF EOF
echo "config: ${cfg}" 1>&3 echo "config: ${cfg}" 1>&3
${SU_p} ${usr} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} --m ount target${idx}" 1>&3 2>&3 ${SU_p} ${usr} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" - -mount target${idx}" 1>&3 2>&3
stat=$? stat=$?
if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then
test_fail bad-mount test_fail bad-mount
return return
fi fi
wait_udev wait_udev
${SU_p} ${usr} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} --u nmount target${idx}" 2>&3 ${SU_p} ${usr} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" - -unmount target${idx}" 2>&3
stat=$? stat=$?
if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then
test_fail bad-unmount test_fail bad-unmount
return return
fi fi
done done
test_pass test_pass
}; };
skipping to change at line 966 skipping to change at line 962
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/devfile dev=${TMPDIR}/devfile
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=,,,noatime cipher=blowfish fstype=ext3 mountoptions=,,,noatime cipher=blowfish
keyfile=${TMPDIR}/keyfile keyformat=raw keyfile=${TMPDIR}/keyfile keyformat=raw
} }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
if ${CM} --config-dir ${TMPDIR} --generate-key 12 --newpassword ${PASSWD} ta if ${CM} --config-dir ${TMPDIR} --generate-key 12 --newpassword "${PASSWD}"
rget${idx} 2>&3; then true; else test_fail make-key; return; fi target${idx} 2>&3; then true; else test_fail make-key; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi if mke2fs -q -j /dev/mapper/target${idx}; then true; else test_fail mke2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
for mntopt in "" "-m" "--mount" for mntopt in "" "-m" "--mount"
do do
for unmopt in "-u" "--unmount" for unmopt in "-u" "--unmount"
do do
echo "mount[${mntopt}] unmount[${unmopt}]" 1>&3 echo "mount[${mntopt}] unmount[${unmopt}]" 1>&3
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PA SSWD} ${mntopt} target${idx}" 2>&3; then true; else test_fail mount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${P ASSWD}" ${mntopt} target${idx}" 2>&3; then true; else test_fail mount; return; f i
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} ${unmopt} targe t${idx}" 2>&3; then true; else test_fail unmount; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} ${unmopt} targe t${idx}" 2>&3; then true; else test_fail unmount; return; fi
done done
done done
test_pass test_pass
}; };
function test_offsets() { function test_offsets() {
# check if startsector/numsectors parameters operate correctly # check if startsector/numsectors parameters operate correctly
skipping to change at line 1006 skipping to change at line 1002
flags=user,nofsck flags=user,nofsck
dev=${TMPDIR}/devfile dev=${TMPDIR}/devfile
startsector=${offset} startsector=${offset}
numsectors=${length} numsectors=${length}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults fstype=ext2 mountoptions=defaults
cipher=aes ivoffset=61 cipher=aes ivoffset=61
keyfile=${TMPDIR}/keyfile keyfile=${TMPDIR}/keyfile
} }
EOF EOF
test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassw ord ${PASSWD} --generate-key 16 target${idx} 2>&3 test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassw ord "${PASSWD}" --generate-key 16 target${idx} 2>&3
${DD} if=/dev/zero of=${LOOPDEV} 2>/dev/null ${DD} if=/dev/zero of=${LOOPDEV} 2>/dev/null
sync sync
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare targe t${idx} 2>&3; then if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare tar get${idx} 2>&3; then
cleanup="${CM} --config-dir ${TMPDIR} --release target${idx}" cleanup="${CM} --config-dir ${TMPDIR} --release target${idx}"
${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1b count=`expr ${length} + 16` 2>&3 ${DD} if=/dev/zero of=/dev/mapper/target${idx} bs=1b count=`expr ${length} + 16` 2>&3
wait_udev wait_udev
${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3 ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3
wait_udev wait_udev
sync sync
locs=`${TMPDIR}/bingrep < ${LOOPDEV}` locs=`${TMPDIR}/bingrep < ${LOOPDEV}`
first=`echo $locs | awk '{printf"%d",($1 / 512)}'` first=`echo $locs | awk '{printf"%d",($1 / 512)}'`
extent=`echo $locs | awk '{printf"%d", ($2 - $1) / 512}'` extent=`echo $locs | awk '{printf"%d", ($2 - $1) / 512}'`
echo "offset=${offset} length=${length} vs first=${first} ex tent=${extent}" 1>&3 echo "offset=${offset} length=${length} vs first=${first} ex tent=${extent}" 1>&3
skipping to change at line 1063 skipping to change at line 1059
zero) zero)
${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; ${DD} if=/dev/zero of=${LOOPDEV} bs=1M count=4 2>/dev/null ;;
blank) blank)
mke2fs -q ${LOOPDEV} ;; mke2fs -q ${LOOPDEV} ;;
rand) rand)
${DD} if=/dev/urandom of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; ${DD} if=/dev/urandom of=${LOOPDEV} bs=1M count=4 2>/dev/null ;;
data) data)
${DD} if=$0 of=${LOOPDEV} bs=1M count=4 2>/dev/null ;; ${DD} if=$0 of=${LOOPDEV} bs=1M count=4 2>/dev/null ;;
esac esac
wait_udev; sync wait_udev; sync
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } --swapon swap${idx}" 2>&3; then test_fail privilege; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" --swapon swap${idx}" 2>&3; then test_fail privilege; return; fi
if grep -q swap${idx} /proc/swaps; then test_fail pre-existing; return; fi if grep -q swap${idx} /proc/swaps; then test_fail pre-existing; return; fi
${CM} --config-dir ${TMPDIR} --password ${PASSWD} --swapon swap${idx} 2> &3; ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --swapon swap${idx} 2>&3;
stat=$? stat=$?
echo "stat: $stat" 1>&3 echo "stat: $stat" 1>&3
if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then
test_fail "swapon" test_fail "swapon"
return return
fi fi
wait_udev wait_udev
if [ "$stat" -eq 0 ]; then if [ "$stat" -eq 0 ]; then
cat /proc/swaps >&3 cat /proc/swaps >&3
if grep -q "\<${prio}\>" /proc/swaps; then true; else test_fail "pro c+swaps"; return; fi if grep -q "\<${prio}\>" /proc/swaps; then true; else test_fail "pro c+swaps"; return; fi
# Beware that udev may rename our swap device within /proc/swaps! # Beware that udev may rename our swap device within /proc/swaps!
fi fi
${CM} --config-dir ${TMPDIR} --password ${PASSWD} --swapoff swap${idx} 2 >&3; ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --swapoff swap${idx} 2>&3;
if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then if [ \( "$stat" -eq 0 -a "$exp" != "pass" \) -o \( "$stat" -ne 0 -a "$ex p" != "fail" \) ]; then
test_fail swapoff test_fail swapoff
return return
fi fi
if [ "$stat" -eq 0 ]; then if [ "$stat" -eq 0 ]; then
if grep -q swap${idx} /proc/swaps; then test_fail proc-swaps; return ; fi if grep -q swap${idx} /proc/swaps; then test_fail proc-swaps; return ; fi
fi fi
wait_udev wait_udev
done done
skipping to change at line 1105 skipping to change at line 1101
if [ -f ${TMPDIR}/keyfile ]; then rm ${TMPDIR}/keyfile; fi if [ -f ${TMPDIR}/keyfile ]; then rm ${TMPDIR}/keyfile; fi
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 flags=defaults cipher=twofish fstype=ext2 flags=defaults cipher=twofish
keyfile=${TMPDIR}/keyfile keyfile=${TMPDIR}/keyfile
} }
EOF EOF
COMMAND="${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 target${idx}" COMMAND="${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-k ey 16 target${idx}"
if ${COMMAND} 2>&3; then true; else test_fail "key-generation (priv)"; retur n; fi if ${COMMAND} 2>&3; then true; else test_fail "key-generation (priv)"; retur n; fi
cp ${TMPDIR}/cmtab ${TMPDIR}/cmstrm cp ${TMPDIR}/cmtab ${TMPDIR}/cmstrm
cat /dev/null > ${TMPDIR}/cmtab cat /dev/null > ${TMPDIR}/cmtab
COMMAND="${CM} --config-dir ${TMPDIR} --password ${PASSWD} --config-fd 5 --p repare target${idx}" COMMAND="${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --config-fd 5 - -prepare target${idx}"
if ${SU_p} ${USER1} -c "${COMMAND}" 5< ${TMPDIR}/cmstrm 2>&3; then test_fail "config-fd"; return; fi if ${SU_p} ${USER1} -c "${COMMAND}" 5< ${TMPDIR}/cmstrm 2>&3; then test_fail "config-fd"; return; fi
if ${COMMAND} 5< ${TMPDIR}/cmstrm 2>&3; then true; else test_fail "config-fd (priv)"; return; fi if ${COMMAND} 5< ${TMPDIR}/cmstrm 2>&3; then true; else test_fail "config-fd (priv)"; return; fi
wait_udev wait_udev
COMMAND="${CM} --config-dir ${TMPDIR} --password ${PASSWD} --config-fd 7 --r elease target${idx}" COMMAND="${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --config-fd 7 - -release target${idx}"
if ${SU_p} ${USER1} -c "${COMMAND}" 7< ${TMPDIR}/cmstrm 2>&3; then test_fail "config-fd"; return; fi if ${SU_p} ${USER1} -c "${COMMAND}" 7< ${TMPDIR}/cmstrm 2>&3; then test_fail "config-fd"; return; fi
if ${COMMAND} 7< ${TMPDIR}/cmstrm 2>&3; then true; else test_fail "config-fd (priv)"; return; fi if ${COMMAND} 7< ${TMPDIR}/cmstrm 2>&3; then true; else test_fail "config-fd (priv)"; return; fi
rm ${TMPDIR}/cmstrm rm ${TMPDIR}/cmstrm
test_pass test_pass
}; };
function test_privblock() { function test_privblock() {
# Test blockage of privileged actions # Test blockage of privileged actions
if test_start "privilege checks"; then true; else return; fi if test_start "privilege checks"; then true; else return; fi
skipping to change at line 1144 skipping to change at line 1140
fstype=swap flags=mkswap cipher=twofish fstype=swap flags=mkswap cipher=twofish
keyfile=${TMPDIR}/keyfile keyhash=sha1 keycipher=aes-192-cbc keyfile=${TMPDIR}/keyfile keyhash=sha1 keycipher=aes-192-cbc
} }
target${idx}_ { target${idx}_ {
dev=${LOOPDEV} dev=${LOOPDEV}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=swap flags=mkswap cipher=twofish fstype=swap flags=mkswap cipher=twofish
keyfile=${TMPDIR}/keyfile_ keyhash=sha1 keycipher=aes-192-cbc keyfile=${TMPDIR}/keyfile_ keyhash=sha1 keycipher=aes-192-cbc
} }
EOF EOF
COMMAND="${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 target${idx}" COMMAND="${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-k ey 16 target${idx}"
if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "key-generation"; r eturn; fi if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "key-generation"; r eturn; fi
if ${COMMAND} 2>&3; then true; else test_fail "key-generation (priv)"; retur n; fi if ${COMMAND} 2>&3; then true; else test_fail "key-generation (priv)"; retur n; fi
COMMAND="${CM} --config-dir ${TMPDIR} --password ${PASSWD} --newpassword ${N EWPASSWD} --reuse-key target${idx} target${idx}_" COMMAND="${CM} --config-dir ${TMPDIR} --password ${PASSWD} --newpassword ${N EWPASSWD} --reuse-key target${idx} target${idx}_"
if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "key-reuse"; return ; fi if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "key-reuse"; return ; fi
if ${COMMAND} 2>&3; then true; else test_fail "key-reuse (priv)"; return; fi if ${COMMAND} 2>&3; then true; else test_fail "key-reuse (priv)"; return; fi
wait_udev wait_udev
for action in --prepare --release --swapon --swapoff --safetynet for action in --prepare --release --swapon --swapoff --safetynet
do do
COMMAND="${CM} --config-dir ${TMPDIR} --password ${PASSWD} ${action} tar get${idx}" COMMAND="${CM} --config-dir ${TMPDIR} --password "${PASSWD}" ${action} t arget${idx}"
if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "${action}"; re turn; fi if ${SU_p} ${USER1} -c "${COMMAND}" 2>&3; then test_fail "${action}"; re turn; fi
if ${COMMAND} 2>&3; then true; else test_fail "${action} (priv)"; return ; fi if ${COMMAND} 2>&3; then true; else test_fail "${action} (priv)"; return ; fi
wait_udev wait_udev
done done
rm ${TMPDIR}/keyfile_ rm ${TMPDIR}/keyfile_
test_pass test_pass
}; };
function test_voverride() { function test_voverride() {
skipping to change at line 1180 skipping to change at line 1176
tupelize ${config} fversion exp tupelize ${config} fversion exp
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dir=${TMPDIR}/mnt dev=${LOOPDEV} dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=defaults fstype=ext2 mountoptions=defaults
keyformat=builtin:${fversion} keyformat=builtin:${fversion}
keyfile=${TMPDIR}/keyfile } keyfile=${TMPDIR}/keyfile }
EOF EOF
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 16 t arget${idx} 1>&3 2>&3 ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 1>&3 2>&3
stat=$? stat=$?
if [ "$stat" -eq 0 -a "${exp}" == "pass" ]; then if [ "$stat" -eq 0 -a "${exp}" == "pass" ]; then
obsv=`od -j 7 -N 1 -t d1 ${TMPDIR}/keyfile | sed -n '1s/^[0-9]* *//p '` obsv=`od -j 7 -N 1 -t d1 ${TMPDIR}/keyfile | sed -n '1s/^[0-9]* *//p '`
if [ "$obsv" -ne "$fversion" ]; then if [ "$obsv" -ne "$fversion" ]; then
test_fail "Version mismatch (${obsv} vs ${fversion})"; test_fail "Version mismatch (${obsv} vs ${fversion})";
return; return;
fi fi
elif [ "${exp}" != "fail" ]; then elif [ "${exp}" != "fail" ]; then
test_fail "Bad version" test_fail "Bad version"
return return
skipping to change at line 1202 skipping to change at line 1198
done done
test_pass test_pass
}; };
function test_cryptsetup_compat() { function test_cryptsetup_compat() {
# Check compatibility with (plain old) cryptsetup # Check compatibility with (plain old) cryptsetup
if test_start "cryptsetup compatibility"; then true; else return; fi if test_start "cryptsetup compatibility"; then true; else return; fi
if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi
if ${CM} --key-managers 2>/dev/null | grep -q openssl; then true; else test_ fail "No OpenSSL support"; return; fi if ${CM} --key-managers 2>/dev/null | grep -q openssl; then true; else test_ fail "No OpenSSL support"; return; fi
mk_ssl_keyfile 32 md5 aes192 > ${TMPDIR}/keyfile mk_ssl_keyfile 32 md5 aes192 > ${TMPDIR}/keyfile
openssl enc -d -aes192 -md md5 -in ${TMPDIR}/keyfile -pass pass:${PASSWD} -o ut ${TMPDIR}/keymat 2>/dev/null openssl enc -d -aes192 -md md5 -in ${TMPDIR}/keyfile -pass pass:"${PASSWD}" -out ${TMPDIR}/keymat 2>/dev/null
for cipher in blowfish serpent for cipher in blowfish serpent; do
do for length in 16384 32768; do
for length in 4096 8192 for startsec in 0 32; do
do for ivoffset in 0 172 932; do
for startsec in 0 32
do
for ivoffset in 0 172 932
do
idx=`mkrandshort` idx=`mkrandshort`
echo "${cipher},${length},${startsec},${ivoffset}" 1>&3 echo "${cipher},${length},${startsec},${ivoffset}" 1>&3
cryptsetup --key-file ${TMPDIR}/keymat -c ${cipher} -b ${len gth} -o ${startsec} -p ${ivoffset} create cstarget${idx} ${LOOPDEV} 2>&3 cryptsetup --key-file ${TMPDIR}/keymat -c ${cipher} -b ${len gth} -o ${startsec} -p ${ivoffset} create cstarget${idx} ${LOOPDEV} 2>&3
if [ -b /dev/mapper/cstarget${idx} ]; then if [ -b /dev/mapper/cstarget${idx} ]; then
cs_size=`blockdev --getsize /dev/mapper/cstarget${idx}` cs_size=`blockdev --getsize /dev/mapper/cstarget${idx}`
${DD} if=/dev/zero of=/dev/mapper/cstarget${idx} \ ${DD} if=/dev/zero of=/dev/mapper/cstarget${idx} \
bs=16k count=16 2>/dev/null bs=16k count=16 2>/dev/null
mke2fs -q -j /dev/mapper/cstarget${idx} mke2fs -q -j /dev/mapper/cstarget${idx}
wait_udev wait_udev
cryptsetup remove cstarget${idx} cryptsetup remove cstarget${idx}
skipping to change at line 1241 skipping to change at line 1233
flags=user,nofsck flags=user,nofsck
dev=${LOOPDEV} dev=${LOOPDEV}
startsector=${startsec} numsectors=${length} startsector=${startsec} numsectors=${length}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext3 mountoptions=defaults fstype=ext3 mountoptions=defaults
cipher=${cipher} ivoffset=${ivoffset} cipher=${cipher} ivoffset=${ivoffset}
keyformat=openssl keyfile=${TMPDIR}/keyfile keyformat=openssl keyfile=${TMPDIR}/keyfile
keyhash=md5 keycipher=aes192 keyhash=md5 keycipher=aes192
} }
EOF EOF
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} target$ {idx} 2>&3; then true; else test_fail "mount"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" targe t${idx} 2>&3; then true; else test_fail "mount"; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --unmou nt target${idx} 2>&3; then true; else test_fail "unmount"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --unm ount target${idx} 2>&3; then true; else test_fail "unmount"; return; fi
done done
done done
done done
done done
rm ${TMPDIR}/keymat rm ${TMPDIR}/keymat
test_pass test_pass
}; };
function test_luks_loopdev() { function test_luks_loopdev() {
# Check operation of LUKS container via loopback device # Check operation of LUKS container via loopback device
if test_start "LUKS loopback"; then true; else return; fi if test_start "LUKS loopback"; then true; else return; fi
if ${CM} --key-managers 2>/dev/null | grep -q luks; then true; else test_fai l "No LUKS support"; return; fi if ${CM} --key-managers 2>/dev/null | grep -q luks; then true; else test_fai l "No LUKS support"; return; fi
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
keyformat=luks loop=auto keyformat=luks loop=auto
dev=${TMPDIR}/loopfile dir=${TMPDIR}/mnt dev=${TMPDIR}/loopfile dir=${TMPDIR}/mnt
fstype=ext3 flags=nofsck fstype=ext3 flags=nofsck
} }
EOF EOF
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 32 ta if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 32
rget${idx} 2>&3; then true; else test_fail "key-generation"; return; fi target${idx} 2>&3; then true; else test_fail "key-generation"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${idx} if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target${idx
2>&3; then true; else test_fail prepare; return; fi } 2>&3; then true; else test_fail prepare; return; fi
if mke2fs -t ext3 -q /dev/mapper/target${idx}; then true; else test_fail mke 2fs; return; fi if mke2fs -t ext3 -q /dev/mapper/target${idx}; then true; else test_fail mke 2fs; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail release; return; fi
wait_udev wait_udev
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD} ta rget${idx}" 2>&3; then true; else test_fail "mount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSWD}" target${idx}" 2>&3; then true; else test_fail "mount"; return; fi
wait_udev; sleep 1 wait_udev; sleep 1
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then true; else test_fail "unmount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${idx}" 2>&3; then true; else test_fail "unmount"; return; fi
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --newpassword ${NEWPASS WD} --change-password target${idx} 1>&3 2>&3; then true; else test_fail "changin g password"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --newpassword ${NEWPA SSWD} --change-password target${idx} 1>&3 2>&3; then true; else test_fail "chang ing password"; return; fi
test_pass test_pass
}; };
function test_luks_compat() { function test_luks_compat() {
# Check compatibility with cryptsetup-luks, importing into cryptmount # Check compatibility with cryptsetup-luks, importing into cryptmount
if test_start "LUKS compatibility"; then true; else return; fi if test_start "LUKS compatibility"; then true; else return; fi
if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi
if ${CM} --key-managers 2>/dev/null | grep -q luks; then true; else test_fai l "No LUKS support"; return; fi if ${CM} --key-managers 2>/dev/null | grep -q luks; then true; else test_fai l "No LUKS support"; return; fi
echo -n "keyslot0-password" > ${TMPDIR}/keymat0 echo -n "keyslot0-password" > ${TMPDIR}/keymat0
skipping to change at line 1312 skipping to change at line 1304
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dir=${TMPDIR}/mnt dev=${LOOPDEV} dir=${TMPDIR}/mnt
fstype=ext3 flags=nofsck fstype=ext3 flags=nofsck
keyformat=luks keyformat=luks
cipher=aes # This should be overridden by LUKS header cipher=aes # This should be overridden by LUKS header
} }
EOF EOF
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password ${PASSWD } target${idx}" 2>&3; then true; else test_fail "mount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --password "${PASSW D}" target${idx}" 2>&3; then true; else test_fail "mount"; return; fi
wait_udev; sleep 1 wait_udev; sleep 1
if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi if ${SU_p} ${USER1} -c "${CM} --config-dir ${TMPDIR} --unmount target${i dx}" 2>&3; then true; else test_fail "unmount"; return; fi
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 1 6 target${idx} 2>&3; then test_fail "re-formatting"; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then test_fail "re-formatting"; fi
wait_udev wait_udev
done done
rm ${TMPDIR}/keymat0 ${TMPDIR}/keymat rm ${TMPDIR}/keymat0 ${TMPDIR}/keymat
test_pass test_pass
}; };
function test_luks_tapmoc() { function test_luks_tapmoc() {
# Check inverse-compatibility with cryptsetup-luks, as cryptmount export # Check inverse-compatibility with cryptsetup-luks, as cryptmount export
if test_start "LUKS inverse-compatibility"; then true; else return; fi if test_start "LUKS inverse-compatibility"; then true; else return; fi
if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi if which cryptsetup 1>&3; then true; else test_fail "cryptsetup not availabl e"; return; fi
skipping to change at line 1344 skipping to change at line 1336
# Setup partition with cryptmount: # Setup partition with cryptmount:
idx=`mkrandshort` idx=`mkrandshort`
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${LOOPDEV} dir=${TMPDIR}/mnt dev=${LOOPDEV} dir=${TMPDIR}/mnt
fstype=ext3 flags=nofsck fstype=ext3 flags=nofsck
keyformat=luks keyfile=${LOOPDEV} keyformat=luks keyfile=${LOOPDEV}
cipher=${cipher}-${mode} cipher=${cipher}-${mode}
} }
EOF EOF
if ${DD} if=/dev/zero of=${LOOPDEV} bs=1k count=1 conv=notrunc 2>/dev/nu ll; then true; else test_fail "purging"; return; fi if ${DD} if=/dev/zero of=${LOOPDEV} bs=4k count=4 conv=notrunc 2>/dev/nu ll; then true; else test_fail "purging"; return; fi
sync sync
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 3 if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key
2 target${idx} 1>&3 2>&3; then true; else test_fail "key-generation"; return; fi 32 target${idx} 1>&3 2>&3; then true; else test_fail "key-generation"; return;
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare target${i fi
dx} 2>&3; then true; else test_fail "prepare"; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare target$
{idx} 2>&3; then true; else test_fail "prepare"; return; fi
if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs "; return; fi if mke2fs -q /dev/mapper/target${idx}; then true; else test_fail "mke2fs "; return; fi
wait_udev wait_udev
if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi if ${CM} --config-dir ${TMPDIR} --release target${idx} 2>&3; then true; else test_fail "release"; return; fi
wait_udev wait_udev
# Attempt to mount with cryptsetup-luks: # Attempt to mount with cryptsetup-luks:
TMPTGT="mudslinger-`mkrandshort`" TMPTGT="mudslinger-`mkrandshort`"
cryptsetup --key-file ${TMPDIR}/keymat luksOpen "${LOOPDEV}" "${TMPTGT}" 1>&3 2>&3 cryptsetup --key-file ${TMPDIR}/keymat luksOpen "${LOOPDEV}" "${TMPTGT}" 1>&3 2>&3
if [ ! -b /dev/mapper/${TMPTGT} ]; then test_fail "luksOpen"; return; fi if [ ! -b /dev/mapper/${TMPTGT} ]; then test_fail "luksOpen"; return; fi
if mount -t ext2 /dev/mapper/${TMPTGT} ${TMPDIR}/mnt; then true; else te st_fail "mount"; return; fi if mount -t ext2 /dev/mapper/${TMPTGT} ${TMPDIR}/mnt; then true; else te st_fail "mount"; return; fi
wait_udev wait_udev
lukscipher=`cryptsetup luksDump "${LOOPDEV}" | sed -n '/^Cipher name/s/^ [^:]*:\s*//p'` lukscipher=`cryptsetup luksDump "${LOOPDEV}" | sed -n '/^Cipher name/s/^ [^:]*:\s*//p'`
luksmode=`cryptsetup luksDump "${LOOPDEV}" | sed -n '/^Cipher mode/s/^[^ :]*:\s*//p'` luksmode=`cryptsetup luksDump "${LOOPDEV}" | sed -n '/^Cipher mode/s/^[^ :]*:\s*//p'`
echo "LUKSheader: $lukscipher + $luksmode" 1>&3 echo "LUKSheader: $lukscipher + $luksmode" 1>&3
umount /dev/mapper/${TMPTGT} umount /dev/mapper/${TMPTGT}
cryptsetup luksClose "${TMPTGT}" 2>&3 cryptsetup luksClose "${TMPTGT}" 2>&3
if [ "$cipher" != "$lukscipher" ]; then test_fail "cipher mismatch ($luk scipher)"; return; fi if [ "$cipher" != "$lukscipher" ]; then test_fail "cipher mismatch ($luk scipher)"; return; fi
if [ "$mode" != "$luksmode" ]; then test_fail "mode mismatch ($luksmode) "; return; fi if [ "$mode" != "$luksmode" ]; then test_fail "mode mismatch ($luksmode) "; return; fi
# Check that re-formatting is blocked: # Check that re-formatting is blocked:
if ${CM} --config-dir ${TMPDIR} --newpassword ${PASSWD} --generate-key 1 6 target${idx} 2>&3; then test_fail "re-formatting"; fi if ${CM} --config-dir ${TMPDIR} --newpassword "${PASSWD}" --generate-key 16 target${idx} 2>&3; then test_fail "re-formatting"; fi
wait_udev wait_udev
done done
rm ${TMPDIR}/keymat rm ${TMPDIR}/keymat
test_pass test_pass
}; };
function test_loopset() { function test_loopset() {
# Check that 'loopdev' parameter correctly targets specific loopback dev # Check that 'loopdev' parameter correctly targets specific loopback dev
if test_start "loopdev specification"; then true; else return; fi if test_start "loopdev specification"; then true; else return; fi
rm -f ${TMPDIR}/keyfile rm -f ${TMPDIR}/keyfile
skipping to change at line 1395 skipping to change at line 1387
else else
cat <<EOF > ${TMPDIR}/cmtab cat <<EOF > ${TMPDIR}/cmtab
target${idx} { target${idx} {
dev=${TMPDIR}/loopfile dev=${TMPDIR}/loopfile
loop=${ldev} loop=${ldev}
dir=${TMPDIR}/mnt dir=${TMPDIR}/mnt
fstype=ext2 mountoptions=,,,ro,,,noatime cipher=twofish fstype=ext2 mountoptions=,,,ro,,,noatime cipher=twofish
keyfile=${TMPDIR}/keyfile keyformat=raw keyfile=${TMPDIR}/keyfile keyformat=raw
} }
EOF EOF
test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassw test -f ${TMPDIR}/keyfile || ${CM} --config-dir ${TMPDIR} --newpassw
ord ${PASSWD} --generate-key 16 target${idx} 2>&3 ord "${PASSWD}" --generate-key 16 target${idx} 2>&3
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --prepare targe if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --prepare tar
t${idx} 2>&3; then true; else test_fail prepare; return; fi get${idx} 2>&3; then true; else test_fail prepare; return; fi
wait_udev wait_udev
if ${LOSETUP} $ldev 1>&3 2>&3; then if ${LOSETUP} $ldev 1>&3 2>&3; then
if ${CM} --config-dir ${TMPDIR} --password ${PASSWD} --release t arget${idx} 2>&3; then true; else test_fail release; return; fi if ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --release target${idx} 2>&3; then true; else test_fail release; return; fi
else else
${CM} --config-dir ${TMPDIR} --password ${PASSWD} --release targ et${idx} 2>&3 ${CM} --config-dir ${TMPDIR} --password "${PASSWD}" --release ta rget${idx} 2>&3
test_fail "loopback unconfigured"; test_fail "loopback unconfigured";
return return
fi fi
fi fi
done done
test_pass test_pass
}; };
function test_residues() { function test_residues() {
# Check if any zombie device-mapper targets have been created # Check if any zombie device-mapper targets have been created
 End of changes. 71 change blocks. 
132 lines changed or deleted 126 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)