X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=test%2Fintegration%2Fcmd_fsck.py;fp=test%2Fintegration%2Fcmd_fsck.py;h=e3dfa4374bfb10c15845d607bdec54f791ba20d8;hp=4e79ccd51f8e58b9022c46e6d3c25237e5d6796c;hb=66eb66ec8f872db3dc12e1d01101772918d69a4a;hpb=38a4eb4ebc730d805fcab9d64fe988be42a99122 diff --git a/test/integration/cmd_fsck.py b/test/integration/cmd_fsck.py index 4e79ccd5..e3dfa437 100755 --- a/test/integration/cmd_fsck.py +++ b/test/integration/cmd_fsck.py @@ -7,14 +7,14 @@ import sys import typing as T from testlib import check +from testlib.const import RUN_ACCESS_CHECKS from testlib.log import log from testlib.proc import Tinc, Feature from testlib.util import read_text, read_lines, write_lines, append_line, write_text -run_legacy_checks = Feature.LEGACY_PROTOCOL in Tinc().features -run_access_checks = os.name != "nt" and os.geteuid() != 0 -run_executability_checks = os.name != "nt" -run_permission_checks = run_executability_checks +RUN_LEGACY_CHECKS = Feature.LEGACY_PROTOCOL in Tinc().features +RUN_EXECUTABILITY_CHECKS = os.name != "nt" +RUN_PERMISSION_CHECKS = RUN_EXECUTABILITY_CHECKS # Sample RSA key pair (old format). Uses e = 0xFFFF. RSA_N = """ @@ -132,24 +132,24 @@ def test_private_keys(keyfile: str) -> None: keyfile_path = context.node.sub(keyfile) os.truncate(keyfile_path, 0) - if run_legacy_checks: + if RUN_LEGACY_CHECKS: context.expect_msg("no private key is known", code=0) else: context.expect_msg("No Ed25519 private key found") - if run_access_checks: + if RUN_ACCESS_CHECKS: context = test(f"fail on inaccessible {keyfile}") keyfile_path = context.node.sub(keyfile) os.chmod(keyfile_path, 0) - context.expect_msg("Error reading", code=0 if run_legacy_checks else 1) + context.expect_msg("Error reading", code=0 if RUN_LEGACY_CHECKS else 1) - if run_permission_checks: + if RUN_PERMISSION_CHECKS: context = test(f"warn about unsafe permissions on {keyfile}") keyfile_path = context.node.sub(keyfile) os.chmod(keyfile_path, 0o666) context.expect_msg("unsafe file permissions", code=0) - if run_legacy_checks: + if RUN_LEGACY_CHECKS: context = test(f"pass on missing {keyfile} when the other key is present") keyfile_path = context.node.sub(keyfile) os.remove(keyfile_path) @@ -211,7 +211,7 @@ ctx.node.cmd("fsck") ctx = test("fail when all private keys are missing") os.remove(ctx.ec_priv) -if run_legacy_checks: +if RUN_LEGACY_CHECKS: os.remove(ctx.rsa_priv) ctx.expect_msg("Neither RSA or Ed25519 private") else: @@ -262,7 +262,7 @@ test_ec_public_key_file_var(ctx, "tinc.conf") ctx = test("test EC public key in hosts/") test_ec_public_key_file_var(ctx, "hosts", ctx.node.name) -if run_access_checks: +if RUN_ACCESS_CHECKS: ctx = test("fail on inaccessible tinc.conf") os.chmod(ctx.conf, 0) ctx.expect_msg("not running tinc as root") @@ -271,7 +271,7 @@ if run_access_checks: os.chmod(ctx.host, 0) ctx.expect_msg("Cannot open config file") -if run_executability_checks: +if RUN_EXECUTABILITY_CHECKS: ctx = test("non-executable tinc-up MUST be fixed by tinc --force") os.chmod(ctx.tinc_up, 0o644) ctx.expect_msg("cannot read and execute", force=True, code=0) @@ -298,7 +298,7 @@ if run_executability_checks: ############################################################################### # Legacy protocol ############################################################################### -if not run_legacy_checks: +if not RUN_LEGACY_CHECKS: log.info("skipping legacy protocol tests") sys.exit(0) @@ -369,7 +369,7 @@ remove_pem(ctx.host) ctx.expect_msg("No (usable) public RSA key found", force=True, code=0) ctx.node.cmd("fsck") -if run_permission_checks: +if RUN_PERMISSION_CHECKS: ctx = test("warn about unsafe permissions on tinc.conf with PrivateKey") os.remove(ctx.rsa_priv) append_line(ctx.conf, f"PrivateKey = {RSA_D}")