diff options
author | Christian Grothoff <christian@grothoff.org> | 2020-03-18 15:03:41 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2020-03-18 15:03:41 +0100 |
commit | b1cfcf4fbe23609b5f7f91454f24f6ad384f42ce (patch) | |
tree | 5d5d35481c0473869d72583cefe568d1d3c7e8f9 | |
parent | a631645648d817ec2c9744b31395256d266bb800 (diff) |
add keyup key regeneration on revocation test; closes #6123
-rw-r--r-- | src/exchange-tools/.gitignore | 1 | ||||
-rw-r--r-- | src/exchange-tools/test_taler_exchange_httpd.conf | 4 | ||||
-rwxr-xr-x | src/exchange-tools/test_taler_exchange_keyup.sh | 73 |
3 files changed, 68 insertions, 10 deletions
diff --git a/src/exchange-tools/.gitignore b/src/exchange-tools/.gitignore index 531169f8c..6e9e12faf 100644 --- a/src/exchange-tools/.gitignore +++ b/src/exchange-tools/.gitignore @@ -1,2 +1,3 @@ test_taler_exchange_httpd_home/.local/share/taler/exchange/live-keys/ test_taler_exchange_httpd_home/.local/share/taler/exchange/wirefees/ +test_taler_exchange_httpd_home/.config/taler/account-1.json diff --git a/src/exchange-tools/test_taler_exchange_httpd.conf b/src/exchange-tools/test_taler_exchange_httpd.conf index 63b59f905..d6748b5d3 100644 --- a/src/exchange-tools/test_taler_exchange_httpd.conf +++ b/src/exchange-tools/test_taler_exchange_httpd.conf @@ -31,11 +31,11 @@ LEGAL_DURATION = 2 years # how long do we generate denomination and signing keys # ahead of time? -LOOKAHEAD_SIGN = 32 weeks 1 day +LOOKAHEAD_SIGN = 2 weeks 1 day # how long do we provide to clients denomination and signing keys # ahead of time? -LOOKAHEAD_PROVIDE = 4 weeks 1 day +LOOKAHEAD_PROVIDE = 1 weeks 1 day # HTTP port the exchange listens to PORT = 8081 diff --git a/src/exchange-tools/test_taler_exchange_keyup.sh b/src/exchange-tools/test_taler_exchange_keyup.sh index 4cf0ea1fb..26f7fe131 100755 --- a/src/exchange-tools/test_taler_exchange_keyup.sh +++ b/src/exchange-tools/test_taler_exchange_keyup.sh @@ -33,8 +33,11 @@ function exit_skip() { } # test required commands exist -echo "Testing for jq" +echo -n "Testing for jq ..." jq -h > /dev/null || exit_skip "jq required" +echo " OK" + +CONF="-c test_taler_exchange_httpd.conf" echo -n "Launching exchange ..." PREFIX= @@ -42,13 +45,13 @@ PREFIX= # PREFIX="valgrind --leak-check=yes --track-fds=yes --error-exitcode=1 --log-file=valgrind.%p" # Setup database -taler-exchange-dbinit -c test_taler_exchange_httpd.conf &> /dev/null +taler-exchange-dbinit $CONF &> /dev/null # Setup keys. -taler-exchange-keyup -c test_taler_exchange_httpd.conf || exit 1 +taler-exchange-keyup $CONF &> /dev/null || exit 1 # Setup wire accounts. -taler-exchange-wire -c test_taler_exchange_httpd.conf > /dev/null || exit 1 +taler-exchange-wire $CONF > /dev/null || exit 1 # Run Exchange HTTPD (in background) -$PREFIX taler-exchange-httpd -c test_taler_exchange_httpd.conf 2> test-exchange.log & +$PREFIX taler-exchange-httpd $CONF 2> test-exchange.log & # Give HTTP time to start @@ -71,15 +74,69 @@ fi echo " DONE" # Finally run test... -echo -n "Running tests ..." +echo -n "Running tests ... " # Revoke active denomination key +REVOKE_DENOM_HASH=`taler-exchange-keycheck $CONF -i EUR:1 | sort | head -n1 | awk '{print $2}'` +REVOKE_DENOM_TIME=`taler-exchange-keycheck $CONF -i EUR:1 | sort | head -n1 | awk '{print $1}'` + +taler-exchange-keyup $CONF -r "$REVOKE_DENOM_HASH" -k 1024 + +# check revocation file exists +RDIR=`taler-config $CONF -f -s exchange -o REVOCATION_DIR` +if [ -f "$RDIR"/$REVOKE_DENOM_HASH.rev ] +then + echo -n "REV-OK " +else + echo -n "REV-FAIL ($RDIR) " + RET=1 +fi + +# Check we now have two keys for that timestamp +CNT=`taler-exchange-keycheck $CONF -i EUR:1 | awk '{print $1}' | grep -- "$REVOKE_DENOM_TIME" | wc -l` + +if [ x2 != x${CNT} ] +then + echo -n "CNT-FAIL (${CNT}) " + RET=1 +else + echo -n "CNT-OK " +fi +# Reload keys (and revocation data) at the exchange +kill -SIGUSR1 $! +# Give exchange chance to parse and reload keys +sleep 5 + +# Download (updated) keys +wget http://localhost:8081/keys -O keys.json -o /dev/null >/dev/null + +RK=`jq -er .recoup[0].h_denom_pub < keys.json` +if [ x$RK != x$REVOKE_DENOM_HASH ] +then + echo -n "KEYS-FAIL ($RK vs $REVOKE_DENOM_HASH)" + RET=1 +else + echo -n "KEYS-OK" +fi echo " DONE" # $! is the last backgrounded process, hence the exchange kill -TERM $! wait $! -# Return status code from exchange for this script -exit $? +if [ 0 != $? ] +then + RET=4 +fi + +echo "Final cleanup" +# Can't leave revocations around, would mess up next test run +rm -r "$RDIR" +# Also cleaning up live keys, as otherwise we have two for the revoked denomination type next time +KDIR=`taler-config $CONF -f -s exchange -o KEYDIR` +rm -r "$KDIR" +# Clean up our temporary file +rm keys.json + +exit $RET |