summaryrefslogtreecommitdiffstats
path: root/tests/systemd-test-plugin
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:35:41 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-17 08:35:41 +0000
commitf7458043ae6a2d2d54b911fac52e50341646bef2 (patch)
tree6c58e084cd8728490fd5bb8eead07db0be0038f4 /tests/systemd-test-plugin
parentAdding upstream version 2:2.6.1. (diff)
downloadcryptsetup-f7458043ae6a2d2d54b911fac52e50341646bef2.tar.xz
cryptsetup-f7458043ae6a2d2d54b911fac52e50341646bef2.zip
Adding upstream version 2:2.7.0.upstream/2%2.7.0
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'tests/systemd-test-plugin')
-rwxr-xr-xtests/systemd-test-plugin66
1 files changed, 54 insertions, 12 deletions
diff --git a/tests/systemd-test-plugin b/tests/systemd-test-plugin
index 5f37324..7515f76 100755
--- a/tests/systemd-test-plugin
+++ b/tests/systemd-test-plugin
@@ -61,14 +61,51 @@ CRYPTENROLL_LD_PRELOAD=""
# if CRYPTSETUP_PATH is defined, we run against installed binaries,
# otherwise we compile systemd tokens from source
+[ ! -z "$CRYPTSETUP_TESTS_RUN_IN_MESON" ] && {
+ bin_check git
+ bin_check meson
+ bin_check ninja
+ bin_check pkgconf
+
+ INSTALL_PATH=$CRYPTSETUP_PATH/../external-tokens/install
+ mkdir -p $INSTALL_PATH
+ DESTDIR=$INSTALL_PATH meson install -C ..
+ PC_FILE="$(find $INSTALL_PATH -name 'libcryptsetup.pc')"
+ echo "INSTALL_PATH $INSTALL_PATH"
+ echo "PC_FILE $PC_FILE"
+ sed -i "s/^prefix=/prefix=${INSTALL_PATH//\//\\\/}/g" "$PC_FILE"
+ export PKG_CONFIG_PATH=$(dirname $PC_FILE)
+
+ # systemd build system misses libcryptsetup.h if it is installed in non-default path
+ export CFLAGS="${CFLAGS:-} $(pkgconf --cflags libcryptsetup)"
+
+ SYSTEMD_PATH=$CRYPTSETUP_PATH/../external-tokens/systemd
+ SYSTEMD_CRYPTENROLL=$SYSTEMD_PATH/build/systemd-cryptenroll
+
+ mkdir -p $SYSTEMD_PATH
+ [ -d $SYSTEMD_PATH/.git ] || git clone --depth=1 https://github.com/systemd/systemd.git $SYSTEMD_PATH
+ cd $SYSTEMD_PATH
+ meson setup build/ -D tpm2=true -D libcryptsetup=true -D libcryptsetup-plugins=true || skip "Failed to configure systemd via meson, some dependencies are probably missing."
+ ninja -C build/ systemd-cryptenroll libcryptsetup-token-systemd-tpm2.so || skip "Failed to build systemd."
+
+ CRYPTSETUP_TOKENS_PATH=$CRYPTSETUP_PATH/../tokens/ssh
+
+ cd $CRYPTSETUP_PATH/../tests
+ cp $SYSTEMD_PATH/build/libcryptsetup-token-*.so $CRYPTSETUP_TOKENS_PATH
+ cp $SYSTEMD_PATH/build/src/shared/*.so $CRYPTSETUP_TOKENS_PATH
+ export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$CRYPTSETUP_PATH/../tests"
+
+ CRYPTENROLL_LD_PRELOAD="$CRYPTSETUP_PATH/../lib/libcryptsetup.so"
+
+ echo "CRYPTENROLL_LD_PRELOAD $CRYPTENROLL_LD_PRELOAD"
+}
+
[ -z "$CRYPTSETUP_PATH" ] && {
bin_check git
bin_check meson
bin_check ninja
bin_check pkgconf
- TOKEN_PATH=fake_token_path.so
- [ -f $TOKEN_PATH ] || skip "Please compile $TOKEN_PATH."
INSTALL_PATH=$(pwd)/external-tokens/install
make -C .. install DESTDIR=$INSTALL_PATH
PC_FILE="$(find $INSTALL_PATH -name 'libcryptsetup.pc')"
@@ -83,16 +120,17 @@ CRYPTENROLL_LD_PRELOAD=""
SYSTEMD_CRYPTENROLL=$SYSTEMD_PATH/build/systemd-cryptenroll
mkdir -p $SYSTEMD_PATH
- [ "$(ls -A $SYSTEMD_PATH)" ] || git clone --depth=1 https://github.com/systemd/systemd.git $SYSTEMD_PATH
+ [ -d $SYSTEMD_PATH/.git ] || git clone --depth=1 https://github.com/systemd/systemd.git $SYSTEMD_PATH
cd $SYSTEMD_PATH
- meson -D tpm2=true -D libcryptsetup=true -D libcryptsetup-plugins=true build/ || skip "Failed to configure systemd via meson, some dependencies are probably missing."
+ meson setup build/ -D tpm2=true -D libcryptsetup=true -D libcryptsetup-plugins=true || skip "Failed to configure systemd via meson, some dependencies are probably missing."
ninja -C build/ systemd-cryptenroll libcryptsetup-token-systemd-tpm2.so || skip "Failed to build systemd."
+ CRYPTSETUP_TOKENS_PATH=$CRYPTSETUP_PATH/.libs
+
cd $CRYPTSETUP_PATH/tests
- cp $SYSTEMD_PATH/build/libcryptsetup-token-*.so ../.libs/
- cp $SYSTEMD_PATH/build/src/shared/*.so ../.libs/
+ cp $SYSTEMD_PATH/build/libcryptsetup-token-*.so $CRYPTSETUP_TOKENS_PATH
+ cp $SYSTEMD_PATH/build/src/shared/*.so $CRYPTSETUP_TOKENS_PATH
- export LD_PRELOAD="${LD_PRELOAD-}:$CRYPTSETUP_PATH/tests/$TOKEN_PATH"
CRYPTENROLL_LD_PRELOAD="$CRYPTSETUP_PATH/.libs/libcryptsetup.so"
}
CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
@@ -115,7 +153,11 @@ CRYPTSETUP=$CRYPTSETUP_PATH/cryptsetup
echo "Virtual TPM set up at $TPM_PATH"
}
+if [ -n "$SSH_BUILD_DIR" ]; then
+ CUSTOM_TOKENS_PATH="--external-tokens-path $SSH_BUILD_DIR"
+fi
FAKE_TPM_PATH="$(pwd)/fake_systemd_tpm_path.so"
+[ ! -z "$CRYPTSETUP_TESTS_RUN_IN_MESON" ] && FAKE_TPM_PATH="$CRYPTSETUP_PATH/../tests/fake_systemd_tpm_path.so"
[ -f $FAKE_TPM_PATH ] || skip "Please compile $FAKE_TPM_PATH."
export LD_PRELOAD="$LD_PRELOAD:$FAKE_TPM_PATH"
@@ -128,23 +170,23 @@ echo $PASSWD | $CRYPTSETUP luksFormat --type luks2 $FAST_PBKDF_OPT $IMG --force-
echo "Enrolling the device to TPM 2 using systemd-cryptenroll.."
LD_PRELOAD="$LD_PRELOAD:$CRYPTENROLL_LD_PRELOAD" PASSWORD="$PASSWD" $SYSTEMD_CRYPTENROLL $IMG --tpm2-device=$TPM_PATH >/dev/null 2>&1
-$CRYPTSETUP luksDump $IMG | grep -q "tpm2-blob" || fail "Failed to dump $IMG using systemd_tpm2 token (no tpm2-blob in output)."
+$CRYPTSETUP luksDump --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG | grep -q "tpm2-blob" || fail "Failed to dump $IMG using systemd_tpm2 token (no tpm2-blob in output)."
echo "Activating the device via TPM2 external token.."
-$CRYPTSETUP open --token-only $IMG $MAP >/dev/null 2>&1 || fail "Failed to open $IMG using systemd_tpm2 token."
+$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH --token-only $IMG $MAP >/dev/null 2>&1 || fail "Failed to open $IMG using systemd_tpm2 token."
$CRYPTSETUP close $MAP >/dev/null 2>&1 || fail "Failed to close $MAP."
echo "Adding passphrase via TPM2 token.."
-echo $PASSWD2 | $CRYPTSETUP luksAddKey $FAST_PBKDF_OPT $IMG --force-password -q --token-only >/dev/null 2>&1 || fail "Failed to add passphrase by tpm2 token."
+echo $PASSWD2 | $CRYPTSETUP luksAddKey --external-tokens-path $CRYPTSETUP_TOKENS_PATH $FAST_PBKDF_OPT $IMG --force-password -q --token-only >/dev/null 2>&1 || fail "Failed to add passphrase by tpm2 token."
echo $PASSWD2 | $CRYPTSETUP open $IMG --test-passphrase --disable-external-tokens >/dev/null 2>&1 || fail "Failed to test passphrase added by tpm2 token."
echo "Exporting and removing TPM2 token.."
EXPORTED_TOKEN=$($CRYPTSETUP token export $IMG --token-id 0)
$CRYPTSETUP token remove $IMG --token-id 0
-$CRYPTSETUP open $IMG --test-passphrase --token-only >/dev/null 2>&1 && fail "Activating without passphrase should fail after TPM2 token removal."
+$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG --test-passphrase --token-only >/dev/null 2>&1 && fail "Activating without passphrase should fail after TPM2 token removal."
echo "Re-importing TPM2 token.."
echo $EXPORTED_TOKEN | $CRYPTSETUP token import $IMG --token-id 0 || fail "Failed to re-import deleted token."
-$CRYPTSETUP open $IMG --test-passphrase --token-only >/dev/null 2>&1 || fail "Failed to activate after re-importing deleted token."
+$CRYPTSETUP open --external-tokens-path $CRYPTSETUP_TOKENS_PATH $IMG --test-passphrase --token-only >/dev/null 2>&1 || fail "Failed to activate after re-importing deleted token."
cleanup
exit 0