Browse Source

Updates to add testing by default; portability fixes

main
DarkFeather 1 year ago
parent
commit
6d1f6390c3
5 changed files with 97 additions and 3 deletions
  1. +1
    -0
      .gitignore
  2. +1
    -0
      hooks/.gitignore
  3. +48
    -0
      hooks/pre-commit
  4. +33
    -0
      tests/test_warrant_canary.py
  5. +14
    -3
      warrant_canary

+ 1
- 0
.gitignore View File

@ -0,0 +1 @@
tests/__pycache__/

+ 1
- 0
hooks/.gitignore View File

@ -0,0 +1 @@
tests/__pycache__

+ 48
- 0
hooks/pre-commit View File

@ -0,0 +1,48 @@
#!/bin/sh
#
# An example hook script to verify what is about to be committed.
# Called by "git commit" with no arguments. The hook should
# exit with non-zero status after issuing an appropriate message if
# it wants to stop the commit.
#
# To enable this hook, rename this file to "pre-commit".
if git rev-parse --verify HEAD >/dev/null 2>&1
then
against=HEAD
else
# Initial commit: diff against an empty tree object
against=$(git hash-object -t tree /dev/null)
fi
# If you want to allow non-ASCII filenames set this variable to true.
allownonascii=$(git config --bool hooks.allownonascii)
# Redirect output to stderr.
exec 1>&2
# Cross platform projects tend to avoid non-ASCII filenames; prevent
# them from being added to the repository. We exploit the fact that the
# printable range starts at the space character and ends with tilde.
if [ "$allownonascii" != "true" ] &&
# Note that the use of brackets around a tr range is ok here, (it's
# even required, for portability to Solaris 10's /usr/bin/tr), since
# the square bracket bytes happen to fall in the designated range.
test $(git diff --cached --name-only --diff-filter=A -z $against |
LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0
then
cat <<\EOF
Error: Attempt to add a non-ASCII file name.
This can cause problems if you want to work with people on other platforms.
To be portable it is advisable to rename the file.
If you know what you are doing you can disable this check using:
git config hooks.allownonascii true
EOF
exit 1
fi
exec python3 -m pytest

+ 33
- 0
tests/test_warrant_canary.py View File

@ -0,0 +1,33 @@
import pytest
import shutil
import subprocess
def test_warrant_canary_usage():
### Ensure that the script provides output.
procState=subprocess.run(['./warrant_canary','-h'],capture_output=True,timeout=3)
assert procState.returncode == 0 and procState.stderr == b''
def test_warrant_canary_seed():
### Test that we can seed a warrant canary file
# procState=subprocess.run(['./warrant_canary','-s'],capture_output=True,timeout=3)
try:
with open('canary.asc') as fh:
# assert procState.returncode == 0 and procState.stderr == b'' and 'BEGIN PGP SIGNATURE' in fh.read() and b'Success' in procState.stderr
assert 'BEGIN PGP SIGNATURE' in fh.read()
except:
assert False
def test_warrant_canary_basic_verify():
### Test that we can verify with no arguments
procState=subprocess.run(['./warrant_canary','-V'],capture_output=True,timeout=3)
assert procState.returncode == 0 and procState.stderr == b'' and b'Good signature' in procState.stdout
def test_warrant_canary_file_verify():
### Test that we can verify with a file
procState=subprocess.run(['./warrant_canary','-c','./canary.asc','-V'],capture_output=True,timeout=3)
assert procState.returncode == 0 and procState.stderr == b'' and b'Good signature' in procState.stdout
def test_warrant_canary_url_verify():
### Test that we can verify with a web address
procState=subprocess.run(['./warrant_canary','-c','https://cryptostorm.is/canary.txt','-k','E9C7C942','-K','pgp.mit.edu','-V'],capture_output=True,timeout=30)
assert procState.returncode == 0 and procState.stderr == b'' and b'Good signature' in procState.stdout

+ 14
- 3
warrant_canary View File

@ -1,7 +1,5 @@
#!/bin/bash
source /opt/aninix/Uniglot/Bash/header
unset canaryText
# cscanary=https://cryptostorm.is/canary.txt
# cskeyserver=pgp.mit.edu
@ -23,11 +21,24 @@ function Usage() {
exit $retcode
}
## Visual Functions ##
# These function creates a visual indicator that a step has happened.
# Borrowed from https://foundation.aninix.net/AniNIX/Uniglot for portability.
function header () {
tput setaf 1; tput bold; echo $@; tput sgr0; return
}
function errorheader () {
tput setaf 1 1>&2; tput bold 1>&2; echo "ERROR:" $@ 1>&2; tput sgr0 1>&2; return
}
function infoheader() {
tput setaf 3; tput bold; echo $@; tput sgr0; return
}
function ConfirmGPGKeys() {
# Try to make sure we either have or can pull the key
if ! gpg2 --fingerprint "$key"; then
gpg --keyserver "$keyserver" --recv-key "$key"
if ! [ $? -eq 0 ] || gpg2 --fingerprint "$key"; then
if ! gpg2 --fingerprint "$key"; then
echo Cannot pull the key: "$key".
exit 1;
fi


Loading…
Cancel
Save