source: trunk/test/testrun_1b.sh@ 557

Last change on this file since 557 was 539, checked in by katerina, 6 years ago

Fixes for tickets #431 (OpenBSD compatibility) and #432 (compiler warnings).

File size: 14.4 KB
Line 
1#! /bin/sh
2
3#
4# Copyright Rainer Wichmann (2006)
5#
6# License Information:
7# This program is free software; you can redistribute it and/or modify
8# it under the terms of the GNU General Public License as published by
9# the Free Software Foundation; either version 2 of the License, or
10# (at your option) any later version.
11#
12# This program is distributed in the hope that it will be useful,
13# but WITHOUT ANY WARRANTY; without even the implied warranty of
14# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15# GNU General Public License for more details.
16#
17# You should have received a copy of the GNU General Public License
18# along with this program; if not, write to the Free Software
19# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20#
21
22MAXTEST=7; export MAXTEST
23LOGFILE="$PW_DIR/.samhain_log"; export LOGFILE
24RCFILE="$PW_DIR/testrc_1.dyn"; export RCFILE
25
26testrun1b_modrc ()
27{
28 ORIGINAL="\[EOF\]"
29 REPLACEMENT="\[PortCheck\]"
30 ex -s $RCFILE <<EOF
31%s/$ORIGINAL/$REPLACEMENT/g
32wq
33EOF
34
35 echo "PortCheckActive = yes" >>"$RCFILE"
36 echo "PortCheckInterface = 127.0.0.1" >>"$RCFILE"
37}
38
39testrun1b_internal ()
40{
41 BUILDOPTS="$1"
42 #
43 # test standalone compilation
44 #
45 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
46 #
47 if test -r "Makefile"; then
48 $MAKE distclean >/dev/null >&1
49 fi
50 #
51 # Bootstrapping
52 #
53 ${TOP_SRCDIR}/configure >/dev/null 2>/dev/null
54 if test x$? = x0; then
55 [ -z "$verbose" ] || log_msg_ok "configure (bootstrap)...";
56 $MAKE > /dev/null 2>&1
57 if test x$? = x0; then
58 [ -z "$verbose" ] || log_msg_ok "make (bootstrap)...";
59 else
60 [ -z "$quiet" ] && log_msg_fail "make (bootstrap)...";
61 return 1
62 fi
63
64 else
65 [ -z "$quiet" ] && log_msg_fail "configure (bootstrap)...";
66 return 1
67 fi
68 #
69 #
70 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null
71 #
72 #
73 if test x$? = x0; then
74 [ -z "$verbose" ] || log_msg_ok "configure...";
75 $MAKE > /dev/null 2>&1
76 if test x$? = x0; then
77 [ -z "$verbose" ] || log_msg_ok "make...";
78 else
79 [ -z "$quiet" ] && log_msg_fail "make...";
80 return 1
81 fi
82
83 else
84 [ -z "$quiet" ] && log_msg_fail "configure...";
85 return 1
86 fi
87
88 SKIP=`awk '/^__ARCHIVE_FOLLOWS__/ { print NR + 1; exit 0; }' ${SCRIPTDIR}/test.sh`
89
90 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh >/dev/null 2>&1
91 if [ $? -eq 0 ]; then
92 tail -n "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
93 mv "./testrc.gpg.asc" "$RCFILE"
94 else
95 tail "+$SKIP" ${SCRIPTDIR}/test.sh | gunzip -c - 2>/dev/null | tar xf - && \
96 mv "./testrc.gpg.asc" "$RCFILE"
97 fi
98 if test x$? = x0; then
99 [ -z "$verbose" ] || log_msg_ok "extract gpg signed files...";
100 else
101 [ -z "$quiet" ] && log_msg_fail "extract gpg signed files...";
102 return 1
103 fi
104
105 if test "x$2" = "x"; then
106 :
107 else
108 CONVERT="$2"
109 if test -f "${TOP_SRCDIR}/stealth_template.jpg"; then
110 [ -z "$verbose" ] || log_msg_ok "convert..."
111 "${CONVERT}" +compress "${TOP_SRCDIR}/stealth_template.jpg" stealth_template.ps >/dev/null
112 else
113 [ -z "$quiet" ] && log_msg_fail "cannot find file stealth_template.jpg"
114 return 1
115 fi
116 if [ $? -ne 0 ]; then
117 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
118 return 1
119 fi
120
121 [ -z "$verbose" ] || log_msg_ok "hide..."
122 ./samhain_stealth -s stealth_template.ps "$RCFILE" >/dev/null
123 if [ $? -ne 0 ]; then
124 [ -z "$quiet" ] && log_msg_fail "${CONVERT} +compress ${TOP_SRCDIR}/stealth_template.jpg stealth_template.ps";
125 return 1
126 fi
127
128 mv -f stealth_template.ps "$RCFILE"
129 if [ $? -ne 0 ]; then
130 [ -z "$quiet" ] && log_msg_fail "mv -f stealth_template.ps $RCFILE";
131 return 1
132 fi
133
134 fi
135
136 rm -f ./.samhain_file
137 rm -f ./.samhain_log
138 rm -f ./.samhain_lock
139
140 ./samhain -t init -p none -l info
141
142 if test x$? = x0; then
143 [ -z "$verbose" ] || log_msg_ok "init...";
144 else
145 [ -z "$quiet" ] && log_msg_fail "init...";
146 return 1
147 fi
148
149 mv $PW_DIR/.samhain_file.asc $PW_DIR/.samhain_file
150}
151
152testrun1b_nogpg ()
153{
154 BUILDOPTS="$1"
155 #
156 # test standalone compilation
157 #
158 [ -z "$verbose" ] || { echo; echo "${S}Building standalone agent${E}"; echo; }
159 #
160 if test -r "Makefile"; then
161 $MAKE distclean >/dev/null >&1
162 fi
163
164 ${TOP_SRCDIR}/configure ${BUILDOPTS} 2>/dev/null
165 #
166 #
167 if test x$? = x0; then
168 [ -z "$verbose" ] || log_msg_ok "configure...";
169 $MAKE > /dev/null 2>&1
170 if test x$? = x0; then
171 [ -z "$verbose" ] || log_msg_ok "make...";
172 else
173 [ -z "$quiet" ] && log_msg_fail "make...";
174 return 1
175 fi
176
177 else
178 [ -z "$quiet" ] && log_msg_fail "configure...";
179 return 1
180 fi
181
182 rm -f ./.samhain_file
183 rm -f ./.samhain_log
184 rm -f ./.samhain_lock
185
186 cp "${SCRIPTDIR}/testrc_1" "${RCFILE}"
187
188 if test "x$2" = "xmodrc"; then
189 [ -z "$verbose" ] || log_msg_ok "mod rc...";
190 testrun1b_modrc
191 fi
192
193 ./samhain -t init -p none -l info
194
195 if test x$? = x0; then
196 [ -z "$verbose" ] || log_msg_ok "init...";
197 else
198 [ -z "$quiet" ] && log_msg_fail "init...";
199 return 1
200 fi
201
202}
203
204do_test_1b () {
205
206 ./samhain -t check -p none -l info
207
208 if test x$? = x0; then
209 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
210 if [ $? -ne 0 ]; then
211 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
212 return 1
213 fi
214 [ -z "$verbose" ] || log_msg_ok "check...";
215 else
216 [ -z "$quiet" ] && log_msg_fail "check...";
217 return 1
218 fi
219 #
220 tmp=`egrep "Checking.*/etc(>|\")" $LOGFILE 2>/dev/null | wc -l`
221 if [ $tmp -ne 2 ]; then
222 [ -z "$verbose" ] || log_msg_fail "/etc";
223 return 1
224 fi
225 tmp=`egrep "Checking.*(>|\")" $LOGFILE 2>/dev/null | wc -l`
226 if [ $tmp -ne 10 ]; then
227 [ -z "$verbose" ] || log_msg_fail "checking";
228 return 1
229 fi
230 egrep "ADDED" $LOGFILE >/dev/null 2>&1
231 if [ $? -eq 0 ]; then
232 [ -z "$verbose" ] || log_msg_fail "init was incomplete";
233 return 1
234 fi
235 #
236 return 0
237}
238
239do_test_1b_2 () {
240
241 rm -f $PW_DIR/test_log_prelude
242
243 [ -z "$verbose" ] || { echo " starting prelude-manager.."; echo " ($PM --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &)"; }
244 "$PM" --textmod -l $PW_DIR/test_log_prelude --listen 127.0.0.1:5500 >/dev/null 2>&1 &
245 PID=$!
246
247 five_sec_sleep
248
249 ./samhain -t check -p none -l info --set-prelude-severity=info --prelude --server-addr 127.0.0.1:5500 >/dev/null
250
251 if test x$? = x0; then
252 ./samhain -j -L $LOGFILE >"${LOGFILE}.tmp" && mv "${LOGFILE}.tmp" "${LOGFILE}"
253 if [ $? -ne 0 ]; then
254 [ -z "$quiet" ] && log_msg_fail "mv logfile...";
255 kill $PID
256 return 1
257 fi
258 [ -z "$verbose" ] || log_msg_ok "check...";
259 else
260 [ -z "$quiet" ] && log_msg_fail "check...";
261 kill $PID
262 return 1
263 fi
264 #
265 tmp=`egrep 'File original:.*name=etc.*path=/etc' test_log_prelude 2>/dev/null | wc -l`
266 if [ $tmp -lt 1 ]; then
267 [ -z "$verbose" ] || log_msg_fail "/etc";
268 kill $PID
269 return 1
270 fi
271 tmp=`egrep 'Classification text: Checking' test_log_prelude 2>/dev/null | wc -l`
272 if [ $tmp -lt 1 ]; then
273 [ -z "$verbose" ] || log_msg_fail "checking";
274 kill $PID
275 return 1
276 fi
277 #
278 if test "x$2" = "xmodrc"; then
279 tmp=`egrep 'Classification text: Service opened' test_log_prelude 2>/dev/null | wc -l`
280 if [ $tmp -lt 1 ]; then
281 [ -z "$verbose" ] || log_msg_fail "service";
282 kill $PID
283 return 1
284 fi
285 tmp=`egrep 'Service: port=5500' test_log_prelude 2>/dev/null | wc -l`
286 if [ $tmp -lt 1 ]; then
287 [ -z "$verbose" ] || log_msg_fail "port 5500";
288 kill $PID
289 return 1
290 fi
291 fi
292 #
293 kill $PID
294 return 0
295}
296
297testrun1b ()
298{
299 log_start "RUN STANDALONE W/STEALTH W/GPG"
300 GPG=`find_path gpg`
301 if [ -z "$GPG" ]; then
302 log_skip 1 $MAXTEST 'gpg not found in $PATH'
303 log_skip 2 $MAXTEST 'gpg not found in $PATH'
304 log_skip 3 $MAXTEST 'gpg not found in $PATH'
305 log_skip 4 $MAXTEST 'gpg not found in $PATH'
306 log_skip 5 $MAXTEST 'gpg not found in $PATH'
307 log_skip 6 $MAXTEST 'gpg not found in $PATH'
308 log_skip 7 $MAXTEST 'gpg not found in $PATH'
309 else
310 eval "$GPG" --list-keys 0F571F6C >/dev/null 2>/dev/null
311 if [ $? -ne 0 ]; then
312 log_skip 1 $MAXTEST 'public PGP key 0x0F571F6C not present'
313 log_skip 2 $MAXTEST 'public PGP key 0x0F571F6C not present'
314 log_skip 3 $MAXTEST 'public PGP key 0x0F571F6C not present'
315 log_skip 4 $MAXTEST 'public PGP key 0x0F571F6C not present'
316 log_skip 5 $MAXTEST 'public PGP key 0x0F571F6C not present'
317 log_skip 6 $MAXTEST 'public PGP key 0x0F571F6C not present'
318 log_skip 7 $MAXTEST 'public PGP key 0x0F571F6C not present'
319 else
320 #
321 # ------------- first test -------------
322 #
323 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
324 testrun1b_internal "${BUILDOPTS}"
325 do_test_1b
326 if [ $? -eq 0 ]; then
327 log_ok 1 $MAXTEST 'gpg signed config/database files'
328 else
329 log_fail 1 $MAXTEST 'gpg signed config/database files'
330 fi
331
332
333 #
334 # ------------- second test -------------
335 #
336 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
337 testrun1b_internal "${BUILDOPTS}"
338 do_test_1b
339 if [ $? -eq 0 ]; then
340 log_ok 2 $MAXTEST 'gpg signed config/database files'
341 else
342 log_fail 2 $MAXTEST 'gpg signed config/database files'
343 fi
344
345
346 #
347 # ------------- third test -------------
348 #
349 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --with-fp=EF6CEF54701A0AFDB86AF4C31AAD26C80F571F6C --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
350 testrun1b_internal "${BUILDOPTS}"
351 do_test_1b
352 if [ $? -eq 0 ]; then
353 log_ok 3 $MAXTEST 'gpg signed config/database files'
354 else
355 log_fail 3 $MAXTEST 'gpg signed config/database files'
356 fi
357
358
359 #
360 # ------------- fourth test -------------
361 #
362 PRECONV=`find_path convert`
363 "${PRECONV}" --help | grep ImageMagick >/dev/null 2>&1 && \
364 CONVERT="${PRECONV}"
365
366 if [ -z "$CONVERT" ]; then
367 log_skip 2 $MAXTEST 'ImageMagick convert not found in $PATH'
368 else
369 BUILDOPTS="--quiet $TRUST --enable-debug --with-gpg=${GPG} --with-checksum --enable-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
370 testrun1b_internal "${BUILDOPTS}" "$CONVERT"
371 do_test_1b
372 if [ $? -eq 0 ]; then
373 log_ok 4 $MAXTEST 'gpg signed config/database files'
374 else
375 log_fail 4 $MAXTEST 'gpg signed config/database files'
376 fi
377 fi
378
379
380 #
381 # ------------- fifth test -------------
382 #
383 if ! test -d /var/run/prelude-manager
384 then
385 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
386 sudo mkdir /var/run/prelude-manager
387 sudo chown prelude:rainer /var/run/prelude-manager
388 sudo chmod 770 /var/run/prelude-manager
389 fi
390 #
391 PM=`find_path prelude-manager`
392 if [ -z "$PM" ]; then
393 log_skip 5 $MAXTEST 'prelude-manager not found in $PATH'
394 elif [ -z "$doall" ]; then
395 log_skip 5 $MAXTEST 'logging to prelude (or use --really-all)'
396 else
397 BUILDOPTS="--quiet $TRUST --enable-debug --with-prelude --with-gpg=${GPG} --with-checksum --enable-micro-stealth=137 --enable-login-watch --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
398 testrun1b_internal "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
399 do_test_1b_2
400 if [ $? -eq 0 ]; then
401 log_ok 5 $MAXTEST 'logging to prelude'
402 else
403 log_fail 5 $MAXTEST 'logging to prelude'
404 fi
405 fi
406
407 #
408 # ------------- sixth test -------------
409 #
410 if ! test -d /var/run/prelude-manager
411 then
412 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
413 sudo mkdir /var/run/prelude-manager
414 sudo chown prelude:rainer /var/run/prelude-manager
415 sudo chmod 770 /var/run/prelude-manager
416 fi
417 #
418 PM=`find_path prelude-manager`
419 if [ -z "$PM" ]; then
420 log_skip 6 $MAXTEST 'prelude-manager not found in $PATH'
421 elif [ -z "$doall" ]; then
422 log_skip 6 $MAXTEST 'logging to prelude (or use --really-all)'
423 else
424 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
425 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1"
426 do_test_1b_2
427 if [ $? -eq 0 ]; then
428 log_ok 6 $MAXTEST 'logging to prelude'
429 else
430 log_fail 6 $MAXTEST 'logging to prelude'
431 fi
432 fi
433
434 #
435 # ------------- seventh test -----------
436 #
437 if ! test -d /var/run/prelude-manager
438 then
439 [ -z "$verbose" ] || log_msg_ok "create /var/run/prelude-manager...";
440 sudo mkdir /var/run/prelude-manager
441 sudo chown prelude:rainer /var/run/prelude-manager
442 sudo chmod 770 /var/run/prelude-manager
443 fi
444 #
445 PM=`find_path prelude-manager`
446 if [ -z "$PM" ]; then
447 log_skip 7 $MAXTEST 'prelude-manager not found in $PATH'
448 elif [ -z "$doall" ]; then
449 log_skip 7 $MAXTEST 'logging to prelude (or use --really-all)'
450 else
451 BUILDOPTS="--quiet $TRUST --with-prelude --enable-login-watch --enable-mounts-check --enable-process-check --enable-port-check --enable-suidcheck --prefix=$PW_DIR --localstatedir=$PW_DIR --with-config-file=$RCFILE --with-log-file=$PW_DIR/.samhain_log --with-pid-file=$PW_DIR/.samhain_lock --with-data-file=$PW_DIR/.samhain_file"
452 testrun1b_nogpg "${BUILDOPTS} CFLAGS=-DSH_NOFAILOVER=1" "modrc"
453 do_test_1b_2
454 if [ $? -eq 0 ]; then
455 log_ok 7 $MAXTEST 'logging to prelude'
456 else
457 log_fail 7 $MAXTEST 'logging to prelude'
458 fi
459 fi
460
461 fi
462 fi
463 log_end "RUN STANDALONE W/STEALTH W/GPG"
464 return 0
465}
466
Note: See TracBrowser for help on using the repository browser.