msvsphere
/
QA
12
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'ce4b53ff54'
${ noResults }
QA/tests/p_crypto-policies/02-default_gost-policy-acce...

101 lines
3.6 KiB
Raw Blame History

#!/bin/bash
# set +e
set -x
echo "Тест на применимость политики DEFAULT:GOST"
source library/sh_lib.sh
check=0
###########################################
# Test 1. Current policy
echo "Test 1. Check current policy is DEFAULT"
current_policy=$(/usr/bin/update-crypto-policies --show)
if [[ "$current_policy" == "DEFAULT" ]]; then
echo "Current policy: ${current_policy} -- OK"
else
echo "Current policy: ${current_policy} -- Error, should be DEFAULT"
let check+=1
fi
echo "---------------------------------------"
###########################################
# Test 2.
echo "Test 2. Default files test"
cat /etc/crypto-policies/back-ends/opensslcnf.config | /bin/grep gost
check=$(not_eq_is_success ${check} 0)
# файл /etc/crypto-policies/back-ends/auth.config - симлинк на пустой файл
ls -l /etc/crypto-policies/back-ends/auth.config
filename="/etc/crypto-policies/back-ends/auth.config"
filesize=$(stat -Lc%s ${filename})
if [ $filesize -eq 0 ]; then
echo "File ${filename} length == 0 -- OK"
else
echo "File ${filename} length == ${filesize} -- Error, should be empty"
let check+=1
fi
# cat /etc/pam.d/password-auth | grep gost данная команда должна возвращать пустое значение и результат выполнения echo $? = 1
cat /etc/pam.d/password-auth | /bin/grep gost
check=$(not_eq_is_success ${check} 0)
# cat /etc/pam.d/system-auth | grep gost данная команда должна возвращать пустое значение и результат выполнения echo $? = 1
cat /etc/pam.d/system-auth | /bin/grep gost
check=$(not_eq_is_success ${check} 0)
echo "---------------------------------------"
###########################################
# Test 3.
echo "Test 3. Set GOST policy"
/usr/bin/update-crypto-policies --set DEFAULT:GOST
check=$(eq_is_success ${check} 0)
###########################################
# Test 4.
echo "Test 4. Files test after set GOST policy"
cat /etc/crypto-policies/back-ends/opensslcnf.config | /bin/grep gost
check=$(eq_is_success ${check} 0)
# файл /etc/crypto-policies/back-ends/auth.config - пустой
ls -l /etc/crypto-policies/back-ends/auth.config
filename="/etc/crypto-policies/back-ends/auth.config"
filesize=$(stat -c%s ${filename})
if [ $filesize -eq 0 ]; then
echo "File ${filename} length == 0 -- OK"
else
echo "File ${filename} length == ${filesize} -- Error, should be empty"
let check+=1
fi
# cat /etc/pam.d/password-auth | grep gost данная команда должна возвращать пустое значение и результат выполнения echo $? = 1
cat /etc/pam.d/password-auth | /bin/grep gost
check=$(not_eq_is_success ${check} 0)
# cat /etc/pam.d/system-auth | grep gost данная команда должна возвращать пустое значение и результат выполнения echo $? = 1
cat /etc/pam.d/system-auth | /bin/grep gost
check=$(not_eq_is_success ${check} 0)
echo "---------------------------------------"
###########################################
# Test 5.
echo "Test 5. Check current policy is GOST"
current_policy=$(/usr/bin/update-crypto-policies --show)
if [[ "$current_policy" == "DEFAULT:GOST" ]]; then
echo "Current policy: ${current_policy} -- OK"
else
echo "Current policy: ${current_policy} -- Error, should be DEFAULT:GOST"
let check+=1
fi
echo "---------------------------------------"
echo "Reset policy to default"
/usr/bin/update-crypto-policies --set DEFAULT
echo "---------------------------------------"
check_test_status ${check} "$0"
exit ${check}
Reference in new issue View Git Blame Copy Permalink