/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos-keygen

  • Committer: Teddy Hogeborn
  • Date: 2019-03-05 21:39:15 UTC
  • Revision ID: teddy@recompile.se-20190305213915-xm1vw00jyy3a5tfn
mandos-ctl: Add more tests, including tests for all commands

* mandos-ctl (Test_string_to_delta.test_handles_basic_rfc3339): Add a
                                                  few more test cases.
  (TestCmd.setUp.MockClient.Set, TestCmd.setUp.MockClient.Get): Don't
  append to self.calls, since nobody should use it to check for Set()
  or Get() calls; instead, the return value of Get() should be
  inspected, and the MockClient.attributes dict should be inspected
  after (implicitly) calling Set().
  (Unique): New; stand-in for unittest.mock.sentinel.
  (TestPropertyCmd): New; abstract class testing PropertyCmd classes.
  (TestBumpTimeoutCmd, TestStartCheckerCmd, TestStopCheckerCmd,
  TestApproveByDefaultCmd, TestDenyByDefaultCmd): New.
  (TestValueArgumentPropertyCmd): New; abstract class for testing
                                  those PropertyCmd classes which also
                                  inherit from ValueArgumentMixIn.
  (TestSetCheckerCmd, TestSetHostCmd, TestSetSecretCmd,
  TestSetTimeoutCmd, TestSetExtendedTimeoutCmd, TestSetIntervalCmd,
  TestSetApprovalDelayCmd, TestSetApprovalDurationCmd): New.

Show diffs side-by-side

added added

removed removed

Lines of Context:
mandos-keygen
23
23
# Contact the authors at <mandos@recompile.se>.
24
24
25
25
 
26
 
VERSION="1.8.0"
 
26
VERSION="1.8.3"
27
27
 
28
28
KEYDIR="/etc/keys/mandos"
29
29
KEYTYPE=RSA
252
252
        # Backup any old key files
253
253
        if cp --backup=numbered --force "$TLS_PRIVKEYFILE" "$TLS_PRIVKEYFILE" \
254
254
              2>/dev/null; then
255
 
            shred --remove "$TLS_PRIVKEYFILE"
 
255
            shred --remove "$TLS_PRIVKEYFILE" 2>/dev/null || :
256
256
        fi
257
257
        if cp --backup=numbered --force "$TLS_PUBKEYFILE" "$TLS_PUBKEYFILE" \
258
258
              2>/dev/null; then
259
259
            rm --force "$TLS_PUBKEYFILE"
260
260
        fi
261
261
        cp --archive "$TLS_PRIVKEYTMP" "$TLS_PRIVKEYFILE"
262
 
        shred --remove "$TLS_PRIVKEYTMP"
 
262
        shred --remove "$TLS_PRIVKEYTMP" 2>/dev/null || :
263
263
 
264
264
        ## TLS public key
265
265
 
296
296
    # Backup any old key files
297
297
    if cp --backup=numbered --force "$SECKEYFILE" "$SECKEYFILE" \
298
298
        2>/dev/null; then
299
 
        shred --remove "$SECKEYFILE"
 
299
        shred --remove "$SECKEYFILE" 2>/dev/null || :
300
300
    fi
301
301
    if cp --backup=numbered --force "$PUBKEYFILE" "$PUBKEYFILE" \
302
302
        2>/dev/null; then
444
444
set +e
445
445
# Remove the password file, if any
446
446
if [ -n "$SECFILE" ]; then
447
 
    shred --remove "$SECFILE"
 
447
    shred --remove "$SECFILE" 2>/dev/null
448
448
fi
449
449
# Remove the key rings
450
450
shred --remove "$RINGDIR"/sec* 2>/dev/null