veyron/...: Update a bunch of tests to use the new security model.
And remove some test utility functions that work with the old
security model.
And restore tests disabled in veyron/services/mgmt/node/impl/impl_test.go
Change-Id: I6f82f3002df13f56b045e133c6366be73e017d19
diff --git a/lib/signals/signals_test.go b/lib/signals/signals_test.go
index ade0df3..634e1d2 100644
--- a/lib/signals/signals_test.go
+++ b/lib/signals/signals_test.go
@@ -324,22 +324,20 @@
// TestCleanRemoteShutdown verifies that remote shutdown works correctly.
func TestCleanRemoteShutdown(t *testing.T) {
- r := rt.Init()
+ r := rt.Init(veyron2.ForceNewSecurityModel{})
defer r.Cleanup()
sh := modules.NewShell()
sh.AddSubprocess("handleDefaults", "")
defer sh.Cleanup(os.Stderr, os.Stderr)
- // This sets up the child's identity to be derived from the parent's (so
- // that default authorization works for RPCs between the two).
- // TODO(caprita): Consider making this boilerplate part of blackbox.
- id := r.Identity()
- idFile := security.SaveIdentityToFile(security.NewBlessedIdentity(id, "test"))
- defer os.Remove(idFile)
+ // Set the child process up with a blessing from the parent so that
+ // the default authorization works for RPCs between the two.
+ childcreds := security.NewVeyronCredentials(r.Principal(), "child")
+ defer os.RemoveAll(childcreds)
configServer, configServiceName, ch := createConfigServer(t)
defer configServer.Stop()
- sh.SetVar("VEYRON_IDENTITY", idFile)
+ sh.SetVar("VEYRON_CREDENTIALS", childcreds)
sh.SetVar(mgmt.ParentNodeManagerConfigKey, configServiceName)
h, err := sh.Start("handleDefaults")
if err != nil {
diff --git a/lib/testutil/security/util.go b/lib/testutil/security/util.go
index 9a45b2c..2bf1fdb 100644
--- a/lib/testutil/security/util.go
+++ b/lib/testutil/security/util.go
@@ -5,34 +5,55 @@
import (
"io/ioutil"
"os"
- "strconv"
- "time"
- "veyron.io/veyron/veyron/lib/testutil"
- isecurity "veyron.io/veyron/veyron/runtimes/google/security"
vsecurity "veyron.io/veyron/veyron/security"
"veyron.io/veyron/veyron2/security"
)
-// NewBlessedIdentity creates a new identity and blesses it using the provided blesser
-// under the provided name. This function is meant to be used for testing purposes only,
-// it panics if there is an error.
-func NewBlessedIdentity(blesser security.PrivateID, name string) security.PrivateID {
- id, err := isecurity.NewPrivateID("test", nil)
+// NewVeyronCredentials generates a directory with a new principal
+// that can be used as a value for the VEYRON_CREDENTIALS environment
+// variable to initialize a Runtime.
+//
+// The principal created uses a blessing from 'parent', with the extension
+// 'name' as its default blessing.
+//
+// It returns the path to the directory created.
+func NewVeyronCredentials(parent security.Principal, name string) string {
+ dir, err := ioutil.TempDir("", "veyron_credentials")
if err != nil {
panic(err)
}
+ p, _, err := vsecurity.NewPersistentPrincipal(dir)
+ if err != nil {
+ panic(err)
+ }
+ blessings, err := parent.Bless(p.PublicKey(), parent.BlessingStore().Default(), name, security.UnconstrainedUse())
+ if err != nil {
+ panic(err)
+ }
+ SetDefaultBlessings(p, blessings)
+ return dir
+}
- blessedID, err := blesser.Bless(id.PublicID(), name, 5*time.Minute, nil)
- if err != nil {
+// SetDefaultBlessings updates the BlessingStore and BlessingRoots of p
+// so that:
+// (1) b is revealed to all clients that connect to Servers operated
+// by 'p' (BlessingStore.Default)
+// (2) b is revealed to all servers that clients connect to on behalf
+// of p (BlessingStore.Set(..., security.AllPrincipals))
+// (3) p recognizes all blessings that have the same root certificate as b.
+// (AddToRoots)
+func SetDefaultBlessings(p security.Principal, b security.Blessings) {
+ if err := p.BlessingStore().SetDefault(b); err != nil {
panic(err)
}
- derivedID, err := id.Derive(blessedID)
- if err != nil {
+ if _, err := p.BlessingStore().Set(b, security.AllPrincipals); err != nil {
panic(err)
}
- return derivedID
+ if err := p.AddToRoots(b); err != nil {
+ panic(err)
+ }
}
// SaveACLToFile saves the provided ACL in JSON format to a randomly created
@@ -51,23 +72,3 @@
}
return f.Name()
}
-
-// SaveIdentityToFile saves the provided identity in Base64VOM format
-// to a randomly created temporary file, and returns the path to the file.
-// This function is meant to be used for testing purposes only, it panics
-// if there is an error. The caller must ensure that the created file
-// is removed once it is no longer needed.
-func SaveIdentityToFile(id security.PrivateID) string {
- f, err := ioutil.TempFile("", strconv.Itoa(testutil.Rand.Int()))
- if err != nil {
- panic(err)
- }
- defer f.Close()
- filePath := f.Name()
-
- if err := vsecurity.SaveIdentity(f, id); err != nil {
- os.Remove(filePath)
- panic(err)
- }
- return filePath
-}
diff --git a/lib/testutil/security/util_test.go b/lib/testutil/security/util_test.go
index 5125d1e..ea9ee21 100644
--- a/lib/testutil/security/util_test.go
+++ b/lib/testutil/security/util_test.go
@@ -1,47 +1,37 @@
package security
import (
- "fmt"
"os"
"reflect"
"testing"
- isecurity "veyron.io/veyron/veyron/runtimes/google/security"
vsecurity "veyron.io/veyron/veyron/security"
"veyron.io/veyron/veyron2/rt"
"veyron.io/veyron/veyron2/security"
)
-func TestNewBlessedIdentity(t *testing.T) {
+func TestNewVeyronCredentials(t *testing.T) {
r, err := rt.New()
if err != nil {
- t.Fatalf("rt.New failed: %v", err)
+ t.Fatal(err)
}
defer r.Cleanup()
- newID := func(name string) security.PrivateID {
- id, err := r.NewIdentity(name)
- if err != nil {
- t.Fatalf("r.NewIdentity failed: %v", err)
- }
- isecurity.TrustIdentityProviders(id)
- return id
+
+ parent := r.Principal()
+ childdir := NewVeyronCredentials(parent, "child")
+ _, existed, err := vsecurity.NewPersistentPrincipal(childdir)
+ if err != nil {
+ t.Fatal(err)
}
- testdata := []struct {
- blesser security.PrivateID
- blessingName, name string
- }{
- {blesser: newID("google"), blessingName: "alice", name: "PrivateID:google/alice"},
- {blesser: newID("google"), blessingName: "bob", name: "PrivateID:google/bob"},
- {blesser: newID("veyron"), blessingName: "alice", name: "PrivateID:veyron/alice"},
- {blesser: newID("veyron"), blessingName: "bob", name: "PrivateID:veyron/bob"},
- {blesser: NewBlessedIdentity(newID("google"), "alice"), blessingName: "tv", name: "PrivateID:google/alice/tv"},
+ if !existed {
+ t.Fatalf("Expected NewVeyronCredentials to have populated the directory %q", childdir)
}
- for _, d := range testdata {
- if got, want := fmt.Sprintf("%s", NewBlessedIdentity(d.blesser, d.blessingName)), d.name; got != want {
- t.Errorf("NewBlessedIdentity(%q, %q): Got %q, want %q", d.blesser, d.blessingName, got, want)
- }
- }
+ // TODO(ashankar,ataly): Figure out what APIs should we use for more detailed testing
+ // of the child principal, for example:
+ // - Parent should recognize the child's default blessing
+ // - Child should recognize the parent's default blessing
+ // - Child's blessing name should be that of the parent with "/child" appended.
}
func TestSaveACLToFile(t *testing.T) {
@@ -76,31 +66,3 @@
t.Fatalf("Got ACL %v, but want %v", loadedACL, acl)
}
}
-
-func TestSaveIdentityToFile(t *testing.T) {
- r, err := rt.New()
- if err != nil {
- t.Fatalf("rt.New failed: %v", err)
- }
- defer r.Cleanup()
- id, err := r.NewIdentity("test")
- if err != nil {
- t.Fatalf("r.NewIdentity failed: %v", err)
- }
-
- filePath := SaveIdentityToFile(id)
- defer os.Remove(filePath)
-
- f, err := os.Open(filePath)
- if err != nil {
- t.Fatalf("os.Open(%v) failed: %v", filePath, err)
- }
- defer f.Close()
- loadedID, err := vsecurity.LoadIdentity(f)
- if err != nil {
- t.Fatalf("LoadIdentity failed: %v", err)
- }
- if !reflect.DeepEqual(loadedID, id) {
- t.Fatalf("Got Identity %v, but want %v", loadedID, id)
- }
-}
