-
Notifications
You must be signed in to change notification settings - Fork 688
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ansible: replace test_admin key with a valid sec/pub key
The test_admin_key.pub and test_admin_key.sec are both public keys. This is fine as long as the tests do not try to decrypt anything. A new key is created and stored instead to allow for OSSEC tests to decrypt mails.
- Loading branch information
Loic Dachary
committed
Jan 26, 2018
1 parent
b8803ea
commit 6f35b14
Showing
5 changed files
with
8 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -32,7 +32,7 @@ apache_logging_level: "info" | |
| # The OSSEC alert GPG public key has to be in the install_files/ansible-base/ or | ||
| # install_files/ansible-base/roles/app/files/ directory | ||
| ossec_alert_gpg_public_key: "test_admin_key.pub" | ||
| ossec_gpg_fpr: "600BC6D5142C68F35DDBCEA87B597104EDDDC102" | ||
| ossec_gpg_fpr: "53E1113AC1F25027BA5D475B1141E2BBB5E53711" | ||
| ossec_alert_email: "[email protected]" | ||
| smtp_relay: "smtp.gmail.com" | ||
| smtp_relay_port: "587" | ||
|
|
||
Binary file modified
BIN
-540 Bytes
(76%)
install_files/ansible-base/roles/ossec/files/test_admin_key.pub
Binary file not shown.
Binary file modified
BIN
+1.2 KB
(150%)
install_files/ansible-base/roles/ossec/files/test_admin_key.sec
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -62,12 +62,13 @@ def test_ossec_pubkey_in_keyring(Command, Sudo): | |
| Ensure the test Admin GPG public key exists in the keyring | ||
| within the ossec home directory. | ||
| """ | ||
| ossec_gpg_pubkey_info = """pub 4096R/EDDDC102 2014-10-15 | ||
| uid Test/Development (DO NOT USE IN PRODUCTION) (Admin's OSSEC Alert GPG key) <[email protected]> | ||
| sub 4096R/97D2EB39 2014-10-15""" # noqa | ||
| ossec_gpg_pubkey_info = """pub 2048R/B5E53711 2018-01-25 | ||
| uid SecureDrop admin key for tests (do not use in production) | ||
| sub 2048R/EC1DF5D0 2018-01-25""" # noqa | ||
| with Sudo("ossec"): | ||
| c = Command.check_output("gpg --homedir /var/ossec/.gnupg " | ||
| "--list-keys EDDDC102") | ||
| c = Command.check_output( | ||
| "gpg --homedir /var/ossec/.gnupg " | ||
| "--list-keys 53E1113AC1F25027BA5D475B1141E2BBB5E53711") | ||
| assert c == ossec_gpg_pubkey_info | ||
|
|
||
|
|
||
|
|
||