From ea9327dd3c6161545c2eccd892a99843cc4cc2e0 Mon Sep 17 00:00:00 2001
From: Jakub Sztandera <kubuxu@protonmail.ch>
Date: Fri, 8 Jul 2016 16:42:49 +0200
Subject: [PATCH] test/sharness: add more tests against exposing PrivKey on
 network

and replacing config.

License: MIT
Signed-off-by: Jakub Sztandera <kubuxu@protonmail.ch>
---
 test/sharness/t0021-config.sh | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/test/sharness/t0021-config.sh b/test/sharness/t0021-config.sh
index f510d451d..407447ed3 100755
--- a/test/sharness/t0021-config.sh
+++ b/test/sharness/t0021-config.sh
@@ -77,10 +77,12 @@ test_config_cmd() {
   '
 
   test_expect_success "output looks good" '
-       echo "Error: cannot show private key through API" > ident_exp &&
+       echo "Error: cannot show or change private key through API" > ident_exp &&
        test_cmp ident_exp ident_out
   '
 
+  # SECURITY
+  # Those tests are here to prevent exposing the PrivKey on the network
   test_expect_success "'ipfs config Identity.PrivKey' fails" '
        test_expect_code 1 ipfs config Identity.PrivKey 2> ident_out
   '
@@ -88,6 +90,16 @@ test_config_cmd() {
   test_expect_success "output looks good" '
        test_cmp ident_exp ident_out
   '
+
+  test_expect_success "'ipfs config show' doesn't include privkey" '
+       ipfs config show > show_config &&
+       grep PrivKey show_config | grep "\"PrivKey\": null"
+  '
+
+  test_expect_success "'ipfs config replace' injects privkey back" '
+       ipfs config replace show_config &&
+	   grep PrivKey "$IPFS_PATH/config" | grep -v ": null" >/dev/null
+  '
 }
 
 test_init_ipfs