remove sphinx from tests and docs

leftover strings are in translations, maybe take them off later
dyne · Aug 31, 2024 · c1b5e1b · c1b5e1b
1 parent afe0390
commit c1b5e1b
Show file tree

Hide file tree

Showing 8 changed files with 4 additions and 112 deletions.
diff --git a/doc/tomb.1 b/doc/tomb.1
@@ -306,17 +306,6 @@ Select a different tool than sudo for privilege escalation.
 Alternatives supported so far are: pkexec, doas, sup, sud. For any
 alternative to work the executable must be included in the current
 PATH.
-.B
-.IP "--sphx-user \fI<username>\fR"
-Activate the SPHINX feature for password-authenticated key agreement.
-This option indicates the \fI<username>\fR used to retrieve the
-password from a sphinx oracle key reachable via TCP/IP.
-.B
-.IP "--sphx-host \fI<domain>\fR"
-Activate the SPHINX feature for password-authenticated key agreement.
-This option indicates the \fI<domain>\fR used to retrieve the password
-from a sphinx oracle daemon reachable via TCP/IP. This is not the
-network address of the daemon, which is configured in /etc/sphinx
 
 .B
 .IP "-h"
@@ -484,24 +473,6 @@ its copies are destroyed. The \fI-r\fR option can be used in the tomb
 commands: \fIopen\fR, \fIforge\fR \fIsetkey\fR, \fIpasswd\fR,
 \fIbury\fR, \fIexhume\fR and \fIresize\fR.
 
-.SH SPHINX (PAKE)
-
-Using the package libsphinx
-.UR https://github.com/stef/libsphinx
-.UE
-and its python client/daemon implementation pwdsphinx
-.UR https://github.com/stef/pwdsphinx
-.UE
-is possible to store and retrieve safely the password that locks the
-tomb. Using this feature will make it impossible to retrieve the
-password without the oracle sphinx server running and reachable. Each
-key entry needs a username and a domain specified on creation and
-a password that locks it.
-
-SPHINX makes it impossible to maliciously retrieve the password
-locking the tomb key without an attacker accessing both the
-server, the sphinx password and the tomb key file.
-
 .SH EXAMPLES
 
 .IP \(bu

diff --git a/extras/test/00_create.sh b/extras/test/00_create.sh
@@ -15,18 +15,6 @@ test_expect_success 'Testing tomb creation: dig, forge and lock' '
     tt_lock --tomb-pwd $DUMMYPASS
     '
 
-if test_have_prereq SPHINX ORACLE; then
-	test_export "sphinx_test"
-	test_expect_success 'Testing tomb creation: dig, forge and lock (sphinx password handling)' '
-        tt_dig -s 20 &&
-        tt_forge --tomb-pwd $DUMMYPASS --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-        print $(echo $DUMMYPASS | sphinx get $DUMMYUSER $DUMMYHOST) \
-            | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key \
-            | xxd &&
-        tt_lock --tomb-pwd $DUMMYPASS --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST
-        '
-fi
-
 if test_have_prereq DOAS; then
     test_export "doas_test"
     test_expect_success 'Testing tomb creation: dig, forge and lock (using doas instead of sudo)' '

diff --git a/extras/test/10_operations.sh b/extras/test/10_operations.sh
@@ -44,14 +44,6 @@ if test_have_prereq LSOF; then
         '
 fi
 
-if test_have_prereq SPHINX ORACLE; then
-    test_export "sphinx_test" # Using already generated tomb
-    test_expect_success 'Testing open with good password (sphinx)' '
-        tt_open --tomb-pwd $DUMMYPASS --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-        tt_close
-        '
-fi
-
 if test_have_prereq DOAS; then
     test_export "doas_test" # Using already generated tomb
     test_expect_success 'Testing open with good password (using doas instead of sudo)' '

diff --git a/extras/test/60_resize.sh b/extras/test/60_resize.sh
@@ -5,24 +5,17 @@ export test_description="Testing tomb resize feature"
 source ./setup
 
 if test_have_prereq RESIZER; then
-    test_export "test" # Using already generated tomb
-    test_expect_success 'Testing resize to 30 MB tomb' '
+  test_export "test" # Using already generated tomb
+  test_expect_success 'Testing resize to 30 MB tomb' '
         tt resize -s 30 $tomb -k $tomb_key --unsafe --tomb-pwd $DUMMYPASS
         '
-if test_have_prereq GPGRCPT; then
+  if test_have_prereq GPGRCPT; then
     test_export "recipient" # Using already generated tomb
     test_expect_success 'Testing resize to 30 MB tomb with GnuPG keys' '
         tt resize -s 30 $tomb -k $tomb_key -g -r $KEY2
         '
-fi
+  fi
 
 fi # RESIZER
 
-if test_have_prereq RESIZER SPHINX ORACLE; then 
-       test_export "sphinx_test" # Using already generated tomb
-       test_expect_success 'Testing resize to 30 MB tomb (sphinx)' '
-        tt resize -s 30 $tomb -k $tomb_key --unsafe --tomb-pwd $DUMMYPASS --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST
-        '
-fi
-
 test_done
diff --git a/extras/test/65_passwd.sh b/extras/test/65_passwd.sh
@@ -21,16 +21,4 @@ test_expect_success 'Testing tomb with GnuPG keys: passwd' '
 
 fi
 
-if test_have_prereq SPHINX ORACLE; then 
-       test_export "sphinx_test" # Using already generated tomb
-       test_expect_success 'Testing changing tomb password with sphinx' '
-           tt passwd -f -k $tomb_key --unsafe \
-               --tomb-old-pwd $DUMMYPASS --tomb-pwd $DUMMYPASSNEW \
-               --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-           tt passwd -f -k $tomb_key --unsafe \
-               --tomb-old-pwd $DUMMYPASSNEW --tomb-pwd $DUMMYPASS \
-               --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST
-           '
-fi
-
 test_done
diff --git a/extras/test/90_setkey.sh b/extras/test/90_setkey.sh
@@ -28,23 +28,4 @@ test_expect_success 'Testing tomb with GnuPG keys: setkey' '
     '
 fi
 
-if test_have_prereq SPHINX ORACLE; then 
-    test_export "sphinx_test" # Using already generated tomb
-    test_expect_success 'Testing set key (sphinx)' '
-        tt forge -f -k $tomb_key_new --tomb-pwd $DUMMYPASS \
-            --ignore-swap --unsafe --force \
-            --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-        tt setkey -f -k $tomb_key_new $tomb_key $tomb \
-            --unsafe --tomb-pwd $DUMMYPASS --tomb-old-pwd $DUMMYPASS \
-            --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-        tt open -f -k $tomb_key_new $tomb \
-            --unsafe --tomb-pwd $DUMMYPASS \
-            --sphx-user $DUMMYUSER --sphx-host $DUMMYHOST &&
-        print $DUMMYPASS \
-            | gpg --batch --passphrase-fd 0 --no-tty --no-options -d $tomb_key_new \
-            | xxd &&
-        tt_close
-        '
-fi
-
 test_done
diff --git a/extras/test/setup b/extras/test/setup
@@ -55,8 +55,6 @@ command -v lsof > /dev/null && test_set_prereq LSOF
 command -v python3 > /dev/null && test_set_prereq PYTHON3
 command -v cloakify > /dev/null && test_set_prereq CLOAKIFY
 command -v decloakify > /dev/null && test_set_prereq DECLOAKIFY
-command -v sphinx > /dev/null && test_set_prereq SPHINX
-command -v oracle > /dev/null && test_set_prereq ORACLE
 command -v doas > /dev/null && test_set_prereq DOAS
 command -v argon2 > /dev/null && test_set_prereq ARGON2
 
@@ -80,10 +78,6 @@ fi
 export DUMMYPASS=test
 export DUMMYPASSNEW=changetest
 
-# Dummy host and username for sphinx
-export DUMMYHOST=example.com
-export DUMMYUSER=user
-
 
 # Test helpers
 

diff --git a/extras/test/sphinx.cfg b/extras/test/sphinx.cfg