# gentest seed b4e385f4358f7373cfa9184b176f3cccf808e795baf04092ddfde9461014f0c4

# set up log
exec witnessctl add-sigsum-log -key=ffdc2d4d98e4124d3feaf788c0c2f9abfd796083d1f0495437f302ec79cf100f

# start bastion
exec litebastion -testcert -backends=backends.txt &litebastion&
waitfor localhost:8443

# start ssh-agent
env SSH_AUTH_SOCK=$WORK/s # barely below the max path length
! exec ssh-agent -a $SSH_AUTH_SOCK -D & # ssh-agent always exits 2
waitfor $SSH_AUTH_SOCK
chmod 600 witness_key.pem
exec ssh-add witness_key.pem

# fail to start litewitness
! exec litewitness -ssh-agent=$SSH_AUTH_SOCK -name=example.com/witness -bastion=0.0.0.0:443,localhost:8443 -testcert -key=e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a

# reload backends
mv correct_backends.txt backends.txt
exec killall -SIGHUP litebastion

# start litewitness
exec litewitness -ssh-agent=$SSH_AUTH_SOCK -name=example.com/witness -bastion=0.0.0.0:443,localhost:8443 -testcert -key=e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a &litewitness&
waitfor https://localhost:8443/e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a/

# add-checkpoint
exec hurl --cacert rootCA.pem --test add-checkpoint.hurl

# check that litewitness shut down cleanly
killall
wait litewitness
stderr 'shutting down'

# check the litebastion output
killall
wait litebastion
stderr 'reloaded backends'
stderr 'msg="accepted new backend connection" backend=e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a'

# witnessctl list-logs
exec witnessctl list-logs
stdout sigsum.org/v1/tree/4d6d8825a6bb689d459628312889dfbb0bcd41b5211d9e1ce768b0ff0309e562
stdout "size":1


-- backends.txt --
f97f12534ff2478cfc36b00d09a85d4faeb6589ac19a0895c348a499627c531c


-- correct_backends.txt --
f97f12534ff2478cfc36b00d09a85d4faeb6589ac19a0895c348a499627c531c
e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a


-- witness_key.pem --
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtz
c2gtZWQyNTUxOQAAACBkhIrYq+1uhZgbOzh1slK4dn67SwL3A6yjsecbvWqOUAAA
AIgN5+09DeftPQAAAAtzc2gtZWQyNTUxOQAAACBkhIrYq+1uhZgbOzh1slK4dn67
SwL3A6yjsecbvWqOUAAAAEAx/8IRbsvgA6yqgAq3B1e9fVMgbj/r72ptB5bZVTCz
T2SEitir7W6FmBs7OHWyUrh2frtLAvcDrKOx5xu9ao5QAAAAAAECAwQF
-----END OPENSSH PRIVATE KEY-----


-- localhost.pem --
-----BEGIN CERTIFICATE-----
MIIEZDCCAsygAwIBAgIQDT4i6cBMluQ8BpOZSCHjfzANBgkqhkiG9w0BAQsFADCB
mTEeMBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMTcwNQYDVQQLDC5maWxp
cHBvQEJpc3Ryb21hdGgtTTIubG9jYWwgKEZpbGlwcG8gVmFsc29yZGEpMT4wPAYD
VQQDDDVta2NlcnQgZmlsaXBwb0BCaXN0cm9tYXRoLU0yLmxvY2FsIChGaWxpcHBv
IFZhbHNvcmRhKTAeFw0yMzA1MTYxNjIxNDBaFw0yNTA4MTYxNjIxNDBaMGIxJzAl
BgNVBAoTHm1rY2VydCBkZXZlbG9wbWVudCBjZXJ0aWZpY2F0ZTE3MDUGA1UECwwu
ZmlsaXBwb0BCaXN0cm9tYXRoLU0yLmxvY2FsIChGaWxpcHBvIFZhbHNvcmRhKTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0ET3Kvs5ZgYVMUZRXtXoCd
SXT3+8AVRVLcHDP3Xak7CmM0K60WXwNcgunxKkRfFmalmQ80rtwv5JqEO9cBo/SB
h9iDaG13VzHAlWlOablDGWd8qpuVGBsYFMhpuugRvUR0BfV+C6sSOJN97DsVuRp/
WTuYl1Uoo1RxhXb/1iDH5CdZbHj9QjaBPcBP7a2pJHTGo1lOcjQjI0ViTZVCdvhQ
vSn39wLNUQSw/5aPdkmGYp2XmcDMT+rAhc9GUZRlEdAvEVRwuWHuGwc7S9rcKvPp
5eDG4QRFAegtb0yn269AOgO7bzITg+DsLZvKfux5lSJ+OOk6CSCLEYVBXpE600EC
AwEAAaNeMFwwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB8G
A1UdIwQYMBaAFLzVWGYf7kr87KO4lBicbMWLIQXeMBQGA1UdEQQNMAuCCWxvY2Fs
aG9zdDANBgkqhkiG9w0BAQsFAAOCAYEAWUCV0tUZGtrk6no3CEkJCDtCFD5gcaos
JU3ZyUIij4NGzCufZFhf43YU4KHJwE3T3gsAGfECJl1yuDDq2Gm+kDHTPOX2/Fsa
vF5GiiPfqN+lV/zHXFWMlwFouQupe42klZdVed2vH+M6i/iJt+g3GPf7gaU0cw7p
YT3etZjkGmorroHQY9xKATpyIIZGog6dnpgGEKKHpATCyTEsUAI8prrYYVDK2GYW
bDSFL5o8/XABoQOo0aUljobt02VvTA/lb4bSihhphUzdIvCWa//hNTJ52V2lT1kY
b3qwGySv+OsEQI7SUaYB2VnePDUH4GLSELnNII/4fT4qGjt23HlXTOExPBtuJT9Q
iQFIetf9W3r+WiAZLZ81KQ5gcBsJTFvZkmMPSJ5AZc/iPMi7KE+40cwVfJIt9XhO
O1mpOc50R0XT9DfAZd76NbySq/DbvOaaXoKLbOJOHLM+6RQSq96dVYJnu2pQoS+8
sNNtZChxQBsO83R+ZisAn7tJg7gql5uk
-----END CERTIFICATE-----


-- localhost-key.pem --
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCtBE9yr7OWYGFT
FGUV7V6AnUl09/vAFUVS3Bwz912pOwpjNCutFl8DXILp8SpEXxZmpZkPNK7cL+Sa
hDvXAaP0gYfYg2htd1cxwJVpTmm5QxlnfKqblRgbGBTIabroEb1EdAX1fgurEjiT
few7Fbkaf1k7mJdVKKNUcYV2/9Ygx+QnWWx4/UI2gT3AT+2tqSR0xqNZTnI0IyNF
Yk2VQnb4UL0p9/cCzVEEsP+Wj3ZJhmKdl5nAzE/qwIXPRlGUZRHQLxFUcLlh7hsH
O0va3Crz6eXgxuEERQHoLW9Mp9uvQDoDu28yE4Pg7C2byn7seZUifjjpOgkgixGF
QV6ROtNBAgMBAAECggEAdABD1D0BR31vQ2iVLdJsXgcWzRnG7M5WIGv7bMwZO/Gd
0U2VSwOIyJQqIffTwuuN9Vxp9sv3wSFLQF4QUOOErdZ64iuYxGwTRgQ9KNGuCMx4
J+5p5M5dzyyiIozhB9986nxv0lykLhqVXC49SJAT/zQK++4e6LXKbD+AoHx/cJH6
B72M9wERF7O0FYF+M7KwGYXoWbWkzaf4K1t/eUrvmVRqW35DnJAr3tZS6lgY891n
dJriA79T9fFACQuW2rQRr5tV+p3CoRk/hKdRRstl5AfAWheBLWu+g4Fx6qc0y0yZ
x4poYR/h+YFGA/g3ib/hLUZq8WlawP11QzCbTArr0QKBgQDEuFiseDN9So3u595d
g7fQukamRO3N1/06SV0M6v58sKRObQDOQZQOtna9omXR4mOgKK2arew45v6h/uiP
5PcNwN/2B1eIWqOJd/pYO9yAOs6O43Mgx9jNbue4+FtS7Ei/4OSuaun0+PNfeSfj
oS/lzQzc7gsn3Whxy2uoKCi9KwKBgQDhJ2n3O0VIVNDpas9dkBTGPuGTsugMxKoP
Lzjy5LL+wL2KNvX/ytOOPMhzlqW+J5IW1KKlYfaIqdF4Fk4kpWpC9eaxdsqr34jV
quZPJh1CdkiAcAJsJeHA11RcyvV+v9X1fGuZcVSPbx59zCOfjB/WFRn3VHv4Y9SK
a/yjz0VzQwKBgQCs3m6WCP7+UCDP25Rtyw0h8D+bZyEubWqK6ONLMco22qdYf7Ng
jQJFt5Q66tXdDbuMh5KfRc0658rFopLNuGBeBqsIscT6/uONLxCgruIDESppKHkI
SnY7eQVKZ30hLqBzdXafyzYS3x5HPNmP0BqeL4XpM4o8GvXoYeEWIUxDhwKBgGdU
jFgvdmtsqXgGUeaxoicdYq9DMyXw988CMBOhC9jIofQVpy5ealrj4GbT43rydCRQ
L9jQrbEopn6DVheRZsQWUGpvhzH747OTvCDk8Ba5bCqtvR7e/81dxVTUvHgQGGSS
VltUXKd7KrY3Ar5NM6svgfw1ZLOpNTjVuFuBW3E7AoGAaBBTfCO7mGDmL+NWQio2
WnzX0AfGa65X4qW6yMTny92Q969Um0jRNopN4pipMrrTYbxt2s2Mbs/DifnJ8Tj9
dbRb8Q/pe61Sfvo6KiARy0zmONWrzSg9OVxytjGCdnjLqOunEevE2LHbTmgcn4I7
8ivPpVS7Ljayz4tqGBJpWVA=
-----END PRIVATE KEY-----


-- rootCA.pem --
-----BEGIN CERTIFICATE-----
MIIFBDCCA2ygAwIBAgIRALYUMO26UPyXbH30HKC/2MAwDQYJKoZIhvcNAQELBQAw
gZkxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTE3MDUGA1UECwwuZmls
aXBwb0BCaXN0cm9tYXRoLU0yLmxvY2FsIChGaWxpcHBvIFZhbHNvcmRhKTE+MDwG
A1UEAww1bWtjZXJ0IGZpbGlwcG9AQmlzdHJvbWF0aC1NMi5sb2NhbCAoRmlsaXBw
byBWYWxzb3JkYSkwHhcNMjMwNTE2MTYyMTM5WhcNMzMwNTE2MTYyMTM5WjCBmTEe
MBwGA1UEChMVbWtjZXJ0IGRldmVsb3BtZW50IENBMTcwNQYDVQQLDC5maWxpcHBv
QEJpc3Ryb21hdGgtTTIubG9jYWwgKEZpbGlwcG8gVmFsc29yZGEpMT4wPAYDVQQD
DDVta2NlcnQgZmlsaXBwb0BCaXN0cm9tYXRoLU0yLmxvY2FsIChGaWxpcHBvIFZh
bHNvcmRhKTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAM1lATi0gr+F
Iea1OGlbkDsueH6JrQf3p9JFCrFeUlXno53wd/2/DXlcbRvOPhLLI61Ngg47UjHW
XJJg2BHQXmsIdwrmp8nn6a2x+uEswyY/93Mg1GN2IEi5VP8dUhZFjXxNKmzCqaXK
R6klgSC1inmj/SMqTITVcvVtSg0l9/fGkM4drHi4Kr8TZPWMgkeHM2MXsT8S6etl
h2FZ+dHSOo0CWfB1irEqA5xDfopGgjouqj5Hs+q9Dfo9rR4zaHPrxdu2Su+CX7AW
kXd0vBR0ZiR3tc564PbEV3QBI7e1q5WcGm+Va4gyOgOwRTvSmh8NADc3IfOcHsYY
Z2/dWCHSEJ83MVCIIeF4o7G4bdzk7ZZWcnRIq2Z3AsbEksRV1h09O3vk+k2XrlqS
XmVsxYTY1GMj9TCwGveeCAWB2kKmKMzZV5TtI5qh99VtfHW8+WJod10OL68O9NJf
GRqePUFVwWVHiNCAClIngUX/Xy3OPdsTgtefJUDeD4h4txPlZFlHcwIDAQABo0Uw
QzAOBgNVHQ8BAf8EBAMCAgQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
vNVYZh/uSvzso7iUGJxsxYshBd4wDQYJKoZIhvcNAQELBQADggGBAFYRPtaTWHXI
UYpg6+tFIZtwfXgajrlUI4O/DfZyBIcLcgASza03XBPgEWKvdhxpACvT6SA+W2hM
Y4gjsch3z+fTimaWUkXEudZZkVRB5fq+095A+PQid0UlmY95Dyl9yZrYWK/AQd5C
WoFa6jakl/MdbtGPQubiWh39X7YEoRVbBwI6Sxg4yYGh3hkPPrD2Sv4sbxVshfmX
y/qd25eN1bGbpubUjvZntSWOq1px8xLfssf36BJ0NGBZ7bvB+p2NG9HV7xk6aB+d
x1eZSFMz943kedzNNF5NqoUS+Ro5Wf+FaHSG2m6PD4pC2TEf47lnqpMTfAgoZTWO
mBE4xp95XL2hJIJHfoKgEEuz0pvetwEQue6ySx5c4RoIOwcgDQakh+uKGgaxRTOB
NUxMseeK+rqonXWk36PvkVDLLT+AFsyZPBHS1xFGBql5qiJqsmkWgzAbqgPEyOQ1
HfM8tSXxZwhSosXPY/wYE8MIm+R90JAh6ltJAKGUQDax2W2ETzzbpg==
-----END CERTIFICATE-----


-- add-checkpoint.hurl --
POST https://localhost:8443/e933707e0e36c30f01d94b5d81e742da373679d88eb0f85f959ccd80b83b992a/add-checkpoint
```
old 0

sigsum.org/v1/tree/4d6d8825a6bb689d459628312889dfbb0bcd41b5211d9e1ce768b0ff0309e562
1
KgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

— sigsum.org/v1/tree/4d6d8825a6bb689d459628312889dfbb0bcd41b5211d9e1ce768b0ff0309e562 UgIom7fPZTqpxWWhyjWduBvTvGVqsokMbqTArsQilegKoFBJQjUFAmQ0+YeSPM3wfUQMFSzVnnNuWRTYrajXpNUbIQY=
```
HTTP 200
[Asserts]
body contains "— example.com/witness"
