2013-09-05 12:50:36 -06:00
#!/bin/bash
#
# Copyright (C) 2013 Jeremy Whiting <jeremy.whiting@collabora.com>
#
2018-01-30 20:26:26 +01:00
# SPDX-License-Identifier: LGPL-2.0+
#
2013-09-05 12:50:36 -06:00
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
2021-12-06 20:20:55 -05:00
# License along with this library. If not, see <https://www.gnu.org/licenses/>.
2013-09-05 12:50:36 -06:00
2016-01-27 11:44:10 -05:00
set -euo pipefail
2013-09-05 12:50:36 -06:00
2016-08-25 12:14:21 -04:00
. $( dirname $0 ) /libtest.sh
if ! has_gpgme; then
2016-03-02 10:28:04 -05:00
echo "1..0 #SKIP no gpg support compiled in"
exit 0
2013-09-05 12:50:36 -06:00
fi
2021-04-12 18:42:05 -04:00
echo "1..7"
2016-03-02 10:28:04 -05:00
2013-09-05 12:50:36 -06:00
keyid = "472CDAFA"
oldpwd = ` pwd `
mkdir ostree-srv
cd ostree-srv
mkdir gnomerepo
2017-09-01 16:15:33 -04:00
ostree_repo_init gnomerepo --mode= "archive"
2013-09-05 12:50:36 -06:00
mkdir gnomerepo-files
cd gnomerepo-files
echo first > firstfile
mkdir baz
echo moo > baz/cow
echo alien > baz/saucer
2015-06-03 12:54:36 -07:00
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo commit -b main -s "A remote commit" -m "Some Commit body" --gpg-sign= $keyid --gpg-homedir= ${ test_tmpdir } /gpghome
2013-09-05 12:50:36 -06:00
mkdir baz/deeper
2015-06-03 12:54:36 -07:00
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo commit -b main -s "Add deeper" --gpg-sign= $keyid --gpg-homedir= ${ test_tmpdir } /gpghome
2013-09-05 12:50:36 -06:00
echo hi > baz/deeper/ohyeah
mkdir baz/another/
echo x > baz/another/y
2015-06-03 12:54:36 -07:00
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo commit -b main -s "The rest" --gpg-sign= $keyid --gpg-homedir= ${ test_tmpdir } /gpghome
2013-09-05 12:50:36 -06:00
cd ..
cd ${ test_tmpdir }
mkdir ${ test_tmpdir } /httpd
cd httpd
ln -s ${ test_tmpdir } /ostree-srv ostree
2016-12-30 14:18:34 -05:00
${ OSTREE_HTTPD } --autoexit --daemonize -P 18081 -p ${ test_tmpdir } /httpd-port
2013-09-05 12:50:36 -06:00
port = $( cat ${ test_tmpdir } /httpd-port)
2015-05-07 11:13:43 +02:00
assert_streq $port 18081
2013-09-05 12:50:36 -06:00
echo " http://127.0.0.1: ${ port } " > ${ test_tmpdir } /httpd-address
cd ${ oldpwd }
2015-03-03 13:13:54 +01:00
export OSTREE = " ${ CMD_PREFIX } ostree --repo=repo "
2013-09-05 12:50:36 -06:00
repopath = ${ test_tmpdir } /ostree-srv/gnomerepo
cp -a ${ repopath } ${ repopath } .orig
# Set OSTREE_GPG_HOME to a place with no keyrings, we shouldn't trust the signature
cd ${ test_tmpdir }
mkdir repo
2017-03-24 10:35:59 -04:00
ostree_repo_init repo
2013-09-05 12:50:36 -06:00
${ CMD_PREFIX } ostree --repo= repo remote add origin $( cat httpd-address) /ostree/gnomerepo
if env OSTREE_GPG_HOME = ${ test_tmpdir } ${ CMD_PREFIX } ostree --repo= repo pull origin main; then
assert_not_reached "pull with no trusted GPG keys unexpectedly succeeded!"
fi
rm repo -rf
2017-09-26 20:51:24 -04:00
echo "ok pull no trusted GPG"
2013-09-05 12:50:36 -06:00
# And a test case with valid signature
cd ${ test_tmpdir }
mkdir repo
2017-03-24 10:35:59 -04:00
ostree_repo_init repo
2013-09-05 12:50:36 -06:00
${ CMD_PREFIX } ostree --repo= repo remote add origin $( cat httpd-address) /ostree/gnomerepo
${ CMD_PREFIX } ostree --repo= repo pull origin main
2017-09-26 20:51:24 -04:00
${ CMD_PREFIX } ostree --repo= repo show --gpg-verify-remote= origin main > show.txt
assert_file_has_content_literal show.txt 'Found 1 signature'
echo "ok pull verify"
2013-09-05 12:50:36 -06:00
2021-04-12 18:42:05 -04:00
# Run tests written in C
2021-10-05 23:51:37 +01:00
if [ -n " ${ OSTREE_UNINSTALLED :- } " ] ; then
${ OSTREE_UNINSTALLED } /tests/test-commit-sign-sh-ext
echo "ok extra C tests"
else
echo "ok # SKIP test only available when running uninstalled"
fi
2021-04-12 18:42:05 -04:00
# Clean things up and reinit
rm repo -rf
2013-09-05 12:50:36 -06:00
# A test with corrupted detached signature
cd ${ test_tmpdir }
find ${ test_tmpdir } /ostree-srv/gnomerepo -name '*.commitmeta' | while read fname; do
echo borkborkbork > ${ fname } ;
done
mkdir repo
2017-03-24 10:35:59 -04:00
ostree_repo_init repo
2013-09-05 12:50:36 -06:00
${ CMD_PREFIX } ostree --repo= repo remote add origin $( cat httpd-address) /ostree/gnomerepo
if ${ CMD_PREFIX } ostree --repo= repo pull origin main; then
assert_not_reached "pull with corrupted signature unexpectedly succeeded!"
fi
rm repo -rf
2017-09-26 20:51:24 -04:00
echo "ok pull corrupted sig"
2013-09-05 12:50:36 -06:00
# And now attempt to pull the same corrupted commit, but with GPG
# verification off
cd ${ test_tmpdir }
mkdir repo
2017-03-24 10:35:59 -04:00
ostree_repo_init repo
2013-09-05 12:50:36 -06:00
${ CMD_PREFIX } ostree --repo= repo remote add --set= gpg-verify= false origin $( cat httpd-address) /ostree/gnomerepo
${ CMD_PREFIX } ostree --repo= repo pull origin main
rm repo -rf
2017-09-26 20:51:24 -04:00
echo "ok repull corrupted"
2015-04-21 16:20:28 -04:00
# Add an unsigned commit to the repo, then pull, then sign the commit,
# then pull again. Make sure we get the expected number of signatures
# each time.
cd ${ test_tmpdir } /ostree-srv/gnomerepo-files
echo secret > signme
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo commit -b main -s "Don't forget to sign me!"
cd ${ test_tmpdir }
mkdir repo
2017-03-24 10:35:59 -04:00
ostree_repo_init repo
2015-04-21 16:20:28 -04:00
${ CMD_PREFIX } ostree --repo= repo remote add --set= gpg-verify= false origin $( cat httpd-address) /ostree/gnomerepo
${ CMD_PREFIX } ostree --repo= repo pull origin main
2017-09-26 20:51:24 -04:00
${ CMD_PREFIX } ostree --repo= repo show main > show.txt
assert_not_file_has_content show.txt 'Found.*signature'
2015-06-03 12:54:36 -07:00
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo gpg-sign --gpg-homedir= ${ test_tmpdir } /gpghome main $keyid
2015-04-21 16:20:28 -04:00
${ CMD_PREFIX } ostree --repo= repo pull origin main
2017-09-26 20:51:24 -04:00
${ CMD_PREFIX } ostree --repo= repo show main > show.txt
assert_file_has_content_literal show.txt 'Found 1 signature'
echo "ok pull unsigned, then sign"
2015-11-23 11:04:31 -05:00
# Delete the signature from the commit so the detached metadata is empty,
# then pull and verify the signature is also deleted on the client side.
2016-03-02 10:28:04 -05:00
${ CMD_PREFIX } ostree --repo= ${ test_tmpdir } /ostree-srv/gnomerepo gpg-sign --gpg-homedir= ${ test_tmpdir } /gpghome --delete main $keyid
2015-11-23 11:04:31 -05:00
${ CMD_PREFIX } ostree --repo= repo pull origin main
2017-09-26 20:51:24 -04:00
${ CMD_PREFIX } ostree --repo= repo show main >show.txt
assert_not_file_has_content show.txt 'Found.*signature'
echo "ok pull sig deleted"
2015-11-23 11:04:31 -05:00
2015-04-21 16:20:28 -04:00
rm -rf repo gnomerepo-files