mirror of
https://github.com/ostreedev/ostree.git
synced 2024-12-22 17:35:55 +03:00
tests/sign: check pull failure with invalid remote options
Pull should to fail if no known signature available in remote's configuration or well-known places. Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
This commit is contained in:
parent
e16faa58f4
commit
5a39281fbe
@ -23,7 +23,7 @@ set -euo pipefail
|
||||
|
||||
. $(dirname $0)/libtest.sh
|
||||
|
||||
echo "1..8"
|
||||
echo "1..11"
|
||||
|
||||
setup_fake_remote_repo1 "archive"
|
||||
|
||||
@ -67,6 +67,31 @@ function test_signed_pull() {
|
||||
DUMMYSIGN="dummysign"
|
||||
COMMIT_ARGS="--sign=${DUMMYSIGN} --sign-type=dummy"
|
||||
repo_init --set=sign-verify=true
|
||||
|
||||
# Check if verification-key and verification-file options throw error with wrong keys
|
||||
cd ${test_tmpdir}
|
||||
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo commit ${COMMIT_ARGS} \
|
||||
-b main -s "A signed commit" --tree=ref=main
|
||||
${CMD_PREFIX} ostree --repo=ostree-srv/gnomerepo summary -u
|
||||
if ${CMD_PREFIX} ostree --repo=repo pull origin main; then
|
||||
assert_not_reached "pull without keys unexpectedly succeeded"
|
||||
fi
|
||||
echo "ok pull failure without keys preloaded"
|
||||
|
||||
${CMD_PREFIX} ostree --repo=repo config set 'remote "origin"'.verification-key "somewrongkey"
|
||||
if ${CMD_PREFIX} ostree --repo=repo pull origin main; then
|
||||
assert_not_reached "pull with unknown key unexpectedly succeeded"
|
||||
fi
|
||||
echo "ok pull failure with incorrect key option"
|
||||
|
||||
${CMD_PREFIX} ostree --repo=repo config unset 'remote "origin"'.verification-key
|
||||
${CMD_PREFIX} ostree --repo=repo config set 'remote "origin"'.verification-file "/non/existing/file"
|
||||
if ${CMD_PREFIX} ostree --repo=repo pull origin main; then
|
||||
assert_not_reached "pull with unknown keys file unexpectedly succeeded"
|
||||
fi
|
||||
echo "ok pull failure with incorrect keys file option"
|
||||
|
||||
# Test with correct dummy key
|
||||
${CMD_PREFIX} ostree --repo=repo config set 'remote "origin"'.verification-key "${DUMMYSIGN}"
|
||||
test_signed_pull "dummy" ""
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user