Commit Graph

10 Commits

Author SHA1 Message Date
Colin Walters
12db46e5af tests: More TAP fixups
Hopefully getting closer now.
2016-03-03 18:00:54 -05:00
Colin Walters
0174224a2d tests: Convert two more exit 77 instances into TAP-compatible SKIP
Followup to https://github.com/GNOME/ostree/pull/194
2016-03-03 14:19:10 -05:00
Colin Walters
5ebe43859d tests: Use "bash strict mode"
I noticed in the static deltas tests, there were some tests that
should have been under `-o pipefail` to ensure we properly propagate
errors.

There were a few places where we were referencing undefined variables.

Overall, this is clearly a good idea IMO.
2016-01-27 11:44:10 -05:00
Giuseppe Scrivano
75cdbb8e82 tests: skip tests using gjs/parallel if they are not installed
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>

Closes #131
2015-08-05 10:58:00 -04:00
Colin Walters
47610b45c2 Limit metadata to 10 MiB
If fetching GPG-signed commits over plain HTTP, a MitM attacker can
fill up the drive of targets by simply returning an enormous stream
for the commit object.

Related to this, an attacker can also cause OSTree to perform large
memory allocations by returning enormous GVariants in the metadata.

This helps close that attack by limiting all metadata objects to 10
MiB, so the initial fetch will be truncated.

But now the attack is only slightly more difficult as the attacker
will have to return a correctly formed commit object, then return a
large stream of < 10 MiB dirmeta/dirtree objects.

https://bugzilla.gnome.org/show_bug.cgi?id=725921
2014-05-27 14:15:27 -04:00
Colin Walters
3802a0679b tests/pull-corruption: Ensure we corrupt an object to be pulled
This test had some nondeterminism because we chose a random
object to corrupt, but because there were multiple commits, it
was possible that we chose an object that was not being pulled.

Fix this by writing some custom GJS code to find an explicitly random
object that exists in a given ref, an change a random byte offset.
This adds a lot more randomness to the testing too.
2014-01-19 13:19:10 -05:00
Colin Walters
0a9f246016 tests: Small tweaks to pull corruption test
This one is failing here, I suspect it's the generic pull race
condition, but these fixes should make it slightly more reliable.
2014-01-19 11:48:27 -05:00
Jeremy Whiting
7f9eefb62d pull: Verify commits with gpg signatures from detached metadata
This uses gpgv for verification against DATADIR/ostree/pubring.gpg by
default.  The keyring can be overridden by specifying OSTREE_GPG_HOME.

Add a unit test for commit signing with gpg key and verifying on pull;
to implement this we ship a test GPG key generated with no password
for Ostree Tester <test@test.com>.

Change all of the existing tests to disable GPG verification.
2013-09-29 14:49:47 -04:00
Jeremy Whiting
902848cd71 test: Improve pull corruption test
To verify pull with a second repo works.
2013-08-27 20:35:45 -04:00
Colin Walters
420763e90d tests: Add a test of corruption during a pull process
These corruption tests could be a lot better...like randomly try
single bit flips, range flips.  Better, content-aware fuzzing.  But
this is useful for now.
2013-07-09 11:28:49 -04:00