summaryrefslogtreecommitdiff
path: root/test/libapt/openmaybeclearsignedfile_test.cc
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2019-02-01 14:40:06 +0000
committerJulian Andres Klode <jak@debian.org>2019-02-01 14:40:06 +0000
commitd5dcc2e9d3008b57c3fae0bcb5b1c2a197f5430c (patch)
tree18472bd719bbd40e687d58f09c578382ae6a72ac /test/libapt/openmaybeclearsignedfile_test.cc
parentb358bd64fc537de4e25c25b79de87346ec51a50c (diff)
parent8aa2053368d1bb82755164eaa36a10410b434c7c (diff)
Merge branch 'pu/refuseunsignedlines' into 'master'
Fail if InRelease or Release.gpg contain unsigned lines See merge request apt-team/apt!45
Diffstat (limited to 'test/libapt/openmaybeclearsignedfile_test.cc')
-rw-r--r--test/libapt/openmaybeclearsignedfile_test.cc164
1 files changed, 138 insertions, 26 deletions
diff --git a/test/libapt/openmaybeclearsignedfile_test.cc b/test/libapt/openmaybeclearsignedfile_test.cc
index 1f63fb8fc..0a4d4438a 100644
--- a/test/libapt/openmaybeclearsignedfile_test.cc
+++ b/test/libapt/openmaybeclearsignedfile_test.cc
@@ -111,7 +111,6 @@ TEST(OpenMaybeClearSignedFileTest,SignedFileWithContentHeaders)
EXPECT_TRUE(fd.Eof());
}
-// That isn't how multiple signatures are done
TEST(OpenMaybeClearSignedFileTest,SignedFileWithTwoSignatures)
{
std::string tempfile;
@@ -190,19 +189,16 @@ TEST(OpenMaybeClearSignedFileTest,TwoSimpleSignedFile)
"-----END PGP SIGNATURE-----");
EXPECT_TRUE(_error->empty());
EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
- EXPECT_TRUE(OpenMaybeClearSignedFile(tempfile, fd));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
if (tempfile.empty() == false)
unlink(tempfile.c_str());
EXPECT_FALSE(_error->empty());
- EXPECT_TRUE(fd.IsOpen());
- char buffer[100];
- EXPECT_TRUE(fd.ReadLine(buffer, sizeof(buffer)));
- EXPECT_STREQ(buffer, "Test");
- EXPECT_TRUE(fd.Eof());
- ASSERT_FALSE(_error->empty());
+ EXPECT_FALSE(fd.IsOpen());
+ // technically they are signed, but we just want one message
+ EXPECT_TRUE(_error->PendingError());
std::string msg;
- _error->PopMessage(msg);
+ EXPECT_TRUE(_error->PopMessage(msg));
EXPECT_EQ("Clearsigned file '" + tempfile + "' contains unsigned lines.", msg);
}
@@ -244,19 +240,15 @@ TEST(OpenMaybeClearSignedFileTest,GarbageTop)
"-----END PGP SIGNATURE-----\n");
EXPECT_FALSE(StartsWithGPGClearTextSignature(tempfile));
EXPECT_TRUE(_error->empty());
- EXPECT_TRUE(OpenMaybeClearSignedFile(tempfile, fd));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
if (tempfile.empty() == false)
unlink(tempfile.c_str());
- EXPECT_TRUE(fd.IsOpen());
- char buffer[100];
- EXPECT_TRUE(fd.ReadLine(buffer, sizeof(buffer)));
- EXPECT_STREQ(buffer, "Test");
- EXPECT_TRUE(fd.Eof());
+ EXPECT_FALSE(fd.IsOpen());
ASSERT_FALSE(_error->empty());
- ASSERT_FALSE(_error->PendingError());
+ ASSERT_TRUE(_error->PendingError());
std::string msg;
- _error->PopMessage(msg);
+ EXPECT_TRUE(_error->PopMessage(msg));
EXPECT_EQ("Clearsigned file '" + tempfile + "' does not start with a signed message block.", msg);
}
@@ -313,19 +305,15 @@ TEST(OpenMaybeClearSignedFileTest,GarbageBottom)
"Garbage");
EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
EXPECT_TRUE(_error->empty());
- EXPECT_TRUE(OpenMaybeClearSignedFile(tempfile, fd));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
if (tempfile.empty() == false)
unlink(tempfile.c_str());
- EXPECT_TRUE(fd.IsOpen());
- char buffer[100];
- EXPECT_TRUE(fd.ReadLine(buffer, sizeof(buffer)));
- EXPECT_STREQ(buffer, "Test");
- EXPECT_TRUE(fd.Eof());
+ EXPECT_FALSE(fd.IsOpen());
ASSERT_FALSE(_error->empty());
- ASSERT_FALSE(_error->PendingError());
+ ASSERT_TRUE(_error->PendingError());
std::string msg;
- _error->PopMessage(msg);
+ EXPECT_TRUE(_error->PopMessage(msg));
EXPECT_EQ("Clearsigned file '" + tempfile + "' contains unsigned lines.", msg);
}
@@ -347,7 +335,7 @@ TEST(OpenMaybeClearSignedFileTest,BogusNoSig)
std::string msg;
_error->PopMessage(msg);
- EXPECT_EQ("Splitting of file " + tempfile + " failed as it doesn't contain all expected parts 0 1 0", msg);
+ EXPECT_EQ("Splitting of clearsigned file " + tempfile + " failed as it doesn't contain all expected parts", msg);
}
TEST(OpenMaybeClearSignedFileTest,BogusSigStart)
@@ -371,3 +359,127 @@ TEST(OpenMaybeClearSignedFileTest,BogusSigStart)
_error->PopMessage(msg);
EXPECT_EQ("Signature in file " + tempfile + " wasn't closed", msg);
}
+
+TEST(OpenMaybeClearSignedFileTest,DashedSignedFile)
+{
+ std::string tempfile;
+ FileFd fd;
+ createTemporaryFile("dashedsignedfile", fd, &tempfile, "-----BEGIN PGP SIGNED MESSAGE-----\n"
+"Hash: SHA512\n"
+"\n"
+"- Test\n"
+"-----BEGIN PGP SIGNATURE-----\n"
+"\n"
+"iQFEBAEBCgAuFiEENKjp0Y2zIPNn6OqgWpDRQdusja4FAlhT7+kQHGpvZUBleGFt\n"
+"cGxlLm9yZwAKCRBakNFB26yNrjvEB/9/e3jA1l0fvPafx9LEXcH8CLpUFQK7ra9l\n"
+"3M4YAH4JKQlTG1be7ixruBRlCTh3YiSs66fKMeJeUYoxA2HPhvbGFEjQFAxunEYg\n"
+"X/LBKv1mQWa+Q34P5GBjK8kQdLCN+yJAiUErmWNQG3GPninrxsC9tY5jcWvHeP1k\n"
+"V7N3MLnNqzXaCJM24mnKidC5IDadUdQ8qC8c3rjUexQ8vBz0eucH56jbqV5oOcvx\n"
+"pjlW965dCPIf3OI8q6J7bIOjyY+u/PTcVlqPq3TUz/ti6RkVbKpLH0D4ll3lUTns\n"
+"JQt/+gJCPxHUJphy8sccBKhW29CLELJIIafvU30E1nWn9szh2Xjq\n"
+"=TB1F\n"
+"-----END PGP SIGNATURE-----\n");
+ EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
+ EXPECT_TRUE(OpenMaybeClearSignedFile(tempfile, fd));
+ if (tempfile.empty() == false)
+ unlink(tempfile.c_str());
+ EXPECT_TRUE(fd.IsOpen());
+ char buffer[100];
+ EXPECT_TRUE(fd.ReadLine(buffer, sizeof(buffer)));
+ EXPECT_STREQ(buffer, "Test");
+ EXPECT_TRUE(fd.Eof());
+}
+TEST(OpenMaybeClearSignedFileTest,StrangeDashArmorFile)
+{
+ std::string tempfile;
+ FileFd fd;
+ createTemporaryFile("strangedashfile", fd, &tempfile, "-----BEGIN PGP SIGNED MESSAGE-----\n"
+"Hash: SHA512\n"
+"-Hash: SHA512\n"
+"\n"
+"Test\n"
+"-----BEGIN PGP SIGNATURE-----\n"
+"\n"
+"iQFEBAEBCgAuFiEENKjp0Y2zIPNn6OqgWpDRQdusja4FAlhT7+kQHGpvZUBleGFt\n"
+"cGxlLm9yZwAKCRBakNFB26yNrjvEB/9/e3jA1l0fvPafx9LEXcH8CLpUFQK7ra9l\n"
+"3M4YAH4JKQlTG1be7ixruBRlCTh3YiSs66fKMeJeUYoxA2HPhvbGFEjQFAxunEYg\n"
+"X/LBKv1mQWa+Q34P5GBjK8kQdLCN+yJAiUErmWNQG3GPninrxsC9tY5jcWvHeP1k\n"
+"V7N3MLnNqzXaCJM24mnKidC5IDadUdQ8qC8c3rjUexQ8vBz0eucH56jbqV5oOcvx\n"
+"pjlW965dCPIf3OI8q6J7bIOjyY+u/PTcVlqPq3TUz/ti6RkVbKpLH0D4ll3lUTns\n"
+"JQt/+gJCPxHUJphy8sccBKhW29CLELJIIafvU30E1nWn9szh2Xjq\n"
+"=TB1F\n"
+"-----END PGP SIGNATURE-----\n");
+ EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
+ if (tempfile.empty() == false)
+ unlink(tempfile.c_str());
+ EXPECT_FALSE(_error->empty());
+ EXPECT_FALSE(fd.IsOpen());
+
+ std::string msg;
+ EXPECT_TRUE(_error->PendingError());
+ EXPECT_TRUE(_error->PopMessage(msg));
+ EXPECT_EQ("Clearsigned file '" + tempfile + "' contains unexpected line starting with a dash (armor)", msg);
+}
+TEST(OpenMaybeClearSignedFileTest,StrangeDashMsgFile)
+{
+ std::string tempfile;
+ FileFd fd;
+ createTemporaryFile("strangedashfile", fd, &tempfile, "-----BEGIN PGP SIGNED MESSAGE-----\n"
+"Hash: SHA512\n"
+"\n"
+"-Test\n"
+"-----BEGIN PGP SIGNATURE-----\n"
+"\n"
+"iQFEBAEBCgAuFiEENKjp0Y2zIPNn6OqgWpDRQdusja4FAlhT7+kQHGpvZUBleGFt\n"
+"cGxlLm9yZwAKCRBakNFB26yNrjvEB/9/e3jA1l0fvPafx9LEXcH8CLpUFQK7ra9l\n"
+"3M4YAH4JKQlTG1be7ixruBRlCTh3YiSs66fKMeJeUYoxA2HPhvbGFEjQFAxunEYg\n"
+"X/LBKv1mQWa+Q34P5GBjK8kQdLCN+yJAiUErmWNQG3GPninrxsC9tY5jcWvHeP1k\n"
+"V7N3MLnNqzXaCJM24mnKidC5IDadUdQ8qC8c3rjUexQ8vBz0eucH56jbqV5oOcvx\n"
+"pjlW965dCPIf3OI8q6J7bIOjyY+u/PTcVlqPq3TUz/ti6RkVbKpLH0D4ll3lUTns\n"
+"JQt/+gJCPxHUJphy8sccBKhW29CLELJIIafvU30E1nWn9szh2Xjq\n"
+"=TB1F\n"
+"-----END PGP SIGNATURE-----\n");
+ EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
+ if (tempfile.empty() == false)
+ unlink(tempfile.c_str());
+ EXPECT_FALSE(_error->empty());
+ EXPECT_FALSE(fd.IsOpen());
+
+ std::string msg;
+ EXPECT_TRUE(_error->PendingError());
+ EXPECT_TRUE(_error->PopMessage(msg));
+ EXPECT_EQ("Clearsigned file '" + tempfile + "' contains unexpected line starting with a dash (msg)", msg);
+}
+TEST(OpenMaybeClearSignedFileTest,StrangeDashSigFile)
+{
+ std::string tempfile;
+ FileFd fd;
+ createTemporaryFile("strangedashfile", fd, &tempfile, "-----BEGIN PGP SIGNED MESSAGE-----\n"
+"Hash: SHA512\n"
+"\n"
+"Test\n"
+"-----BEGIN PGP SIGNATURE-----\n"
+"\n"
+"iQFEBAEBCgAuFiEENKjp0Y2zIPNn6OqgWpDRQdusja4FAlhT7+kQHGpvZUBleGFt\n"
+"cGxlLm9yZwAKCRBakNFB26yNrjvEB/9/e3jA1l0fvPafx9LEXcH8CLpUFQK7ra9l\n"
+"3M4YAH4JKQlTG1be7ixruBRlCTh3YiSs66fKMeJeUYoxA2HPhvbGFEjQFAxunEYg\n"
+"-/LBKv1mQWa+Q34P5GBjK8kQdLCN+yJAiUErmWNQG3GPninrxsC9tY5jcWvHeP1k\n"
+"V7N3MLnNqzXaCJM24mnKidC5IDadUdQ8qC8c3rjUexQ8vBz0eucH56jbqV5oOcvx\n"
+"pjlW965dCPIf3OI8q6J7bIOjyY+u/PTcVlqPq3TUz/ti6RkVbKpLH0D4ll3lUTns\n"
+"JQt/+gJCPxHUJphy8sccBKhW29CLELJIIafvU30E1nWn9szh2Xjq\n"
+"=TB1F\n"
+"-----END PGP SIGNATURE-----\n");
+ EXPECT_TRUE(StartsWithGPGClearTextSignature(tempfile));
+ EXPECT_FALSE(OpenMaybeClearSignedFile(tempfile, fd));
+ if (tempfile.empty() == false)
+ unlink(tempfile.c_str());
+ EXPECT_FALSE(_error->empty());
+ EXPECT_FALSE(fd.IsOpen());
+
+ std::string msg;
+ EXPECT_TRUE(_error->PendingError());
+ EXPECT_TRUE(_error->PopMessage(msg));
+ EXPECT_EQ("Clearsigned file '" + tempfile + "' contains unexpected line starting with a dash (sig)", msg);
+}