From 2fac0dd5a7a62b67a869cd4c71c9d09159aaa31d Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Sun, 8 May 2016 19:46:34 +0200
Subject: gpgv: show always webportal error on NODATA

gpg doesn't give use a UID on NODATA, which we were "expecting" (but not
using for anything), but just an error number. Instead of collecting
these as badsigners which will trigger a "invald signature" error with
remarks like "NODATA 1" we instead adapt a message similar to the NODATA
error of a clearsigned file (which is actually not reached anymore as we
split them up, which fails with a NOSPLIT error, which uses the same
general error message).

In other words: Not a security relevant change, just a user experience
improvement as we now point them to the most likely cause of the
problem instead of saying "invalid signature" which would point them in
the direction of the archive being broken (for everyone) instead.

Closes: 823746
---
 test/integration/test-apt-key | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'test/integration/test-apt-key')

diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index ddb9bf9d2..666136098 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -179,10 +179,14 @@ gpg:              unchanged: 1' aptkey --fakeroot update
 	cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
 	msgtest 'Test signing a file' 'with a key'
 	echo 'Verify me. This is my signature.' > signature
+	echo 'lalalalala' > signature2
 	testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
 		adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
 	testsuccess test -s signature.gpg -a -s signature
 
+	msgtest 'Test verify a file' 'with no sig'
+	testfailure --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature signature2
+
 	for GPGV in '' 'gpgv' 'gpgv2'; do
 		echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
 
@@ -210,7 +214,6 @@ gpg:              unchanged: 1' aptkey --fakeroot update
 		testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
 
 		msgtest 'Test verify fails on' 'bad file'
-		echo 'lalalalala' > signature2
 		testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
 	done
 	rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd
@@ -257,7 +260,6 @@ gpg:              unchanged: 1' aptkey --fakeroot update
 		testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
 
 		msgtest 'Test verify fails on' 'bad doublesigned file'
-		echo 'lalalalala' > signature2
 		testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
 	done
 	rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd
-- 
cgit v1.2.3