From d28376fb2af27cb65fd8c4253079ec65d646275a Mon Sep 17 00:00:00 2001 From: Luke Shumaker Date: Wed, 30 May 2018 11:38:15 -0400 Subject: test/libremakepkg: Verify that it correctly handles source signatures [ci-skip] --- test/libremakepkg-test.sh | 26 ++++++++++++++++++++++++++ test/libremakepkg.d/PKGBUILD-signed | 17 +++++++++++++++++ test/libremakepkg.d/hello.sh | 2 ++ test/testenv | 17 ++++++++++++++++- 4 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 test/libremakepkg.d/PKGBUILD-signed create mode 100644 test/libremakepkg.d/hello.sh diff --git a/test/libremakepkg-test.sh b/test/libremakepkg-test.sh index 363e4f7..6fa7962 100644 --- a/test/libremakepkg-test.sh +++ b/test/libremakepkg-test.sh @@ -177,3 +177,29 @@ it_doesnt_symlink_outputs() { [[ -f $(echo "$tmpdir/workdir/pkgdest"/libretools-hello-1.0-1-any.pkg.tar.?z) ]] [[ -f $(echo "$tmpdir/workdir/srcpkgdest"/libretools-hello-1.0-1-any.src.tar.?z) ]] } + +it_succeeds_with_good_signatures() { + require network sudo || return 0 + + cp libremakepkg.d/PKGBUILD-signed "$tmpdir/PKGBUILD" + cp libremakepkg.d/hello.sh "$tmpdir/hello.sh" + cd "$tmpdir" + gpg --detach-sign --use-agent --no-armor hello.sh + + libremessages msg 'Creating a chroot, may take a few minutes' &>/dev/tty + testsudo libremakepkg -l "$roundup_test_name" +} + +it_fails_with_bad_signatures() { + require network sudo || return 0 + + cp libremakepkg.d/PKGBUILD-signed "$tmpdir/PKGBUILD" + cp libremakepkg.d/hello.sh "$tmpdir/hello.sh" + cd "$tmpdir" + gpg --detach-sign --use-agent --no-armor hello.sh + echo 'echo pwned' >> hello.sh + makepkg -g >> PKGBUILD + + libremessages msg 'Creating a chroot, may take a few minutes' &>/dev/tty + not testsudo libremakepkg -l "$roundup_test_name" +} diff --git a/test/libremakepkg.d/PKGBUILD-signed b/test/libremakepkg.d/PKGBUILD-signed new file mode 100644 index 0000000..0979a85 --- /dev/null +++ b/test/libremakepkg.d/PKGBUILD-signed @@ -0,0 +1,17 @@ +pkgname='libretools-signed' +pkgver=1.0 +license=('GPL') +url='https://parabola.nu' + +source=(hello.sh{,.sig}) +sha256sums=('1e70cef0dfe5ce1120ccde5e1551c7277bcddaa75a1808f49512f404e6b8aec8' + 'SKIP') + +pkgrel=1 +arch=(any) +depends=(sh) + +package() { + cd "$srcdir" + install -Dm755 hello.sh "$pkgdir"/usr/bin/libretools-hello +} diff --git a/test/libremakepkg.d/hello.sh b/test/libremakepkg.d/hello.sh new file mode 100644 index 0000000..79a32fd --- /dev/null +++ b/test/libremakepkg.d/hello.sh @@ -0,0 +1,2 @@ +#!/bin/sh +echo "Hello, world!" diff --git a/test/testenv b/test/testenv index 36ae826..9357269 100755 --- a/test/testenv +++ b/test/testenv @@ -45,14 +45,29 @@ export LIBRETOOLS_LIBDIR="$destdir/usr/lib/libretools" export XBS_LIBDIR="$destdir/usr/lib/xbs" export HOME=$TMPDIR/home + export GNUPGHOME="$HOME/.gnupg" export XDG_CACHE_HOME="$HOME/.cache" export XDG_CONFIG_HOME="$HOME/.config" export _librelib_conf_sh_sysconfdir="$destdir/etc" export _librelib_conf_sh_pkgconfdir="$destdir/etc/libretools.d" + mkdir -p -- "$GNUPGHOME" + chmod 700 -- "$GNUPGHOME" + unset GPGKEY + gpg --quiet --no-tty --batch --gen-key <<-eot + Key-Type: default + Key-Usage: sign + Name-Real: Bob Tester + Name-Email: tester@localhost + Expire-Date: 0 + %no-protection + %commit + eot + export GPGKEY="$(gpg --quiet --list-secret-keys --with-colons | awk -F: '/^sec:/{print substr($5,9)}')" + # Hack to respect our variables in sudo _sudo() { - local vars=(TMPDIR PATH LIBRETOOLS_LIBDIR XDG_CACHE_HOME XDG_CONFIG_HOME _librelib_conf_sh_sysconfdir) + local vars=(TMPDIR PATH LIBRETOOLS_LIBDIR GNUPGHOME XDG_CACHE_HOME XDG_CONFIG_HOME _librelib_conf_sh_sysconfdir GPGKEY) local env=() local var for var in "${vars[@]}"; do -- cgit v1.2.2