summaryrefslogtreecommitdiff
path: root/tests/test-signed-pull-summary.sh
Commit message (Collapse)AuthorAgeFilesLines
* Update FSF license notices to use URL instead of addressJoseph Marrero2021-12-071-3/+1
|
* tests: Test without a cache directory by defaultDan Nicholson2021-04-191-0/+3
| | | | | | | | | | | | | | | | | | | Several tests generate summaries and then expect to use the generated summary immediately. However, this can cause intermittent test failures when they inadvertantly get a cached summary file. This typically happens when the test is run on a filesystem that doesn't support user extended attributes. In that case, the caching code can only use the last modified time, which only has 1 second granularity. If tests don't carefully manage the summary modification times or the repo cache then they are likely subject to races in some test environments. This introduces an environment variable `OSTREE_SKIP_CACHE` that prevents the repo from using a cache directory. This is enabled by default in tests and disabled for tests that are a explicitly trying to test the caching behavior. Fixes: #2313 Fixes: #2351
* sign/ed25519: Output failed signatures in error messageColin Walters2020-06-161-1/+1
| | | | | | | | | | To aid debuggability, when we find a commit that isn't signed by our expected key, output a specific error message with the key. (And then add code to switch to just printing the count beyond 3 because the test suite injects 100 keys and hopefully no one ever actually does that)
* Use `sign-ed25519` for the feature nameColin Walters2020-04-161-2/+2
| | | | | | | | `libsodium` is an implementation detail. In particular, I'd like to consider using OpenSSL for ed25519 (if libsodium isn't configured and openssl is). So switch the name of the exposed feature and adjust the tests.
* Change signature opts to include type, cleanup error handlingColin Walters2020-04-151-8/+8
| | | | | | | | | | | | | | | | | | Previously we would pass the `verification-key` and `verification-file` to all backends, ignoring errors from loading keys until we found one that worked. Instead, change the options to be `verification-<engine>-key` and `verification-<engine>-file`, and then rework this to use standard error handling; barf explicitly if we can't load the public keys for example. Preserve the semantics of accepting the first valid signature. The first signature error is captured, the others are currently compressed into a `(and %d more)` prefix. And now that I look at this more closely there's a lot of duplication between the two code paths in pull.c for verifying; will dedup this next.
* Only enable "dummy" signature type with opt-in env variableColin Walters2020-04-141-0/+3
| | | | | I don't want to even have to think about people using this in production.
* sign-pull: improve error handlingDenis Pynkin2020-03-251-2/+2
| | | | | | | Use glnx_* functions in signature related pull code for clear error handling. Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
* tests/sign: new test for summary file verificationDenis Pynkin2020-03-251-0/+287
Add test for signature verification of summary file during the pull. Adopted version of GPG tests from `test-pull-summary-sigs.sh`. Signed-off-by: Denis Pynkin <denis.pynkin@collabora.com>
View Lorry Controller Status