]>
Commit | Line | Data |
---|---|---|
7f8ca20a HJI |
1 | #!/bin/sh |
2 | ||
3 | test_description='pull signature verification tests' | |
4 | . ./test-lib.sh | |
5 | . "$TEST_DIRECTORY/lib-gpg.sh" | |
6 | ||
7 | test_expect_success GPG 'create repositories with signed commits' ' | |
8 | echo 1 >a && git add a && | |
9 | test_tick && git commit -m initial && | |
10 | git tag initial && | |
11 | ||
12 | git clone . signed && | |
13 | ( | |
14 | cd signed && | |
15 | echo 2 >b && git add b && | |
16 | test_tick && git commit -S -m "signed" | |
17 | ) && | |
18 | ||
19 | git clone . unsigned && | |
20 | ( | |
21 | cd unsigned && | |
22 | echo 3 >c && git add c && | |
23 | test_tick && git commit -m "unsigned" | |
24 | ) && | |
25 | ||
26 | git clone . bad && | |
27 | ( | |
28 | cd bad && | |
29 | echo 4 >d && git add d && | |
30 | test_tick && git commit -S -m "bad" && | |
31 | git cat-file commit HEAD >raw && | |
2f3cbcd8 | 32 | sed -e "s/^bad/forged bad/" raw >forged && |
7f8ca20a HJI |
33 | git hash-object -w -t commit forged >forged.commit && |
34 | git checkout $(cat forged.commit) | |
35 | ) && | |
36 | ||
37 | git clone . untrusted && | |
38 | ( | |
39 | cd untrusted && | |
40 | echo 5 >e && git add e && | |
41 | test_tick && git commit -SB7227189 -m "untrusted" | |
42 | ) | |
43 | ' | |
44 | ||
45 | test_expect_success GPG 'pull unsigned commit with --verify-signatures' ' | |
fb2afea3 | 46 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
47 | test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror && |
48 | test_i18ngrep "does not have a GPG signature" pullerror | |
49 | ' | |
50 | ||
51 | test_expect_success GPG 'pull commit with bad signature with --verify-signatures' ' | |
fb2afea3 | 52 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
53 | test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror && |
54 | test_i18ngrep "has a bad GPG signature" pullerror | |
55 | ' | |
56 | ||
57 | test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' ' | |
fb2afea3 | 58 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
59 | test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror && |
60 | test_i18ngrep "has an untrusted GPG signature" pullerror | |
61 | ' | |
62 | ||
63 | test_expect_success GPG 'pull signed commit with --verify-signatures' ' | |
fb2afea3 | 64 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
65 | git pull --verify-signatures signed >pulloutput && |
66 | test_i18ngrep "has a good GPG signature" pulloutput | |
67 | ' | |
68 | ||
69 | test_expect_success GPG 'pull commit with bad signature without verification' ' | |
fb2afea3 | 70 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
71 | git pull --ff-only bad 2>pullerror |
72 | ' | |
73 | ||
74 | test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' ' | |
fb2afea3 | 75 | test_when_finished "git reset --hard && git checkout initial" && |
7f8ca20a HJI |
76 | test_config merge.verifySignatures true && |
77 | test_config pull.verifySignatures true && | |
78 | git pull --ff-only --no-verify-signatures bad 2>pullerror | |
79 | ' | |
80 | ||
01a31f3b JK |
81 | test_expect_success GPG 'pull unsigned commit into unborn branch' ' |
82 | git init empty-repo && | |
83 | test_must_fail \ | |
84 | git -C empty-repo pull --verify-signatures .. 2>pullerror && | |
85 | test_i18ngrep "does not have a GPG signature" pullerror | |
86 | ' | |
87 | ||
7f8ca20a | 88 | test_done |