[thirdparty/git.git] / t / t5573-pull-verify-signatures.sh

#!/bin/sh

test_description='pull signature verification tests'

TEST_PASSES_SANITIZE_LEAK=true
. ./test-lib.sh
. "$TEST_DIRECTORY/lib-gpg.sh"

test_expect_success GPG 'create repositories with signed commits' '
	echo 1 >a && git add a &&
	test_tick && git commit -m initial &&
	git tag initial &&

	git clone . signed &&
	(
		cd signed &&
		echo 2 >b && git add b &&
		test_tick && git commit -S -m "signed"
	) &&

	git clone . unsigned &&
	(
		cd unsigned &&
		echo 3 >c && git add c &&
		test_tick && git commit -m "unsigned"
	) &&

	git clone . bad &&
	(
		cd bad &&
		echo 4 >d && git add d &&
		test_tick && git commit -S -m "bad" &&
		git cat-file commit HEAD >raw &&
		sed -e "s/^bad/forged bad/" raw >forged &&
		git hash-object -w -t commit forged >forged.commit &&
		git checkout $(cat forged.commit)
	) &&

	git clone . untrusted &&
	(
		cd untrusted &&
		echo 5 >e && git add e &&
		test_tick && git commit -SB7227189 -m "untrusted"
	)
'

test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
	test_grep "does not have a GPG signature" pullerror
'

test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
	test_grep "has a bad GPG signature" pullerror
'

test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=ultimate' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_config gpg.minTrustLevel ultimate &&
	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=marginal' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_config gpg.minTrustLevel marginal &&
	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=undefined' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_config gpg.minTrustLevel undefined &&
	git pull --ff-only --verify-signatures untrusted >pulloutput &&
	test_grep "has a good GPG signature" pulloutput
'

test_expect_success GPG 'pull signed commit with --verify-signatures' '
	test_when_finished "git reset --hard && git checkout initial" &&
	git pull --verify-signatures signed >pulloutput &&
	test_grep "has a good GPG signature" pulloutput
'

test_expect_success GPG 'pull commit with bad signature without verification' '
	test_when_finished "git reset --hard && git checkout initial" &&
	git pull --ff-only bad 2>pullerror
'

test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' '
	test_when_finished "git reset --hard && git checkout initial" &&
	test_config merge.verifySignatures true &&
	test_config pull.verifySignatures true &&
	git pull --ff-only --no-verify-signatures bad 2>pullerror
'

test_expect_success GPG 'pull unsigned commit into unborn branch' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_must_fail \
		git -C empty-repo pull --verify-signatures ..  2>pullerror &&
	test_grep "does not have a GPG signature" pullerror
'

test_expect_success GPG 'pull commit into unborn branch with bad signature and --verify-signatures' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_must_fail \
		git -C empty-repo pull --ff-only --verify-signatures ../bad 2>pullerror &&
	test_grep "has a bad GPG signature" pullerror
'

test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_must_fail \
		git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=ultimate' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_config_global gpg.minTrustLevel ultimate &&
	test_must_fail \
		git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=marginal' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_config_global gpg.minTrustLevel marginal &&
	test_must_fail \
		git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
	test_grep "has an untrusted GPG signature" pullerror
'

test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=undefined' '
	test_when_finished "rm -rf empty-repo" &&
	git init empty-repo &&
	test_config_global gpg.minTrustLevel undefined &&
	git -C empty-repo pull --ff-only --verify-signatures ../untrusted >pulloutput &&
	test_grep "has a good GPG signature" pulloutput
'

test_done
Commit	Line	Data
7f8ca20a HJI	1	#!/bin/sh
	2
	3	test_description='pull signature verification tests'
b2e5d75d ÆAB	4
b2e5d75d ÆAB	5	TEST_PASSES_SANITIZE_LEAK=true
7f8ca20a HJI	6	. ./test-lib.sh
	7	. "$TEST_DIRECTORY/lib-gpg.sh"
	8
	9	test_expect_success GPG 'create repositories with signed commits' '
	10	echo 1 >a && git add a &&
	11	test_tick && git commit -m initial &&
	12	git tag initial &&
	13
	14	git clone . signed &&
	15	(
	16	cd signed &&
	17	echo 2 >b && git add b &&
	18	test_tick && git commit -S -m "signed"
	19	) &&
	20
	21	git clone . unsigned &&
	22	(
	23	cd unsigned &&
	24	echo 3 >c && git add c &&
	25	test_tick && git commit -m "unsigned"
	26	) &&
	27
	28	git clone . bad &&
	29	(
	30	cd bad &&
	31	echo 4 >d && git add d &&
	32	test_tick && git commit -S -m "bad" &&
	33	git cat-file commit HEAD >raw &&
2f3cbcd8	34	sed -e "s/^bad/forged bad/" raw >forged &&
7f8ca20a HJI	35	git hash-object -w -t commit forged >forged.commit &&
	36	git checkout $(cat forged.commit)
	37	) &&
	38
	39	git clone . untrusted &&
	40	(
	41	cd untrusted &&
	42	echo 5 >e && git add e &&
	43	test_tick && git commit -SB7227189 -m "untrusted"
	44	)
	45	'
	46
	47	test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
fb2afea3	48	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a	49	test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
6789275d	50	test_grep "does not have a GPG signature" pullerror
7f8ca20a HJI	51	'
	52
	53	test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
fb2afea3	54	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a	55	test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
6789275d	56	test_grep "has a bad GPG signature" pullerror
7f8ca20a HJI	57	'
	58
	59	test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
fb2afea3	60	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a	61	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
6789275d	62	test_grep "has an untrusted GPG signature" pullerror
7f8ca20a HJI	63	'
7f8ca20a HJI	64
54887b46 HJI	65	test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=ultimate' '
	66	test_when_finished "git reset --hard && git checkout initial" &&
	67	test_config gpg.minTrustLevel ultimate &&
	68	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
6789275d	69	test_grep "has an untrusted GPG signature" pullerror
54887b46 HJI	70	'
	71
	72	test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=marginal' '
	73	test_when_finished "git reset --hard && git checkout initial" &&
	74	test_config gpg.minTrustLevel marginal &&
	75	test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
6789275d	76	test_grep "has an untrusted GPG signature" pullerror
54887b46 HJI	77	'
	78
	79	test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures and minTrustLevel=undefined' '
	80	test_when_finished "git reset --hard && git checkout initial" &&
	81	test_config gpg.minTrustLevel undefined &&
	82	git pull --ff-only --verify-signatures untrusted >pulloutput &&
6789275d	83	test_grep "has a good GPG signature" pulloutput
54887b46 HJI	84	'
54887b46 HJI	85
7f8ca20a	86	test_expect_success GPG 'pull signed commit with --verify-signatures' '
fb2afea3	87	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a	88	git pull --verify-signatures signed >pulloutput &&
6789275d	89	test_grep "has a good GPG signature" pulloutput
7f8ca20a HJI	90	'
	91
	92	test_expect_success GPG 'pull commit with bad signature without verification' '
fb2afea3	93	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a HJI	94	git pull --ff-only bad 2>pullerror
	95	'
	96
	97	test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' '
fb2afea3	98	test_when_finished "git reset --hard && git checkout initial" &&
7f8ca20a HJI	99	test_config merge.verifySignatures true &&
	100	test_config pull.verifySignatures true &&
	101	git pull --ff-only --no-verify-signatures bad 2>pullerror
	102	'
	103
01a31f3b	104	test_expect_success GPG 'pull unsigned commit into unborn branch' '
54887b46	105	test_when_finished "rm -rf empty-repo" &&
01a31f3b JK	106	git init empty-repo &&
	107	test_must_fail \
	108	git -C empty-repo pull --verify-signatures .. 2>pullerror &&
6789275d	109	test_grep "does not have a GPG signature" pullerror
01a31f3b JK	110	'
01a31f3b JK	111
54887b46 HJI	112	test_expect_success GPG 'pull commit into unborn branch with bad signature and --verify-signatures' '
	113	test_when_finished "rm -rf empty-repo" &&
	114	git init empty-repo &&
	115	test_must_fail \
	116	git -C empty-repo pull --ff-only --verify-signatures ../bad 2>pullerror &&
6789275d	117	test_grep "has a bad GPG signature" pullerror
54887b46 HJI	118	'
	119
	120	test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures' '
	121	test_when_finished "rm -rf empty-repo" &&
	122	git init empty-repo &&
	123	test_must_fail \
	124	git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
6789275d	125	test_grep "has an untrusted GPG signature" pullerror
54887b46 HJI	126	'
	127
	128	test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=ultimate' '
	129	test_when_finished "rm -rf empty-repo" &&
	130	git init empty-repo &&
	131	test_config_global gpg.minTrustLevel ultimate &&
	132	test_must_fail \
	133	git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
6789275d	134	test_grep "has an untrusted GPG signature" pullerror
54887b46 HJI	135	'
	136
	137	test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=marginal' '
	138	test_when_finished "rm -rf empty-repo" &&
	139	git init empty-repo &&
	140	test_config_global gpg.minTrustLevel marginal &&
	141	test_must_fail \
	142	git -C empty-repo pull --ff-only --verify-signatures ../untrusted 2>pullerror &&
6789275d	143	test_grep "has an untrusted GPG signature" pullerror
54887b46 HJI	144	'
	145
	146	test_expect_success GPG 'pull commit into unborn branch with untrusted signature and --verify-signatures and minTrustLevel=undefined' '
	147	test_when_finished "rm -rf empty-repo" &&
	148	git init empty-repo &&
	149	test_config_global gpg.minTrustLevel undefined &&
	150	git -C empty-repo pull --ff-only --verify-signatures ../untrusted >pulloutput &&
6789275d	151	test_grep "has a good GPG signature" pulloutput
54887b46 HJI	152	'
54887b46 HJI	153
7f8ca20a	154	test_done