Andrew's git / gitweb.git /
8ae331f40ed9e7c83dd91c35278b5dc2f5326a29
   1#!/bin/sh
   2
   3test_description='pull signature verification tests'
   4. ./test-lib.sh
   5. "$TEST_DIRECTORY/lib-gpg.sh"
   6
   7test_expect_success GPG 'create repositories with signed commits' '
   8        echo 1 >a && git add a &&
   9        test_tick && git commit -m initial &&
  10        git tag initial &&
  11
  12        git clone . signed &&
  13        (
  14                cd signed &&
  15                echo 2 >b && git add b &&
  16                test_tick && git commit -S -m "signed"
  17        ) &&
  18
  19        git clone . unsigned &&
  20        (
  21                cd unsigned &&
  22                echo 3 >c && git add c &&
  23                test_tick && git commit -m "unsigned"
  24        ) &&
  25
  26        git clone . bad &&
  27        (
  28                cd bad &&
  29                echo 4 >d && git add d &&
  30                test_tick && git commit -S -m "bad" &&
  31                git cat-file commit HEAD >raw &&
  32                sed -e "s/bad/forged bad/" raw >forged &&
  33                git hash-object -w -t commit forged >forged.commit &&
  34                git checkout $(cat forged.commit)
  35        ) &&
  36
  37        git clone . untrusted &&
  38        (
  39                cd untrusted &&
  40                echo 5 >e && git add e &&
  41                test_tick && git commit -SB7227189 -m "untrusted"
  42        )
  43'
  44
  45test_expect_success GPG 'pull unsigned commit with --verify-signatures' '
  46        test_must_fail git pull --ff-only --verify-signatures unsigned 2>pullerror &&
  47        test_i18ngrep "does not have a GPG signature" pullerror
  48'
  49
  50test_expect_success GPG 'pull commit with bad signature with --verify-signatures' '
  51        test_must_fail git pull --ff-only --verify-signatures bad 2>pullerror &&
  52        test_i18ngrep "has a bad GPG signature" pullerror
  53'
  54
  55test_expect_success GPG 'pull commit with untrusted signature with --verify-signatures' '
  56        test_must_fail git pull --ff-only --verify-signatures untrusted 2>pullerror &&
  57        test_i18ngrep "has an untrusted GPG signature" pullerror
  58'
  59
  60test_expect_success GPG 'pull signed commit with --verify-signatures' '
  61        test_when_finished "git checkout initial" &&
  62        git pull --verify-signatures signed >pulloutput &&
  63        test_i18ngrep "has a good GPG signature" pulloutput
  64'
  65
  66test_expect_success GPG 'pull commit with bad signature without verification' '
  67        test_when_finished "git checkout initial" &&
  68        git pull --ff-only bad 2>pullerror
  69'
  70
  71test_expect_success GPG 'pull commit with bad signature with --no-verify-signatures' '
  72        test_when_finished "git checkout initial" &&
  73        test_config merge.verifySignatures true &&
  74        test_config pull.verifySignatures true &&
  75        git pull --ff-only --no-verify-signatures bad 2>pullerror
  76'
  77
  78test_done