summaryrefslogtreecommitdiff
path: root/test/integration/test-apt-key
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-05-08 19:46:34 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-05-08 19:46:34 +0200
commit2fac0dd5a7a62b67a869cd4c71c9d09159aaa31d (patch)
tree3749636ed93b8ed2d83be2e7b7e7997abafbf492 /test/integration/test-apt-key
parent39c724b4848ef8d85c8c425f982dda85f0df1277 (diff)
gpgv: show always webportal error on NODATA
gpg doesn't give use a UID on NODATA, which we were "expecting" (but not using for anything), but just an error number. Instead of collecting these as badsigners which will trigger a "invald signature" error with remarks like "NODATA 1" we instead adapt a message similar to the NODATA error of a clearsigned file (which is actually not reached anymore as we split them up, which fails with a NOSPLIT error, which uses the same general error message). In other words: Not a security relevant change, just a user experience improvement as we now point them to the most likely cause of the problem instead of saying "invalid signature" which would point them in the direction of the archive being broken (for everyone) instead. Closes: 823746
Diffstat (limited to 'test/integration/test-apt-key')
-rwxr-xr-xtest/integration/test-apt-key6
1 files changed, 4 insertions, 2 deletions
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index ddb9bf9d2..666136098 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -179,10 +179,14 @@ gpg: unchanged: 1' aptkey --fakeroot update
cp -a keys/testcase-multikey.pub rootdir/etc/apt/trusted.gpg.d/multikey.gpg
msgtest 'Test signing a file' 'with a key'
echo 'Verify me. This is my signature.' > signature
+ echo 'lalalalala' > signature2
testsuccess --nomsg aptkey --quiet --keyring keys/marvinparanoid.pub --secret-keyring keys/marvinparanoid.sec --readonly \
adv --batch --yes --default-key 'Marvin' --armor --detach-sign --sign --output signature.gpg signature
testsuccess test -s signature.gpg -a -s signature
+ msgtest 'Test verify a file' 'with no sig'
+ testfailure --nomsg aptkey --quiet --readonly --keyring keys/testcase-multikey.pub verify signature signature2
+
for GPGV in '' 'gpgv' 'gpgv2'; do
echo "APT::Key::GPGVCommand \"$GPGV\";" > rootdir/etc/apt/apt.conf.d/00gpgvcmd
@@ -210,7 +214,6 @@ gpg: unchanged: 1' aptkey --fakeroot update
testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
msgtest 'Test verify fails on' 'bad file'
- echo 'lalalalala' > signature2
testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
done
rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd
@@ -257,7 +260,6 @@ gpg: unchanged: 1' aptkey --fakeroot update
testfailure --nomsg aptkey --quiet --readonly --keyid 'Kalnischkies' verify signature.gpg signature
msgtest 'Test verify fails on' 'bad doublesigned file'
- echo 'lalalalala' > signature2
testfailure --nomsg aptkey --quiet --readonly verify signature.gpg signature2
done
rm -f rootdir/etc/apt/apt.conf.d/00gpgvcmd