summaryrefslogtreecommitdiff
path: root/test/integration/test-releasefile-verification
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2015-07-07 22:11:20 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2015-08-10 17:25:26 +0200
commit4e03c47de15164f2656d9655edab6fb3570cb2f2 (patch)
treeb3475a46b3cc5ede3a4da4042c9bc80569549aba /test/integration/test-releasefile-verification
parent25f2731928f0b571f7521d7d7a7e301499d0f6ee (diff)
implement Signed-By without using gpg for verification
The previous commit returns to the possibility of using just gpgv for verification proposes. There is one problem through: We can't enforce a specific keyid without using gpg, but our acquire method can as it parses gpgv output anyway, so it can deal with good signatures from not expected signatures and treats them as unknown keys instead. Git-Dch: Ignore
Diffstat (limited to 'test/integration/test-releasefile-verification')
-rwxr-xr-xtest/integration/test-releasefile-verification4
1 files changed, 2 insertions, 2 deletions
diff --git a/test/integration/test-releasefile-verification b/test/integration/test-releasefile-verification
index 1c3953c8b..759242514 100755
--- a/test/integration/test-releasefile-verification
+++ b/test/integration/test-releasefile-verification
@@ -92,7 +92,7 @@ touch aptarchive/apt.deb
PKGFILE="${TESTDIR}/$(echo "$(basename $0)" | sed 's#^test-#Packages-#')"
updatewithwarnings() {
- testwarning aptget update
+ testwarning aptget update -o Debug::pkgAcquire::Worker=1 -o Debug::Acquire::gpgv=1
testsuccess grep -E "$1" rootdir/tmp/testwarning.output
}
@@ -225,7 +225,7 @@ runtest() {
signreleasefiles 'Joe Sixpack'
find aptarchive/ -name "$DELETEFILE" -delete
msgmsg 'Cold archive signed by bad keyid' 'Joe Sixpack'
- updatewithwarnings '^W: .* NO_PUBKEY'
+ updatewithwarnings '^W: .* be verified because the public key is not available: .*'
sed -i "s#^\(deb\(-src\)\?\) \[signed-by=$MARVIN\] #\1 #" rootdir/etc/apt/sources.list.d/*
}