summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2011-04-02 13:19:05 +0200
committerPierre Schmitz <pierre@archlinux.de>2011-04-02 13:19:05 +0200
commit1ce0c6368d0908e25f9bd1bb8183b5f29053fac8 (patch)
tree225c1d19b42c5b4a5d9319adb49bfece95a49952
parenta7b293ad4d819fa77592818af27f7c2a3b9b2ca4 (diff)
Add simple checks for handling signed packages
In addition to this dbscripts wont accept unsigned pacakges when REQUIRE_SIGNATURE is set to true. Note: At this point no signature verification is performed at all.
-rw-r--r--config2
-rw-r--r--db-functions10
-rw-r--r--test/lib/common.inc30
-rwxr-xr-xtest/test.d/signed-packages.sh13
4 files changed, 54 insertions, 1 deletions
diff --git a/config b/config
index b595636..89e3633 100644
--- a/config
+++ b/config
@@ -14,6 +14,8 @@ SOURCE_CLEANUP_DRYRUN=false
# Time in days to keep moved sourcepackages
SOURCE_CLEANUP_KEEP=14
+REQUIRE_SIGNATURE=false
+
LOCK_DELAY=10
LOCK_TIMEOUT=300
diff --git a/db-functions b/db-functions
index b469039..a3e2168 100644
--- a/db-functions
+++ b/db-functions
@@ -284,6 +284,9 @@ getpkgfile() {
elif [ ! -f "${1}" ]; then
error "Package ${1} not found!"
exit 1
+ elif ${REQUIRE_SIGNATURE} && [ ! -f "${1}.sig" ]; then
+ error "Package signature ${1}.sig not found!"
+ exit 1
fi
echo ${1}
@@ -300,6 +303,9 @@ getpkgfiles() {
if [ ! -f "${f}" ]; then
error "Package ${f} not found!"
exit 1
+ elif ${REQUIRE_SIGNATURE} && [ ! -f "${f}.sig" ]; then
+ error "Package signature ${f}.sig not found!"
+ exit 1
fi
done
@@ -411,14 +417,18 @@ check_pkgrepos() {
[ $? -ge 1 ] && return 1
[ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1
+ [ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1
[ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile})" ] && return 1
+ [ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile}).sig" ] && return 1
local repo
local arch
for repo in ${PKGREPOS[@]}; do
for arch in ${ARCHES[@]}; do
[ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1
+ [ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1
[ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile})" ] && return 1
+ [ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile}).sig" ] && return 1
done
done
diff --git a/test/lib/common.inc b/test/lib/common.inc
index 2cf2769..eb46508 100644
--- a/test/lib/common.inc
+++ b/test/lib/common.inc
@@ -95,6 +95,7 @@ setUp() {
TMPDIR="${TMP}/tmp"
CLEANUP_DRYRUN=false
SOURCE_CLEANUP_DRYRUN=false
+ REQUIRE_SIGNATURE=true
eot
. "$(dirname ${BASH_SOURCE[0]})/../../config"
}
@@ -115,6 +116,13 @@ releasePackage() {
pkgver=$(. PKGBUILD; echo $(get_full_version ${epoch:-0} ${pkgver} ${pkgrel}))
popd >/dev/null
cp "${pkgdir}/${pkgbase}"/*-${pkgver}-${arch}${PKGEXT} "${STAGING}"/${repo}/
+
+ if ${REQUIRE_SIGNATURE}; then
+ # TODO: really sign the packages with a valid key
+ find "${STAGING}"/${repo}/ -type f \
+ -name "*-${pkgver}-${arch}${PKGEXT}" \
+ -exec touch {}.sig \;
+ fi
}
checkAnyPackage() {
@@ -124,13 +132,23 @@ checkAnyPackage() {
local db
[ -r "${FTP_BASE}/${PKGPOOL}/${pkg}" ] || fail "${PKGPOOL}/${pkg} not found"
+ if ${REQUIRE_SIGNATURE}; then
+ [ -r "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] || fail "${PKGPOOL}/${pkg}.sig not found"
+ fi
for arch in i686 x86_64; do
- [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} not a symlink"
+ [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} is not a symlink"
[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/${PKGPOOL}/${pkg}" ] \
|| fail "${repo}/os/${arch}/${pkg} does not link to ${PKGPOOL}/${pkg}"
+
+ if ${REQUIRE_SIGNATURE}; then
+ [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig" ] || fail "${repo}/os/${arch}/${pkg}.sig is not a symlink"
+ [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig")" == "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] \
+ || fail "${repo}/os/${arch}/${pkg}.sig does not link to ${PKGPOOL}/${pkg}.sig"
+ fi
done
[ -r "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir"
+ [ -r "${STAGING}"/${repo}/${pkg}.sig ] && fail "${repo}/${pkg}.sig found in staging dir"
for db in ${DBEXT} ${FILESEXT}; do
( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" ] \
@@ -139,6 +157,7 @@ checkAnyPackage() {
done
[ -r "${FTP_BASE}/${repo}/os/any/${pkg}" ] && fail "${repo}/os/any/${pkg} should not exist"
+ [ -r "${FTP_BASE}/${repo}/os/any/${pkg}.sig" ] && fail "${repo}/os/any/${pkg}.sig should not exist"
}
checkPackage() {
@@ -154,6 +173,15 @@ checkPackage() {
[ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/${PKGPOOL}/${pkg}" ] \
|| fail "${repo}/os/${arch}/${pkg} does not link to ${PKGPOOL}/${pkg}"
+ if ${REQUIRE_SIGNATURE}; then
+ [ -r "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] || fail "${PKGPOOL}/${pkg}.sig not found"
+ [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig" ] || fail "${repo}/os/${arch}/${pkg}.sig is not a symlink"
+ [ -r "${STAGING}"/${repo}/${pkg}.sig ] && fail "${repo}/${pkg}.sig found in staging dir"
+
+ [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig")" == "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] \
+ || fail "${repo}/os/${arch}/${pkg}.sig does not link to ${PKGPOOL}/${pkg}.sig"
+ fi
+
for db in ${DBEXT} ${FILESEXT}; do
( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" ] \
&& bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" -O | grep -q ${pkg}) \
diff --git a/test/test.d/signed-packages.sh b/test/test.d/signed-packages.sh
new file mode 100755
index 0000000..5d6f4ff
--- /dev/null
+++ b/test/test.d/signed-packages.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+curdir=$(readlink -e $(dirname $0))
+. "${curdir}/../lib/common.inc"
+
+testAddUnsignedPackage() {
+ releasePackage extra 'pkg-simple-a' 'i686'
+ # remove any signature
+ rm "${STAGING}"/extra/*.sig
+ ../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is missing!"
+}
+
+. "${curdir}/../lib/shunit2"