def test_update_unexpected_exception_git_refs(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) git_output = (b'gpg: Signature made Tue 13 Mar 2018 01:14:11 AM UTC\n' b'gpg: using RSA key ' b'22245C81E3BAEB4138B36061310F561200F4AD77\n' b'gpg: Good signature from "SecureDrop Release ' b'Signing Key" [unknown]\n') patchers = [ mock.patch('securedrop_admin.check_for_updates', return_value=(True, "0.6.1")), mock.patch('subprocess.check_call'), mock.patch('subprocess.check_output', side_effect=[ git_output, subprocess.CalledProcessError( 1, 'cmd', b'a random error') ]), ] for patcher in patchers: patcher.start() try: ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification successful." not in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code == 1 finally: for patcher in patchers: patcher.stop()
def test_update_signature_verifies(self, tmpdir, caplog, git_output): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) patchers = [ mock.patch('securedrop_admin.check_for_updates', return_value=(True, "0.6.1")), mock.patch('subprocess.check_call'), mock.patch('subprocess.check_output', side_effect=[ git_output, subprocess.CalledProcessError( 1, 'cmd', b'not a valid ref') ]), ] for patcher in patchers: patcher.start() try: ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification successful." in caplog.text assert "Updated to SecureDrop" in caplog.text assert ret_code == 0 finally: for patcher in patchers: patcher.stop()
def test_update_exits_if_not_needed(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) with mock.patch('securedrop_admin.check_for_updates', return_value=(False, "0.6.1")): ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code == 0
def test_no_signature_on_update(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) with mock.patch('securedrop_admin.check_for_updates', return_value=(True, "0.6.1")): with mock.patch('subprocess.check_call'): with mock.patch('subprocess.check_output', side_effect=subprocess.CalledProcessError( 1, 'git', 'error: no signature found')): ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification failed." in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code != 0
def test_update_malicious_key_named_good_sig(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) git_output = (b'gpg: Signature made Tue 13 Mar 2018 01:14:11 AM UTC\n' b'gpg: using RSA key ' b'1234567812345678123456781234567812345678\n' b'gpg: Good signature from Good signature from ' b'"SecureDrop Release Signing Key" [unknown]\n') with mock.patch('securedrop_admin.check_for_updates', return_value=(True, "0.6.1")): with mock.patch('subprocess.check_call'): with mock.patch('subprocess.check_output', return_value=git_output): ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification failed." in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code != 0
def test_update_signature_does_not_verify(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) git_output = (b'gpg: Signature made Tue 13 Mar 2018 01:14:11 AM UTC\n' b'gpg: using RSA key ' b'22245C81E3BAEB4138B36061310F561200F4AD77\n' b'gpg: BAD signature from "SecureDrop Release ' b'Signing Key" [unknown]\n') with mock.patch('securedrop_admin.check_for_updates', return_value=(True, "0.6.1")): with mock.patch('subprocess.check_call'): with mock.patch('subprocess.check_output', return_value=git_output): ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification failed." in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code != 0
def test_update_malicious_key_named_fingerprint(self, tmpdir, caplog): git_repo_path = str(tmpdir) args = argparse.Namespace(root=git_repo_path) git_output = (b"gpg: Signature made Tue 13 Mar 2018 01:14:11 AM UTC\n" b"gpg: using RSA key " b"1234567812345678123456781234567812345678\n" b'gpg: Good signature from "22245C81E3BAEB4138' b'B36061310F561200F4AD77" [unknown]\n') with mock.patch("securedrop_admin.check_for_updates", return_value=(True, "0.6.1")): with mock.patch("subprocess.check_call"): with mock.patch("subprocess.check_output", return_value=git_output): ret_code = securedrop_admin.update(args) assert "Applying SecureDrop updates..." in caplog.text assert "Signature verification failed." in caplog.text assert "Updated to SecureDrop" not in caplog.text assert ret_code != 0