def test_verify_revision_signature_not_signed(self): wt = self.make_branch_and_tree('.') wt.commit("base", allow_pointless=True, rev_id='A') strategy = gpg.LoopbackGPGStrategy(None) self.assertEqual( (gpg.SIGNATURE_NOT_SIGNED, None), wt.branch.repository.verify_revision_signature('A', strategy))
def test_store_signature(self): wt = self.make_branch_and_tree('.') branch = wt.branch branch.lock_write() try: branch.repository.start_write_group() try: branch.repository.store_revision_signature( gpg.LoopbackGPGStrategy(None), 'FOO', 'A') except errors.NoSuchRevision: branch.repository.abort_write_group() raise tests.TestNotApplicable( "repository does not support signing non-present" "revisions") except: branch.repository.abort_write_group() raise else: branch.repository.commit_write_group() finally: branch.unlock() # A signature without a revision should not be accessible. self.assertRaises(errors.NoSuchRevision, branch.repository.has_signature_for_revision_id, 'A') wt.commit("base", allow_pointless=True, rev_id='A') self.assertEqual( '-----BEGIN PSEUDO-SIGNED CONTENT-----\n' 'FOO-----END PSEUDO-SIGNED CONTENT-----\n', branch.repository.get_signature_text('A'))
def test_upgrade_preserves_signatures(self): if not self.repository_format.supports_revision_signatures: raise tests.TestNotApplicable( "repository does not support signing revisions") wt = self.make_branch_and_tree('source') wt.commit('A', allow_pointless=True, rev_id='A') repo = wt.branch.repository repo.lock_write() repo.start_write_group() try: repo.sign_revision('A', gpg.LoopbackGPGStrategy(None)) except errors.UnsupportedOperation: self.assertFalse(repo._format.supports_revision_signatures) raise tests.TestNotApplicable( "signatures not supported by repository format") repo.commit_write_group() repo.unlock() old_signature = repo.get_signature_text('A') try: old_format = controldir.ControlDirFormat.get_default_format() # This gives metadir branches something they can convert to. # it would be nice to have a 'latest' vs 'default' concept. format = controldir.format_registry.make_bzrdir( 'development-subtree') upgrade.upgrade(repo.bzrdir.root_transport.base, format=format) except errors.UpToDateFormat: # this is in the most current format already. return except errors.BadConversionTarget, e: raise tests.TestSkipped(str(e))
def makeARepoWithSignatures(self): wt = self.make_branch_and_tree('a-repo-with-sigs') wt.commit('rev1', allow_pointless=True, rev_id='rev1') repo = wt.branch.repository repo.lock_write() repo.start_write_group() repo.sign_revision('rev1', gpg.LoopbackGPGStrategy(None)) repo.commit_write_group() repo.unlock() return repo
def test_sign_revision(self): if self.repository_format.supports_revision_signatures: raise tests.TestNotApplicable( "repository supports signing revisions") wt = self.make_branch_and_tree('source') wt.commit('A', allow_pointless=True, rev_id='A') repo = wt.branch.repository repo.lock_write() repo.start_write_group() self.assertRaises(errors.UnsupportedOperation, repo.sign_revision, 'A', gpg.LoopbackGPGStrategy(None)) repo.commit_write_group()
def test_sign_existing_revision(self): wt = self.make_branch_and_tree('.') wt.commit("base", allow_pointless=True, rev_id='A') strategy = gpg.LoopbackGPGStrategy(None) repo = wt.branch.repository self.addCleanup(repo.lock_write().unlock) repo.start_write_group() repo.sign_revision('A', strategy) repo.commit_write_group() self.assertEqual( '-----BEGIN PSEUDO-SIGNED CONTENT-----\n' + Testament.from_revision(repo, 'A').as_short_text() + '-----END PSEUDO-SIGNED CONTENT-----\n', repo.get_signature_text('A'))
def makeARepoWithSignatures(self): wt = self.make_branch_and_tree('a-repo-with-sigs') wt.commit('rev1', allow_pointless=True, rev_id='rev1') repo = wt.branch.repository repo.lock_write() repo.start_write_group() try: repo.sign_revision('rev1', gpg.LoopbackGPGStrategy(None)) except errors.UnsupportedOperation: self.assertFalse(repo._format.supports_revision_signatures) raise TestNotApplicable("repository format does not support signatures") repo.commit_write_group() repo.unlock() return repo
def test_clone_preserves_signatures(self): wt = self.make_branch_and_tree('source') wt.commit('A', allow_pointless=True, rev_id='A') repo = wt.branch.repository repo.lock_write() repo.start_write_group() repo.sign_revision('A', gpg.LoopbackGPGStrategy(None)) repo.commit_write_group() repo.unlock() #FIXME: clone should work to urls, # wt.clone should work to disks. self.build_tree(['target/']) d2 = repo.bzrdir.clone(urlutils.local_path_to_url('target')) self.assertEqual(repo.get_signature_text('A'), d2.open_repository().get_signature_text('A'))
def test_item_keys_introduced_by(self): # Make a repo with one revision and one versioned file. tree = self.make_branch_and_tree('t') self.build_tree(['t/foo']) tree.add('foo', 'file1') tree.commit('message', rev_id='rev_id') repo = tree.branch.repository repo.lock_write() repo.start_write_group() try: repo.sign_revision('rev_id', gpg.LoopbackGPGStrategy(None)) except errors.UnsupportedOperation: signature_texts = [] else: signature_texts = ['rev_id'] repo.commit_write_group() repo.unlock() repo.lock_read() self.addCleanup(repo.unlock) # Item keys will be in this order, for maximum convenience for # generating data to insert into knit repository: # * files # * inventory # * signatures # * revisions expected_item_keys = [ ('file', 'file1', ['rev_id']), ('inventory', None, ['rev_id']), ('signatures', None, signature_texts), ('revisions', None, ['rev_id'])] item_keys = list(repo.item_keys_introduced_by(['rev_id'])) item_keys = [ (kind, file_id, list(versions)) for (kind, file_id, versions) in item_keys] if repo.supports_rich_root(): # Check for the root versioned file in the item_keys, then remove # it from streamed_names so we can compare that with # expected_record_names. # Note that the file keys can be in any order, so this test is # written to allow that. inv = repo.get_inventory('rev_id') root_item_key = ('file', inv.root.file_id, ['rev_id']) self.assertTrue(root_item_key in item_keys) item_keys.remove(root_item_key) self.assertEqual(expected_item_keys, item_keys)
def test_sign_existing_revision(self): wt = self.make_branch_and_tree('.') branch = wt.branch wt.commit("base", allow_pointless=True, rev_id='A') from bzrlib.testament import Testament strategy = gpg.LoopbackGPGStrategy(None) branch.repository.lock_write() branch.repository.start_write_group() branch.repository.sign_revision('A', strategy) branch.repository.commit_write_group() branch.repository.unlock() self.assertEqual( '-----BEGIN PSEUDO-SIGNED CONTENT-----\n' + Testament.from_revision(branch.repository, 'A').as_short_text() + '-----END PSEUDO-SIGNED CONTENT-----\n', branch.repository.get_signature_text('A'))
def test_install_revisions(self): wt = self.make_branch_and_tree('source') wt.commit('A', allow_pointless=True, rev_id='A') repo = wt.branch.repository repo.lock_write() repo.start_write_group() repo.sign_revision('A', gpg.LoopbackGPGStrategy(None)) repo.commit_write_group() repo.unlock() repo.lock_read() self.addCleanup(repo.unlock) repo2 = self.make_repository('repo2') revision = repo.get_revision('A') tree = repo.revision_tree('A') signature = repo.get_signature_text('A') repo2.lock_write() self.addCleanup(repo2.unlock) vf_repository.install_revisions(repo2, [(revision, tree, signature)]) self.assertEqual(revision, repo2.get_revision('A')) self.assertEqual(signature, repo2.get_signature_text('A'))
def test_verify_revision_signatures(self): wt = self.make_branch_and_tree('.') wt.commit("base", allow_pointless=True, rev_id='A') wt.commit("second", allow_pointless=True, rev_id='B') strategy = gpg.LoopbackGPGStrategy(None) repo = wt.branch.repository self.addCleanup(repo.lock_write().unlock) repo.start_write_group() repo.sign_revision('A', strategy) repo.commit_write_group() self.assertEqual( '-----BEGIN PSEUDO-SIGNED CONTENT-----\n' + Testament.from_revision(repo, 'A').as_short_text() + '-----END PSEUDO-SIGNED CONTENT-----\n', repo.get_signature_text('A')) self.assertEqual([('A', gpg.SIGNATURE_VALID, None), ('B', gpg.SIGNATURE_NOT_SIGNED, None)], list( repo.verify_revision_signatures(['A', 'B'], strategy)))