def testChangeKeyOwner(self):
fingerprint = 'F7440D78FE813C882212C2BF8AC2828190B1E477'
# supply the pass phrase for our private key
keyCache = openpgpkey.getKeyCache()
keyCache.getPrivateKey(fingerprint, '111111')
self.addQuickTestComponent("test:source", "1.0-1-1")
self.cfg.signatureKey = fingerprint
self.cfg.quiet = True
repos = self.openRepository()
anotherRepos = self.setupUser(repos, self.cfg.buildLabel, 'another',
'anotherpass', None, None)
# put the public key into the repo
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint, keyRing)
keyData.seek(0)
keyData = keyData.read()
repos.addNewPGPKey(self.cfg.buildLabel, 'test', keyData)
repos.changePGPKeyOwner(self.cfg.buildLabel, 'another', fingerprint)
assert (repos.listUsersMainKeys(self.cfg.buildLabel,
'another')[0] == fingerprint)
def setupPaths(self):
# turn off rpm locking via a DSO override. We have to
# keep a reference to the handle or else dlclose() will be
# called on it. Yes, this is ugly, but for some reason RPM
# has a global variable for the location of the lock file
# that only gets filled in the first time you ask for the rpm
# database lock. Thus you can't use more than one root directory
# during any single execution of rpmlib code.
assert 'rpm._rpm' not in sys.modules
from conary_test import norpmlock
norpmlock.open(resources.get_path('conary_test', '_norpmlock.so'))
def setupPaths(self):
# turn off rpm locking via a DSO override. We have to
# keep a reference to the handle or else dlclose() will be
# called on it. Yes, this is ugly, but for some reason RPM
# has a global variable for the location of the lock file
# that only gets filled in the first time you ask for the rpm
# database lock. Thus you can't use more than one root directory
# during any single execution of rpmlib code.
assert 'rpm._rpm' not in sys.modules
from conary_test import norpmlock
norpmlock.open(resources.get_path('conary_test', '_norpmlock.so'))
def testAddingSigs(self):
fingerprint = '95B457D16843B21EA3FC73BBC7C32FC1F94E405E'
# get the public key
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint, keyRing)
keyData.seek(0)
keyData = keyData.read()
# force the repository to be setup before we use a broken password
# to access it
self.openRepository()
repos = self.getRepositoryClient(user='******', password='******')
self.assertRaises(errors.InsufficientPermission, repos.addNewPGPKey,
self.cfg.buildLabel, 'test', keyData)
self.assertRaises(errors.InsufficientPermission,
repos.addNewAsciiPGPKey, self.cfg.buildLabel, 'test',
unexpiredKey)
def setupPaths(self):
# turn off rpm locking via a DSO override. We have to
# keep a reference to the handle or else dlclose() will be
# called on it. Yes, this is ugly, but for some reason RPM
# has a global variable for the location of the lock file
# that only gets filled in the first time you ask for the rpm
# database lock. Thus you can't use more than one root directory
# during any single execution of rpmlib code.
assert 'rpm._rpm' not in sys.modules
from conary_test import norpmlock
norpmlock.open(resources.get_path('conary_test', '_norpmlock.so'))
if sqlite3.sqlite_version_info() < (3, 7, 0):
warnings.warn("conary.sqlite3 is linked against a too-old system "
"sqlite that is known to have bugs affecting the "
"repository.")
# Some transport tests are affected by proxy environment settings
for transport in ('http', 'https', 'ftp', 'all', 'no'):
name = '%s_proxy' % transport
os.environ.pop(name, None)
os.environ.pop(name.upper(), None)
def setupPaths(self):
# turn off rpm locking via a DSO override. We have to
# keep a reference to the handle or else dlclose() will be
# called on it. Yes, this is ugly, but for some reason RPM
# has a global variable for the location of the lock file
# that only gets filled in the first time you ask for the rpm
# database lock. Thus you can't use more than one root directory
# during any single execution of rpmlib code.
assert 'rpm._rpm' not in sys.modules
from conary_test import norpmlock
norpmlock.open(resources.get_path('conary_test', '_norpmlock.so'))
if sqlite3.sqlite_version_info() < (3,7,0):
warnings.warn("conary.sqlite3 is linked against a too-old system "
"sqlite that is known to have bugs affecting the "
"repository.")
# Some transport tests are affected by proxy environment settings
for transport in ('http', 'https', 'ftp', 'all', 'no'):
name = '%s_proxy' % transport
os.environ.pop(name, None)
os.environ.pop(name.upper(), None)
def testSignedCheckout(self):
fingerprint = 'F7440D78FE813C882212C2BF8AC2828190B1E477'
# supply the pass phrase for our private key
keyCache = openpgpkey.getKeyCache()
keyCache.getPrivateKey(fingerprint, '111111')
self.addQuickTestComponent("test:source", "1.0-1-1")
self.cfg.signatureKey = fingerprint
self.cfg.quiet = True
# put the public key into the repo
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint, keyRing)
keyData.seek(0)
keyData = keyData.read()
repos = self.openRepository()
repos.addNewPGPKey(self.cfg.buildLabel, 'test', keyData)
signtrove.signTroves(self.cfg, ["test:source"])
# alter key's trust value and determine that the doUpdate
# code properly verifies trust thresholds
pubKey = keyCache.getPublicKey(fingerprint)
pubKey.trustLevel = openpgpfile.TRUST_UNTRUSTED
keyCache.publicDict[fingerprint] = pubKey
self.cfg.trustThreshold = openpgpfile.TRUST_ULTIMATE
self.logFilter.add()
try:
checkout(repos, self.cfg, self.workDir, ["test"])
self.fail("checkin.checkout did not properly verify trust levels")
except DigitalSignatureVerificationError:
self.logFilter.compare([
'warning: The trove test:source has '
'signatures generated with untrusted keys. You can either '
'resign the trove with a key that you trust, or add one of the '
'keys to the list of trusted keys (the trustedKeys '
'configuration option). The keys that were not trusted are: '
'90B1E477'
])
def getCoverageDirs(self, handler, environ):
# TODO: policy
return [resources.get_path('conary')]
def setUp(self):
p = resources.get_path('scripts/rpm2cpio')
if os.path.exists(p):
self.rpm2cpio = p
else:
self.rpm2cpio = '/usr/bin/rpm2cpio'
def getCoverageDirs(self, handler, environ):
# TODO: policy
return [ resources.get_path('conary') ]
def testSignedUpdate(self):
fingerprint = '95B457D16843B21EA3FC73BBC7C32FC1F94E405E'
# supply the pass phrase for our private key
keyCache = openpgpkey.getKeyCache()
keyCache.getPrivateKey(fingerprint, '111111')
self.addQuickTestComponent("test:doc", "1.0-1-1")
self.cfg.signatureKey = fingerprint
self.cfg.quiet = True
# put the public key into the repo
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint, keyRing)
keyData.seek(0)
keyData = keyData.read()
repos = self.openRepository()
repos.addNewPGPKey(self.cfg.buildLabel, 'test', keyData)
signtrove.signTroves(self.cfg, ["test:doc"])
# alter key's trust value and determine that the doUpdate
# code properly verifies trust thresholds
pubKey = keyCache.getPublicKey(fingerprint)
pubKey.trustLevel = openpgpfile.TRUST_UNTRUSTED
keyCache.publicDict[fingerprint] = pubKey
self.cfg.trustThreshold = openpgpfile.TRUST_ULTIMATE
self.logFilter.add()
try:
self.discardOutput(doUpdate, self.cfg, 'test:doc')
self.fail("updatecmd.doUpdate did not properly check trust levels")
except DigitalSignatureVerificationError:
self.logFilter.compare([
'warning: The trove test:doc has '
'signatures generated with untrusted keys. You can either '
'resign the trove with a key that you trust, or add one of the '
'keys to the list of trusted keys (the trustedKeys '
'configuration option). The keys that were not trusted are: '
'F94E405E'
])
# An example how one can catch the digital signature verification
# error for each unsigned trove (and display some message in a GUI
# maybe). In this case we just raise a different exception.
class MyException(Exception):
errorIsUncatchable = True
class C_(callbacks.UpdateCallback):
def verifyTroveSignatures(self, trv):
try:
return callbacks.UpdateCallback.verifyTroveSignatures(
self, trv)
except DigitalSignatureVerificationError:
raise MyException("Error in trove %s" % trv.getName())
callback = C_(trustThreshold=self.cfg.trustThreshold)
# We should catch our own exception now
self.discardOutput(self.assertRaises,
MyException,
doUpdate,
self.cfg,
"test:doc",
callback=callback)
def getServerDir(self):
return resources.get_path('conary_test', 'server')
def setUp(self):
p = resources.get_path('scripts/ccs2tar')
if not os.path.exists(p):
p = '/usr/bin/ccs2tar'
self.ccs2tar = p
def testSignTrove(self):
fingerprint = 'F7440D78FE813C882212C2BF8AC2828190B1E477'
# supply the pass phrase for our private key
keyCache = openpgpkey.getKeyCache()
keyCache.getPrivateKey(fingerprint, '111111')
self.addQuickTestComponent("test:doc", "1.0-1-1")
self.cfg.signatureKey = fingerprint
self.cfg.quiet = True
self.assertRaises(errors.DigitalSignatureError, signtrove.signTroves,
self.cfg, ["test:doc"])
# get the public key
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint, keyRing)
keyData.seek(0)
keyData = keyData.read()
# upload the public key
repos = self.openRepository()
repos.addNewPGPKey(self.cfg.buildLabel, 'test', keyData)
signtrove.signTroves(self.cfg, ["test:doc"])
# get the signed trove from the repository, verify that
# everything is correct
v = versions.VersionFromString('/localhost@rpl:linux/1.0-1-1')
f = deps.parseFlavor('')
t = repos.getTrove('test:doc', v, f)
self._checkDigitalSig(t, fingerprint)
self.assertEqual(t.verifyDigitalSignatures(),
(openpgpfile.TRUST_TRUSTED, [], set()))
# add another signature. This exercises code such as the
# change set cache invalidation
fingerprint2 = '95B457D16843B21EA3FC73BBC7C32FC1F94E405E'
keyCache.getPrivateKey(fingerprint2, '111111')
# upload the public key
keyRing = open(
resources.get_path('conary_test', 'archive', 'pubring.gpg'))
keyData = openpgpfile.exportKey(fingerprint2, keyRing)
keyData.seek(0)
keyData = keyData.read()
repos.addNewPGPKey(self.cfg.buildLabel, 'test', keyData)
# sign with the second private key
self.cfg.signatureKey = fingerprint2
self.cfg.quiet = True
signtrove.signTroves(self.cfg, ["test:doc"])
# iterate over the signatures, making sure each signature version has
# two sigs associated with it
t = repos.getTrove('test:doc', v, f)
self._checkDigitalSig(t, fingerprint)
self._checkDigitalSig(t, fingerprint2)
self.assertEqual(t.verifyDigitalSignatures(),
(openpgpfile.TRUST_TRUSTED, [], set()))
# attempt signing again with a key that already signed the trove
self.assertRaises(errors.DigitalSignatureError, signtrove.signTroves,
self.cfg, ["test:doc"])
def getServerDir(self):
return resources.get_path("conary_test", "server")
def setUp(self):
p = resources.get_path("scripts/rpm2cpio")
if os.path.exists(p):
self.rpm2cpio = p
else:
self.rpm2cpio = "/usr/bin/rpm2cpio"
def testReposRequireSigs(self):
fingerprint = '95B457D16843B21EA3FC73BBC7C32FC1F94E405E'
# supply the pass phrase for our private key
keyCache = openpgpkey.getKeyCache()
keyCache.getPrivateKey(fingerprint, '111111')
callback = checkin.CheckinCallback()
# make sure there's not a cached repo index 1
self.stopRepository(1)
sigRepos = self.openRepository(1, requireSigs=True)
ascKey = open(resources.get_path('conary_test', 'archive',
'key.asc')).read()
buildLabel = self.cfg.buildLabel
signatureKey = self.cfg.signatureKey
signatureKeyMap = self.cfg.signatureKeyMap
# try block protects test suite from the alteration of self.cfg
# or most especially, the effects of leaving a requireSigs repo around
try:
self.cfg.signatureKey = None
self.cfg.signatureKeyMap = None
self.cfg.buildLabel = versions.Label('localhost1@rpl:linux')
sigRepos.addNewAsciiPGPKey(self.cfg.buildLabel, 'test', ascKey)
try:
self.addQuickTestComponent("test:doc",
"/localhost1@rpl:devel/1.0-1-1")
self.fail("Repository should have required a signature")
except DigitalSignatureVerificationError:
pass
name = 'testcase'
fullName = name + '=/localhost1@rpl:linux'
# test commit codepath.
origDir = os.getcwd()
try:
os.chdir(self.workDir)
self.newpkg(name)
os.chdir(name)
self.writeFile(name + '.recipe', testRecipe)
self.addfile(name + '.recipe')
try:
checkin.commit(sigRepos, self.cfg, 'foobar', callback)
self.fail("Repository should have rejected commit")
except DigitalSignatureVerificationError:
pass
# but we really need a source trove for the rest of the paths
self.cfg.signatureKey = fingerprint
checkin.commit(sigRepos, self.cfg, fullName, None)
self.cfg.signatureKey = None
finally:
os.chdir(origDir)
# test cook codepath
try:
self.cookItem(sigRepos,
self.cfg,
fullName,
callback=callback,
ignoreDeps=True)
self.fail("Repository should have rejected cook")
except DigitalSignatureVerificationError:
pass
self.cfg.signatureKey = fingerprint
self.cookItem(sigRepos,
self.cfg,
fullName,
callback=callback,
ignoreDeps=True)
self.cfg.signatureKey = None
# test clone codepath
try:
self.clone('/localhost1@rpl:shadow',
'testcase:source=/localhost1@rpl:linux')
self.fail("Repository should have rejected clone")
except DigitalSignatureVerificationError:
pass
# test branch codepath
try:
self.mkbranch("1.0-1",
"localhost1@rpl:shadow",
"testcase:source",
shadow=False)
self.fail("Repository should have rejected branch")
except DigitalSignatureVerificationError:
pass
# test shadow codepath
try:
self.mkbranch("1.0-1",
"localhost1@rpl:shadow",
"testcase:source",
shadow=True)
self.fail("Repository should have rejected shadow")
except DigitalSignatureVerificationError:
pass
finally:
self.cfg.buildLabel = buildLabel
self.cfg.signatureKey = signatureKey
self.cfg.signatureKeyMap = signatureKeyMap
# this repo MUST be destroyed, other tests will fail against it.
self.stopRepository(1)
sigRepos = self.openRepository(1)
self.addQuickTestComponent("test:doc", "/localhost1@rpl:devel/1.0-1-1")
