set A(validate,signature-timestamp) 1
exp_continue
}
+ -re {^ftp-upload\[[0-9]+\]: \(Test\)\
+ GPG signed upload from the future - not allowed[^\r\n]+} {
+ # from read_directive_file, if signature timestamp bad
+ set A(validate,future-signature-timestamp) 1
+ exp_continue
+ }
-re {^ftp-upload\[[0-9]+\]: \(Test\)\
DEBUG: [^ ]+ size is [[:digit:]]+} {
}
# TODO: should be validate,package-no-email instead of unknown-package here
+check_triplet "bogus: directive signature from the future" setup {
+ packages {
+ foo {
+ email { "foo@example.org" }
+ keys { { id 1000 name "foo <foo@example.gnu.org>" } }
+ maintainers { "foo <foo@example.net>" }
+ }
+ }
+} upload {
+ foo.bin {
+ directive {
+ version 1.2
+ directory foo
+ filename foo.bin
+ } dsig { good 05 1000 "3 days" }
+ file { test } fsig { good 06 1000 }
+ }
+} check {
+ file-tree {
+ { incoming stage pub archive } empty {}
+ { in-stage } files {
+ foo.bin.directive.asc foo.bin.sig foo.bin
+ }
+ } log {
+ found,foo.bin.directive.asc "found directive in triplet"
+ found-triplet,foo.bin.directive.asc:foo.bin.sig:foo.bin \
+ "found triplet"
+ validate,future-signature-timestamp \
+ "reject upload from the future"
+ } email-to {
+ ftp-upload-script@gnu.org foo@example.gnu.org
+ ftp-upload-report@gnu.org foo@example.org foo@example.net
+ }
+}
+
check_triplet "bogus: signed with wrong key" setup {
packages {
foo {
projects / gatekeeper.git / commitdiff