From: Jacob Bachmeyer <jcb@gnu.org>
Date: Fri, 28 Jan 2022 03:36:12 +0000 (-0600)
Subject: Add more tests for misconfigured package scenarios
X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=b5b78ca726b01579bd8fa3a29da58f588ada1a96;p=gatekeeper.git

Add more tests for misconfigured package scenarios
---

diff --git a/testsuite/lib/upload.exp b/testsuite/lib/upload.exp
index beddd8b..9f6733b 100644
--- a/testsuite/lib/upload.exp
+++ b/testsuite/lib/upload.exp
@@ -602,6 +602,7 @@ proc analyze_log { base_dir name assess } {
 		     set A(unknown-package) 1
 		     exp_continue
 		 }
+	# TODO:  This should be validate,package-no-email instead.
 
 	-re {^ftp-upload\[[0-9]+\]: \(Test\)\
 		 invalid directory[^\r\n]+} {
@@ -713,6 +714,7 @@ proc analyze_log { base_dir name assess } {
 		     set A(validate,package-no-config) 1
 		     exp_continue
 		 }
+	# TODO: validate,package-no-config should be unknown-package
 	-re {^ftp-upload\[[0-9]+\]: \(Test\)\
 		 no keyring for package ([^\r\n]+)} {
 		     # from read_directive_file, if package keyring not found
diff --git a/testsuite/upload.all/03_triplet.exp b/testsuite/upload.all/03_triplet.exp
index 9ac4d7b..ed2e60c 100644
--- a/testsuite/upload.all/03_triplet.exp
+++ b/testsuite/upload.all/03_triplet.exp
@@ -333,6 +333,92 @@ check_triplet "bogus: signed for unknown package" setup {
     }
 }
 
+check_triplet "bogus: signed but package has no keys" setup {
+    packages {
+	foo {
+	    email { "foo@example.org" }
+	    keys { { id 1000 name "foo <foo@example.gnu.org>" } }
+	    maintainers { "foo <foo@example.net>" }
+	}
+	bar {
+	    email { "bar@example.org" }
+	    maintainers { "bar <bar@example.net>" }
+	}
+    }
+} upload {
+    bar.tar.gz {
+	directive {
+	    version 1.2
+	    directory bar
+	    filename bar.tar.gz
+	} dsig { good 05 1000 }
+	tar-file {
+	    README README
+	    bar.bin contents
+	} fsig { good 06 1000 }
+    }
+} check {
+    file-tree {
+	{ incoming stage pub archive } empty {}
+	{ in-stage } files {
+	    bar.tar.gz.directive.asc bar.tar.gz.sig bar.tar.gz
+	}
+    } log {
+	found,bar.tar.gz.directive.asc "found directive in triplet"
+	found-triplet,bar.tar.gz.directive.asc:bar.tar.gz.sig:bar.tar.gz \
+	    "found triplet"
+	gpgv,directive-verify-failed "reject upload for misconfigured package"
+    } email-to {
+	ftp-upload-script@gnu.org
+	foo@example.gnu.org
+	ftp-upload-report@gnu.org bar@example.net bar@example.org
+    }
+}
+# TODO: should be validate,package-no-keys instead of
+# gpgv,directive-verify-failed but script currently cannot reach that error
+
+check_triplet "bogus: signed but package has no email addresses" setup {
+    packages {
+	foo {
+	    email { "foo@example.org" }
+	    keys { { id 1000 name "foo <foo@example.gnu.org>" } }
+	    maintainers { "foo <foo@example.net>" }
+	}
+	bar {
+	    keys { { id 1001 name "bar <bar@example.gnu.org>" } }
+	    maintainers { "bar <bar@example.net>" }
+	}
+    }
+} upload {
+    bar.tar.gz {
+	directive {
+	    version 1.2
+	    directory bar
+	    filename bar.tar.gz
+	} dsig { good 05 1001 }
+	tar-file {
+	    README README
+	    bar.bin contents
+	} fsig { good 06 1001 }
+    }
+} check {
+    file-tree {
+	{ incoming stage pub archive } empty {}
+	{ in-stage } files {
+	    bar.tar.gz.directive.asc bar.tar.gz.sig bar.tar.gz
+	}
+    } log {
+	found,bar.tar.gz.directive.asc "found directive in triplet"
+	found-triplet,bar.tar.gz.directive.asc:bar.tar.gz.sig:bar.tar.gz \
+	    "found triplet"
+	unknown-package "reject upload for misconfigured package"
+    } email-to {
+	ftp-upload-script@gnu.org
+	bar@example.gnu.org
+    }
+}
+# TODO: should be validate,package-no-email instead of unknown-package here
+
 check_triplet "bogus: signed with wrong key" setup {
     packages {
 	foo {