From: Jacob Bachmeyer Date: Sat, 29 Jan 2022 02:52:00 +0000 (-0600) Subject: Add more tests for loose directives to improve coverage X-Git-Url: https://vcs.fsf.org/?a=commitdiff_plain;h=e6f49e953f5ae2d557ec2e933886dcda759e0816;p=gatekeeper.git Add more tests for loose directives to improve coverage --- diff --git a/testsuite/lib/upload.exp b/testsuite/lib/upload.exp index 9f6733b..6c38d84 100644 --- a/testsuite/lib/upload.exp +++ b/testsuite/lib/upload.exp @@ -480,6 +480,12 @@ proc analyze_log { base_dir name assess } { # running time for the generate-ftpindex tool } + -re {^ftp-upload\[[0-9]+\]: \(Test\)\ + [^ ]+ does not exist - can not archive} { + # from archive, when target does not exist + set A(action,archive-failure,not-found) 1 + exp_continue + } -re {^ftp-upload\[[0-9]+\]: \(Test\)\ archived [^ ]+ to [^\r\n]+} { # from archive, upon success @@ -505,6 +511,13 @@ proc analyze_log { base_dir name assess } { # include a file name relative to the test base exp_continue } + -re {^ftp-upload\[[0-9]+\]: \(Test\)\ + refusing to remove a non-symlink file} { + # from execute_commands, when an item to be removed is + # not a symlink after all + set A(action,rm-symlink-failure,not-link) 1 + exp_continue + } -re {^ftp-upload\[[0-9]+\]: \(Test\)\ removed symlink [^\r\n]+} { # from execute_commands, removing a symlink diff --git a/testsuite/upload.all/01_loose.exp b/testsuite/upload.all/01_loose.exp index e93aaf7..f2801bd 100644 --- a/testsuite/upload.all/01_loose.exp +++ b/testsuite/upload.all/01_loose.exp @@ -188,6 +188,58 @@ check_loose_directive "bogus: signed with wrong key" { foo@example.gnu.org } +check_loose_directive "bogus: signed with wrong key and directory repeated" { + directive { + version 1.2 + directory baz + directory baz + no-op "" + comment "do nothing" + } dsig { good 01 1000 } +} file-tree { + { incoming stage pub archive } empty {} + { in-stage } files { foo.directive.asc } +} log { + validate,bad-directory-repeat "duplicate directory rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.gnu.org +} + +check_loose_directive "bogus: signed with wrong key and directory ambiguous" { + directive { + version 1.2 + directory baz + directory foo + no-op "" + comment "do nothing" + } dsig { good 01 1000 } +} file-tree { + { incoming stage pub archive } empty {} + { in-stage } files { foo.directive.asc } +} log { + validate,bad-directory-repeat "ambiguous directory rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.gnu.org +} + +check_loose_directive "bogus: signed with wrong key and too deep" { + directive { + version 1.2 + directory foo/bar/baz/quux/a/very/deep/directory/name + no-op "" + comment "do nothing" + } dsig { good 01 1001 } +} file-tree { + { incoming stage pub archive } empty {} + { in-stage } files { foo.directive.asc } +} log { + validate,bad-directory-depth "excessively deep directory rejected" +} email-to { + ftp-upload-script@gnu.org +} + check_loose_directive "bogus: signed for bogus package" { directive { version 1.2 @@ -257,6 +309,163 @@ check_loose_directive "create dangling symlink" { foo@example.org foo@example.gnu.org foo@example.net } +check_loose_directive "error: create symlink using /../ in name" { + directive { + version 1.2 + directory foo + symlink "foo/foo-1.0.bin bar/../../foo-latest.bin" + } dsig { good 12 1000 } +} initial-files { + pub { + foo/foo-1.0.bin { good 05 1000 } + foo/bar/README { good 10 1000 } + } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin foo/bar/README } +} log { + validate,bad-parameter,symlink \ + "symlink using /../ in name rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink using /../ in target" { + directive { + version 1.2 + directory foo + symlink "bar/../foo-1.0.bin foo-latest.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink \ + "symlink using /../ in target rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with bogus name" { + directive { + version 1.2 + directory foo + symlink "foo-1.0.bin -bogus=filename" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "bogus symlink name rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with bogus target" { + directive { + version 1.2 + directory foo + symlink "-bogus=filename foo-latest.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "bogus symlink target rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with absolute name" { + directive { + version 1.2 + directory foo + symlink "foo-1.0.bin /pub/foo-latest.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "absolute symlink name rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with absolute target" { + directive { + version 1.2 + directory foo + symlink "/etc/group foo-latest.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "absolute symlink target rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with only one parameter" { + directive { + version 1.2 + directory foo + symlink "foo-1.0.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "bogus symlink command rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: create symlink with too many parameters" { + directive { + version 1.2 + directory foo + symlink "foo-1.0.bin foo-latest.bin extra-bogus" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,symlink "bogus symlink command rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + check_loose_directive "replace symlink" { directive { version 1.2 @@ -301,6 +510,112 @@ check_loose_directive "remove symlink" { foo@example.org foo@example.gnu.org foo@example.net } +check_loose_directive "error: remove symlink using /../" { + directive { + version 1.2 + directory foo + rmsymlink bar/../foo-latest.bin + } dsig { good 13 1000 } +} initial-files { + pub { foo/foo-1.2.bin { good 06 1000 } } +} initial-symlinks { + pub { foo-1.2.bin foo/foo-latest.bin } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.2.bin foo/foo-latest.bin } + { pub } symlink-targets { foo-1.2.bin foo/foo-latest.bin } +} log { + validate,bad-parameter,rmsymlink \ + "rmsymlink command using /../ rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: remove symlink with bogus name" { + directive { + version 1.2 + directory foo + rmsymlink -bogus=filename + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,rmsymlink \ + "rmsymlink command with bogus filename rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: remove symlink with absolute name" { + directive { + version 1.2 + directory foo + rmsymlink /pub/foo-latest.bin + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} initial-symlinks { + pub { foo-1.0.bin foo/foo-latest.bin } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin foo/foo-latest.bin } + { pub } symlink-targets { foo-1.0.bin foo/foo-latest.bin } +} log { + validate,bad-parameter,rmsymlink \ + "rmsymlink command with absolute filename rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: remove symlink with too many parameters" { + directive { + version 1.2 + directory foo + rmsymlink "foo-latest.bin foo-1.0.bin" + } dsig { good 12 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + validate,bad-parameter,rmsymlink \ + "rmsymlink command with excess parameters rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: remove file as if symlink" { + directive { + version 1.2 + directory foo + rmsymlink foo-1.0.bin + } dsig { good 13 1000 } +} initial-files { + pub { foo/foo-1.0.bin { good 05 1000 } } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin } +} log { + action,rm-symlink-failure,not-link \ + "rmsymlink command targeting regular file rejected" +} email-to { + ftp-upload-script@gnu.org ftp-upload-report@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + check_loose_directive "error: replace file with symlink" { directive { version 1.2 @@ -397,4 +712,71 @@ check_loose_directive "archive symlink" { foo@example.org foo@example.gnu.org foo@example.net } +check_loose_directive "error: archive non-existent file" { + directive { + version 1.2 + directory foo + archive foo-1.0.bin + } dsig { good 18 1000 } +} initial-files { + pub { + foo/foo-1.2.bin { good 06 1000 } + } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.2.bin } +} log { + action,archive-failure,not-found "cannot archive nonexistent file" +} email-to { + ftp-upload-script@gnu.org ftp-upload-report@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: archive bogus name" { + directive { + version 1.2 + directory foo + archive -bogus=filename + } dsig { good 19 1000 } +} initial-files { + pub { + foo/foo-1.0.bin { good 05 1000 } + foo/foo-1.2.bin { good 06 1000 } + } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin foo/foo-1.2.bin } +} log { + validate,bad-parameter,archive \ + "archive command with bogus filename rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + +check_loose_directive "error: archive name using /../" { + directive { + version 1.2 + directory foo + archive bar/../foo-1.0.bin + } dsig { good 1A 1000 } +} initial-files { + pub { + foo/foo-1.0.bin { good 05 1000 } + foo/foo-1.2.bin { good 06 1000 } + } +} file-tree { + { incoming stage archive } empty {} + { in-stage } files { foo.directive.asc } + { pub } files { foo/foo-1.0.bin foo/foo-1.2.bin } +} log { + validate,bad-parameter,archive \ + "archive command containing /../ rejected" +} email-to { + ftp-upload-script@gnu.org + foo@example.org foo@example.gnu.org foo@example.net +} + #EOF