From 1ce0c6368d0908e25f9bd1bb8183b5f29053fac8 Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Sat, 2 Apr 2011 13:19:05 +0200 Subject: Add simple checks for handling signed packages In addition to this dbscripts wont accept unsigned pacakges when REQUIRE_SIGNATURE is set to true. Note: At this point no signature verification is performed at all. --- config | 2 ++ db-functions | 10 ++++++++++ test/lib/common.inc | 30 +++++++++++++++++++++++++++++- test/test.d/signed-packages.sh | 13 +++++++++++++ 4 files changed, 54 insertions(+), 1 deletion(-) create mode 100755 test/test.d/signed-packages.sh diff --git a/config b/config index b595636..89e3633 100644 --- a/config +++ b/config @@ -14,6 +14,8 @@ SOURCE_CLEANUP_DRYRUN=false # Time in days to keep moved sourcepackages SOURCE_CLEANUP_KEEP=14 +REQUIRE_SIGNATURE=false + LOCK_DELAY=10 LOCK_TIMEOUT=300 diff --git a/db-functions b/db-functions index b469039..a3e2168 100644 --- a/db-functions +++ b/db-functions @@ -284,6 +284,9 @@ getpkgfile() { elif [ ! -f "${1}" ]; then error "Package ${1} not found!" exit 1 + elif ${REQUIRE_SIGNATURE} && [ ! -f "${1}.sig" ]; then + error "Package signature ${1}.sig not found!" + exit 1 fi echo ${1} @@ -300,6 +303,9 @@ getpkgfiles() { if [ ! -f "${f}" ]; then error "Package ${f} not found!" exit 1 + elif ${REQUIRE_SIGNATURE} && [ ! -f "${f}.sig" ]; then + error "Package signature ${f}.sig not found!" + exit 1 fi done @@ -411,14 +417,18 @@ check_pkgrepos() { [ $? -ge 1 ] && return 1 [ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1 + [ -f "${FTP_BASE}/${PKGPOOL}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1 [ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile})" ] && return 1 + [ -f "${FTP_BASE}/${PKGPOOL}/$(basename ${pkgfile}).sig" ] && return 1 local repo local arch for repo in ${PKGREPOS[@]}; do for arch in ${ARCHES[@]}; do [ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT} ] && return 1 + [ -f "${FTP_BASE}/${repo}/os/${arch}/${pkgname}-${pkgver}-${pkgarch}"${PKGEXT}.sig ] && return 1 [ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile})" ] && return 1 + [ -f "${FTP_BASE}/${repo}/os/${arch}/$(basename ${pkgfile}).sig" ] && return 1 done done diff --git a/test/lib/common.inc b/test/lib/common.inc index 2cf2769..eb46508 100644 --- a/test/lib/common.inc +++ b/test/lib/common.inc @@ -95,6 +95,7 @@ setUp() { TMPDIR="${TMP}/tmp" CLEANUP_DRYRUN=false SOURCE_CLEANUP_DRYRUN=false + REQUIRE_SIGNATURE=true eot . "$(dirname ${BASH_SOURCE[0]})/../../config" } @@ -115,6 +116,13 @@ releasePackage() { pkgver=$(. PKGBUILD; echo $(get_full_version ${epoch:-0} ${pkgver} ${pkgrel})) popd >/dev/null cp "${pkgdir}/${pkgbase}"/*-${pkgver}-${arch}${PKGEXT} "${STAGING}"/${repo}/ + + if ${REQUIRE_SIGNATURE}; then + # TODO: really sign the packages with a valid key + find "${STAGING}"/${repo}/ -type f \ + -name "*-${pkgver}-${arch}${PKGEXT}" \ + -exec touch {}.sig \; + fi } checkAnyPackage() { @@ -124,13 +132,23 @@ checkAnyPackage() { local db [ -r "${FTP_BASE}/${PKGPOOL}/${pkg}" ] || fail "${PKGPOOL}/${pkg} not found" + if ${REQUIRE_SIGNATURE}; then + [ -r "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] || fail "${PKGPOOL}/${pkg}.sig not found" + fi for arch in i686 x86_64; do - [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} not a symlink" + [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}" ] || fail "${repo}/os/${arch}/${pkg} is not a symlink" [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/${PKGPOOL}/${pkg}" ] \ || fail "${repo}/os/${arch}/${pkg} does not link to ${PKGPOOL}/${pkg}" + + if ${REQUIRE_SIGNATURE}; then + [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig" ] || fail "${repo}/os/${arch}/${pkg}.sig is not a symlink" + [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig")" == "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] \ + || fail "${repo}/os/${arch}/${pkg}.sig does not link to ${PKGPOOL}/${pkg}.sig" + fi done [ -r "${STAGING}"/${repo}/${pkg} ] && fail "${repo}/${pkg} found in staging dir" + [ -r "${STAGING}"/${repo}/${pkg}.sig ] && fail "${repo}/${pkg}.sig found in staging dir" for db in ${DBEXT} ${FILESEXT}; do ( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" ] \ @@ -139,6 +157,7 @@ checkAnyPackage() { done [ -r "${FTP_BASE}/${repo}/os/any/${pkg}" ] && fail "${repo}/os/any/${pkg} should not exist" + [ -r "${FTP_BASE}/${repo}/os/any/${pkg}.sig" ] && fail "${repo}/os/any/${pkg}.sig should not exist" } checkPackage() { @@ -154,6 +173,15 @@ checkPackage() { [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}")" == "${FTP_BASE}/${PKGPOOL}/${pkg}" ] \ || fail "${repo}/os/${arch}/${pkg} does not link to ${PKGPOOL}/${pkg}" + if ${REQUIRE_SIGNATURE}; then + [ -r "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] || fail "${PKGPOOL}/${pkg}.sig not found" + [ -L "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig" ] || fail "${repo}/os/${arch}/${pkg}.sig is not a symlink" + [ -r "${STAGING}"/${repo}/${pkg}.sig ] && fail "${repo}/${pkg}.sig found in staging dir" + + [ "$(readlink -e "${FTP_BASE}/${repo}/os/${arch}/${pkg}.sig")" == "${FTP_BASE}/${PKGPOOL}/${pkg}.sig" ] \ + || fail "${repo}/os/${arch}/${pkg}.sig does not link to ${PKGPOOL}/${pkg}.sig" + fi + for db in ${DBEXT} ${FILESEXT}; do ( [ -r "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" ] \ && bsdtar -xf "${FTP_BASE}/${repo}/os/${arch}/${repo}${db%.tar.*}" -O | grep -q ${pkg}) \ diff --git a/test/test.d/signed-packages.sh b/test/test.d/signed-packages.sh new file mode 100755 index 0000000..5d6f4ff --- /dev/null +++ b/test/test.d/signed-packages.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +curdir=$(readlink -e $(dirname $0)) +. "${curdir}/../lib/common.inc" + +testAddUnsignedPackage() { + releasePackage extra 'pkg-simple-a' 'i686' + # remove any signature + rm "${STAGING}"/extra/*.sig + ../db-update >/dev/null 2>&1 && fail "db-update should fail when a signature is missing!" +} + +. "${curdir}/../lib/shunit2" -- cgit v1.2.3-24-g4f1b