Merge branch 'jk/validate-headref-fix' into maint
[git] / t / t5534-push-signed.sh
1 #!/bin/sh
2
3 test_description='signed push'
4
5 . ./test-lib.sh
6 . "$TEST_DIRECTORY"/lib-gpg.sh
7
8 prepare_dst () {
9         rm -fr dst &&
10         test_create_repo dst &&
11
12         git push dst master:noop master:ff master:noff
13 }
14
15 test_expect_success setup '
16         # master, ff and noff branches pointing at the same commit
17         test_tick &&
18         git commit --allow-empty -m initial &&
19
20         git checkout -b noop &&
21         git checkout -b ff &&
22         git checkout -b noff &&
23
24         # noop stays the same, ff advances, noff rewrites
25         test_tick &&
26         git commit --allow-empty --amend -m rewritten &&
27         git checkout ff &&
28
29         test_tick &&
30         git commit --allow-empty -m second
31 '
32
33 test_expect_success 'unsigned push does not send push certificate' '
34         prepare_dst &&
35         mkdir -p dst/.git/hooks &&
36         write_script dst/.git/hooks/post-receive <<-\EOF &&
37         # discard the update list
38         cat >/dev/null
39         # record the push certificate
40         if test -n "${GIT_PUSH_CERT-}"
41         then
42                 git cat-file blob $GIT_PUSH_CERT >../push-cert
43         fi
44         EOF
45
46         git push dst noop ff +noff &&
47         ! test -f dst/push-cert
48 '
49
50 test_expect_success 'talking with a receiver without push certificate support' '
51         prepare_dst &&
52         mkdir -p dst/.git/hooks &&
53         write_script dst/.git/hooks/post-receive <<-\EOF &&
54         # discard the update list
55         cat >/dev/null
56         # record the push certificate
57         if test -n "${GIT_PUSH_CERT-}"
58         then
59                 git cat-file blob $GIT_PUSH_CERT >../push-cert
60         fi
61         EOF
62
63         git push dst noop ff +noff &&
64         ! test -f dst/push-cert
65 '
66
67 test_expect_success 'push --signed fails with a receiver without push certificate support' '
68         prepare_dst &&
69         mkdir -p dst/.git/hooks &&
70         test_must_fail git push --signed dst noop ff +noff 2>err &&
71         test_i18ngrep "the receiving end does not support" err
72 '
73
74 test_expect_success GPG 'no certificate for a signed push with no update' '
75         prepare_dst &&
76         mkdir -p dst/.git/hooks &&
77         write_script dst/.git/hooks/post-receive <<-\EOF &&
78         if test -n "${GIT_PUSH_CERT-}"
79         then
80                 git cat-file blob $GIT_PUSH_CERT >../push-cert
81         fi
82         EOF
83         git push dst noop &&
84         ! test -f dst/push-cert
85 '
86
87 test_expect_success GPG 'signed push sends push certificate' '
88         prepare_dst &&
89         mkdir -p dst/.git/hooks &&
90         git -C dst config receive.certnonceseed sekrit &&
91         write_script dst/.git/hooks/post-receive <<-\EOF &&
92         # discard the update list
93         cat >/dev/null
94         # record the push certificate
95         if test -n "${GIT_PUSH_CERT-}"
96         then
97                 git cat-file blob $GIT_PUSH_CERT >../push-cert
98         fi &&
99
100         cat >../push-cert-status <<E_O_F
101         SIGNER=${GIT_PUSH_CERT_SIGNER-nobody}
102         KEY=${GIT_PUSH_CERT_KEY-nokey}
103         STATUS=${GIT_PUSH_CERT_STATUS-nostatus}
104         NONCE_STATUS=${GIT_PUSH_CERT_NONCE_STATUS-nononcestatus}
105         NONCE=${GIT_PUSH_CERT_NONCE-nononce}
106         E_O_F
107
108         EOF
109
110         git push --signed dst noop ff +noff &&
111
112         (
113                 cat <<-\EOF &&
114                 SIGNER=C O Mitter <committer@example.com>
115                 KEY=13B6F51ECDDE430D
116                 STATUS=G
117                 NONCE_STATUS=OK
118                 EOF
119                 sed -n -e "s/^nonce /NONCE=/p" -e "/^$/q" dst/push-cert
120         ) >expect &&
121
122         noop=$(git rev-parse noop) &&
123         ff=$(git rev-parse ff) &&
124         noff=$(git rev-parse noff) &&
125         grep "$noop $ff refs/heads/ff" dst/push-cert &&
126         grep "$noop $noff refs/heads/noff" dst/push-cert &&
127         test_cmp expect dst/push-cert-status
128 '
129
130 test_expect_success GPG 'inconsistent push options in signed push not allowed' '
131         # First, invoke receive-pack with dummy input to obtain its preamble.
132         prepare_dst &&
133         git -C dst config receive.certnonceseed sekrit &&
134         git -C dst config receive.advertisepushoptions 1 &&
135         printf xxxx | test_might_fail git receive-pack dst >preamble &&
136
137         # Then, invoke push. Simulate a receive-pack that sends the preamble we
138         # obtained, followed by a dummy packet.
139         write_script myscript <<-\EOF &&
140                 cat preamble &&
141                 printf xxxx &&
142                 cat >push
143         EOF
144         test_might_fail git push --push-option="foo" --push-option="bar" \
145                 --receive-pack="\"$(pwd)/myscript\"" --signed dst --delete ff &&
146
147         # Replay the push output on a fresh dst, checking that ff is truly
148         # deleted.
149         prepare_dst &&
150         git -C dst config receive.certnonceseed sekrit &&
151         git -C dst config receive.advertisepushoptions 1 &&
152         git receive-pack dst <push &&
153         test_must_fail git -C dst rev-parse ff &&
154
155         # Tweak the push output to make the push option outside the cert
156         # different, then replay it on a fresh dst, checking that ff is not
157         # deleted.
158         perl -pe "s/([^ ])bar/\$1baz/" push >push.tweak &&
159         prepare_dst &&
160         git -C dst config receive.certnonceseed sekrit &&
161         git -C dst config receive.advertisepushoptions 1 &&
162         git receive-pack dst <push.tweak >out &&
163         git -C dst rev-parse ff &&
164         grep "inconsistent push options" out
165 '
166
167 test_expect_success GPG 'fail without key and heed user.signingkey' '
168         prepare_dst &&
169         mkdir -p dst/.git/hooks &&
170         git -C dst config receive.certnonceseed sekrit &&
171         write_script dst/.git/hooks/post-receive <<-\EOF &&
172         # discard the update list
173         cat >/dev/null
174         # record the push certificate
175         if test -n "${GIT_PUSH_CERT-}"
176         then
177                 git cat-file blob $GIT_PUSH_CERT >../push-cert
178         fi &&
179
180         cat >../push-cert-status <<E_O_F
181         SIGNER=${GIT_PUSH_CERT_SIGNER-nobody}
182         KEY=${GIT_PUSH_CERT_KEY-nokey}
183         STATUS=${GIT_PUSH_CERT_STATUS-nostatus}
184         NONCE_STATUS=${GIT_PUSH_CERT_NONCE_STATUS-nononcestatus}
185         NONCE=${GIT_PUSH_CERT_NONCE-nononce}
186         E_O_F
187
188         EOF
189
190         unset GIT_COMMITTER_EMAIL &&
191         git config user.email hasnokey@nowhere.com &&
192         test_must_fail git push --signed dst noop ff +noff &&
193         git config user.signingkey committer@example.com &&
194         git push --signed dst noop ff +noff &&
195
196         (
197                 cat <<-\EOF &&
198                 SIGNER=C O Mitter <committer@example.com>
199                 KEY=13B6F51ECDDE430D
200                 STATUS=G
201                 NONCE_STATUS=OK
202                 EOF
203                 sed -n -e "s/^nonce /NONCE=/p" -e "/^$/q" dst/push-cert
204         ) >expect &&
205
206         noop=$(git rev-parse noop) &&
207         ff=$(git rev-parse ff) &&
208         noff=$(git rev-parse noff) &&
209         grep "$noop $ff refs/heads/ff" dst/push-cert &&
210         grep "$noop $noff refs/heads/noff" dst/push-cert &&
211         test_cmp expect dst/push-cert-status
212 '
213
214 test_done