diff options
author | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2015-05-31 17:28:31 +0100 |
---|---|---|
committer | Ian Jackson <ijackson@chiark.greenend.org.uk> | 2015-05-31 18:32:57 +0100 |
commit | b1dad15471a23b4a60a69de34dd4772da8663262 (patch) | |
tree | 6820fac3b348c5b259cb3c753202d6ad6d86bba3 /tests/tests | |
parent | df2685b0b8364f6dfed541113478bbd23a175a01 (diff) |
Test suite: Fully test replay attack prevention
Diffstat (limited to 'tests/tests')
-rwxr-xr-x | tests/tests/trustingpolicy-replay | 52 |
1 files changed, 50 insertions, 2 deletions
diff --git a/tests/tests/trustingpolicy-replay b/tests/tests/trustingpolicy-replay index 57ef286..4fc3c17 100755 --- a/tests/tests/trustingpolicy-replay +++ b/tests/tests/trustingpolicy-replay @@ -15,7 +15,7 @@ git tag start t-dgit build t-dgit push --new -t-commit 'Prep v2 which will be rewound' +t-commit 'Prep v1.1 which will be rewound' t-dgit build t-dgit push @@ -31,5 +31,53 @@ git push "$remote" \ debian/1.1 \ debian/1.1~0:refs/dgit/sid +git checkout master + + +: "More subtle replay prevention checks" + +prepare-replay () { + delib=$1 + + # We have to stop the pushes succeeding because if they work they + # record the tag, which prevents the replays. We are simulating + # abortive pushes (since we do want to avoid a situation where + # dangerous old signed tags can exist). + t-policy false + + t-commit "request with $delib that we will replay" + t-dgit build + t-expect-fail "policy-hook.*No such file or directory" \ + t-dgit push $delib + + t-policy dgit-repos-policy-trusting + + replayv=$v +} + +attempt-replay () { + local mpat=$1 + git show debian/$replayv | grep -e $delib + t-expect-fail "$mpat" \ + git push "$remote" \ + debian/$replayv \ + +debian/$replayv~0:refs/dgit/sid +} + +prepare-replay --deliberately-fresh-repo + +# simulate some other thing that we shouldn't delete +git push $tmp/git/$p.git +master:refs/heads/for-testing + +attempt-replay 'does not declare previously heads/for-testing' + +prepare-replay --deliberately-not-fast-forward + +t-commit 'later version to stop not fast forward rewinding' +t-dgit build +t-dgit push + +attempt-replay "does not declare previously tags/debian/$v" + + echo ok. -echo xxx want to check replay prevention insufficient proofs in tag |