From: Ian Jackson Date: Wed, 5 Mar 2014 18:06:53 +0000 (+0000) Subject: dgit-repos-server: fix dm parsing, more tests X-Git-Tag: debian/0.22~51 X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=dgit.git;a=commitdiff_plain;h=d2ec3ce54547bb810ca19e17049e6148dbbf0801;ds=sidebyside dgit-repos-server: fix dm parsing, more tests --- diff --git a/dgit-repos-server b/dgit-repos-server index 897e414d..33c18f1b 100755 --- a/dgit-repos-server +++ b/dgit-repos-server @@ -391,12 +391,14 @@ sub dm_txt_check ($$) { while (
) { m/^fingerprint:\s+$keyid$/oi ..0 or next; - m/^./ - or reject "key $keyid missing Allow section in permissions!"; + if (s/^allow:/ /i..0) { + } else { + m/^./ + or reject "key $keyid missing Allow section in permissions!"; + next; + } # in right stanza... - s/^allow:/ /i - ..0 or next; - s/^\s+// + s/^[ \t]+// or reject "package $package not allowed for key $keyid"; # in allow field... s/\([^()]+\)//; diff --git a/tests/tests/drs-push-rejects b/tests/tests/drs-push-rejects index 6bc9bff0..e3b5c7d6 100755 --- a/tests/tests/drs-push-rejects +++ b/tests/tests/drs-push-rejects @@ -63,16 +63,38 @@ mustfail 'sid != sponge' HEAD:refs/dgit/sponge $push_spec2 # fixme test --sig-policy-url string # fixme cannot test reject "signature is not of type 00!"; +prep unstable sid +mktag +cp $tmp/dm.gpg $tmp/dd.gpg +mustfail 'key not found in keyrings' + prep unstable sid git push origin $push_spec # succeeds mktag mustfail 'not replacing previously-pushed version' $push_spec +prep_dm_mangle () { + prep unstable sid + perl -i.bak -pe ' + next unless m/^fingerprint: 3A82860837A0CD32/i../^$/; + ' -e "$1" $tmp/dm.txt + tag_signer='-u Populus' + mktag +} + git checkout v2 version=3-2_dummy2 -prep unstable sid -tag_signer='-u Populus' -mktag + +prep_dm_mangle 's/allow:/asponge:/i' +mustfail 'missing Allow section in permission' $push_spec + +prep_dm_mangle 's/\bpari-extra\b/sponge/i' +mustfail "package $p not allowed for key" $push_spec + +prep_dm_mangle 'y/0-9/5-90-4/ if m/^fingerprint:/i' +mustfail "not in permissions list although in keyring" $push_spec + +prep_dm_mangle '' git push origin $push_spec # succeeds echo ok.