summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeff King <peff@peff.net>2021-11-10 06:00:47 (GMT)
committerJunio C Hamano <gitster@pobox.com>2021-11-10 22:14:37 (GMT)
commitca7a5bf4bd41daa2d475fa98dd014a97e02eb08e (patch)
tree517eaf0c2cf25edff811149d4db224dafd49f5c1
parent65db97b4fa6b03059f2f14f313e07ca799d4ef3f (diff)
downloadgit-ca7a5bf4bd41daa2d475fa98dd014a97e02eb08e.zip
git-ca7a5bf4bd41daa2d475fa98dd014a97e02eb08e.tar.gz
git-ca7a5bf4bd41daa2d475fa98dd014a97e02eb08e.tar.bz2
t/lib-gpg: avoid broken versions of ssh-keygen
The "-Y find-principals" option of ssh-keygen seems to be broken in Debian's openssh-client 1:8.7p1-1, whereas it works fine in 1:8.4p1-5. This causes several failures for GPGSSH tests. We fulfill the prerequisite because generating the keys works fine, but actually verifying a signature causes results ranging from bogus results to ssh-keygen segfaulting. We can find the broken version during the prereq check by feeding it empty input. This should result in it complaining to stderr, but in the broken version it triggers the segfault, causing the GPGSSH tests to be skipped. Signed-off-by: Jeff King <peff@peff.net> Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r--t/lib-gpg.sh6
1 files changed, 6 insertions, 0 deletions
diff --git a/t/lib-gpg.sh b/t/lib-gpg.sh
index f99ef3e..4c549be 100644
--- a/t/lib-gpg.sh
+++ b/t/lib-gpg.sh
@@ -104,6 +104,12 @@ test_lazy_prereq GPGSSH '
test $? != 127 || exit 1
echo $ssh_version | grep -q "find-principals:missing signature file"
test $? = 0 || exit 1;
+
+ # some broken versions of ssh-keygen segfault on find-principals;
+ # avoid testing with them.
+ ssh-keygen -Y find-principals -f /dev/null -s /dev/null
+ test $? = 139 && exit 1
+
mkdir -p "${GNUPGHOME}" &&
chmod 0700 "${GNUPGHOME}" &&
ssh-keygen -t ed25519 -N "" -C "git ed25519 key" -f "${GPGSSH_KEY_PRIMARY}" >/dev/null &&