diff options
| author | Sebastian Götte <jaseg@physik.tu-berlin.de> | 2013-03-31 16:02:24 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2013-04-01 02:23:59 (GMT) |
| commit | efed0022492b81bf59d29193c4ffe96492dd9e9b (patch) | |
| tree | 51a16967d90213fc5746c590dbd49c4193d5b20d /t/t7612-merge-verify-signatures.sh | |
| parent | f8aae8d0efccd268babd482f10709b4f86a9f32e (diff) | |
| download | git-efed0022492b81bf59d29193c4ffe96492dd9e9b.zip git-efed0022492b81bf59d29193c4ffe96492dd9e9b.tar.gz git-efed0022492b81bf59d29193c4ffe96492dd9e9b.tar.bz2 | |
merge/pull: verify GPG signatures of commits being merged
When --verify-signatures is specified on the command-line of git-merge
or git-pull, check whether the commits being merged have good gpg
signatures and abort the merge in case they do not. This allows e.g.
auto-deployment from untrusted repo hosts.
Signed-off-by: Sebastian Götte <jaseg@physik-pool.tu-berlin.de>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 't/t7612-merge-verify-signatures.sh')
| -rwxr-xr-x | t/t7612-merge-verify-signatures.sh | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/t/t7612-merge-verify-signatures.sh b/t/t7612-merge-verify-signatures.sh new file mode 100755 index 0000000..6ccfbf3 --- /dev/null +++ b/t/t7612-merge-verify-signatures.sh @@ -0,0 +1,52 @@ +#!/bin/sh + +test_description='merge signature verification tests' +. ./test-lib.sh +. "$TEST_DIRECTORY/lib-gpg.sh" + +test_expect_success GPG 'create signed commits' ' + echo 1 >file && git add file && + test_tick && git commit -m initial && + git tag initial && + + git checkout -b side-signed && + echo 3 >elif && git add elif && + test_tick && git commit -S -m "signed on side" && + git checkout initial && + + git checkout -b side-unsigned && + echo 3 >foo && git add foo && + test_tick && git commit -m "unsigned on side" && + git checkout initial && + + git checkout -b side-bad && + echo 3 >bar && git add bar && + test_tick && git commit -S -m "bad on side" && + git cat-file commit side-bad >raw && + sed -e "s/bad/forged bad/" raw >forged && + git hash-object -w -t commit forged >forged.commit && + git checkout initial && + + git checkout master +' + +test_expect_success GPG 'merge unsigned commit with verification' ' + test_must_fail git merge --ff-only --verify-signatures side-unsigned 2>mergeerror && + test_i18ngrep "does not have a GPG signature" mergeerror +' + +test_expect_success GPG 'merge commit with bad signature with verification' ' + test_must_fail git merge --ff-only --verify-signatures $(cat forged.commit) 2>mergeerror && + test_i18ngrep "has a bad GPG signature" mergeerror +' + +test_expect_success GPG 'merge signed commit with verification' ' + git merge --verbose --ff-only --verify-signatures side-signed >mergeoutput && + test_i18ngrep "has a good GPG signature" mergeoutput +' + +test_expect_success GPG 'merge commit with bad signature without verification' ' + git merge $(cat forged.commit) +' + +test_done |