diff options
Diffstat (limited to 'image_tests/install_iso/016_check_pubkey.t')
| -rw-r--r-- | image_tests/install_iso/016_check_pubkey.t | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/image_tests/install_iso/016_check_pubkey.t b/image_tests/install_iso/016_check_pubkey.t new file mode 100644 index 0000000..587e7c6 --- /dev/null +++ b/image_tests/install_iso/016_check_pubkey.t @@ -0,0 +1,113 @@ +# This file is part of the Mageia project +# Copyright (C) 2011 Damien Lallement <dams@mageia.org> +# (C) 2011 Romain D'Alverny <rda@mageia.org> +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Library General Public +# License as published by the Free Software Foundation; either +# version 2 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Library General Public License for more details. +# +# You should have received a copy of the GNU Library General Public License +# along with this library; see the file COPYING.LIB. If not, write to +# the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, +# Boston, MA 02110-1301, USA. +# +# +# TODO check pubkeys FIXME this looks like a mess. +# This function get the path of the pubkeys +# +use MDK::Common; +use Test::Most; +use File::Basename; +use Isocheck; + +my ($image_path) = @ARGV; +my $name = basename($image_path); +my %info = Tools::parse_image_file_name($name); + +bail_on_fail; + +my $url; +my $path; +my $pubkey = 1; +my $media; + +system "ls /media/iso_check/i586/media/ > temp_media_on_iso.log" if -r "/media/iso_check/i586/media/"; +system "ls /media/iso_check/x86_64/media/ >> temp_media_on_iso.log" if -r "/media/iso_check/x86_64/media/"; + +ok(-r "temp_media_on_iso.log", "Got a log for media contents"); + +foreach (cat_("temp_media_on_iso.log")) { + chomp; + if ($info{arch} ne "dual" && $_ ne 'media_info') { + $path = "/media/iso_check/" . $info{arch} . "/media/$_/media_info/pubkey"; + $url = "pubkey/" . $info{arch} . "-$_-pubkey"; + #$url .= "-cooker" if !$finale; + $pubkey &= check_key($path, $url, $_, $info{arch}) if -r $path && -r $url; + } + elsif ($_ ne 'media_info') { + foreach my $arch ("i586", "x86_64") { + $path = "/media/iso_check/$arch/media/$_/media_info/pubkey"; + $url = "pubkey/$arch-$_-pubkey"; + #$url .= "-cooker" if !$finale; + -r $path and -r $url and $pubkey &= check_key($path, $url, $_, $arch); + } + } +} +-r "temp_media_on_iso.log" and system "rm temp_media_on_iso.log"; + + +#This function get the gpg -a key of the pubkey to compare it +sub get_gpg { + my ($pubkey) = @_; + my $key; + my $file; + system "gpg -a $pubkey > get_gpg_key.log"; + open($file, "get_gpg_key.log"); + while (my $a = <$file>) { + if (substr($a, 0, 11) eq "pub 1024D/") { + $key = substr($a, 11, 8); + } + } + system "rm get_gpg_key.log"; + + return $key; +} + + +#Verification of the pubkey with the original pubkey +sub check_key { # sed "s/pub\w1024D/\(.*\) /\1/" + my ($iso_file, $ref_file, $media, $arch) = @_; + my $unvalid; + my $valid = 1; + my $file = get_gpg($iso_file); + my $sign = `cat $ref_file`; + chomp($sign); + if ($file eq $sign) { + if (member($media, qw(core nonfree))) { + note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'i586'; + note "$arch-$media pubkey is valid.\t\tOK\n" if $arch eq 'x86_64' && member($media, qw(core nonfree)); + note "$arch-$media pubkey is valid.\tOK\n" if $arch eq 'x86_64' && $media eq 'non-free'; + } else { + note "$arch-$media pubkey is valid.\tOK\n"; + } + note "$arch-$media pubkey is valid.\n"; + return $valid; + } else { + if (member($media, qw(core))) { + note "$arch-$media pubkey isn't valid.\t\tNOK\n"; + } else { + note "$arch-$media pubkey isn't valid.\tNOK\n"; + } + note "$arch-$media pubkey isn't valid.\n"; + return $unvalid; + } + return $unvalid; +} + +done_testing(); |