diff --git a/src/libostree/ostree-sign-dummy.c b/src/libostree/ostree-sign-dummy.c index 722d461b..82575dc5 100644 --- a/src/libostree/ostree-sign-dummy.c +++ b/src/libostree/ostree-sign-dummy.c @@ -53,6 +53,14 @@ ostree_sign_dummy_iface_init (OstreeSignInterface *self); G_DEFINE_TYPE_WITH_CODE (OstreeSignDummy, _ostree_sign_dummy, G_TYPE_OBJECT, G_IMPLEMENT_INTERFACE (OSTREE_TYPE_SIGN, ostree_sign_dummy_iface_init)); +static gboolean +check_dummy_sign_enabled (GError **error) +{ + if (g_strcmp0 (g_getenv ("OSTREE_DUMMY_SIGN_ENABLED"), "1") != 0) + return glnx_throw (error, "dummy signature type is only for ostree testing"); + return TRUE; +} + static void ostree_sign_dummy_iface_init (OstreeSignInterface *self) { @@ -83,6 +91,8 @@ _ostree_sign_dummy_init (OstreeSignDummy *self) gboolean ostree_sign_dummy_set_sk (OstreeSign *self, GVariant *key, GError **error) { + if (!check_dummy_sign_enabled (error)) + return FALSE; OstreeSignDummy *sign = _ostree_sign_dummy_get_instance_private(OSTREE_SIGN_DUMMY(self)); @@ -95,7 +105,6 @@ gboolean ostree_sign_dummy_set_sk (OstreeSign *self, GVariant *key, GError **err gboolean ostree_sign_dummy_set_pk (OstreeSign *self, GVariant *key, GError **error) { - OstreeSignDummy *sign = _ostree_sign_dummy_get_instance_private(OSTREE_SIGN_DUMMY(self)); g_free(sign->pk_ascii); @@ -111,6 +120,8 @@ gboolean ostree_sign_dummy_data (OstreeSign *self, GCancellable *cancellable, GError **error) { + if (!check_dummy_sign_enabled (error)) + return FALSE; g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); @@ -145,6 +156,9 @@ gboolean ostree_sign_dummy_data_verify (OstreeSign *self, GVariant *signatures, GError **error) { + if (!check_dummy_sign_enabled (error)) + return FALSE; + g_return_val_if_fail (OSTREE_IS_SIGN (self), FALSE); g_return_val_if_fail (data != NULL, FALSE); diff --git a/tests/test-signed-commit.sh b/tests/test-signed-commit.sh index 6730a6df..3ac3f3c1 100755 --- a/tests/test-signed-commit.sh +++ b/tests/test-signed-commit.sh @@ -23,7 +23,10 @@ set -euo pipefail . $(dirname $0)/libtest.sh -echo "1..10" +echo "1..11" + +# This is explicitly opt in for testing +export OSTREE_DUMMY_SIGN_ENABLED=1 mkdir ${test_tmpdir}/repo ostree_repo_init repo --mode="archive" @@ -51,6 +54,14 @@ COMMIT="$(ostree --repo=${test_tmpdir}/repo rev-parse main)" ${CMD_PREFIX} ostree --repo=${test_tmpdir}/repo sign --sign-type=dummy --verify ${COMMIT} ${DUMMYSIGN} echo "ok commit with dummy signing" +if ${CMD_PREFIX} env -u OSTREE_DUMMY_SIGN_ENABLED ostree --repo=${test_tmpdir}/repo sign --sign-type=dummy --verify ${COMMIT} ${DUMMYSIGN} 2>err.txt; then + fatal "verified dummy signature without env" +fi +# FIXME the error message here is broken +#assert_file_has_content_literal err.txt 'dummy signature type is only for ostree testing' +assert_file_has_content_literal err.txt ' No valid signatures found' +echo "ok dummy sig requires env" + # tests below require libsodium support if ! has_libsodium; then echo "ok Detached ed25519 signature # SKIP due libsodium unavailability" diff --git a/tests/test-signed-pull-summary.sh b/tests/test-signed-pull-summary.sh index ee731e86..c328d288 100755 --- a/tests/test-signed-pull-summary.sh +++ b/tests/test-signed-pull-summary.sh @@ -27,6 +27,9 @@ set -euo pipefail echo "1..14" +# This is explicitly opt in for testing +export OSTREE_DUMMY_SIGN_ENABLED=1 + repo_reinit () { ARGS="$*" cd ${test_tmpdir} diff --git a/tests/test-signed-pull.sh b/tests/test-signed-pull.sh index 2c677d46..6d1afe29 100755 --- a/tests/test-signed-pull.sh +++ b/tests/test-signed-pull.sh @@ -25,6 +25,8 @@ set -euo pipefail echo "1..11" +# This is explicitly opt in for testing +export OSTREE_DUMMY_SIGN_ENABLED=1 setup_fake_remote_repo1 "archive" repo_mode="archive"